• Introduction
• All recent publications
• Communications, Media & Technology publications
• Communications, Media & Technology services

Focus: Communications, Media & Technology – April 2008

Recommendations for online social networking

In brief: Over the past 18 months, social networking sites have become mainstream and concerns about the online safety of children have received increasing political and media coverage both within Australia and internationally. Three documents that have been recently released in the United Kingdom examine the use and misuse of social networking sites and make recommendations for strategies to minimise online risks and enhance child safety. Partner Ian McGill (view CV) and Lawyer Valeska Bloch review these documents and their implications for social networking sites within the Australian co-regulatory framework.

• Introduction
• The Guidelines
• The Ofcom Report
• The Byron Review
• Implications for Australia

Introduction

The following three documents have recently been launched in the UK:

• Good Practice Guidance for Providers of Social Networking and Other User Interactive Services (the Guidelines);
• Social Networking: A quantitative and qualitative research report into attitudes, behaviours and use (the Ofcom Report); and
• Safer Children in a Digital World: the Report of the Byron Review (the Byron Review).

Although each document has a different focus, they each seek to examine the risks to children in using social networking sites, and emphasise the need for adherence to best practices in protecting privacy and dealing with harmful content or activity.

The Guidelines

The Guidelines were launched on 3 April 2008 in the UK House of Lords. Although they were developed on behalf of the UK Task Force on Child Protection on the Internet, the Guidelines incorporate input from a variety of key players from both the UK and internationally, including Internet industry representatives such as MySpace, Bebo, Yahoo! and AOL, law enforcement agencies, children's charities and government. The Australian Communications and Media Authority (the ACMA) was also a contributor.

In addition to setting out the risks to children who use social networking sites, the Guidelines provide recommendations for good practice to service providers in order to help mitigate these risks. The recommendations are drafted to apply to all platforms, including fixed and mobile.

Service providers are advised to take account of the following:

Safety information

Make safety information (including links to relevant online resources) for users, parents and carers, prominent both from the homepage and throughout the site, particularly during the registration process. This information should include instructions on how users can maintain their privacy, prevent unwanted communication through the site, and cancel their account.

Editorial responsibility

Be sensitive to the ways in which various profiles and advertising may be featured, particularly where the relevant webpage may be accessed by children under 18. Service providers should also ensure that advertising complies with the relevant local guidelines or codes for advertising to minors. In Australia, this is the Australian Association of National Advertisers Code for Advertising to Children.

Registration

Provide clear information about how details collected during registration will be used, what information contained on a profile will be public and how this information can be hidden, restricted or edited. The terms and conditions should set out what behaviour is acceptable and emphasise that if the terms and conditions are breached, the service provider will take action, including cooperating with law enforcement and other authorities if necessary.

Identity authentication and age verification

Use methods such as placing a 'cookie' on users' computers or monitoring words used by users to identify children under 13 years old who may have lied about their age during registration. Service providers should also use tools to restrict access to age-inappropriate content and to verify that users accessing such content are 18 years or over.

User profile and controls

Clearly inform users about what information is public or private and the available options and implications of profile, privacy and search settings. Where possible, service providers should ensure that the default setting for full profiles for users under 18 years are set to private. Service providers should also advise users of the safety and other implications of posting or using certain information. Service providers should consider screening or reviewing profile photos, particularly for users under the age of 18 and removing inappropriate images or videos. Links and other mechanisms for reporting abuse should also be used.

Search

Ensure that the profiles of users under the age of 18 are not searchable (without active consent from the user) either on the service or by search engines. It should not be possible to search the public profiles of users under 18 by using sensitive personal data fields such as age, sex, location or school.

Content screening and moderation

Provide clear information on the ways in which users can reduce the risk of harassment or abuse, for example by removing or blocking individuals, and by removing bulletin board comments. Service providers should also consider providing an option for users to moderate comments before they are publicly posted.

Responsible use and managing online abuse

Provide clear and prominent messages to users about responsible online behaviour, including that bullying and harassment online may result in action by the service provider and, potentially, civil or criminal legal proceedings. Visitors to the site should be able to report abuse, whether or not they are registered users. Complainants should also be encouraged to provide details of the relevant activity to facilitate the effective handling of complaints.

Reporting

Have in place reporting mechanisms for users to report suspected abuse and provide links and information relating to these mechanisms in prominent and relevant parts of the service. Service providers should consider establishing a general page that provides information and links to appropriate agencies, including prompts to call emergency services on 000 (if in Australia) where this is relevant.

Relationships with law enforcement

Make arrangements consistent with applicable laws to share reports of activity relating to child protection. This may include guidelines or protocols for disclosure to law enforcement that are compliant with data protection and privacy legislation, and feedback mechanisms between law enforcement and service providers. Service providers should continue to develop and implement measures to detect inappropriate activity relating to children online.

In accordance with the UK self-regulatory approach to the Internet industry, the recommendations in the Guidelines are voluntary.

The Ofcom Report

The Ofcom Report, which was released on 2 April 2008, was compiled by the UK regulator Ofcom and it uses a sample of 39 users and 13 non-users of social networking sites in the UK to profile the use of such sites and provide evidence-based insights into online social networking. It also identifies some of the related issues that arise out of the use of social networking sites.

The Byron Review

The Byron Review was released in March 2008 and was an independent review commissioned by the UK government and carried out by clinical psychologist Dr Tanya Byron. It examined the risks to children from exposure to potentially harmful or inappropriate material on the Internet and in video games. The Byron Review identified the risks as coming from 'content, contact and conduct' and concludes that the ultimate objectives for society should be to 'reduce availability, restrict access and increase resilience to harmful and inappropriate material online'.

Although the scope of the Byron Review extended beyond social networking sites, the following recommendations made by the review are nonetheless relevant to online social network service providers. Many of these recommendations relate to ways that service providers can be self-regulated. The review also proposed the establishment of a UK Council for Child Internet Safety with responsibility for leading a child Internet safety strategy across government.

Code of Practice

An independently monitored voluntary code of practice on the moderation of user-generated content should be developed. The implementation of the code should be independently monitored and its effectiveness independently reviewed. The results should be available to the public.

The code could, for example, require signatories to commit to specific take-down times for harmful or inappropriate content and to set the privacy settings of users under the age of 18 to the highest level as a default.

Minimise liability for service providers taking appropriate steps

Arrangements should be developed to minimise the risk of liability for service providers that take steps to make their products safer for children in order to allay concerns that publicising these steps can in fact increase their liability.

Age verification

Good practice in relation to age verification, such as placing a 'cookie' onto a user's computer should be adhered to.

Implications for Australia

Unlike the UK Internet industry, which is self-regulated, Australia employs a co-regulatory model that provides for regulation through a combination of legislation, industry codes, guidelines and standards. However, in Australia, the legislative regime does not make specific provision for social networking sites, either by imposing direct obligations or by providing carve-outs for user-generated content. Nonetheless, the highly regulated nature of the Internet industry means that the scope of the relevant Australian legislation is sufficiently broad to bring certain social networking sites within the regulatory regime.

For example, provided that they have an 'Australian connection' (go to AAR Focus: Communications, Media & Technology - February 2008 for more detailed discussion of this), social networking sites will be subject to the content regulatory regime set out by the new Schedule 7 to the Broadcasting Services Act 1992. Certain reporting obligations are also imposed on Internet content hosts in respect of child pornography or child abuse material that the content hosts become aware that they are hosting under the Criminal Code Act.

In many respects Australia is therefore already ahead of the UK in relation to regulation of Internet content that could affect social networking sites. We think, therefore, that the Australian approach may indicate future regulatory intervention. It is to be hoped that any such intervention is essentially industry-led and, at its highest, co-regulatory. As a contributor to the UK Guidelines, the ACMA supports many of the recommendations made and has suggested that they may be incorporated into the Australian co-regulatory regime. With new Internet industry codes due to be released in Australia within the next few months, it remains to be seen whether they will take a step further in directly regulating social networking sites. To date, the drafts of the Internet Industry Association Content Service Code have not made specific provision for social networking sites or user-generated content.

For further information, please contact:

• Ian McGillPartner, Sydney
  Ph: +61 2 9230 4893
  Ian.McGill@aar.com.au
• Michael PattisonPartner, Melbourne
  Ph: +61 3 9613 8839
  Michael.Pattison@aar.com.au
• Niranjan ArasaratnamPartner, Melbourne
  Ph: +61 3 9613 8324
  Niranjan.Arasaratnam@aar.com.au
• Peter JamesPartner, Brisbane
  Ph: +61 7 3334 3360
  Peter.James@aar.com.au
• Darren MurphyPartner, Perth
  Ph: +61 8 9488 3768
  Darren.Murphy@aar.com.au

Bookmark with What are these?