You can tell your kids to stay off the social networks and you can tell yourself that they’ll listen, but chances are they’ll find a way on, anyway. So we’re going to address reality and do our best to ensure that their Facebook and Twitter accounts are secure and private and that they use the networks as safely and responsibly as possible.
Of course, Twitter and Facebook (in addition to being wildly popular social networks) are data brokers. This means they make money selling anything and everything you post there to third-party marketing and advertising firms and other companies who then use the data to better target advertisements and product campaigns toward you, or in this case, your kids. It’s also safe to assume they are tracking any web-browsing you do while logged in, but you can at least try to prevent this. This information may or may not be anonymized before it is sold. This depends on who it is sold to and what they are using it for. Anonymous or not, we covered a story last year where a man in Europe asked Facebook for his data profile, i.e. the data Facebook retained from his posts, chats, network surfing, etc. What the twenty-something received in return was 1,200 page-long PDF with everything he had ever done on the network, including things he had ‘deleted.’
I mention this because the data collection is very real and there is no real way to opt out or to avoid its transmission to third parties. If you’re fundamentally and unwaveringly opposed to the wholesaling of your personal information, then the social networking space might not be the place for you—or your kids. However, if you are okay with this, then there are a number of ways to keep the information your kids post on Facebook and Twitter private from other users, whoever they may be.
The first thing you want to tell your kids (and this applies to you as well) is that they need to be very careful about accepting friend requests (on Facebook at least). The Internet is a seedy place in general, but particularly for adolescents. It cannot be overstated: ONLY ACCEPT FRIEND REQUESTS FROM PEOPLE YOU KNOW AND TRUST. I go even further: When I receive a friend request, I actually check out the profile of the sender to make sure that person is who they say they are. It is not unheard of for an attacker to pose as people your kid knows in order to trick her into letting him into her network of friends.
We recently published a video on Threatpost that details ways in which you can use built-in Facebook features to bolster the security of your Facebook account. I recommend you give it a view before you let your kids set up an account.
Twitter, on the other hand, is a different animal altogether. It’s a freer environment than Facebook. By default, your kids won’t get the opportunity to vet who follows them, so anyone will be able to see what they post. There are some features that, if enabled, can help to keep their Twitter accounts private, like ‘protecting your tweets’ so that anyone who wants to follow your child will need permission first, either from you or your child. You can also turn off location tags. Location tags broadcast the physical location from which tweets are sent. There are also various email notification options that can help you and your kids keep track of what is going on with their Twitter accounts.
Kids also need to be aware that scammers run rampant on Facebook and Twitter. Not one natural disaster, pop star death, sporting event, or other popular world event passes without scammers taking advantage. Not that your child would know who Elizabeth Taylor is or care when she dies, but that daughter of yours might have fallen for a scam last year that claimed that Justin Bieber had been stabbed in the back by a crazed fan after a show in L.A.
If Facebook happens to be awash with scams (it is), then it often seems that Twitter was designed to support them. The 140 character limit makes URL shorteners necessary. The problem with these is that it is impossible to know where a given link will take you and because of this they are regularly used to distribute malware via infected websites. Sometimes it’s easy to spot a scam and sometimes it isn’t, but as GI Joe always said, “Knowing is half the battle.”
Considering that cyberbullying has gone from a nonsense phrase to having its own public service announcements and at least one made-for-TV movie, it is increasingly important to make sure your kid’s accounts have good passwords. The last thing you want (as a thirteen year old, at least), is to have some other kids from school guess your password, access your account, and post humiliating and/or untrue things about you. The easiest way to avoid this is to use a strong, non-obvious password.
As a parent, it is possible to link your kid’s account to your email address and mobile device. That way, if you have trusted devices set up (see video), you can monitor whether their account is accessed from an unrecognized device and you can cut off an account takeover before it becomes a problem.