Feeds

AVG: We need laws to stop biz from tracking our kids

CTO of antivirus firm calls for new laws on children's privacy

The essential guide to IT transformation

The antivirus giant AVG will today call for legislative action to prevent data-grabbers from spying on children.

Yuval Ben-Itzhak, the antivirus firm's chief technical officer, will speak at the Child Internet Safety Summit to call for limits on data-gathering on children's devices.

AVG is well known for its antivirus software, but has recently ventured into the privacy-protection game with a product called PrivacyFix. This move could prove particularly lucrative in the wake of disclosures by ex-National Security Agency contractor Edward Snowden about widespread spying on citizens' internet and mobile comms by governments.

It is likely to become even more profitable if the predicted rise in the use of machine-to-machine tech via connected devices – currently branded as the "Internet of Things" – takes place.

"Businesses can not just simply track and share my children's data by default. You need my consent to do that," Ben-Itzhak said.

"It's time to tell vendors where the line lies. If there are not any law, they are just going to [keep gathering data on minors]. We need to tell lawmakers and influencers that there could be a problem."

AVG wants to see limits on what data can be gathered about children and an end to the policy vacuum around the internet of stuff. Currently, there are few limits on what data can be gathered from smart devices or apps aimed at children.

Parents should be given clear advice on what sort of data is collected and must give their permission before any information is gathered and sent back to a company, it urged.

The so-called internet of things is a potentially exciting development, but one which creates clear ethical dilemmas. It's easy to see why parents would want to give their kids a watch with tracking functionality, but if that device – along with the telly and the fridge at home – tracks some other metric and then flogs the data, especially geolocation data, to advertiser, then there is an obvious issue.

"Big companies don't care unless there is a law. Life today is different and children live in a different environment. Companies that collect data and infringe privacy are not necessarily the bad guys, but they often end up doing things which society considers wrong.

"Privacy is not a black-and-white issue like malware or security. It's grey in the middle, which is why there is legislation needed."

The Office of the Information Commissioner recently issued guidance on wearables and said any information collected should stick to the Data Protection Act if collected for business purposes.

Existing legislation doesn't specifically mention rules on underage subjects, although the ICO has issued guidance that marketeers need parental consent.

Last week, Andrew Paterson at the ICO wrote: "Organisations [that use] wearable technology to process personal information will almost always be covered the Act. This means that they must process the information collected by these devices in compliance with the legislation. This includes making sure that people are being informed about how their details are being collected and used, only collecting information that is relevant, adequate and not excessive and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required."

As for the EU legislation, neither the Data Protection Directive (1995/46/EC) nor the Directive on privacy and electronic communications (2002/58/EC) explicitly mention the privacy rights of minors.

Of course, AVG's motives are not entirely altruistic. It hopes to be able to profit from the rise in privacy concerns by selling software to help guard people's sensitive information and fight off malware on a number of devices, including wearable computers.

We (rather optimistically) asked if this would include the iWatch.

"Well, we will have to see the iWatch first," said Ben-Itzhak. ®

Next gen security for virtualised datacentres

More from The Register

next story
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Linux kernel devs made to finger their dongles before contributing code
Two-factor auth enabled for Kernel.org repositories
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.