« Terror Threat Level reduced back to SEVERE - but the airport chaos continues | Main | Scrambling for Safety 8 - meeting some interesting and influential people »

Some privacy and security improvements to the NetIDme website

NetIDme, the newly launched service aimed at "eliminating anonymity" to "protect" children from being "groomed" online by child molesters, appear to have improved their website and service somewhat, since we last looked at their launch website, and made a few obvious criticisms:

See:

NetIDme privacy and security problems put children at risk

and

NetIDme privacy and security problems continued

Some improvements:

  • NetIDme do now have a Verisign SSL Digital Certificate (issued on the 7th August 2006)

  • They also now have a statement on their front page claiming that:

    DISCLOSURE : All NetIDme staff are enhanced disclosure checked with Disclosure Scotland

    Disclosure Scotland is the equivalent of the Criminal Records Bureau

  • NetIDme appear to also have amended their Data Protection Act Registration, to now include 3 extra Data Purposes, which do now appear to cover the services being offered for sale to the public:

    • Purpose 4 - Consultancy and Advisory Services
    • Purpose 5 - Administration of Membership Records
    • Purpose 6 - Information and Databank Administration

  • NetIDme do now have a Frequently Asked Questions page and some actual descriptions of how their service is meant to work, step by step.

    N.B. we find this FAQ Answer to be either incredible, or evidence of utter incompetence on the part of public authorities etc.:

    Q : Has it been tested? A : Yes. NetIDme has received very positive feedback from a wide range or organizations including police high-tech crime units, and major children’s charities, and has been successfully piloted in a number of schools in the UK over a two year period.

  • The sneakily embedded freeware IP Address tracking Java Aapplet is still embedded in the pages, but there is now some slight warning about IP tracking on the front page.

  • The Privacy Policy still contains unacceptabe statements like:

    We may also disclose personal information to third parties in the event that:

    we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets; or

    Why should a customer's personal data ever be disclosed by NetIDme to a prospective buyer or seller of businesses or assets ?

Was it really so difficult to have had all of these minimally necessary measures, online and properly tested. before NetIDme launched their service in a blaze of publicity ?

We still do not think that this "closed garden" approach will actually be effective in reducing "online grooming" or even "online bullying", but at least it does not now present so much of an obvious potential privacy and security danger, to any parents and children who do chose to subscribe to the service.

Posted by on August 16, 2006 2:37 AM |

Post a comment