Following on from my previous article on cyber-victimisation of children and its annual increase, today I would like to talk about the importance of raising awareness of the digital footprint that we all have on the Internet, but especially that of children, and therefore what we can do to prevent certain behaviours that occur in cyberspace.
What is the digital footprint??
The digital footprint is the traces that a person leaves behind when using the internet, whether it be websites that are accessed, emails or the use of social media and the information that is shared there.
In general, people who do not use the internet professionally are not usually fully aware of the digital footprint they are leaving, the IP from where they connect, when they buy online, reviews. Also, when they publish, for example, videos or images on social networks.
A serie of data that remain in cyberspace and that, in the future, can compromise us or, focusing on the subject that concerns us, cybercriminals can use to carry out behaviours such as those discussed before, cyberbullying or online grooming.
The survey carried out by the Valencian Association of Consumers and Users (AVACU) states that 23.7% of children/teenagers have their profile public.
This means that whatever they publish, anyone with good or bad intentions has access to a large amount of data. Children do not even imagine the possible danger that this entails.
Two out of three children use social networks
On the other hand, I am surprised by the data provided by AVACU that 68% of children between 10 and 12 years of age use social networks. As for parents, 12.5% say that they do not know or control any of the social networks on which their children have created a profile.
To be honest I would actually say that this percentage is higher, as it is very easy to create new accounts without parents being aware in order to avoid “parental control” in this case or to impersonate others in the peer group in revenge, as INCIBE’s is4k explains.
This is undoubtedly extremely worrying, especially in the case of younger children.
Victimisation from a criminological perspective
In order to understand why certain disruptive behaviours may occur, I will explain in detail the theory that fits best with social cybercrime. According to Cohen and Felson’s (1979) theory of routine activities, 3 elements must come together for a crime (here we are talking about physical crimes) to take place:
- A motivated offender -> Cybercriminal
- A suitable target -> children as victims
- Absence of surveillance -> parents, legal guardians or any person who can protect themselves or others.
This is transferred to cyberspace, postulating, as Miró (2013) states, that what is relevant here is the victim’s own actions, self-protection, which plays a conditioning role in the criminal opportunity, since they expose certain assets and spheres of their personality in cyberspace.
In other words, children with public accounts, uploading videos and personal images, as well as places of residence, leisure (for example, which football team they play for), where they go to school, etc., what they are really doing is exposing this data from their personal sphere to any person and, what concerns us, they are also exposing this data to people who want to carry out morally reprehensible conduct towards the possible victim.
So, the human factor is key not only in the prevention of pure cyber-attacks, but it is also fundamental in the social cyber-attacks mentioned above.
Are children prepared for self-protection on social networks?
In my opinion, they are not prepared, especially if we are talking about children aged between 10 and 12 who, as AVACU says, have social networks, are not aware of the dangers behind the screen, and I would even dare to say that on many occasions their parents are not even aware of it.
Based on this premise, we cannot leave self-protection in cyberspace in their hands, so, in the absence of this, the essential element is the capable guardian or vigilance, which must be transferred to those responsible for the care of these children, which in most cases is the parents.
I can think of some prevention strategies, but the first and most basic one starts with raising awareness among both parents and children of the dangers that exist on the internet.
At the IntelCon 2020 conference (for those of you who don’t know it, it’s an intelligence conference), Jezer Ferreira proposed a challenge that, starting with just a phone number, showed how much information could be collected from the person who “owns” that phone number through open sources (OSINT).
In the challenge, the phone number alone could provide information such as email address, name and surname, social networks, location through metadata, likes and hobbies, profession and place of work and a series of data that cybercriminals can use to carry out targeted attacks such as phishing or sexting, to name a few.
I had some knowledge about internet exposure so far, but watching the conference had such an impact on me that my Master’s thesis is based on OSINT and on the idea that Jezer reflects in IntelCon.
It is true that it is a fake profile that was created consciously and has zero privacy. However, it is worth mentioning that there are minors (and adults) who have no privacy at all, from the WhatsApp that, contacts that are not saved in the address book, can see the profile picture, to having social networks public with lots of personal information available to anyone.
Therefore, my proposal is to carry out live educational talks similar to the IntelCon challenge for parents and that could be done through the AMPA’s of schools and high schools, as well as for teenagers.
We will not know if this will reduce the number of cyber-victimisations, that would require further research, but I am convinced that it will at least make them think about issues they would never have thought about before. At least, this way, they will think twice before publishing any data in cyberspace and thus make it a little more difficult for the “cyberbullies”.