In today’s Quick Hits we talk about Facebook’s ongoing battle against clickjacking, the possibility of Internet privacy legislation in 2011, and recent changes to New Hampshire’s anti-bullying laws.

–

New Hampshire Adds Cyberbullying to Anti-Bullying Law

Governor John Lynch of New Hampshire signed into law legislation yesterday that adds cyberbullying to the state’s preexisting anti-bullying law. The step to add cyberbullying to the 2000 bill is a sign of the times. Ten years ago, before social networks like MySpace and Facebook, teens spent less time online. In 2010, however, teens are the most likely to be bullied via some form of Internet media.

Concept Capital Report Predicts Internet Privacy Legislation for 2011

A research report from the group Concept Capital speculates that Internet privacy legislation will be on the agenda in Congress in 2011. The report also suggests that Rep. Rick Boucher’s proposed data privacy legislation, which has been criticized by privacy advocates and Internet companies, will likely pass in 2011 due to its bipartisan support.

AARP Poll Shows Internet Users Over 50 are Social Media Savvy

An American Association of Retired Persons (AARP) poll showed that social networking isn’t just for the young. According to the poll, “over a quarter (27%) of Americans over the age of 50 use social networks,” with the majority of them indicating Facebook as their social network of choice. The poll also revealed that older Internet users use social networking primarily as a way to stay in touch with family, with “62% of the respondents reporting that they’re connected to their kids on Facebook and 36% saying they are connected to their grandchildren.”

Facebook Hit by New Clickjacking Attack

Facebook has been assailed by “clickjacking” attacks over the last several months, with the most recent incident occurring yesterday. From the InformationWeek article: “Also known as likejacking, clickjacking attacks exploit the “like” button functionality that Facebook developed for third-party sites. The attack tricks a user into clicking the “like” button — oftentimes by overlaying it with a fake link — which generates a status update on the user’s Facebook page, including a link to the attack.” Facebook would do well to develop a response to these kinds of attacks quickly.

The Story Behind Facebook’s Few Quitters

The Quit Facebook Day movement may not have gone off as well as planned (only 30,000 people signed-up compared to Facebook’s 500 million total users), but the individuals who did quit the site don’t have any regrets. This article in the Montreal Gazette provides some interesting insights into the personal reasons why several Facebook users decided to quit using the popular website and how they feel their lives have changed because of their decision.

There was an interesting article yesterday in the New York Times Well Blog discussing the way in which the Internet might be contributing to irresponsible behavior among teens. The article specifically cites websites like YouTube where videos of dangerous pranks and stunts can be shared with a virtual audience of millions.

From the article:

“Teenagers have always been prone to taking foolish risks (thanks partly to the brain’s prefrontal cortex, which governs decision-making and is still developing in adolescence). But with the rise of sites like YouTube and Facebook, these experts say, teenagers now face virtual peer pressure to emulate all kinds of dangerous stunts and dares, and post them online.”

Some of the stunts discussed in the article include elaborate fireworks displays, taking shots with flaming basketballs, and the so-called “Choking Game,” in which kids choke themselves or one another to the point of unconsciousness to experience a temporary high. A quick search on YouTube will reveal hundreds of videos of each of these stunts.

There was an upside to the article however. If an adult or authority figure intervenes online, young daredevils are more likely to take down the offensive content or refuse to engage in similar stunts in the future.

“Dr. Megan A. Moreno, an adolescent medicine specialist at the University of Wisconsin, recently conducted a study in which a MySpace persona called Dr. Meg reached out to teenagers who used their pages to boast of drinking or sexual exploits. “Are you sure that’s a good idea?” asked Dr. Meg, who went on to explain why they might want to remove the information. The note also warned them about the risks of sexually transmitted diseases.

Teenagers contacted by Dr. Meg were twice as likely to remove references to sex or substance use during the next three months as those who weren’t contacted, according to the study, published in The Archives of Pediatrics & Adolescent Medicine.”

It is critically important for parents of teens to take time out of their day to talk to their children about their Internet use and to monitor their child’s online reputation regularly. Aside from the practical concern of ensuring that one’s child doesn’t engage in physically dangerous activities, parents should also monitor their children online for anything that might cause lasting reputation damage.

In today’s Quick Hits, we talk about Internet privacy, discuss new cyberbullying research, and ponder the editorial choices of the New York Times.

–

Have Facebook Privacy Concerns Passed?

Now that the media has stopped talking about Facebook privacy issues (for the time being), has the average Internet user stopped caring as well? The San Francisco Chronicles argues that they have, pointing to a significant decrease in the number of individuals visiting OpenBook.org and QuitFacebookDay.com through the url shortener Bit.ly.

That’s a short-sighted analysis however, as both of those websites weren’t expected to have a long shelf life. A better measure of the passion that people have for protecting their privacy can be seen in the more than 22,000 Facebook users who downloaded our own app, PrivacyDefender.

Internet Companies Brace for Congressional Hearings

Another fact showing that Internet privacy is still a hot issue is the news that Congress is considering hearings with numerous Silicon Valley companies to discuss consumer safety concerns and, in response, Silicon Valley companies are pouring money into congressional lobbyists to protect their own interests. The San Jose Mercury News has more details on the possible government hearings.

New York Times Asks Writers To Not Use “Tweet” in Stories

In a humorous example of the discord between old media and new media, the New York Times has sent an internal letter to its writers requesting that they refrain from using the word “tweet” (which means a short Twitter message) in their formal writing. Interestingly, the Associated Press recognizes “tweet” as an official word both in its verb and noun forms.

Symantec Study Has Good and Bad News on Cyberbullying

A new study by Symantec shows that cyberbullying has become a fairly common concern for young Internet users with more than 55 percent admitting “they had experienced negative online behaviour.” There is also good news in the survey. According to Symantec’s report, “over three quarters of kids said they would speak to their parents if they were threatened with physical harm or were sent suspicious or inappropriate material when online.”

Are Cyberbullying Laws Practical?

Speaking of cyberbullying, a recent article in the Boston Globe demonstrates the difficult gap between passing legislation to fight cyberbullying and actually enforcing that legislation in a practical way. The article features scathing criticism of Massachusetts’ recently passed cyberbullying law, which a principal describes as the “The Principal’s Paperwork Act of 2010.”

Reputation.com’s Social Media Bill of Rights

As social networks have grown in importance, Reputation.com has seen a shocking pattern of privacy violations, ranging from inappropriate data sharing to attempts to trick users into revealing their personal information.

It is time users took back control of their online privacy. Reputation.com presents this draft Social Media Bill of Rights to provoke thought about how social networking sites—like Facebook, MySpace, Twitter, and others—should treat users and protect privacy. We strongly believe that social networking sites should recognize and grant each of these rights to users in an open and transparent way.

Here is our proposed Social Media Bill of Rights. We look forward to discussing these ideas at CFP2010 and learning from other experts in the field. Stop by and check out our demo of the free Facebook app PrivacyDefender (PrivacyDefender.net) at the CFP Tech Fair.

Social Media Users Have These Rights

1) The right to privacy.

When in doubt, privacy comes first.

By default, users should not expose information to the world, to data brokers, to corporations, or to anyone else.

Users have the right to share as much or as little as they want. They are in charge of their privacy, and all data sharing comes only after user consent.

2) The right to choose.

Privacy settings must be easy and understandable. If your parents can’t use it, then it’s not simple enough.

Privacy controls should be easy to find. Social networks should put privacy controls next to where they are needed; near photos, near data collection portals, and other places where users expect to find them.

If taking an action (installing an app, using a new feature, etc) will expose or share data, users deserve to know before they commit. Social networks should explain the privacy cost of each new feature, and let them make an informed choice.

Interfaces should not be evil. Each interface should clearly communicate the privacy consequences of each action. Interfaces that collect or use data in a non-intuitive way should be clearly labeled and explained.

Any kind of external data sharing should be opt-in, not opt-out. If it’s so useful, it will be easy to convince users to sign up. Outside corporations don’t have a right to user information without clear user consent.

3) The right to data minimization.

Just because a social network can, collect information doesn’t mean it should. Social networks should strive to collect no more information about users than what is required to present social functions.

Storing “click stream,” “search history,” and other data that is not directly tied to social functions is often an invitation to privacy invasions. Storing this data does not directly enhance user experiences and often violates user expectations.

When in doubt, aggregate. Aggregated data often fulfills the same function without the privacy risks.

We don’t know the long-term consequences of mass-scale data collection and storage; it is better to err on the side of caution and data minimization.

4) The right to honest communication.

Users have a right to know how their information is being used. Tell them. Use language you’d use with friends, not language used by lawyers. Agreements should be easy to understand and not contain hidden legalese.

If something goes wrong, tell users openly and honestly so that they may protect themselves.

If aggregated data turns out to not be anonymous (like the Netflix Prize data set), tell affected users. Openness today will save headaches tomorrow.

Even if the lawyers can find a legal loophole, users deserve to be treated with respect; social networks should treat users as they expect to be treated, not at the minimum possible legal threshold.

5) The right to delete.

Users have a right to leave social networks. When they do, they should be able to easily take back their data too.

The right to delete includes deleting any marketing information or dossier that has been compiled about them, including any behavioral advertising data.

Exceptions are permitted for financial transactions and other records that must be kept for legal compliance.

6) The right to know.

Users have the right to know:

– how information about them is being collected;

– to whom their data is being sold;

– how their data is secured;

– how many people can see their personal information;

– when there are data security incidents, even if they don’t trigger existing notification laws.

Disclosures should be in plain language.

If data is being collected in non-obvious ways (click patterns, through offline sources, etc) then it requires special notice.

7) The right to dignity.

Some information is too personal for social networks to demand or share. Even if it is possible to find out intimate secrets of users’ lives, it is usually best to not.

There are limits on the wisdom of behavioral and contextual advertising, even if users have agreed to it. Social networks should think twice before trying to profit from their users’ grief, weaknesses, or personal failings.

Social networking engineers should always ask themselves, “would I want my data to be used this way?” If not, don’t code it and don’t implement it.

Sites should not encourage users to debase, defame, or abuse each other. There is always another person at the other computer; remind users to treat each other with dignity.

8 ) The right to accountability.

Social networking sites should be willing to undergo regular privacy audits to prove they are using data only in approved ways. Sites that don’t allow privacy audits should be considered suspect.

Leaders of social sites should accept personal responsibility for the security and privacy practices of their sites. If they make a false promise, they should be held personally accountable.

9) The right to not participate.

Users have the right to not participate in social networking. If they choose not to, social sites should not compile a dossier or file about them, even if friends volunteer that data.

Non-users should be able to find out how personal information about them is being shared or discussed (including “tagged” photos or facially-recognizable photos) without providing further personal information.

10) The right to social privacy.

Social networks should make it easy for users to help friends be respectful of privacy.

Social networks should not encourage users to violate each others’ privacy. Interfaces that encourage prying or over-sharing are disfavored.

Social networks should allow users to contact each other about potential privacy violations and privacy requests. A simple “I’d prefer this photo not be online” notification system can help friends communicate their preferences without threatening free expression or creativity.

This is our Bill of Rights for social media. What’s yours?

Thanks to many others who have contributed to the field, including Jack Lerner and Lisa Borodkin, Mark Sullivan, Kurt Opsahl, John Battelle, and Duncan Work.

Michael Fertik is CEO and Founder of Reputation.com, Inc., the world’s first and largest comprehensive online reputation and privacy management service. Reputation.com helps users take back control of their online image, their online privacy, and their lives. Michael may be contacted, including for press and media inquires, through Reputation.com.

In today’s Quick Hits, we continue to delve into Google’s privacy problems, discuss the results of an interesting new Pew Research study, and explore how teen megastar Justin Bieber’s online reputation is being smeared by anonymous Internet haters.

–

Google Could Face Congressional Hearing Over Wi-Fi Sniffing

Google may soon face a congressional hearing over last month’s revelation that the company had collected unsecured Wi-Fi data throughout the world via its Street View cameras. Google maintains that the company didn’t break any laws, saying in a statement, “We believe it does not violate U.S. law to collect payload data from networks that are configured to be openly accessible (i.e., not secured by encryption and thus accessible by any user’s device)” but that might not be enough to keep them out of the spotlight.

Business Online Reputation Management Advice from Search Engine Land

In a guest post for Search Engine Land, Tom Leung discusses the importance of online reputation management and offers some valuable advice for business owners to deal with consumer review websites like Yelp.com.

Pop Star Justin Bieber Becomes Victim of Internet Smear Campaign

In a post for the San Francisco Chronicles’ City Lights Blog, Zenny Abraham explains how teen pop sensation Justin Bieber recently became the victim of an Internet smear campaign claiming the 16-year-old singer had contracted syphilis. The article touches on the immediacy of the social web and how deliberate attempts to defame someone’s character can spread virally with very little effort.

Online Reputation Management Awareness on the Rise

The Staten Island Advance talks about the many ways in which students and professionals have had their lives disrupted by reputation problems on social media websites like Facebook and MySpace. The article also touches on a new Pew Research Center study that shows the number of people interested in monitoring their name online has grown in recent years, signaling an overall increase in the online reputation management industry.

Young Internet Users Most Distrustful of Social Networking Websites

The New York Times reveals additional insights from the Pew Research Center study, including the fact that “younger social networkers more frequently regret posting content or ask others to remove content” and that, contrary to popular wisdom, they are “the least trusting of social networks, with 28 percent saying they can never trust such sites.”