Aired June 28, 2013

This webinar provides an overview of Online Privacy, highlighting current US Federal Laws, Wikia's Terms of Use and Privacy Policy, as well as tips on what to consider when review your own privacy online.

Slides & Transcript

Online Privacy Webinar Slide01

Welcome to the our June webinar, Overview of Online Privacy.

Online Privacy Webinar Slide02

I’m Sarah Morales, a Director of Community Support at Wikia and today joining me is Sean McGilvray, Community Support Manager who specializes in legal topics on Wikia.

Online Privacy Webinar Slide03

As the internet has grown, it has made it easier than ever to connect with other people from across the globe. But this ease of connection has made it harder for us to maintain the same level of privacy we do in the offline world. When you meet someone on the street, it’s easy to regulate your conversation with them to make sure you aren’t giving away more information than you’re comfortable with.

Online Privacy Webinar Slide04

It’s a different story online, where you constantly broadcast your IP address, location information, and other types of data before you even start typing. Add to that the ease with which social networks and other websites allow you to share information about yourself, like your real name, your email address, phone number or other vital statistics and soon you may be sharing more than you realize with people you don’t even know.

Online Privacy Webinar Slide05

Different countries have taken their own unique approach to regulating online privacy. Some have been more restrictive of the types of information that internet companies can require or record, while others have been lax.

As a U.S.-based company, Wikia is compliant with all United States federal laws. Sean will provide an overview of the current major privacy laws now passed and those being debated.

Online Privacy Webinar Slide06

Today we will cover the basics of online privacy, how it affects you as a Wikian and provide a couple of ideas you should consider as you use the internet. Sean will talk with you about Wikia’s Terms of Use, privacy policy, current US laws that may have an impact on your community and some thoughts on what to consider as you visit both Wikia and other sites online.

Online Privacy Webinar Slide07

Lets first define a couple of terms you will hear throughout this webinar.

  • Privacy - The Fourth Amendment protects against unreasonable search and seizure of private citizens and their "persons, houses, papers, and effects" but, surprisingly the Founding Fathers made no mention of e-mail in remote servers or geolocation metadata embedded in photo uploads. Modern definitions of privacy are in a state of flux as our culture adapts to new technologies.
  • Cookie - a small piece of data sent from a website and stored in a user's browser. Cookies are set on your browser when you visit a website and track information about your internet usage. This is used most often for advertising to display ads that are relevant to your searches. Ever wonder how ads change to reflect a topic or place you just searched? That happens because of the cookie set on your browser. It also helps to keep you logged into your account, as well as other backend browser functions.

Online Privacy Webinar Slide08

  • Terms of Use - Almost every internet site publishes their Terms of Use, which is a document spelling out the relationship between the site and it’s users. A TOU explains the obligations and types of behavior that are forbidden on the site or service, as well as a link to the specific Privacy Policy.
  • Privacy Policy - This is an explanation about the website’s approach to privacy. It usually describes the types of data the site collects, how they collect it, and the different ways they use that information.
  • IP Address - a standard internet code that identifies a computer network or a particular computer or other device on a network, consisting of four numbers separated by periods. This can belong to one person or be used by multiple users. On Wikia this is what is displayed when a logged out user contributes to a wiki.

Online Privacy Webinar Slide09

Hi everyone, I’m Sean. I handle many of the legal questions that our community support team deals with. I do have a legal background, and my specialty is in dealing with Trust and Safety issues like privacy, intellectual property, and the Terms of Use. Today we will be focusing on the ways that our Terms of Use and Privacy Policy impact you.

Online Privacy Webinar Slide10

Terms of Use is a legal document spelling out the relationship between Wikia and its users. They apply to both registered users (whether or not they are logged in) and unregistered anonymous users. When creating an account you must agree to our TOU or you won’t be able to finish the process. When people contribute content while logged out, their contributions still have comply with our terms of use. This is unique for a website, since most places don’t allow for logged out contributions. Our Terms of Use though is specifically written to include this use case.

We know that most people never read a site’s terms of use because it is often filled with confusing legal jargon, but my goal today is to help explain some of this, and make you more aware of what you are agreeing to. Please feel free to send in questions at any time, and I will answer at the end.

So Terms of use are generally broken up into sections. For Wikia the mains ones that touch on privacy issues include: Membership and User Conduct, Content, and Legal considerations.

Online Privacy Webinar Slide11

Our main focus today is User Conduct, which is the most important section for you as a Wikian to be aware of, since it describes what is and isn’t allowed on Wikia wikis.

As a contributor to Wikia you agree to a number of terms, which focus on making Wikia a safe environment, open to all and without content that violates laws or harasses others. Within this user conduct section are also a number of specific privacy rights. I will break some of these down now.

Online Privacy Webinar Slide12

Now lets look what our user conduct clause says. The first statements include what you can’t do on Wikia. It includes :

  • Post or transmit any content that … otherwise violates any law or right of any third party,” - This can includes all publicity and privacy rights. Under this, you’re not allowed to submit any content that violates another person’s privacy, whether they are a Wikia user or anyone else.
  • “Post or transmit any communication or solicitation designed or intended to obtain password, account, or private information from any Wikia user;” -This keeps people from using Wikia as a place to collect private information. Trying to solicit real names, addresses, account names, or any other private information is a kind of phishing, and we don’t allow it on Wikia.
  • “Solicit personal information from any user under the age of 18" - As a rule, you shouldn’t ask anyone for their personal info on Wikia, but we take special notice when it comes to our younger users. It is a violation of the Terms of Use to ask anyone to reveal things like their phone number, home address, real name, or other personally identifiable information.

Online Privacy Webinar Slide13

The next group of terms describe what you must do to use Wikia. These include:

  • Maintain the security of your password and identification
  • Maintain the confidentiality of any password(s) associated with your use of the Service;
  • Notify the company immediately in case of any unauthorized use of your account; These go together because they all have to do with making sure that you don’t share your account details with anyone else. Aside from issues of potential abuse, including framing you for spam and vandalism, this can create privacy dangers because once someone gains access to your account, they can use that information to find out more about you.
  • Make sure you don’t access, collect or store personal data about other users in connection with the prohibited conduct and activities described in this “User Conduct” section" - While there is a lot to learn about your fellow community members, you are not permitted to create a storehouse of information or use Wikia as a means of gathering or storing any private info. This includes things like wikis dedicated to tracking real people, or pages “doxing” or purposely compiling dossiers of private info. In general, we discourage any user from posting images or linking to Facebook profiles directly from Wikia.

Online Privacy Webinar Slide14

Those are the areas in Terms of Use that speak to Privacy but we also have a specific Privacy Policy. This policy is to specifically to inform you of the types of information we collect, how collect it, and what we do with this information. This policy focuses on the general information relating to your account as well as how we work with advertising partners.

When you register for an account, you are required to provide your email address and date of birth, in addition to your username and password. Part of the reason we require this info is to help maintain accurate records of your account and provide support when there are account issues. The date of birth is required to make sure that you are eligible for an account. There are specific privacy protections for people under 13 that we will be discussing in more detail later when we get to privacy legislation like COPPA.

Online Privacy Webinar Slide15

In relation to advertising, we set cookies on your browser so we can display information more relevant to your interests. This is done with with what is called a Non-Personally Identifiable Information Cookie. Personally Identifiable Information (PII) is information which can be used to distinguish or trace your identity, such as your name, social security number, biometric records, and more. Because we collect non-PII, his means that the cookie tracks what sites you visit, but not who you are. You can opt out of these types of cookies, but not seeing advertisements on WIkia altogether. To do so, follow the link found in our privacy policy. There is also a setting called Do Not Track. When a web browser requests content or sends data, it can include extra information optionally in one or more items called "headers". Do not track adds a header indicating that the user does not want to be tracked. This can be done via browser preferences or through any number of extensions. There have been a series of policy proposals from the FTC and several stalled bits of legislation that would require something similar to the national “do not call” list for telemarketers.

Online Privacy Webinar Slide16

The last area to be aware of in our Privacy policy is who we share the information we collect with. This includes the advertisers and vendors as we mentioned. We do require those we share with to follow the same procedures and take the same precautions we do. We also provide user information, if required to law enforcement agencies or if we need to investigate a breach of security.

Online Privacy Webinar Slide17

Our Terms of Use are a binding agreement. This means that a violation of it can result in your account being blocked for a period of time, or indefinitely, or even disabled altogether. With a registered account, all contributions across Wikia are tracked back to your username, which is what we use during reviews. If you are logged out, your contributions are tracked via your IP address. Mediawiki displays contributions from logged-out editor as their full IP, and in cases where an IP violates our TOU, then this IP may be blocked. IPs can be used to geolocate a user, so we do recommend creating an account if you are concerned about your IP being displayed. They can’t be used to track you down to your street address, but can give a general idea of your location. If you reveal other details, it is possible to combine the knowledge gained from your IP to locate you even further.

Online Privacy Webinar Slide18

Our terms of use and privacy policy publicly describe the service we offer and how we expect our users to conduct themselves. How did and why do we have them? To protect you our users, as well as to make sure we comply with US law. As Sarah mentioned, wikia is a US based company, and as such, we are required to follow certain privacy guidelines. These include specific laws that details how, what and who we can offer our service to, and come straight from the federal government.

I’m now going to overview a couple of these laws, some of which are about to be updated and that you may have heard of in the news. This section is not about my or wikia’s political views on these laws, but rather a simplified description of the legal jargon and how it may affect your wiki, your wikia account and your online interactions.

Online Privacy Webinar Slide19

Generally speaking, our legislators have done a fairly terrible job at keeping the law up to speed with the evolving need for privacy that comes with new technology. To be fair, keeping pace with the online world is an incredibly difficult task. Over the years, U.S. lawmakers have made several attempts to regulate this arena and there are several laws that touch on internet privacy.

Online Privacy Webinar Slide20

The Children's Online Privacy Protection Act (COPPA) is a United States federal law designed to limit the collection of personal information from people younger than 13 years of age. It was passed in 1998, and has been updated only once with a set of revisions that become effective July 1st, 2013. The Federal Trade Commission (FTC) oversees the application and enforcement of the law. It applies to any website or service based in the U.S.

Online Privacy Webinar Slide21

One popular misconception is that COPPA absolutely forbids anyone from using certain websites. While this can be a common outcome, the stated goal of the law is to make sure that websites obtain parental consent before they collect personal information from children. Unfortunately, in the online setting, obtaining and verifying parental consent puts a legitimate strain on internet companies who would have to staff entire departments dedicated making sure that the parental approval was genuine.

Instead, most companies like Wikia choose to limit their service to users who are over the minimum age. In order to comply with COPPA, Wikia requires that all users must be 13 years or older at the time they sign up for an account. Part of the Terms of Use is an affirmative statement that you are 13 or older. Lying about your age during the signup process is grounds for immediate account closure and a global block from our network. This is more than a simple Wikia policy, it is a means of making sure that we comply with federal law by removing personal information when we gain knowledge of an under-aged user.

Online Privacy Webinar Slide22

Recent changes to COPPA have required Wikia to make adjustments. On wikis that might be directed to children, we have to make sure that we do not collect personal information, including IP address and certain kinds of cookies. Because Mediawiki software uses IP addresses to track anonymous edit, we are disabling anonymous edits on those wikis. We realize that many anonymous editors make valuable contributions, but this was a step we had to take to make sure we maintained compliance with COPPA. So starting July 1st, anon editing will be disabled for wikis that are targeted to children.

Online Privacy Webinar Slide23

In February, the U.S. House of Representatives re-passed the Cyber Intelligence Sharing and Protection Act (CISPA). They had passed an earlier version of this controversial bill, but it stalled in the Senate. The current version is virtually identical to the previous version, and is as well stalled.

The purpose of the bill is "To provide for the sharing of certain cyber threat intelligence and cyber threat information between the intelligence community and cybersecurity entities,." It does so by removing legal liability for companies who share user information with the government and with each other, whether or not doing so might violate already existing privacy laws. CISPA calls for the creation of framework for user data and other information to be shared mutually between any government agencies and a private company, as well as between private companies.

There was a great deal of public outcry, and though it once again stalled in the Senate it’s continued existence shows how serious the government is taking cybersecurity issues. There will continue to be bills that attempt to deal with similar issues in the future.

Online Privacy Webinar Slide24

The Electronic Communications Privacy Act (ECPA) was passed in 1986, and has been amended numerous times as part of other security legislation, including the PATRIOT Act. Congress passed the Electronic Communications Privacy Act ("ECPA") to expand the scope of existing federal wiretap laws, such as the Wiretap Act, to include electronic communications like email, physical location markers, video, text, audio, and data, transaction logs and all other "metadata" associated with an online communication. Under ECPA, the government is able to acquire these communications when they subpeona internet companies like Google, Facebook, or Wikia.

Online Privacy Webinar Slide25

COPPA, ECPA, and CISPA are just a few of the many laws that touch on privacy, both online and off. We could do an entire webinar just running through the individual laws, and we would be here all day, but here is a brief sampling.

The Foreign Intelligence Surveillance Act (FISA) allows the U.S. government to intercept electronic communications between "foreign powers" and "agents of foreign powers" (which may include American citizens and permanent residents suspected of espionage or terrorism). This was the law under which the NSA surveillance programs operated.

The Communications Assistance for Law Enforcement Act of 1994 (CALEA) retains the U.S. government’s right to intercept communications over digital networks. CALEA requires phone companies to modify their networks to ensure government access to all wire and electronic communications as well as to call-identifying information.

There are also laws to protect your private medical records (HIPAA), your financial transactions (FCRA), and even your driving records (Driver's Privacy Protection Act of 1994).

Online Privacy Webinar Slide26

Our expectations and understanding of privacy today is vastly different than it what it was even a few years ago. The only real certainty when it comes to predicting the future of privacy is that will continue to become more complex as technology advances.

As our digital footprint grows larger and larger, our Congress will continue to try to pass laws that update the Founder’s conception of privacy for the internet age.

Mobile devices are taking more of a central role than ever. Your voice and image can now be recorded with the touch of a button and shared with the entire world in a matter of seconds. New devices like Google Glass make it difficult to know where the lines are between the online world and the offline one. If our lawmakers have been a tad slow to address the pace of technology, it’s hard to blame them.

Online Privacy Webinar Slide27

Because legislation can often lag behind the times, and often has a tendency to erode privacy more than it protects it (see CISPA), it’s important that you take an active role in safeguarding your own information.

We’re not trying to argue that you shouldn’t take advantage of new technologies or use your online presence to connect to people in the real world. However, you must be aware of how much information you are giving away. The key is to decide for yourself what your threshold for privacy is. On the one hand, there are people who go to great lengths to encrypt every communication and use services like TOR or private VPNs to hide their movements online. On the other end of the spectrum are people who blindly share every detail about their lives, from photos of their morning crepe to announcing their evening plans as a status update. Only you know where on that spectrum you feel comfortable and safe.

Online Privacy Webinar Slide28

While data mining and government surveillance have proven to be real concerns, the biggest risk to privacy is often what we willingly reveal ourselves. So this should really go without saying, but a good rule of thumb is to never, ever give someone online your social security number. Identity theft is no laughing matter, and obtaining that bit of data can make it easier for crooks to obtain access to many facets of your life.

Entering your date of birth can be a requirement to register for websites, due to COPPA considerations but you should take care not to share this information publicly without good reason. Your address is required for shipping and billing purposes, but I wouldn’t post it publicly. You never know what you might find in your mailbox, or who might end up paying you a visit.

Your real name is something that some website require, but other like Wikia allow you to use a screen name or pseudonym. For example, on Wikia I am semanticdrifter but I link that with my real name. There are genuine reasons why you might want to use a screenname instead of your birth name.

Watch what you say and where you say it. Information about yourself that you feel like sharing today might be embarrassing or inconvenient to have publicly available further down the road. And sharing something on the internet means you often lose a certain amount of control over when, how, and where it reappears.

Clear your cookies occasionally. You can also opt out of many either directly from the link in our privacy policy or through the use of a browser setting like Do Not Track. There are also several excellent extensions that can increase your privacy level by automatically locking down certain tracking cookies.

Online Privacy Webinar Slide29

Online Privacy Webinar Slide30

Online Privacy Webinar Slide31

Other Webinars

This image was uploaded by FANDOM Staff.

Appears on these pages