Taylor Swift’s website an example of poor privacy practices for children

For the 12-and-under online ‘Swifties’ that log-in to TaylorSwift.com, there’s plenty of opportunity to dish out their personal information, but no apparent recourse to “shake it off” and delete that data, according to a new report issued by the Privacy Commissioner of Canada.

Children can input their username, email, full name, a photo, date of birth, city, gender, and even occupation into the website. A barrier thrown up by requiring users to be 13 or over can be easily fooled by inputting a different year (tip: one before 2003). The site also redirects users to third-party sites that could collect all matter of personal details. While the site’s privacy policy invites users to delete personal information via the “My Account” area of the site, privacy sweepers couldn’t find that function.

Privacy assessment of Swift’s website is just one of 1,494 websites and mobile apps completed by the commissioner’s office alongside 28 privacy enforcement agencies around the world. It’s the third such Global Privacy Enforcement Network sweep organized and conducted May 11-15. The agencies recruited a team of privacy sweepers, including nine children, to assess the privacy practices found on sites that frequently entertain a child audience. If you’re a parent (or a minor), the results are worrisome.

Many websites “are failing to provide adequate protective controls to effectively limit the collection of personal information from children and are redirecting children to other sites with different privacy protection policies and sometimes questionable content,” states the privacy commissioner’s office in a press release.

The commissioner’s sweepers focused on 172 websites, many that are based in Canada. It found that almost two-thirds of those sites contained links redirecting children to other sites, often via an ad or call-to-action to take part in a contest. Also, 62 per cent of websites mentioned that they may disclose information to a third party.

While sweepers felt comfortable with children using 77 per cent of websites intended for children, things were different when it came to websites popular with children. Sweepers were comfortable with just 46 per cent of those sites or apps.

Privacy Sweep - children's sites
Data collected in the Global Privacy Enforcement Network, May 11-15. The Privacy Commissioner of Canada’s office notes that while percentages varied, overall trends were similar.

The commissioner has some best practices that Taylor Swift, and other sites that are often visited by children, may want to adopt:

  • Don’t collect personal information from children. Offer protective controls like pre-set avatars and usernames. This avoids children inputting their real names or photos.
  • Don’t offer a chat tool that allows children to type in whatever they want. Offer a system that allows selection of words and phrases from a pre-approved list.
  • Include a parental dashboard to control privacy settings for children.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Brian Jackson
Brian Jacksonhttp://www.itbusiness.ca
Editorial director of IT World Canada. Covering technology as it applies to business users. Multiple COPA award winner and now judge. Paddles a canoe as much as possible.

Featured Story

How the CTO can Maintain Cloud Momentum Across the Enterprise

Embracing cloud is easy for some individuals. But embedding widespread cloud adoption at the enterprise level is...

Related Tech News

Get ITBusiness Delivered

Our experienced team of journalists brings you engaging content targeted to IT professionals and line-of-business executives delivered directly to your inbox.

Featured Tech Jobs