Online Safety

This draft is out of date, an update that addresses new research and new technologies is being worked on at Online Safety and Wellbeing (Algorithms and Data).

Introduction

The Internet is not always a safe place. Like life off the Internet, everyone is at risk of having crime being a part of their experience online. Usually referred to as cybercrime these activities, including fraud, terrorism, extortion, harassment and hacking are perpetrated by several types of criminals:

Safety issues for people with cognitive disabilities

Hackers

People with cognitive disabilities may not be able to easily use some of the common security measures used on the Web such as two-factor authentication and safe and unique passwords.

Extra security precautions to increase password strength often make this group more vulnerable to "human error". This can encourage risky behaviour such as keeping a list of passwords on a desk which can be used by anyone who has physical access to the room. Also, when users ask for assistance to complete these security procedures, they can put themselves at high risk of being abused by those they trust to help.

Con-artists

These cyber-criminals use deception to gain trust and this enables them to negatively influence the behavior of vulnerable individuals. People with cognitive impairment who experience difficulty understanding social cues will likely fail to accurately identify a risky or potentially harmful situation. Those who have difficulty understanding others can act contrary to their own hypothetical actions in a given situation (i.e., mind-blindness) are more trusting and may easily believe false information. Also, people with impaired reasoning, attention or memory may be similarly vulnerable to these situations as they are not especially cognitively equipped to validate presented information.

Sexual predators

People with cognitive disabilities may be more at risk of being a victim of a sexual crime. This is more likely if:

  • they tend to be unaware of someone using a fake identity or misleading information;
  • they are dependent on care givers and family who they are afraid of disappointing, which makes them susceptible to blackmail;
  • they tend to believe false information and find it harder to validate facts;
  • they are less likely to identify unreasonable requests.

Personalization problems

Personalization is important, especially as a way to avoid conflict when meeting varying user needs, among many other reasons. However, there is a significant risk that if poorly implemented, user information and vulnerabilities can be exposed. This puts the most vulnerable users of this population at the greatest risk.

Proposed Solutions

Safety should be priority when making content accessibile for people with cognitive disabilities extra care should be applied at the same time to keep them safe.

All user information must be kept safe, to the fullest extent possible. Any clues that the user has cognitive disabilities, such as a request for a simplified version, should be protected information.

Personalization systems should be designed so that any information implying vulnerabilities are on the user device and are secure. Use of functional requirements can also be a safer alternative to describing user needs in systems such as meta-data.

Hackers

Security should be strong and easily used by those with cognitive disabilities, such as a biometrics option. For a full discussion see the issue paper on security.

Sexual predators and con-artists

  • A site with a chat option should prevent any exchange of personal information.
  • Users should be regularly warned to avoid scams.
  • Getting help and or reporting something worrying should be extremely easy to do. Users should know they will never be penalized for reporting something.
  • Users should find it easy to report to the cyber crime fighters in their jurisdiction.
  • Provide easy to use videos and tips that provide explanations about cyber criminals, how to stay safe and how to report anything you find odd.
  • Server-side sulutions, such as analytics, can be employed to find cyber-criminals.
  • Advertisements and paid articles should be vetted for reliability. They should be clearly marked as external content in an easy to understand way.
  • Users should be made aware when they are leaving your site or going to a less trustworthy site, including when fullowing links from other users.
  • Sites offering sexual content or intended for chats of sexual nature should state that clearly.

Acknowledgments

Thanks to Crimes against Children Investigations Israel National Cyber Unit for the review.