Over the past year, the issue of child privacy and protection online has become a big topic, and for good reason. Many large companies have either passively ignored their responsibilities, or have actively gone out of their ways to target children. Last April,
YouTube was accused of purposely collecting information from minors, with a significant amount of evidence. Only a week later, another report exposed a large number of violations in Google Play. In July, Facebook and Instagram began purging profiles of those who do not have parental permission for an account.
All of these problems come about because of a US law entitled Children's Online Privacy Protection Act (Coppa). Passed in 1998, and amended in 2012, the law regulates the way that information about children under 13 must be handled. Essentially, no company operating within the US can collect any identifying information about children. For some platforms, this is no problem. However, for platforms like Facebook, Instagram, or YouTube, it is the basis of their business model to collect info. By their very nature, if a child creates an account, authorized or not, their information will be tracked passively.
Some companies, however, go out of their way to try and attract children into their platforms. One of the biggest offenders of this is TikTok, the Chinese replacement for Musical.ly. The company, Beijing ByteDance, purchased the Musical.ly platform in December of 2017 and rebranded it under their existing TikTok brand. Musical.ly, however, was known for appealing to children, and the company, both before and after the buyout, knew that their userbase skewed very young. In fact, 7 of the most popular accounts were all under 13.
That is why the US FTC has fined the company $5.7 million, for violating various aspects of COPPA. For example, Musical.ly
required users to enter their real names, email addresses, phone numbers, and profile pictures before using the app. In addition, the platform made profiles public by default and still exposed photos and usernames publicly if made private, as well as allowing direct messages. The company even turned a blind eye after thousands of parental complaints about this, plus the fact that there was no infrastructure for parental consent. The FTC's decision was 5-0 in favor of the fine.
If you are a PlayStation Plus subscriber, you may have noticed a change to your free game selection this month. That's because, starting March 2019, Sony will no longer include PlayStation 3 or PlayStation Vita games in the selection. This is not a surprise, from the perspective that Sony announced a year ago that it was coming. It is a surprise, however, from the perspective that the company's competitors are moving the other way.
Over on the Xbox side of the world, the free games that are made available has recently begun including games from the original Xbox. For example, available right now is
Star Wars Republic Commando
, a game originally released in 2005. While the free title won't play on the original Xbox itself, it will run on all models of the Xbox 360 and Xbox One. The only reason it won't run on the original hardware is that the original Xbox Live was shut down in favor of bringing new features for the 360 and One.
On the Nintendo Switch side of things, the
recently launched Switch Online service has focused exclusively on classic titles. This service is only available on Switch, meaning that the games cannot be played on the NES, but that is obviously to be expected.
By eliminating the free games on Sony's older consoles, it creates a few new problems for the company. The most obvious is that anyone who is exclusively using the older hardware and has not upgraded to a PlayStation 4, have essentially no motivation to keep the service. This is because there are very few benefits, outside of the free games, on the older hardware. This is going to encourage the company, through financial means, to drop more support for this hardware in the near future. It also means that Sony is essentially bringing about the end-of-life for support of this hardware. Most of the PLuGHiTz Live team regularly uses older gaming hardware, and this abandonment is a disappointment for those who continue to support Sony.
Over the last couple of weeks, there have been a number of reminders that any device that plugs into a computer port can be a hazard. This is even truer when the device plugs into an actively powered port, like USB. A few weeks ago, a flaw was demonstrated that showed that a USB cable could easily be made to create an opening for remote hacking into a system. The flaw is called
BadUSB and was actually discovered years ago. Only recently, however, was the flaw applied to anything other than storage devices.
This week, a
similar flaw was discovered that affects Thunderbolt devices, rather than traditional USB. This discovery comes care of research conducted between the Department of Computer Science and Technology at the University of Cambridge, Rice University and SRI International. The more creatively named Thunderclap bypasses Input-Output Memory Management Units over Thunderbolt over USB-C, otherwise known as Thunderbolt 3. According to the report, An essential insight is that, while IOMMUs allow peripheral devices to be constrained, the DMA interface between device drivers and peripherals is a porous and complex attack surface that malicious actors can manipulate to influence software behavior and trigger vulnerabilities.
All of this underscores a recurring problem: insecure innocuous items. Over the years, we've seen a number of seemingly safe devices and software turn out to be just the opposite. The most obvious situation is mobile apps that pretend to be games and productivity software, but actually, steal your data and upload them to remote servers. Less obvious, but potentially more dangerous, are phone charging stations, like what you see at the airport. It is possible to place a Raspberry Pi inside of the charging station designed specifically to read data over the USB port on your phone.
The important thing to remember is, don't plug your device, either computer, phone, or tablet, into anything you do not trust entirely. Purchase USB cables and flash drives from known brands. Don't charge your phone on someone else's plug - always use your own environment or a Qi charger. Your privacy and security are not worth the slight savings you might receive.
For content creators, there is nothing worse than the strike system. Most users will receive one strike in their lifetime, often for things that are out of their control. That first strike will disable live streaming capabilities, and can even turn off monetization. The company has changed its policies on strikes, making the first rule violation a warning rather than a strike. This means that the majority of users will never receive an actual punishment anymore, making it far easier to build an audience. This applies to almost all rules but does not adjust YouTube's active content censorship.
Once YouTube began the process of censoring content, it was predicted that it would produce a slippery slope of continued censorship. While it started with
advertisers complaining about terror videos, it has definitely evolved. Just last month, the company announced that they would define truth, and censor content that does not coincide with their truth. That policy has expanded its definition this week, officially declaring that anti-vaccination videos defied their truth. Because of this, any video that discusses anti-vaccination or the dubious science behind it can no longer be monetized. This decision was made after advertisers raised concerns that their products were appearing alongside these videos. YouTube said via statement, We have strict policies that govern what videos we allow ads to appear on, and videos that promote anti-vaccination content are a violation of those policies. We enforce these policies vigorously, and if we find a video that violates them, we immediately take action and remove ads.
In addition to anti-vaccination videos, YouTube has taken action on another classification of videos: kids. Because of the way the YouTube algorithm works, once you start looking at certain videos, you create a profile that will continue to show that content. There is a large collection of videos of kids in compromising positions, usually girls in skirts who don't necessarily realize that they are flashing the camera. These videos have brought on inappropriate comments, timestamping, and sharing of "related content" by users. The process is
detail by MattsWhatItIs.
Fortunately, YouTube has taken action on this problem by turning off comments on these videos, closing channels, and banning users. The problem has been known for years, but it took advertiser boycotts by companies like Epic Games before the company took action. It raises a question of what exactly is the driving force behind YouTube's motivations. The company willingly acts on videos that talk about flat-Earth, but it took advertiser interaction to respond to this.