Fifteen years ago, a child’s main cyber-risks focused on unauthorized spending on in-app purchases or in response to online marketing aimed at children. COPPA (The Children’s Online Privacy Protection Act) addressed that problem by requiring parental consent to advertising targeting kids under 13.
Fast forward, and those cyberkids are older teens (meaning COPPA doesn’t apply), with part-time jobs and Facebook pages. The cyber-risks they face today have expanded dramatically, and include identity theft, fraudulent tax return victimization and stalking and exploitation. For example, computer malware using webcams to take videos of victims has often involved minors. But as financial services lawyers, we’re concerned about cyber-risks that can damage credit even before minors are of age to qualify for it. Compromised credit that follows its victims can set back financial futures.
A recent New York Times article explained in a nutshell why identity thieves target children: because their credit reports are clean. It cited a 2011 finding that the social security numbers of more than 10% of children caught up in a data breach were being used by someone else. But unlike adults, kids without credit histories can’t “freeze” them. Some credit agencies make exceptions, but not without “reams of information” on the child, says the NYT article.
But digital kids are already posting “reams of information” about themselves online and on social media, including birthdays, birthplaces, addresses, purchases, health issues, and schools. They’re sharing selfies and travel plans, but may not consider or even be aware of the consequences of such sharing. Wearable tech devices may be adding nutritional intake, exercise levels and even sleep habits to the data available on kids. Voice recognition software is embedded in toys. The desire to be constantly connected may lead children to overlook (or ignore) the privacy settings on the apps they favor.
As digital natives, it is natural to kids and young adults to be constantly connected and transparent, yet they often do not consider that the information available to friends, fans, and followers is also available to companies. Big data doesn’t discriminate on age. By the time a digital kid turns 18, “reams of information” about him (and her) have likely been gathered, stored and sold. When that data includes compromised or impaired credit information, questionable images, or health information the financial and professional futures of kids may be at risk.
As the exchange of information continues to flow freely on the web from an increasingly transparent demographic, companies may need to step into role of a corporate steward to protect and educate their future customers on how their data can impact their financial and educational futures and even their personal safely. Now is the time for companies to choose a strategy to build “trust” relationships early by looking out for the long-term interests of the digital native, and in return companies can establish brand loyalty with this increasingly influential population.