Two years of negotiation between MySpace and the US's state attorneys general culminated in an announcement today that they'd reached an agreement on "Key Principles of Social Networking Sites Safety." Not all that I heard as I listened in on the press conference is new (MySpace has implemented dozens of safety measures and programs in the past year, including a 24-hour hotline for law enforcement). But a couple of new social-Web safety developments were announced, and the agreement is a victory for collective thinking and action appropriate to this interactive medium and against litigation, which the attorneys general had been threatening. Here are the new developments I heard, some useful:
* Agreed-upon principles for social-networking safety that may actually lead to consensus on industry best practices (e.g., high responsiveness to abuse reports, deletion of underage profiles and blogs, cooperation with law enforcement, etc.). We hope other social sites will participate, as the attorneys general said they're encouraging the sites to do.
* Rapid response & other measures. MySpace's announcement that it would implement a new customer-service protocol for better responsiveness to abuse reports, as well as new technology to enforce the site's minimum age (14), default privacy settings for 16- and 17-year-olds (already in place for 14- and 15-year-olds), and new technology to detect and delete links to porn sites from MySpace users' profiles.
* A proposed email registry that would allow parents to send MySpace and other participating sites their children's email addresses, which would be blocked when the kids try to set up accounts with them. This has limited value, if I heard it right, since it's so easy for kids to get new, free email addresses at so many sites (e.g., Yahoo Mail, Hotmail) which they can use without telling their parents.
* A technical task force to explore age and identity verification. Among the participants will be Internet companies, law enforcement, and online-safety organizations, I heard. This is good – it puts the onus for exploring this concept on a broad spectrum of stakeholders, not just one social site. Judging from what I heard of the hour-long press conference, though, there is still little demonstrated understanding among the attorneys general of the privacy risks involved in verifying minor's ages and identities. They're right that the technology isn't rocket science. The problem is what the technology needs in order to work: a nationwide database of children's ID info against which verification technology can scan. Federal law protects US children's privacy, to the extent that even your child's school has to obtain your permission to print his address and phone number in a directory just for your school community. It's a good law. Identity thieves love getting their hands on minors' ID info. That's why there was such an uproar when a security breach in the UK jeopardized the personal information of half the population and "virtually every child in Britain" (see this item). A possible alternative is verification of all adults on the social Web, but there are privacy issues there, too.
* Social Web-wide. The attorneys general present at today's announcement – Connecticut, North Carolina, New Jersey, Ohio, and Pennsylvania – are asking other social-networking sites besides MySpace to join the task force and make certain safety measures standard. This reflects a growing awareness that these issues are at least Web-wide, if not worldwide (understandable, though, since these are state attorneys general, not federal law enforcement). There are so many spots on the social Web based in other countries if kids really want to go into stealth mode and beyond the reach of any industry best practices the US might establish.
Texas's was the only state attorney general not to sign the agreement. In a letter to MySpace founder Chris DeWolfe, General Greg Abbott wrote that signing would be "misperceived as an endorsement of the inadequate safety measures contained therein," CNET reports. Nothing short of a "reliable age verification system" would protect children, he wrote. He may be right about the problem, but not about the solution. It'll be interesting to see if the new technical task force can come up with a killer-app that can satisfy attorneys general, privacy advocates, and parents all at once!
Here's an interview about today's announcement with MySpace/Fox Interactive chief security officer Hemanshu Nigam, conducted by mp3 file
“>CBS News technology analyst and ConnectSafely.org co-director Larry Magid.
Within a couple of hours of the press conference, there were more than 500 news reports on this in Google News. Here's a sampler: The Associated Press, the Financial Times, and the Los Angeles Times. See also a comprehensive analysis by Adam Thierer, senior fellow at the Progress & Freedom Foundation in Washington.