Category: Safety

Safer Internet Forum 2016


On the 24th of November, the INSAFE/INHOPE/BIK network and the European Commission DG CNECT organised in Luxembourg the 2016 edition of the Safer Internet Forum under the theme “Be the change”.

The conference brought together a variety of stakeholders including young people, parent and teacher representatives, industry and government policy makers and civil society organisations to discuss the ongoing challenges of achieving a “Better Internet for Kids”. As one in three Internet users are children, it is essential to come up with sustainable strategies to tackle such issues as harmful content, commercial exploitation and cyberbullying.

Javier Hernandez-Ros, acting Director of DG CNECT, emphasized the importance of following up on the challenges and ideas identified during the Safer Internet Forum through the Alliance to better protect minors online, a DG CNECT multistakeholder group which will start its work next year and aims at addressing the challenges childrens face online.

Mary Aiken, researcher at the University College Dublin, followed by a key note speech on the basis of her book “the Cyber Effect” which aims at presenting findings from cyber-psychology and research from behavioural and child development studies in relation to technology in an accessible way.

Some of her most powerful messages include:

  • The necessity to inform policy making via quality peer-reviewed studies in the emerging fields of cyber-psychology and child development/behaviour, from independent sources, conducting research for public good/general interest.
  • Develop guidelines for the use of ICT and the Internet based on research. Examples include banning screens for babies aged 0 to 2 years old and creating a “safe space” for young children online.
  • Add “cyber rights” to the United Nations Convention on the Rights of the Child.
  • Reviewing the Internet Governance process to ensure child protection is a priority.
  • There can be no trade-offs between privacy, security and the vitality of the tech industry. All three issues need to be equally addressed without one taking precedence over the other.

The commercialization of childhood

This panel session brought together academia, civil society and industry representatives to discuss the growing exposure of children to commercial content/commercial solicitations online. Two researchers from the University of Ghent underlined a number of important research findings, especially the fact that children have a hard time to recognize certain “new” types of online advertising techniques and that “labels” like the “PP” label to notify about product placements are not very effective in signaling to children that certain contents includes advertising.

John Carr from eNACSO stressed that while regulation has cracked down on many immoral advertising practices in the real world, such as paying children to talk to their peers about a product in real life, regulation has lagged behind on online advertising. While the EU Commission has relied on self-regulation, the results and impact of such self-regulation to limit children’s exposure to advertising is less than convincing. Children should have a charter of economic rights and not be tagged simply as “vulnerable consumers”. This could be achieved, potentially, via a revision of the unfair commercial practices of the EU Commission.

Martin Schmalzried from COFACE-Families Europe shared two recommendations on how to limit children’s exposure to advertising online:

  • New “indicators” need to be developed to enable children/parents to choose services which adopt a fair and responsible advertising policy. One such indicator is the ratio between advertising and “native” content. How many posts out of 10 are advertising? What “surface” of the screen/webpage is covered with advertising? Users need to have some indicators to compare how various online services, platforms or content providers fare in displaying advertising.
  • Regulators should not exclude the ban of certain advertisement techniques. As John Carr has underlined, regulators have banned certain advertisement techniques in the real world on several accounts on the grounds of unethical/unfair practices. There is no reason why online advertising should be exempt from such regulation.

BIK to the future

The final panel session of the Safer Internet Forum looked to the future and the challenges ahead. Our colleague Martin Schmalzried presented 7 key areas of focus that will need to be addressed in the future:

1-Virtual reality

Exposure to VR will increase substantially over the next years as the cost of the technology drops. Some of the issues include:

  • Harassment/cyberbullying: the first instances of “virtual groping” have surfaced on the Internet in the last few weeks. The negative effects of cyberbullying, harassment and any forms of harmful content/contact will be multiplied in VR settings due to the increased realism and immersiveness of VR. Studies have already shown that VR can be used successfully for curing post traumatic stress disorder and boost empathy. The opposite is therefore very likely true (it can enhance trauma and desensitization).
  • Child pornography and child abuse may also move to VR as the combination of VR with connected sex toys and haptic feedback devices will greatly increase “realism”.
  • The collection of data in VR will raise new questions about privacy. The data generated by users could be used for advertising in VR, for instance, as advertising has proven to be more effective in VR environments.
  • Physical problems related to VR are also likely to emerge such as eye strain, impaired depth of vision (if used by young children), or injury by collision against a “real world” object while immersed in VR.


There are many controversies which have surfaced about algorithms lately, notably the “filter bubble” effect and the viral nature of “fake news”. Algorithms can help in tackling several problems including cyberbullying, hate speech or identifying fake news, but this requires a willingness of companies to work on developing such solutions.

Algorithms will also require increased accountability mechanisms such as independent audits to avoid discrimination or unfair “humanless” decisions to be carried out. Without human judgment and interpretation, algorithms are useless and may create more problems then they solve. An example is the “predictive policing” algorithm. While it may be successful in fighting crime, as in identifying the neighborhoods where a crime is most likely to happen, the “lessons” learned from such an algorithm need a human interpretation. Are all “blacks and latinos” more likely to be criminals or rather, are all humans struck by poverty, discrimination, desperation, and exclusion more likely to commit crime? The implications of such an interpretation are highly important as in the first case, one may decide that the solution is to build more prisons, in the second case, one may decide that the solution is to fight inequalities and discrimination.

Finally, algorithms deserve their own “liberalization”, moving away from the “monopoly” and control of their current owners. The data kept by Facebook and Google is simply a billion row and column database which could be “searched” and “ranked” by any algorithm, not just the “proprietary” algorithm of Facebook and Google. Allowing third parties to propose “custom” algorithms might help solve many of the issues discussed above such as “filter bubbles” and “fake news”.

 3-Online business models

The current online business models are also much to blame for the “harmful” content or “fake news” available. Fake news heavily rely on advertising revenue, which often takes up more space than the “content” of the fake news article. Users do not understand “new” business models relying on user data or “in app purchases”/”freemium”. In the past, economies of scale provided that the more users bought a good, the cheaper it was to produce and the cheaper it could be sold, thereby greatly benefiting consumers and society as a whole. Online, this system is broken. Normally, with more and more users subscribing to Facebook, the prevalence of advertising should be dropping since Facebook should be able to “sell” its services for less advertising. But the opposite has happened! Instead, there is more and more advertising on both Facebook, Youtube and many other online platforms. Because users do not understand such business models, these services can get away with sucking more and more money from users’ time (since their revenue is generated by wasting people’s time looking at advertising) instead of lowering their “price” (advertisement prevalence) as would normally happen under a healthy “competitive” environment in the real world.

The same holds true for many other forms of digital services or content. Apps don’t get cheaper with more people buying them, although the cost of developing them is the same!

 4-Digital citizenship

More and more, we hear about the term “digital citizen” which is a “sexy” way to describe contemporary Internet users. However, the word “citizenship” and “citizen” are ill-chosen. Rather, the term should be “digital subject”. Indeed, citizenship implies that a person has a right to vote or influence the rules and laws by which he/she is governed. On the Internet, most if not all online service providers do not function as democracies but rather like monarchies, with terms of service and community standards written by the owners and with little to no “rights” for their users, only obligations.

5-Artificial Intelligence

Deep learning and machine learning has had many breakthroughs in the last decade and many more are coming. The impact on our societies should not be underestimated. Some are already talking about “labour displacement” or even permanent loss of available jobs. Humans generate more and more data through their everyday mobile phone use, Internet surfing habits and many emerging technologies such as VR and Internet of Things. All this data, if structured properly, can be used to accelerate the development of AI and machine/deep learning, and the implications should not be underestimated. As the saying goes, “children are great imitators, so give them something great to imitate”, this is even truer for AI and machine/deep learning: AI is only as good as the data it works with!

 6-Terrorism and radicalization

Terrorism, support of terrorism, radicalization, online recruitment have been high on the agenda for policy makers especially since ISIS/ISIL has emerged and social media have been widely used to propagate their messages and rhetoric. The “easy” response has been to ask for increased filtering, take-down or overall censorship of any content promoting/supporting terrorism in one way or another.

But not only is it difficult to fight such messages since new social media accounts from which such messages are being shared are created every day, but also since terrorists move to communication technologies which are harder to trace/monitor or censor such as the private messaging app telegram.

Unfortunately, focusing on censorship is like sweeping dust under a rug. It might help in the short term, but in the long term, be counter-productive. ISIS/ISIL’s emergence is strongly linked to Europe’s colonial history and recent US imperialism. Their propaganda is successful because it builds on accurate historical facts which have been ignored, minimized or even denied in our societies. Terrorism is also linked to poverty, social exclusion and seeking vengeance for the death of loved ones (as is often the case between Palestine and Israel). The priority should be how to prevent terrorism by addressing inequalities, social exclusion and bringing to justice those who are responsible for the death of innocents, often in the name of human rights/democracy but in reality, serving other interests.


News about yet another data breach and theft of millions of credit card information, user account details and the likes surface more and more often. Cybersecurity, in order to be successful in the future, will have to be considered as a public good. The open source movement is a model in this respect. With a strong community of voluntary and engaged security researchers, open source software such as Linux/GNU stays highly secure. Other proprietary security solutions rely on hiding code and hoping that no one will be able to find a vulnerability or security flaw. Time and again, this has proven to be wildly ineffective. Even “new” technologies as blockchain are based on crowdsourced security as breaking it would require, among other things, to take control of at least half of the computers on which blockchain technology is running.

For more information about the Safer Internet Forum, please visit the official website here:

For any questions, contact Martin Schmalzried (COFACE-Families Europe):

Annual Data Summit “Harnessing the Power of the Digital Revolution”

news10-22-politicoOn the 13th of October, Politico Europe, in partnership with Telefonica, organized the second Annual Data Summit, under the heading “Harnessing the Power of the Digital Revolution”. The focus was on the opportunities that processing data could bring, as opposed to underlining the risks which get too much of the spotlight, according to Telefonica’s representative. Keeping in mind the importance of privacy, he went on to stress the benefits that Big Data could bring such more efficient and smart transportation/logistics, healthcare, education, access to financial services, all of which will contribute to creating economic growth.

COFACE-Families Europe has been very skeptical about the so called “benefits” of Big Data. In an article entitled “Fintechs: Milking the Poor”, Families Europe denounces the illusions of improving access to financial services via Big Data driven innovations, especially in Europe.

Commission Vice-President Andrus Ansip stressed in his keynote the importance to enable free data flows across borders, especially within the EU, and therefore in opposition to the “data localization” trend where in the name of privacy, data about users would have to be hosted at their national level. In the European Union, there are already 50 laws in 21 Member States about data localization and this could greatly increase the costs of hosting/processing data as setting up data centers in each Member State is inefficient as some countries’ climate and environment is better suited for optimizing data centers’ energy use. EU startups would be most penalized by data localization as the “big” players such as Amazon, Google, Facebook have the means to comply with data localization measures.

While data localization laws aim at addressing national security concerns as well as privacy concerns, Andrus Ansip stressed that free data flows and privacy are not incompatible. He went on to underline the necessity for guaranteeing data portability as another precondition for enabling free data flows.

While COFACE-Families Europe does not deny that public data which can be used to serve the common good: healthcare data or transportation data could help prevent or fight more effectively a number of health risks/diseases or prevent road accidents and enable smoother and smarter traffic management. As always, the devil is in the details. The same data sets can also be used to carry out individual risk assessments and price certain citizens out of the insurance market. And this is but one of the most evident dangers. In some countries like China, data has also been used to identify “good” and “bad” citizens. Therefore, a number of conditions need to be fulfilled to ensure that data serves the common good, including the possibility for independent bodies to audit algorithms working with data to check whether they contain any form of human bias or have harmful consequences (social exclusion, discrimination…) on a part of society.

In the debate around the benefits/risks of big data, COFACE Families Europe insists on one key aspect: there is, as of yet, no objective measurement for deciding whether benefits outweigh risks/harm. How many consumers need to suffer detriment before there is a need to become concerned and intervene? 10? 100? 1000? And unfortunately, if we are to look at certain recent cases, it seems as if (macro)-economic considerations trump consumer protection.cFor instance, in the Volkswagen Dieselgate scandal, it seems as if the German authorities will not penalize or fine Volkswagen, and Volkswagen doesn’t plan on compensating consumers, at least in Europe. In essence, it is more important to defend a National “champion” than protect consumers from fraud, which, of course, directly fuels moral hazard, encouraging companies to reach systemic importance to be relatively immune from consequences in case of fraud. Thus it is important to strongly regulate big data or what can be done with consumer data rather than wait for market players to reach systemic importance, at which point it will be too late.

With regards to data localization, COFACE-Families Europe agrees that such policies carry many risks among which limiting freedom of expression, the possibility for governments to target dissidents more easily or forced jurisdiction (by localizing your data in one country, you are forcibly subjected to the laws of that country which may not be to your advantage). At the same time, the risks of data concentration in select countries also has some disadvantages such as creation of monopolies, an unequal share of the economic benefits of data, and the same threats for spying and targeting dissidents, simply concentrated in a few countries instead of being spread across the Internet.

COFACE-Families Europe advocates for a balanced approach where users should have the right to choose whether they want their data to be hosted inside their country or not. While it is true that setting up data centers in certain countries is less economically efficient than in others (linked to energy efficiency concerns mostly), concentrating data centers in a select few countries is simply an extension of the “comparative advantage” economic theory, which has led to massive trade imbalances between highly industrialized/developed nations and under-developed nations solely reliant on raw resource extraction. Data hosting and data centers should be part of the public infrastructure and public services, much like telephone lines, electricity, water supply or roads. In each country, there should be a minimum public service for data hosting, in addition to private data hosting solutions and users could choose, inside the services they use, if they wish their data to be hosted in their country or not. Such debates, however, might become obsolete anyways, since decentralized data hosting solutions are currently being tested and would enable users to host their data directly on their devices, bypassing the need for centralized data centers altogether.

Justin Atonipillai from the US department of Commerce followed Andrus Ansip and stressed, in his speech, the support for the open source movement, which has created many different ways to share and analyze data in an ethical way, respectful of privacy. Families Europe fully agrees with this approach.

The first panel of the conference touched upon key topics such as consumer choice, interoperability, openness and data portability. MEP Julia Reda underlined several important points which Families Europe fully supports:

  • Consumers must have the possibility to access their Internet of Things devices. For instance, the owner of a pace-maker could not access his own device to diagnose it for bugs even though he felt something was wrong.
  • Users should have the right to move their data, but at the same time, the right to data portability shouldn’t be mistaken or mixed up with the concept of “data ownership” and especially, the danger of transforming data into a commodity or a property that can be “transferred” or “sold” like any other good. This goes directly contrary to data protection rights as some types of data, such as highly sensitive data like health related data, should never be “sold” or treated like a commodity.

COFACE-Families Europe addressed the panel during Q&A to insist on including mesh networking capabilities for IoT. Mesh networking would allow users of IoT devices to connect directly to those devices without going through the Internet and the servers of the companies selling these IoT devices. Mesh networking also allows IoT devices to talk directly to each other and enable interoperability. At the moment, the technologies which enable mesh networking include WiFi and Bluetooth, but the upcoming 5G standards, which will equip most IoT devices, also need to allow mesh networking.

For more information about the event, please visit the Politico website here.


The digital age as an opportunity to improve youth mental health


On the 10th of October, celebrating the World Mental Health Day, Mental Health Europe held a conference on the issue of mental health in the digital age. Experts from the industry and representatives from civil society including Youth Mental Health Ambassador Nikki Mattocks, gathered to share expertise and experience on how to prevent, protect and improve youth mental health online.

COFACE-Families Europe was represented on the panel by Martin Schmalzried, who presented the #DeleteCyberbullying project and lessons learned.

The #DeleteCyberbullying project ended in 2014 with key deliverables such as an Android app, an awareness-raising video, an online virtual march and the outcomes of a global European conference on the topic of cyberbullying.  Besides the expertise gathered on how to best tackle cyberbullying, one very interesting lesson learned was the comments left by users on its awareness raising video, which reflected the many “myths” surrounding cyberbullying in the minds of regular users/individuals, showing that we are still a long way from ensuring that end users understand the phenomenon and are equipped to adequately respond.

Some of the most important “myths” surrounding cyberbullying include:

  • The belief that you can simply turn off the technology on which you experience cyberbullying or disconnect/close your online accounts. In that event, not only does the cyberbullying continue, but it is even worse as you have no idea how many hateful messages or humiliating pictures about you are being circulated behind your back. Even a child who is not using technology at all can be a victim of cyberbullying, for example if a bully decides to open a “fake” account using some humiliating photos of that child.
  • Over-simplifying the solution to an action like blocking the bully. While blocking is indeed part of the response to cyberbullying, it is by no means an all-encompassing solution. As explained above, cyberbullying can also happen behind a person’s back.
  • “Everyone gets cyberbullied, don’t be such a pussy and toughen up”. The idea that cyberbullying or bullying for that matter are simply part of “life” and one has to toughen up. While it is true that the line between “teasing” and “cyberbullying” are subjective, this belief virtually legitimizes any forms of bullying/cyberbullying, especially the most serious, even criminal forms (like sharing sexual material of underage children to humiliate them). A healthy society shouldn’t be built on the predicament that everyone will get bullied, but rather to strengthen social skills, including social and emotional learning, developing empathy, to prevent such actions in the first place. Finally, it is always easy and convenient for the wolf to recommend sheep to “grow some teeth”.
  • “Asking the bully to stop will only make things worse”. This may very well be the case, unfortunately, if the bullying/cyberbullying is unbearable and the victim seeks external help/assistance from a higher authority like a teacher or the police, the very first thing they will be asked is whether they “have told the perpetrators that their actions are hurtful and that they should stop”. This step is therefore a precondition for seeking further help rather than an end in itself.

Finally, Martin Schmalzried underlined that as cyberbullying is getting worse, looking at the statistics from the latest LSE study, policy makers need to envisage broader measures than education. The online environment also plays a role in the uptake of cyberbullying. Online service providers treat their users like subjects rather than citizens with no right to agency over the services they are using. Moderation is taken out of users’ hands and managed by an obscure cloud of professional moderators which cannot possibly respond to every cyberbullying situation in a timely fashion, busy as they are taking down the content which might get them in legal trouble (copyrighted material, child abuse/exploitation/pornography…).

COFACE-Families Europe has been calling for community based moderation, where users themselves have a right to act and shape the services they are using. And this might not only help curb cyberbullying, or hate speech, but is a fundamental necessity for cultivating values of democracy, deliberation, participation and compromise as it requires a community to debate and agree on the rules by which they are governed. Successful examples of community based moderation include Wikipedia, which has been built and populated by users themselves.  As a final point, it is to be stressed that community based moderation cannot, by any means, equate to counter speech, which is simply “support” messages to a victim without any right to agency/participation in governing their online services.

More information about the event here.

ENABLE final event on bullying in the context of child’s play

enablelogoOn the 21st and 22nd of September, the ENABLE (European Network Against Bullying in Learning and Leisure Environments) partnership held the final event of the European Project. COFACE Families Europe has been involved since the beginning of the project as a member of the Think Tank, bringing some of the expertise gathered from the #DeleteCyberbullying project and promoting the ENABLE deliverables via its website.

ENABLE aims to tackle bullying in a holistic way, helping young people exercise their fundamental rights in the home, school, class and community (i.e. peer group). The project aims to develop social and emotional learning (SEL) skills as a means of building resilience in young people so that they can better understand and become more responsible and effective for their on- and offline social interactions. ENABLE has been implemented in half a dozen countries across Europe, providing teachers with detailed lesson plans on SEL in a number of languages including Croatian. COFACE’s Croatian member, Korak po Korak, which is also highly active in prevention of cyberbullying, was present at the event.

The two day final event offered a mix of plenary sessions and workshops, including a brainstorming session during which participants were invited to develop a “roadmap” on key themes such as privacy and security, e-presence and communications, empathy and ethics, hate speech and extremism. Some noteworthy presentations from the conference included:

– The intervention of American expert Anne Collier who stressed the importance of a whole school approach to tackle cyberbullying and the failure of “zero tolerance” policies assorted to punitive measures such as suspension from school.

– Innovative examples of interactive games carried out by Urko Fernández from Pantallas Amigas (Spain), which consisted in a sorting exercise of social networking comments/messages drafted by psychologists. Children were encouraged to discuss whether the messages were safe or insulting and the video game setting sparked the debate and exchange in a natural way.

– A demonstration of security risks linked to the Whatsapp application which was presented by Mohamed Mustafa Saidalavi, allowing a person to send/receive messages from another person’s Whatsapp account by borrowing that person’s phone for a short moment and linking his/her account via a QR code on their own device.

COFACE, represented by Martin Schmalzried, spoke in a workshop on bullying in the context of child’s play – toys, games, social media and gaming environments.

Playing is important. Children develop a great number of social and technical skills via play. Recently, national education systems have taken an interest in new methods of learning, including the “gamification” of learning or the integration of new technologies in their teaching methods. While there are benefits to these innovative methods, one must be careful since the field of education is a lucrative market. For example, the UK based company Pearson, specialized in education, has a turnover of over £4 billion. The more “gamification” and new technologies are integrated into schools, the more money some of these companies can make. To guard against such vested interests, integrating innovative teaching methods in school should require careful consideration and be based on clear and proven added values. Besides, many of the video games cited as an example for their educational potential have been developed outside the video game industry (Minecraft, Portal…).

As regards bullying in video games, it takes many different forms such as flaming, trolling, griefing, identify theft, all of which may or may not fit the definition of bullying. Some examples include: Hacking into someone’s account and destroying their creations or stealing their virtual objects, and, in-game sabotage, such as ruining a player’s quest or “unreasonable and repeated killing” of a player, which is often referred to as “griefing”.

Bullying in video games is especially targeted towards specific groups, especially women, but also towards the LGBT and people with disabilities.  New technologies such as Virtual and Augmented Reality have the potential to exacerbate some of these issues:

– Identify theft with technologies enabling realistic modelling of a person.
– Physical pain, as companies develop tools to increase the realism of VR.
– Increased trauma in case of in game extreme violence or harassment.
– Desensitisation which may contribute to lowering empathy.

Yet researchers have also found a number of benefits to VR which may, in certain simulated settings, increase empathy or help get past trauma. Monitoring developments in this field is therefore key in order to reap the benefits and minimize the risks.

For more information about the ENABLE project, visit the official website

Digital Festival 2016 – an event promoting disruptive thinking in the digital world

by Martin Schmalzried

On the 21st of June, Forum Europe organized a Digital Festival, which consisted in a savant mix of high level panel discussions on the opportunities and threats of digitalization, a variety of live demonstrations of nascent or future technologies, and parallel workshop sessions covering many key issues such as Data Protection and Privacy, Connected Cars, Internet of Things, Blockchain technology and the emergence of Fintechs.

Data Protection and Privacy

With the enforcement of the GDPR, there will be an opportunity to strengthen data protection and privacy.  Although there were data protection laws in place before the GDPR, companies had little incentive to enforce them.  The penalties for breaching data protection and privacy laws were so low that some companies simply violated the law with the intention of paying any penalty if necessary.

With the GDPR, the penalty can now amount up to 4% of a company’s worldwide turnover, which should be a strong deterrent for breaching data protection and privacy laws.

Each company should now set up a data ethics department, which constantly reflects on how their use of data affects users and whether data analytics are compatible with key principles and values such as human rights, inclusion, anti-discrimination and so forth.

Finally, while there are new “tech driven” solutions to problems with the existing World Wide Web such as the Decentralized Web, speakers at the workshop agreed that we should focus on “fixing” the existing Web which was intended to be open and decentralized.

Connected cars

The workshop on connected cars consisted in the presentation from a company, Intelsat, pitching the advantage of using direct satellite connectivity for connected cars.  While it was clear that satellite connection has many advantages including a much higher coverage and reliability as opposed to mobile networks, there are several issues which need to be addressed.

Firstly, since putting satellites into orbit is highly costly, satellite service is a near monopoly which could cause many problems such as abuse of dominant position, price setting, “lock in” effect, even net neutrality issues all over again.

Secondly, assuming that connected cars will always require an Internet connection is linked to business strategies than fact. Mesh networking (via a mesh enabled 5G standard for instance) could enable connected cars to communicate directly between each other and inform cars in a certain area of accidents or road conditions without the need to go through the Internet (which of course goes against the interests of mobile network operators or satellite service providers).

More fundamentally, there are a myriad of other topics related to connected cars which deserve attention:

– How such data will be used and for which purposes? For instance, if we see insurance premiums based on data generated from connected cars, should we allow the “richest” drivers from paying for the right to drive like maniacs?

– How will connected cars affect the current business models of car manufacturers? There are already examples of GM which locks consumers into using “GM approved” repair shops whenever they need to fix their vehicles.

– How “safe” are connected cars in terms of hacking (there have been examples of connected cars being hacked from a distance) or even spying from governmental agencies?


Several recent developments at EU level will affect the development of Fintechs.  First, the passporting of financial services will allow financial service providers to operate across all EU Member States.  Second, the enforcement of the PSD2 Directive will enable greater competition in the field of payment services via the use of an API. Third, it is not yet clear whether Fintech providers will fall under the scope of the EU Commission consultation and future policy on platforms which may affect issues such as how they treat consumer data and their business models.

There are many potential benefits from the emergence of Fintechs but also many risks to consumers and to that end, all speakers agreed that we need to closely monitor the market in order to decide whether regulation is necessary or other forms of policy tools should be used in case there is a clear risk of consumer detriment.

For more information about the Digital Festival, see the event’s website

Families and “screen time”: challenges of media self-regulation

by Martin Schmalzried

On the 10th of May, the London School of Economics (LSE) hosted a symposium on the topic of families and “screen time”. The event addressed the critical issue of successfully reaching parents with resources which will empower them to better accompany their children in navigating the Internet, taking full advantage of the opportunities, develop resilience and minimize risks which could lead to harm. Much of the debate centered on the tricky contradiction between the necessity to present clear and simple messages and guidance while at the same time addressing the various parent “profiles” and their varying needs based on their parenting styles, socio-economic status or education level.

One take-away is that even if messages like the 2×2 from the American Pediatrics are well known, it is also wildly simplistic and doesn’t make any distinction between “screen time” and “screen context” or “screen content”, in essence, that not all “screen times” are equal and that playing a game with your family or doing homework is the same as watching YouTube alone in your room.

Screen time: still a relevant metric?

As was pointed out by Angharad Rudkin from the University of Southampton, while we do not know a lot on the effects of online media and screens on children’s cognitive developments, we do know about some of the “physical” effects such as risks of obesity or sleep disorder. Even if technologies such as Augmented/Virtual Reality may enhance physical activity, physical side effects may remain (exposure to “blue light, eye problems, sleeping disorders…) which means that even if a distinction needs to be made between “screen time”, “screen context” and “screen content”, it will nevertheless be necessary to exert some control over screen time. In a not so distant future, when screens will become wearables much along the lines of Google Glass, how will this affect recommendations on “screen time”?

What’s good for children?

Another issue of contention was how to distinguish between what is “good” or “bad” for children. Some of the participants raised the point that parents don’t want to be told what is “good” for their child and that parents could rely on peer to peer support to sort out what is good and bad, looking at other parents’ recommendations, reviews etc. One of COFACE’s French members, UNAF, does run such a platform which enables parents to review apps, websites or content for children ( However, such a platform is heavily filtered and monitored to ensure that there is no conflict of interest in the reviews and especially, ensuring that parents use a consistent set of criteria to assess apps, websites or content.

As is customary on the Internet, any development which reinforces users can also be used against them. User reviews and peer to peer support have proven to be very useful, but at the same time, business models around reputation management have emerged, allowing content providers or developers to pay for positive reviews.  Peer to peer recommendations and support also raise issues of “trust”. How can you be sure that the “parent” on the other side of the screen isn’t working for the app or website it is openly promoting or recommending? Furthermore, what are the credentials of the parents posting recommendations? It could very well be that very vocal parents online are not necessarily the “best” placed to objectively review online content/services. So while peer to peer networks will always be helpful, they are certainly not a panacea and need to be accompanied by measures to mitigate the problems raised above.

Classification systems and information given to parents is another way to sort content/services. There have been many advances in standardization of classification, notably via the PEGI rating system and initiatives such as the MIRACLE project which aim at making the existing rating systems and age labels interoperable.  In this respect, the role of regulators is key.  Only via the right regulatory “push” will the industry agree to get together and agree on a common standard for classification.  But classification systems also have their limits. PEGI, for instance, provides age recommendations along with content related pictograms alerting parents about such things as violent content or sexually explicit content. In essence, this classification system warns only about risks but says nothing about opportunities.

One idea would be to further investigate the effect of online content/services on children’s cognitive development. How does a game affect “delayed gratification” or “locus of control”? While it may prove to be very challenging to come up with a scientifically sound and accurate answer to these questions, it is essential that we move forward since the “serious game” industry is booming and since video game developers or online service providers do not hesitate to prominently display (often unsubstantiated) claims about the educational value or benefits of their products.

While we may never come up with a “definite” answer on what’s good for children, what is clear is that the private sector doesn’t hesitate to bombard parents with their take on what’s good for their kids. Therefore, arguably, even a mediocre recommendation to parents on what is good for their kids from independent sources such as from academia, civil society or NGOs will still be better than to leave the coast clear for claims driven by commercial interest.

The POSCON project and network is a good place to start.

Follow the money

The prevailing business model on the Internet now relies on users’ time. The more time a user spends on a service, a content, a game, an app, the more he/she will generate revenue via exposure to advertising, via exploitation/sale of the data generated by the user or via in-app purchases of virtual goods.

At the same time, the Internet is seen by many as a providential tool, a great equalizer which allows for the realization of a number of core human rights including freedom of speech. Many stakeholders, including governments and civil society argue that we should simply apply a ‘laissez-faire’ philosophy to the Internet and it will become a space of freedom.  It is certainly tempting to see it in such a light as it allows for all actors to sit back and watch and especially, shield themselves from advancing politically delicate recommendations.

Unfortunately, the Internet is undergoing a transformation by a combination of factors including algorithms and online business models.

Algorithms shape more and more what people see online, enhancing the visibility of certain content inside a social networking newsfeed or a search engine’s result page, thus inevitably skewing a users’ online experience.  While there is no way around sorting content given the sheer volume of the Internet, the methods for sorting content (how algorithms are designed) do raise many concerns.  Which criteria are used to “boost” the visibility of content? Is there any consideration of “quality” or whether the content is “positive”? Such considerations are especially important for services which are “designed” for children such as YouTube.  The videos which are prominently displayed as recommendations on the app’s home screen do not land there “by accident”.

Online business models which rely on users’ time to generate revenue also contribute to corrupting online content.  Any content producer looking to make money will seek to enhance the time users spend on their content/service.  In extreme cases, this gives rise to click baiting techniques which rely on catchy pictures/videos/headlines to entice users to click and be redirected to pages filled with advertising.  More importantly, whenever a content/service provider has to make an editorial choice about content, optimizing viewer statistics, click through rates, bounce rates or stickiness will be a top priority, often at the expense of “quality” considerations.

Some would argue that quality goes hand in hand with a website’s stickiness or viewer statistics but this is highly unlikely.  One study found for instance, that brands talk like 10 year olds on Facebook, the main reason being to maximize user interaction and reach. If producing and posting a “funny cat” video will likely generate 5 million views and an educational video about nature will generate 500.000 views, which show will end up being produced? How will such a logic impact on creativity?  How would a modern day Shakespeare fare with such a business model which seeks first and foremost to appeal to a mass audiences as opposed to pursuing art for art’s sake?
Again, when seeking to minimize risks and enhance opportunities for children online, one cannot ignore these realities.

If we want children to truly benefit from online opportunities, we need to take a closer look at who/what gets in the spotlight on the Internet or in other words, who’s making “editorial decisions”.  Many would chuckle at this very idea since the Internet is now supposed to be a level playing field with user generated content taking over and “editorial decisions” being limited to censorship of content which violates terms of service.  But as we have discussed above, algorithms and the prevailing online business model have a massive influence on who/what gets the spotlight.

Digital parenting or just parenting?

Is there such a thing as “digital” parenting? This is another question which was raised and discussed by a number of participants.  Parenting does spill over into the “online” world since social skills, sexuality education, a healthy balance in children’s activities, social and emotional learning, values such as respect can all be transposed to online settings.

At the same time, the online world offers “new” sets of challenges.  Children may encounter certain “risks” or “inappropriate content” online at a much earlier age in the online world than in the offline world, pornography being the most obvious example, which means parenting clearly needs to “adapt” to this new reality.  Also, not all “traditional” parenting can be transposed to online settings.  For instance, bullying and cyberbullying are clearly different and require adapted responses: cyberbullying is 24/7, there is a greater chance that the perpetrator(s) remain anonymous, the “signs” are harder to spot (black eye vs. a nasty message/comment) etc. So while a parent might know how to react to bullying (identifying the perpetrator, contacting the relevant authority like a head teacher or staff of a sports club), this does not necessarily apply to cyberbullying.  If the perpetrator is identifiable and is a class mate, does the teacher/school have authority to intervene if cyberbullying has occurred outside of school premises/school hours?

The fox and the crow all over again

“If all parents had access to appropriate resources, advice, guidance about the online risks and opportunities, then children’s online experiences would be optimal and all problems would be solved.” Of course, no one would dare to voice such a claim, but some would come close. Private companies have every reason to promote such an idea as it is one of the most powerful arguments for delaying any policy or regulatory measures.

To provide a useful analogy, financial service providers would argue that financial literacy should be the focus to prevent over-indebtedness and agro-business would argue that informing people about healthy eating habits should be a priority to tackle obesity and decrease occurrences of chronic diseases… ignoring of course the fact that both industries engage in wildly counter educational advertising campaigns enticing consumers to act impulsively (take out credit to get the vacation you rightfully deserve) or fulfil their needs for social recognition via food (drink a Fanta and you’ll be popular with your friends).

Private companies essentially resort to the tactic that the fox employed to get the cheese out of the crow’s mouth.  By pretending that consumers/users are full of resources, smart and informed, it allows them to better manipulate them into forfeiting control over their data, consenting to unfair terms of service or extracting large sums of money through unethical business models such as “free to play” or “in app purchases”.

The same logic prevails in the issue of advertising to children.  Advertisers happily provide “educational material” via programmes like MediaSmart to children and flatter children’s intelligence and resilience to advertising only to overwhelm them with more insidious advertising techniques.

That being said, education is always a necessity in and of itself, regardless of any specific policy objectives, but a balance must be struck between the need to educate/inform/empower and the necessity to protect and shape the environment to be as conducive as possible to positive experiences for all.  Education should never be a substitute for necessary policy/regulatory measures.

A provocative metaphor would be the following: should we put more focus on training people how to avoid mines in a mine field or focus on demining the field?

The Internet of Penguins?

All of this boils down to a simple yet very complex question: what kind of Internet do we want?  The Internet is said to belong to “no one”, and in the eyes of many it is the “ultimate” incarnation of a public good.  At the same time, throughout the Internet’s history, there have been many threats to its openness.  At one point, it wasn’t certain whether users would be able to use Internet browsers for free!  Before Microsoft released Internet Explorer for free, Internet Browsers were commercial (see Netscape’s history).  The Internet has been and still is at risk of government control be it via censorship, blocking and filtering in countries like China or to a lesser extent Turkey, or via control of its governance (the US has had disproportionate control over Internet governance).

Nowadays, it is at risk of corporate capture via “de facto” monopolistic tendencies of online platforms like YouTube, Facebook and Amazon, selective display and filtering of information (control over discoverability) with search engines like Google or control over its core infrastructure (the Internet backbone) by private Telecommunication giants or even companies like Facebook (see their project).

As a society, we need to decide collectively how much of the Internet do we want to “keep” as a public good, independent of commercial interest: websites like Wikipedia, Open Source software, not for profit initiatives like the popular coding platform for kids, Scratch and many more.  To make a comparison, we can think about the Internet as a planet which is slowly being populated.  How much of the planet will be covered with shopping malls and how much with public parks and natural reserves?  Do we want public parks to be crowd-funded and maintained by the community as a whole (like a Wikipedia) or do we want to privatize them, letting private companies manage these spaces while posting billboards on park benches and stamping adverts on trees?

Looking at piracy statistics and user behaviour online, it would seem that the unformulated answer is quite clear: users do consider the Internet predominantly as a public good, expecting to enjoy all of its content for “free”, a behaviour which has caused massive disruptions in the business models of industries such as music labels.  A recent debate is raging around the access to knowledge and academic papers, sparked by the emergence of the search engine Sci-hub.  All of these developments are directly linked to various scenarios: a stubborn pursuit of the current intellectual property and copyright laws where right holders will engage in an eternal witch hunt against piracy, the development of alternative business models such as unlimited subscription based models such as Netflix, or even the generalization of concepts like the “universal salary”, currently under experimentation in Finland, which would allow people to work for the community without having to worry about their pay check.

All of this seems far from the debate about “child safety”, but it will have a much deeper impact on children’s online experience than the addition of a new safety feature or reporting button on their favorite (unique) social network.

For more information about the event, visit the LSE blog

Child Safety Summit in Dublin: Google and Facebook team up

by Martin Schmalzried, Senior Policy and Advocacy Officer @COFACE_EU

On the 14th and 15th of April, Google and Facebook jointly organized a Child Safety Summit, providing all participants with an insight of key developments in their respective policies and initiatives around child safety online. Both Google and Facebook presented their community policies, tools which help users stay safe by controlling their privacy settings, blocking, reporting and many other features. A notable development is the growing effort to make it as easy as possible for users to check the safety related settings on their accounts: Facebook thanks to its “privacy check-up” tool which takes the user through an easy review process of his/her safety settings and Google with the “My Account” feature which centralizes settings across multiple Google services.

Both Facebook and Google stressed that rather than more regulation, child protection stakeholders including NGOs should engage more with key industry players in a spirit of self/co-regulation. Google and Facebook underlined that they do not stop at “compliance” but look at constantly innovating and upgrading their safety features, fueled in part by feedback from NGOs (which was also one of the reasons for such as Child Safety Summit).

I attended both days and participated in the panel about the General Data Protection Regulation (GDPR) and the controversy surrounding the “age of consent” for data processing.

GDPR: teenagers’ worst nightmare?

During the panel, several speakers underlined their deception both at the regulatory process through which the current age limit for data processing was set, the negative impact it may have on teenagers (being excluded from social networks, forced to lie about their age or harass their parents for obtaining their consent violating their right to privacy) and the likely end result which will create a fragmented environment for any company or actor processing data in the EU.

From COFACE’s perspective, the issue of consent is only a very small part of the Regulation.  In effect, the debate about which age should be the “limit” for consenting to data processing and for requiring parental consent has been misrepresented and misunderstood. Furthermore, consent as such is controversial as users typically never read Terms of Service (ToS), click away at anything that pops up just to access the service so looking at whether ToS are fair in the first place is more important than debating about the age at which one can give consent… Perhaps the answer is “at no age” given that no one reads ToS!

Many actors said a limit set at 16 is the same as forbidding teenagers from accessing social networks or the Internet without seeking parental consent, or that teenagers and children would be more vulnerable online since they would use services anonymously. These are overly simplistic interpretations of the Regulation. Teenagers below the age of 16 would only require their parental consent for services which process their data; the intention of the law makers in this instance, was protecting teenagers and children from the commercial exploitation of their data and being overly exposed to commercial messages/marketing since online advertising now relies on processing a high degree of data to personalize advertising. Also, anonymity is an issue completely separate from the debate around data processing. A user can very well use his/her genuine name and post genuine pictures of him/herself without any “data processing”. Conversely, it is easy to pretend to be someone else and use a nickname on services which rely on heavy data processing (including Facebook). The proof is simply the number of children under the age of 13 currently on such services! Finally, on the question of being more “safe” in environments where data can be processed, this is also an overly simplistic view. It would depend what the definition of “data processing” is: does it include monitoring, reporting and online moderation?

The end result of the Regulation for teenagers’ access to online services can be illustrated by three scenarios:

The first one where online services refrain from processing data of teenagers and thereby allowing them access without parental consent (meaning that any algorithms processing personal data would be disabled and content would be sorted automatically according to the date posted for instance). This, unfortunately, is highly unlikely, since targeted advertising is the business model on which most of these services rely, so interpreting and applying the Regulation in such a manner would effectively deprive them from around 20% of their revenue.

The second where online services set the “cut off” age for using their services at 16, pretend that no under 16 year old uses their service, and engage in a selective “witch hunt” of underage accounts, closing them at random. This is possibly the worst outcome for both teenagers and online services as teenagers would need to lie about their age, and would therefore not benefit from the “protection” from certain types of advertising or content and would also be subject to having their account closed if they are identified as being under 16.

The third scenario where online services set up a “parental consent” mechanism and where teenagers would need to pester their parents to get access to such online services. This also is a rather negative outcome for teenagers and their right to privacy, freedom…

In the end, the “blame game” has been mostly pinning down the failure of the Council, which should have known that online services would never refrain from processing data from under 16 year olds and thereby renounce to 20% of their revenue…

From COFACE’s side, we underline the necessity to reflect on a key question: how can we strike a better balance between the prevailing business model centered on advertising, data processing and profiling and the necessity to protect children and teenagers from the commercial use of their data and from advertising and marketing?

Besides, perhaps another wish of the Regulators is to ensure that teenagers below the age of 16 experience an unfiltered Internet instead of the Internet “Bubble” which displays only content that users already like.  Services like Instagram used to sort pictures displayed according to the time they were posted, not based on an algorithm.  By the same token, teenagers below the age of 16 and children should have the right to access information with as little “algorithmic bias” as possible. Many users have expressed their discontent at Facebook’s decision to apply an algorithmic sorting on Instagram feeds, so the question of displaying information in a neutral way goes far beyond the debate of teenagers.

Technology will save the World

With the immense success, influence and power that online services like Facebook and Google have, it is no wonder that their actions can greatly affect the world we live in.  Among these we find developments in Virtual and Augmented reality, Artificial Intelligence, Machine Learning, even connecting the poorest regions of the world like Africa to the Internet.

While the benefits such innovations can provide are real and can make a difference for people, it also raises ethical and political questions of private companies impeding on the public interest and the role of States.

To illustrate the issue at stake, we can mention the example of Bitcoin. The Bitcoin virtual currency has been identified, by many academics and technophiles, as a solution to store value for people living in countries where the rule of law is weak and where the local currency’s value suffers from high volatility. At the same time, it can weaken even more the local currency and delay much needed pressure for strengthening the rule of law through political action.

In a similar way, private companies providing and Internet access to people may delay the investment and development in public infrastructure and put private companies in a monopolistic position in these countries, with the power to shape what the people accessing their “version” of the Internet can see (like an access via the “” portal).

When governments set up infrastructure, it is seen by the population as the realization of their rights, the public good and general interest of all based on the social contract they have with the State, when a private company invests in infrastructure, it is seen as an act of charity for which people should be thankful. In essence, infrastructure has moved from being a human right to a company provided privilege.

Far from arguing that these projects do not make a difference or change people’s lives on the ground, there may be a better balance to strike between the private and public interest, for instance by aligning the private investment with public investment to encourage governments to develop the IT and telecommunication infrastructure and prevent a private company from fully controlling Internet access, and also setting some criteria for providing Internet access, for instance by ensuring that users are not forced to access the Internet via a portal imposed by a private company.

Silence about VR

Although we are at the cusp of a VR revolution, with many implications for child safety, neither company mentioned VR or their initial reflections on child safety in VR spaces.  Even as COFACE asked whether Facebook intended to consult with civil society and child protection NGOs in advance, the response was that it was “too early” for such discussions. A day earlier, Facebook was hosting its F8 conference, presenting social VR which enables two or more people to visit real places in VR as avatars and hinting at “face scanning” technology to create realistic looking avatars

This is very surprising given that the first Oculus Rift devices are set to ship in the coming weeks and that children all over the world might start to experience VR in the households equipped with an Oculus device or even a VR capable smartphone coupled with a compatible Google Cardboard or Samsung Gear VR headset.

So far, VR has shown great promise in clinical and research settings helping to develop empathy or fight addiction.  VR’s so immersive that it successfully tricks the brain into believing it is real, which is also why simulated experiences have a very “real” impact on the users.  Of course, no research or clinical trial will ever attempt to traumatize users as an experiment, but one can only assume that since VR has such a “positive” impact in experiences which are aimed at resolving issues like post-traumatic stress disorder, it can have a similarly powerful “negative” impact.

Artificial Intelligence to the rescue

The ongoing fight against child abuse has already received much help from technologies such as PhotoDNA or Video Hashing, enabling machines to identify and quickly take down known images or videos of child abuse. The advances in artificial intelligence (AI) might, in the near future, be able to recognize previously unreferenced content which might portray child abuse, thus tackling one of the most problematic aspects child abuse: keeping up with the constant upload of “new” child abuse material.

But AI could also have many other applications outside the scope of child abuse and copyright infringement. Terrorism, hate speech, cyberbullying even suicidal thoughts could be picked up and flagged by AI.  One interesting application would be to display a message to potential victims of cyberbullying or hate speech, prompting them to report the content or asking them if they need help. At this stage, there are many challenges for this to happen:

– The priority given to the development of such an AI vs. all the other potential applications (like identifying the contents of pictures…).

– Legal barriers to keeping sufficient amounts of data (such as millions of messages flagged as being cyberbullying or hate speech) to “train” the AI. Under current regulations, companies like Facebook or Google are not allowed to keep any data from users that has been flagged and deleted because it infringed upon their community guidelines (save for very sensitive data such as elements of proof for a criminal investigation).

– The complexity of training such an AI since it has to rely on a very wide number of parameters and learn to differentiate, based on the context, whether a message is meant as a joke or as a real threat or insult.

Nevertheless, given the effort to develop algorithms which display “context appropriate” ads, investing in the development of an AI which could pro-actively prompt victims of hate speech or cyberbullying for help or flag content early for moderators to review could be a game changer in the fight against online harassment, cyberbullying, hate speech etc.

More services designed for kids

As more and more actors including NGOs and policy makers worry about the exposure of children to inappropriate content, commercial exploitation, online abuse and other dangers, especially on large online communities which are designed for adults, services designed for children are starting to emerge.

YouTube Kids is a good example of such a trend. COFACE has been in favor of such a development, especially for very young children, making sure that they have access to quality, positive content which is age appropriate in a safe setting.

However, there are still a number of issues which need to be resolved:

– The choice of the business model behind such services is even more critical and sensitive then for “regular” services. While making parents pay via a monthly fee bears the risk of excluding the most deprived and vulnerable, a model based on advertising has to abide by very strict rules to ensure that the balance between commercial content/advertising and “regular” content is fair and proportional. At the time of writing, YouTube Kids is still struggling with “grey” zones in terms of content.  While “formal” advertisements have to comply with national legislation on what can be advertised to children (no food for instance), the user generated videos themselves feature many unboxing videos of toys or stories/cartoons based on commercial content (for instance, the Hotwheels cars).  Potential solutions to this issue is to “flag” such content as “commercial” to make sure that children understand that there may be a commercial objective behind it.  Creating a separate category for such “commercial” content should also be envisaged, as having a “hotwheels” video in the “learning” category is greatly misleading!

– The “sorting” algorithm which decides what is featured on the home page and through the search feature need to be tweaked to give more visibility to “positive” content based on a certain number of criteria (a possible link could be done with the POSCON project). At the moment, a search for “puppies” for instance returned many videos which feature unboxing of products and toys featuring puppies. Although these videos do indeed correspond to the search term, they should not appear in the first few pages of the search results.

– Parental controls on YouTube Kids could be enhanced further, giving the possibility for parents to select which “types” of videos should be made more visible on the YouTube Kids homepage. For instance, some parents would prefer the “learning” videos to appear more prominently in the homepage as opposed to other categories.

Users in control

Once again, the danger of algorithms restricting user experiences was raised. This is especially important for children as it may prevent their development, feeding them content that “challenges” their views rather than displaying only what they already like, thus creating a “filter bubble” and, in the longer term, a “filter tunnel”.

User control over algorithms is therefore of utmost importance; allowing users to decide whether they prefer to have an “unfiltered” news feed which sorts content by date or a “neutral” search result which does not rely on the user’s previous searches.

User control has already been enhanced in many ways, by boosting control over privacy settings or providing more granularity for parents in setting up their parental control settings.  In that area as well more can be done.  For instance, parents could benefit from parental control restrictions which only display apps without advertising or with a transparent pricing policy.  While Google has added a feature which blocks in-app purchases and requires a parental PIN, the poor cost transparency of games based on in-app purchases may push parents to filter them out completely (COFACE has been advocating for more transparency in pricing by displaying the “average” cost of a game based on player’s spending patterns and time spent playing the game).

Finally, user control is greatly dependent on other things such as the quality of ratings and classification of content. One participant rightfully pointed out that the “Movie Star Planet” app is rated 3 years and above on the Google Play Store, even though such an app allows interactions between users (children) with much “girlfriend” and “boyfriend” talk (bordering on sexual talk) and a potential issue with grooming.  Google sets ratings based on a publisher’s response to a series of questions.  For instance, if the publishers of “Movie Star Planet” said that there is user interaction but that their app includes human monitoring and moderation, the system would automatically assume that the app is safe for kids.  But this relies on the trust and good faith of publishers to correctly and honestly answer the questions.  Further reflection on how to ensure that apps and content in general is classified correctly is thus needed.

Education, not a silver bullet but…

While everyone agrees education is not a silver bullet, it certainly looks very much like one…  The resounding quote from Jim Gamble (INEQE) still sticks in my mind: “it’s not about context, it’s about people”.  In essence, if we “change” people, educate them, inform them, then no matter if the Internet is a right mess, no harm could ever come to them.  The “context” is like a huge mountain, it’s pointless to try and dig a tunnel under it, we should focus on learning how to climb it.  Or should we?

It goes without saying that education is very important, but for every effort to educate children and adults alike, a similar effort needs to be made on safety by design, privacy by design, rethinking how online services operate.

There are also limits to what companies can educate children about.  For instance, teaching prevention about cyberbullying poses no issue at all, since it is in the interest of companies to minimize incidences of cyberbullying on their services.  On the other hand, when advertisers teach about media literacy and critical thinking, especially about advertising, there are strong reasons to question the quality and impact of the educational material.  MediaSmart, for instance, was developed by the World Federation of Advertisers.  It features many lesson plans centered on making children design and develop their own ads, an activity which shines a positive light on ad-making.  Furthermore, the only “real” examples of ads proposed for analysis are all very positive and the “negative” examples of misleading ads are all fictional. COFACE has developed a media literacy education tool for parents, Nutri-médias, which covers to a much greater extent the different advertising techniques and real examples of advertising and the controversies surrounding them (gender stereotypes, healthy eating habits…).

All in all, for certain educational activities such as learning how to code or how to develop empathy, prevent cyberbullying, there are no issues in having civil society, NGOs, private companies and public authorities working together.  On other topics such as Big Data and the potential impact on society or how online business models contribute to shaping the Internet, independence of NGOs and governments is key as private companies have a vested interest in presenting these topics in a certain light.

Self-regulation and co-regulation

To finish, the two day event did convey the message that both Facebook and Google are open to suggestions and welcome any criticism on how to make their online services safer for children.  MEP Anna Maria Corazza Bildt underlined that working with the private companies is key to ensuring that children stay safe online and especially, addressing questions like processing children’s data for commercial purposes or children’s exposure to commercial content.

COFACE welcomes any such initiative but insists that a legal backstop and a proper, independent monitoring and evaluation of progress made are a necessity.

For more information about the event here and on Facebook.







Digital Values: Advancing Technology, Preserving Fundamental Rights

by Martin Schmalzried

On the 18th of January, Carnegie Europe, in partnership with Microsoft and in association with the Dutch Presidency, organized a conference on devising policies which help to maximize the value of technology while preserving our core values. Several high level key note speakers took the floor including Brad Smith, President and Chief Legal Officer of Microsoft, and Věra Jourová, European Commissioner for Justice, Consumers, and Gender Equality.

The key topics discussed, from COFACE’s perspective were balancing privacy with security/safety, the latest developments and implications for the Internet of Things, transparency and user trust and finally, the development of Big Data.

Balancing privacy with security/safety

Given the recent terrorist attacks in France and in many other parts of the world, the “mood” has shifted from a focus on privacy following the Snowden revelations to security and public safety. Privacy is often pitched against security and safety, in the sense that one cannot have both privacy and security/safety. To some extent, this is true. If States were allowed to limitlessly monitor and skim through all data, perhaps some terrorist attacks could be prevented. However, the assumption on which this trade-off is built is a gross over-simplification of the world we live in. Pitching privacy against security/safety fails to address more pressing issues such as rethinking the foreign policies of our National governments and actions at international level which may indirectly or directly encourage terrorism. Should we therefore keep selling weapons all over the world, apply very cynical policies or “real politik” across the world, failing to address the hardships that citizens in Iraq, Syria or Afghanistan are facing, failing also to recognize our governments’ responsibilities in creating the mess and at the same time implement mass surveillance as a means to prevent terrorism? There may be no dilemma or trade-off between privacy and security/safety after all. Privacy simply needs to go along with measures to curb inequalities, bring about more responsible, humanist foreign policies and eliminate discriminations, exclusions and the ghettoization of specific minorities.

The Internet of Things

While for end users, innovations in the field of IoT (Internet of Things) seem very attractive, especially in their potential to make their lives easier (automated heating, managing your fridge’s content…), they also gives rise to a number of challenges:

– A lack of standardization in terms of communication protocols, security, privacy protection, etc could break the very principle of the openness that the Internet was built on, with each actor trying to impose his “standard” for IoT.

– How can users access data generated by IoT and under which format should they receive it?
– How can users control data generated/transmitted by IoT? Will there be a way to switch the connectivity off?

– How much of the devices functionalities should run through the Internet as opposed to run either “offline” or only on the local “house” network? For instance, should a talking pet require permanent connectivity to interact with a child, it may be very restrictive in terms of use. Also, if a toy monitors a child, should the “recordings” be uploaded to the Internet or rather stored on a local computer on the “house” network? The latter point raises the question of privacy and intrusion of IoT into the privacy of minors. This is especially tricky from a legal point of view as IoT devices may monitor and collect data about adults but also about children. This may give rise to a new form of privacy protection model, based on Privacy by Design or Privacy by Default.

– IoT is extremely complex from a liability point of view and includes many “layered legals”. Who is responsible in case something goes wrong? Often, there multiple companies involved to make IoT work. For instance, in the case of an automated heating service, car companies are involved (to send a signal from the vehicle when the user gets close to home), online cloud services, the IoT device itself and potentially even more (if there is a third party software on the IoT device…).

– The combination of Big Data and IoT may also usher in a “Premium” vs. “Freemium” era, where consumers are offered discounts based on their behaviours, at the expense of quality of service. Many examples illustrate how IoT and Big Data can be used for better or for worse. Hotels for instance, can gather data on a consumers’ habits (does he/she usually heat the room, how many towels does he/she use, etc…) to save energy, water… but this data could also be used to propose “Ryanair” type discounts to consumers at the expense of quality (if a consumer agrees not to use the air conditioning, or not use any towels, he/she will get a discount…) or even discriminations (should a consumer take long showers or baths, he/she would be proposed systematically higher prices for hotels).

Transparency and user trust

User trust is absolutely essential if companies wish them to embrace the current revolutions in IoT, Big Data, Artificial Intelligence etc. However, this poses a serious challenge. How can a company be transparent about highly technical and complex issues such as Big Data? To give a concrete example, credit scores, which are automatically calculated using algorithms and Big Data are all but transparent to consumers.

In the end, while transparency is a necessity, ensuring that a quality regulatory framework is in place will also help in securing user’s trust. As Brad Smith has pointed out, regulation should be clear and predictable, rights of people need to be respected and their rights need to have remedies.

Big Data

Big Data is a relatively new phenomenon and users are only getting familiar with its implications and the possibilities such a technology offers. There are many questions that users are struggling with:

– How much is my data worth? Am I getting my “data’s worth” when I’m using a service which relies on the use of personal data in its business model?
– Is there a trade-off between sharing my personal data and the service I am receiving? Can this data be used against me?
– How can I have more control over the data I am sharing and how the data I share influences my online experience?
All of which will need to be addressed if users are to entrust companies with their data.

To finish, COFACE fully agrees with the lead statement of the conference: advancing technology, preserving fundamental rights. This balance will certainly need to be struck in the years to come and COFACE will reflect on all the latest developments to ensure that users get the most out of technology.