Protecting our children as they learn online

Protecting our children as they learn online

CHUKWUEMEKA CAMERON

Sunday, March 29, 2020

Print this page Email A Friend!


Children and schools now more than ever, in the context of remote learning, are more susceptible to social engineering and schools phishing attacks or, to put it another way, more prone to be victims of child predators. There is also the added risk in that social media is being used by traffickers to recruit victims, to proliferate their trafficking operations, and to control victims through restricting their social media access, impersonating the victim, or spreading lies and rumours online.

In the face of this COVID-19 pandemic many schools have transitioned to the delivery of educational instructions online. Having done so it is our position that they are now obliged to ensure the appropriate controls are also put in place to protect the right of privacy of our children. We fear that this is currently being overlooked.

Based on the report of the minister with responsibility for education, schools have done a commendable if not amazing job in rapidly making their educational instructions available online, moving from the physical classroom to the virtual classroom. While this was done voluntarily by some schools, it was also done at the behest of the Ministry of Education. It is impatient of debate that maintaining the consistent delivery of educational instructions is critical for our children and Jamaica both in the short and long term.

We assume that those schools that could afford to have the basic infrastructure in place to be able to offer educational instructions online, literally overnight, would also have in place a robust physical security framework. The security framework could possibly include security fencing with a manned gate, school access protocols during school hours, coupled with possibly closed circuit television system, among other such security solutions. These security measures are all with a view of protecting our children from the vagaries of society.

While having done what is necessary to guarantee the continuation of the delivery of educational instructions to our children, to what extent have we put measures in place to protect our children online and, more particularly, their personal data? No longer are our children being exposed to the threats that attend a physical school, which threats are limited to the geographical location. Now the threats are those that exist online. The 2018 US Trafficking in Persons Report stated that, “Traffickers increasingly use social media platforms to recruit victims.”

Ours is the view that the chances of our children being targeted for grooming or for human trafficking or for whatever other nefarious purpose is greater online than in the real world. If one accepts that premise it follows that resources and time spent on protecting our children online should exceed the budget and energy spent on physical security.

The question that must now be asked is: What controls, if any, have been put in place to protect the personal data of our children by schools that process their data? In particular, what measures have been put in place by the schools to educate our children about the dangers of using online platforms? And what controls have the schools put in place to protect the confidentiality, integrity, and accessibility of the personal data of our children of which the schools are fiduciaries.

One need look no further than our Charter of Fundamental Rights and Freedom to understand that schools are not only fiduciaries but along with the Ministry of Education has a duty to protect our children and their informational rights. Article 13(3) (k(1)of our Charter of Fundamental Rights and Freedoms guarantees the right of every child to such measures of protection as are required by virtue of the status of being a minor or as part of the family, society and the State. The UN Convention on the Rights of the Child that was approved by the United Nations General Assembly in 1989 and spells out the human rights to which the world's children are entitled. In particular, Article 17 refers to access to information by children and protection from “information and material injurious to his or her well-being”. (UN General Assembly 1989)

In 2016 the Office of the Children's Advocate, under the leadership of the Advocate Diahann Gordon Harrison, published a 'Be Social Be Smart Social Media Guide for children and parents' which is a must-read for all parents. I have sought to extract some of the relevant parts:

“[T]he Internet, through smartphone applications, has also ushered in a new age of risk exposure, especially for that of children. This kind of vulnerability can be further exacerbated if parents are not able to effectively engage with these kinds of ICTs [Information and communications technologies]. If parents lag behind in this regard it is more difficult for them to access what the potential dangers on the Internet may be for their child and ultimately guide them through this space.

“The Internet is a space which many child predators often utilise as a means of gaining access to potential child victims by exploiting their innocence. These predators will often spend their time seeking children who they see as vulnerable; children who may exhibit traits of low self-esteem and potentially children who they may access.”

The children's advocate went further and gave several pieces of advice that are worth sharing:

• Inform them that they should refrain from selecting provocative or easily identifiable nicknames.

• Ensure that you instruct your children to be careful about the kinds of files they accept, download, and/or share with others, especially if they were received from people they do not know.

• Children need to be reminded in your conversations with them about cyber space that speaking with strangers online can be dangerous.

• Never post or exchange personal photographs.

• Never reveal personal information, such as address, phone number, school name, or location. Use only a screen name. Never agree to meet anyone from a chat room or social media site in person.

• Never respond to a threatening e-mail, message, post, or text.

• Always tell a parent about any communication or conversation that was scary.

• If your child has a new “friend” insist on being “introduced” online to that friend.

The children's advocate, having done such an excellent job at sensitising parents and children on the dangers that exist online, in furtherance of the mandate to enforce and protect the rights and best interests of children, now ought to pay special attention to the schools that are processing children's personal data. Given this sudden and large-scale move to deliver educational instructions remotely, the threats faced by the personal data of our children and the potential damage or distress that may follow if there was a data breach has been multiplied and ought to be contemplated. Having determined what if any vulnerabilities exist in the existing processes and platform, the appropriate controls ought to be put in place to safeguard the confidentiality of the personal data of our children and, by extension, protect our children from online predators.

Police data reveal that in 2018, 1,512 children were reported missing, with girls (1,164) outnumbering boys (348) three to one. Jamaica remains a Tier 2 country in relation to human trafficking. At Tier 2, sexual offences and statutory rape continue to be an ongoing problem.

In light of the foregoing facts, and the acknowledgement that online activity is related to or increases the exposure of our children to predatory behaviour, entities such as the Ministry of Education, the Office of the Children's Advocate, the the Child Protection and Family Services Agency (CPFSA), and non-government organisations (NGOs) such as Hear the Children Cry are obliged to address their minds to the protection of children's personal data.

This now goes beyond ensuring children and their parents are social media literate. It means holding entities that process personal data of children accountable, and if not holding them accountable at least insisting that they implement appropriate technical and organisational methods to safeguard the personal data that they are processing. It is not necessary to wait for the creation of an information commissioner to police schools as the above entities in some way or the other already have a mandate to protect our children.

These are the sort of questions we need to start thinking about. What sort of security protocols are in place to protect the databases that host our children personal data in schools and in the ministry? What sort of controls are in place to protect the medical information about our children that our schools process? Are they protecting their digital assets and, by extension, our children's personal data in the same manner they protect the physical school? To what extent has the Ministry of Education put guidelines and policies in place for schools to follow in relation to minimum technical and organisational measures that should be followed by each school to protect the personal data of children.

We appreciate the heavy lift that was and is being done by the ministry and schools to facilitate remote learning in such a short period of time. Having implemented it, however, one of the kinks or elephants in the room that needs to be addressed is the protection of our children's personal data. While we try to adapt to this new online environment, let us be sure that we are building out sustainable resilient and secure platforms that can serve us today and in the future without putting our children at any additional risk.

Rest assured, this moment in time will pass, and as a people we will survive, as such we want to ensure that the infrastructure we build out today is not only appropriate to meet our present needs but also our future needs.

Chukwuemeka Cameron, LLM, is an attorney, trained data protection officer, and founder of Design Privacy, a consulting firm that helps you comply with privacy laws and and build trust with your customers. Send comments to the Observer or ccameron@designprivacy.io


Now you can read the Jamaica Observer ePaper anytime, anywhere. The Jamaica Observer ePaper is available to you at home or at work, and is the same edition as the printed copy available at http://bit.ly/epaperlive


ADVERTISEMENT




POST A COMMENT

HOUSE RULES

1. We welcome reader comments on the top stories of the day. Some comments may be republished on the website or in the newspaper � email addresses will not be published.

2. Please understand that comments are moderated and it is not always possible to publish all that have been submitted. We will, however, try to publish comments that are representative of all received.

3. We ask that comments are civil and free of libellous or hateful material. Also please stick to the topic under discussion.

4. Please do not write in block capitals since this makes your comment hard to read.

5. Please don't use the comments to advertise. However, our advertising department can be more than accommodating if emailed: advertising@jamaicaobserver.com.

6. If readers wish to report offensive comments, suggest a correction or share a story then please email: community@jamaicaobserver.com.

7. Lastly, read our Terms and Conditions and Privacy Policy



comments powered by Disqus
ADVERTISEMENT

Poll

ADVERTISEMENT
ADVERTISEMENT

Today's Cartoon

Click image to view full size editorial cartoon
ADVERTISEMENT