Feeds

AVG: We need laws to stop biz from tracking our kids

CTO of antivirus firm calls for new laws on children's privacy

Choosing a cloud hosting partner with confidence

The antivirus giant AVG will today call for legislative action to prevent data-grabbers from spying on children.

Yuval Ben-Itzhak, the antivirus firm's chief technical officer, will speak at the Child Internet Safety Summit to call for limits on data-gathering on children's devices.

AVG is well known for its antivirus software, but has recently ventured into the privacy-protection game with a product called PrivacyFix. This move could prove particularly lucrative in the wake of disclosures by ex-National Security Agency contractor Edward Snowden about widespread spying on citizens' internet and mobile comms by governments.

It is likely to become even more profitable if the predicted rise in the use of machine-to-machine tech via connected devices – currently branded as the "Internet of Things" – takes place.

"Businesses can not just simply track and share my children's data by default. You need my consent to do that," Ben-Itzhak said.

"It's time to tell vendors where the line lies. If there are not any law, they are just going to [keep gathering data on minors]. We need to tell lawmakers and influencers that there could be a problem."

AVG wants to see limits on what data can be gathered about children and an end to the policy vacuum around the internet of stuff. Currently, there are few limits on what data can be gathered from smart devices or apps aimed at children.

Parents should be given clear advice on what sort of data is collected and must give their permission before any information is gathered and sent back to a company, it urged.

The so-called internet of things is a potentially exciting development, but one which creates clear ethical dilemmas. It's easy to see why parents would want to give their kids a watch with tracking functionality, but if that device – along with the telly and the fridge at home – tracks some other metric and then flogs the data, especially geolocation data, to advertiser, then there is an obvious issue.

"Big companies don't care unless there is a law. Life today is different and children live in a different environment. Companies that collect data and infringe privacy are not necessarily the bad guys, but they often end up doing things which society considers wrong.

"Privacy is not a black-and-white issue like malware or security. It's grey in the middle, which is why there is legislation needed."

The Office of the Information Commissioner recently issued guidance on wearables and said any information collected should stick to the Data Protection Act if collected for business purposes.

Existing legislation doesn't specifically mention rules on underage subjects, although the ICO has issued guidance that marketeers need parental consent.

Last week, Andrew Paterson at the ICO wrote: "Organisations [that use] wearable technology to process personal information will almost always be covered the Act. This means that they must process the information collected by these devices in compliance with the legislation. This includes making sure that people are being informed about how their details are being collected and used, only collecting information that is relevant, adequate and not excessive and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required."

As for the EU legislation, neither the Data Protection Directive (1995/46/EC) nor the Directive on privacy and electronic communications (2002/58/EC) explicitly mention the privacy rights of minors.

Of course, AVG's motives are not entirely altruistic. It hopes to be able to profit from the rise in privacy concerns by selling software to help guard people's sensitive information and fight off malware on a number of devices, including wearable computers.

We (rather optimistically) asked if this would include the iWatch.

"Well, we will have to see the iWatch first," said Ben-Itzhak. ®

Secure remote control for conventional and virtual desktops

More from The Register

next story
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
Why did it take antivirus giants YEARS to drill into super-scary Regin? Symantec responds...
FYI this isn't just going to target Windows, Linux and OS X fans
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described
'A degree of technical competence rarely seen'
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
prev story

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Simplify SSL certificate management across the enterprise
Simple steps to take control of SSL across the enterprise, and recommendations for a management platform for full visibility and single-point of control for these Certificates.