Child Online Protection pt 2

Having discussed the general definition and history of C.O.P in there earlier blog. We continue with the various topics so as to understand what exactly why children/youth need to be protected online.

COP GUIDELINES AS PROVIDED BY ITU

 For children:

The guidelines advise them on possible harmful activities online, such as bullying and harassment, identity theft, and online abuse. They also include advice to children seeing and experiencing harmful and illegal content online, or young people being exposed to grooming for sexual purposes, the production, distribution and collection of child abuse material.

For parents and educators:

the guidelines provide recommendations on what they can do to make their child’s online experience a positive one.

For industry:

provides guidance on protecting children’s rights online for those companies that develop, provide or make use of information and communication technologies (ICT). The Guidelines have been developed to align with the UN Guiding Principles on Business and Human Rights, and explain not only what companies can do to protect children’s safety online, but also how they can enable the positive use of ICTs by children. The Guidelines also include sector-specific checklists that recommend actions for mobile operators; Internet service providers; national and public service broadcasters; content providers, online retailers and applications developers; user-generated content; and hardware manufacturers.

For policy makers:

the guidelines will help individual countries plan for their strategies for child online protection in the short, medium and longer term. In order to formulate a national strategy focusing on online child safety, policy makers need to consider a range of strategies, including establishing a legal framework; developing law enforcement capabilities; putting in place appropriate resources and reporting mechanisms; and providing education and awareness resources.

WHAT CHILDREN DO ONLINE AND SOCIAL NETWORKING

Children and young people go online to connect with friends, and make new ones, to browse the internet for information, chat with others and play games. They may:

  • search for information or content on search engines like Google and Bing
  • share images and watch videos through websites or mobile apps like Instagram, Pinterest, Vine and YouTube
  • use social networking websites like Facebook and Twitter
  • write or reply to messages on forums and message boards
  • play games alone or with others through websites, apps or game consoles
  • chat with other people through online games, BBM (Blackberry Messenger), game consoles, webcams, social networks and tools like WhatsApp

When online, children and young people can learn new things, get help with homework, express themselves creatively and connect with friends and family.

ONLINE RISKS

Evidence is growing that the internet is becoming part of the offline risks and negative experiences that may harm children. Risks associated with the Internet and ICT devices include:

  • Contact or conduct risks: Cyberbullying
  • exposure to pornography
  • violent (User Generated Content)
  • sexual exploitation, child abuse images or child pornography
  • Sexting
  • other potentially harmful experiences
  • Cyberstalking

To be continued…Next week will expound more on the  Online Risks

Child Online Protection

What is Child Online Protection?

The internet is one of the most powerful communication and education tools ever invented, and has grown so fast with rapid changes that at time the users/audience find it had or challenging to keep up with.

Child/Youth Online Protection aims to tackle cybersecurity holistically, addressing legal, technical, organizational and procedural issues as well as capacity building and international cooperation.

Children are among the most active – and most vulnerable – participants online. Techinnovar’s motto is “We detect to protect“, but we are also committed to protecting the world responsibly. That means working together to ensure cyber security, enable cyber peace, and – perhaps most importantly – protect children online.

The legal, technical and institutional challenges posed by the issue of cybersecurity are global and far-reaching and can only be addressed through a coherent strategy taking into account the role of different stakeholders and existing initiatives, within a framework of an international collaborative network.

HISTORY OF CHILD ONLINE PROTECTION

In 1998, the United States enacted the Child Online Protection Act] (COPA) to restrict access by minors to any material defined as harmful to such minors on the Internet. In 1999, the United States Court of Appeals for the Third Circuit upheld the injunction and struck down the law, ruling that it was too broad in using “community standards” as part of the definition of harmful materials. In May 2002, the Supreme Court reviewed this ruling, found the given reason insufficient and returned the case to the Circuit Court; the law remained blocked. On March 6, 2003, the 3rd Circuit Court again struck down the law as unconstitutional, this time finding that it would hinder protected speech among adults. The government again sought review in the Supreme Court.

Notably, the court mentioned that “filtering’s superiority to COPA is confirmed by the explicit findings of the Commission on Child Online Protection, which Congress created to evaluate the relative merits of different means of restricting minors’ ability to gain access to harmful materials on the internet.” The court also wrote that it was five years since the district court had considered the effectiveness of filtering software and that two less-restrictive laws had been passed since COPA, one prohibiting misleading domain names and that given the rapid pace of internet development those might be sufficient to restrict access by minors to specific material. The court referred the case back to the district court for a trial, which began on October 25, 2006.

ITU launched the Child Online Protection (COP) Initiative in November 2008 as a multi-stakeholder effort within the Global Cybersecurity Agenda (GCA) framework. The initiative brings together partners from all sectors of the global community to create a safe and empowering online experience for children around the world. COP was presented to the ITU Council in 2008 and endorsed by the UN Secretary-General, Heads of State, Ministers and heads of international organizations from around the world.

Protecting children online is a global challenge, which requires a global approach. While many efforts to improve child online protection are already under way, their reach has been more national than global.

CHILD/YOUTH ONLINE PROTECTION IN KENYA

Improved telecommunication infrastructure, fiber optic cables connecting the country to the rest of the world and massive investment in fiber connectivity have cut Internet charges, enabling many Kenyans to access cheap and high-speed Internet.

Google Kenya launched an online child safety campaign in February 18,2015 to promote responsible and positive use of digital technology for young people.

The Communication Authority of Kenya launched a campaign dubbed the “Be the Cop” The campaign seeks to protect children besides providing avenues for redress in the event of a cybercrime.  The campaign was launched during the Kenya Primary Schools Head Teachers Association (KEPSHA) Annual Conference in partnership with various stakeholders among them service providers Google, Orange, Airtel and Safaricom. The Department of Children Services, United Nations Children Fund (UNICEF), ChildLine Kenya are also other partners involved in the project.

Protecting children online is now a global challenge. In Kenya, protecting children online, is a concern of many parents, government, parents and multinational firms.

INTERNET

The internet is a connection of computers. Its a global system o interconnected computer networks that uses the standard internet protocol suite (TCP/IP) . It serves billlions of users globally.

According to Communication Authority of Kenya, research shows the tremendous growth of internet users from 3 million users in 2008 which was followed by a larger number gain in 2014, that added up to 23.3 million users and now 29 million Kenyans are able to access the internet representing close to 70% of the Kenyan population. More users are using mobile devices to access the internet amounting to 18.8 million users of the 29 million.  A total of 34.8 million Kenyans are mobile subscribers representing 85.5% of the population.

With a huge number of the users being youths, they have unprecedented access to the cyber space thus higher exposure to cybercrime, particularly due to the present uncontrolled nature of Internet access.

 

To Be continued…

SMEs Beware: Hackers Targeting Small Businesses

Many hackers are shifting their focus from large enterprises to small businesses.

Small business owners frequently assume that hackers have little interest in attacking their organizations – “after all,” they reason, “what data do I have that a hacker could consider valuable?”

They are terribly wrong.

In fact, today, about half of all cyberattacks target small businesses.

Information security often takes a backseat to other issues that small business owners face,business owners can likely dismiss information security concerns as applying only to larger organizations. That is because small business owners frequently hear news reports about huge data breaches like those that happened at Yahoo   they may incorrectly assume that hackers only pursue companies with huge volumes of valuable data; such a notion is simply not true.

When it comes to information security, no business is too small. Small businesses increasingly find themselves the focus of attacks directly targeted against them and designed to steal funds, information and customers.Furthermore, the trend towards targeting small businesses is likely to continue – small businesses have become, in the eyes of many hackers, more attractive targets than larger enterprises. Here are some of the reasons:

1. SME have valuable data.

Contrary to many people’s perceptions, the majority of small businesses store either financial information that can be used for fraud, or personal details that can be used for identity theft – i.e., they have data that criminals want.

2. SME can provide hackers access into many other small businesses.

Small businesses often use services from other small business – and those offerings may not be secure. In some cases, competing small businesses may even utilize the same service from the same provider – which, can lead to all sorts of security problems.

3. SME owners pay ransoms.

Nearly every small business has computer-based data that it needs in order to operate, and few have the capability to independently recover from a ransomware attack, so small business owners are likely to pay ransoms if hackers encrypt critical data and demand money to restore access to it.

4. SME often lack adequate cyber-defenses.

Small businesses rarely have the defenses that large businesses have – so while the reward to a hacker may be smaller if he or she breaches the “little guy” than if he/she hacked a major corporation, the odds of actually achieving a reward are often much greater. To put it simply, smaller businesses are frequently much easier to hack than larger enterprises.

5. SME provide hackers access into larger enterprises.

Small businesses supply larger enterprises with goods and services – information gradually collected from small business systems may be a hacker’s golden ticket into a larger enterprise. The massive Target breach of just a few years ago, for example, began when a hacker exploited the access that the retail giant provided to an HVAC contractor.

6. It is likely a lot easier to get away with hacking a SME than a large enterprise.

Small businesses are far less likely to have security personnel and technology in place to detect an attack as it occurs, and are less likely to have technology creating and protecting audit logs and other data needed to both perform forensic analysis and establish admissible evidence. As a result, someone attacking a small business is much less likely to get caught, arrested, and punished than someone who attacks a large business. Criminals know this – and some who would never risk trying to attack Amazon.com, for example, might have no qualms about trying to hack a mom-and-pop retail outlet. The likelihood-of-being-brought-to-justice imbalance is further exaggerated by larger firms having much greater political clout and access to law enforcement than smaller businesses, coupled with the fact that small businesses are far more likely to fail as the result of a breach – meaning that some folks who might otherwise have pursued legal action against hackers simply do not have the time and resources to do so, or may “move on” to other jobs and not “dwell on the past.”

TACKLING THE THREAT

  1. Knowledge is the most effective weapon any small business can wield against cybersecurity risks. In the great linen hack of our times, companies could easily  protect itself by as simple changing the vendor default password. That simple precaution might prevent the breach of more than 1,000 clients records and avoided a drawn-out legal battle with their competitor.
  2. Small businesses should complement education-training efforts with a strong array of technical controls designed to minimize risk.
  3. At a minimum, small businesses should ensure that they leverage strong passwords, automatic updates for applications and operating systems, hardware firewalls, and encryption for their wireless network. This simple array of controls will go a long way toward defending against many cybersecurity threats.
  4. Similarly, small business owners and employees must be aware of the risks posed by social engineers, who use highly targeted spear phishing attacks to fool employees into revealing sensitive information. Modern attacks are quite sophisticated and leverage internal information, branding, and industry knowledge to manipulate unwitting targets into believing the legitimacy of an attack message.