Feeds

AVG: We need laws to stop biz from tracking our kids

CTO of antivirus firm calls for new laws on children's privacy

Next gen security for virtualised datacentres

The antivirus giant AVG will today call for legislative action to prevent data-grabbers from spying on children.

Yuval Ben-Itzhak, the antivirus firm's chief technical officer, will speak at the Child Internet Safety Summit to call for limits on data-gathering on children's devices.

AVG is well known for its antivirus software, but has recently ventured into the privacy-protection game with a product called PrivacyFix. This move could prove particularly lucrative in the wake of disclosures by ex-National Security Agency contractor Edward Snowden about widespread spying on citizens' internet and mobile comms by governments.

It is likely to become even more profitable if the predicted rise in the use of machine-to-machine tech via connected devices – currently branded as the "Internet of Things" – takes place.

"Businesses can not just simply track and share my children's data by default. You need my consent to do that," Ben-Itzhak said.

"It's time to tell vendors where the line lies. If there are not any law, they are just going to [keep gathering data on minors]. We need to tell lawmakers and influencers that there could be a problem."

AVG wants to see limits on what data can be gathered about children and an end to the policy vacuum around the internet of stuff. Currently, there are few limits on what data can be gathered from smart devices or apps aimed at children.

Parents should be given clear advice on what sort of data is collected and must give their permission before any information is gathered and sent back to a company, it urged.

The so-called internet of things is a potentially exciting development, but one which creates clear ethical dilemmas. It's easy to see why parents would want to give their kids a watch with tracking functionality, but if that device – along with the telly and the fridge at home – tracks some other metric and then flogs the data, especially geolocation data, to advertiser, then there is an obvious issue.

"Big companies don't care unless there is a law. Life today is different and children live in a different environment. Companies that collect data and infringe privacy are not necessarily the bad guys, but they often end up doing things which society considers wrong.

"Privacy is not a black-and-white issue like malware or security. It's grey in the middle, which is why there is legislation needed."

The Office of the Information Commissioner recently issued guidance on wearables and said any information collected should stick to the Data Protection Act if collected for business purposes.

Existing legislation doesn't specifically mention rules on underage subjects, although the ICO has issued guidance that marketeers need parental consent.

Last week, Andrew Paterson at the ICO wrote: "Organisations [that use] wearable technology to process personal information will almost always be covered the Act. This means that they must process the information collected by these devices in compliance with the legislation. This includes making sure that people are being informed about how their details are being collected and used, only collecting information that is relevant, adequate and not excessive and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required."

As for the EU legislation, neither the Data Protection Directive (1995/46/EC) nor the Directive on privacy and electronic communications (2002/58/EC) explicitly mention the privacy rights of minors.

Of course, AVG's motives are not entirely altruistic. It hopes to be able to profit from the rise in privacy concerns by selling software to help guard people's sensitive information and fight off malware on a number of devices, including wearable computers.

We (rather optimistically) asked if this would include the iWatch.

"Well, we will have to see the iWatch first," said Ben-Itzhak. ®

The essential guide to IT transformation

More from The Register

next story
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
Chinese hackers spied on investigators of Flight MH370 - report
Classified data on flight's disappearance pinched
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
prev story

Whitepapers

Top 10 endpoint backup mistakes
Avoid the ten endpoint backup mistakes to ensure that your critical corporate data is protected and end user productivity is improved.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Backing up distributed data
Eliminating the redundant use of bandwidth and storage capacity and application consolidation in the modern data center.
The essential guide to IT transformation
ServiceNow discusses three IT transformations that can help CIOs automate IT services to transform IT and the enterprise
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.