It’s Safer Internet Day 2018, which is a double-sided challenge.
Part of building a safer internet is how we use it.
If we forward inappropriate or risky links; if we display, or even tolerate, unacceptable behaviour ourselves; if we do things that put other people’s computers at risk because we don’t care about our own…
…all of this amounts to a sort of “race to the bottom” that ends up in an internet where creeps and crooks can thrive, and the rest of us are left to watch our backs all the time.
With this in mind, my colleague Mark Stockley has written an article entitled 3 things you can do for your social networks – I urge you to read it.
But the other side of building a safer internet is the very technology we build in the first place.
So, I’m looking at the other side of the coin: 3 things your social networks can do for you.
1. Turn on 2FA when you login
Mark’s article urges you to adopt two-factor authentication (2FA), also known as two-step verification.
When you login, you have to put in your usual password, which typically doesn’t change very often, plus an additional login code, which is different every time.
These one-time login codes are typically sent to you via SMS (text message) or voicemail, or calculated by a secure app that runs on your mobile phone.
It’s not a perfect solution, but it does make it much harder for a crook who has just bought stolen usernames and passwords on the Dark Web: your password alone isn’t enough to raid your account.
Most mainstream online services already have 2FA, but it’s typically not turned on by default, because a lot of us still don’t like it – logging in takes a little longer, it’s marginally more hassle, and there’s more to go wrong.
So we’re suggesting that social networks should up the ante and try using a stick and not a carrot:
We’re inviting all social networks to make 2FA an opt-out setting that will be just about as much hassle to turn off as it would be to start using it instead.
Anything to raise 2FA’s takeup higher than the 10% recently reported by Google.
2. Behave yourself while you’re logged in
Even those of us with modest lives and mild pastimes have experienced disquieting behaviour online.
We often hear cries along the lines of, “They should do something about it,” based on an expectation that social networking sites can and should police their users, monitor their behaviour and corral it to conform to various norms.
However, we think it’s unreasonable to expect online services themselves to become so self-regulated that they end up as suppressed, uninventive, stuck-in-the-mud, uncritical, self-serving, anodyne communities of, well, of participants who are robotically in tune with the algorithms that direct them.
Nevertheless, we’ve probably all heard stories of, or even experienced, battles to get content taken down even though everyone would agree it violated the terms set by the site involved.
Sometimes, the explanation given is that the sheer scale of today’s online services – hundreds of millions or billions of users – makes reliably rapid response impossible for any incident that requires a truly human touch.
But we’re saying that this is a cop-out: the big social networks chose to expand to the scale they did, so they could equally well choose to scale up their community support infrastructure, too.
We think that reacting to realistic complaints rapidly is something users ought to be able to rely upon:
We’re inviting all social networks not only to set out their community guidelines very clearly but also to enforce them quickly and effectively.
You don’t need page after page of rules and regulations, but you do need to be speedily consistent about the rules you do have, so your users can avoid unpleasant surprises.
3. Log off when you’re done
Mark is urging us all to log off when we aren’t using services like Facebook, Twitter and others, so that we can’t like things by mistake, don’t leave our accounts open for misuse, and don’t end up with all aspects of our digital life “open for business” all the time.
One problem here, though, is that even if you decide you want to log out and back in regularly, it’s not always easy to do, especially via mobile apps.
For example, we can’t find an “automatically log out when closing the program” option in Facebook’s iOS app – we have to remember to pop up the hamburger menu every time, and then scroll all the way to the end of the list and tap on [Log Out]
.
We understand the concept of frictionlessness – where interacting with a vendor or service is engineered to require a convenient minimum of clicks – but it should be equally convenient to introduce “account friction” whenever we want:
We’re inviting all social networks to make it really easy to set up your account to log off automatically when it’s not being used.
We’re also suggesting that all those “stay logged in” and “remember me” options should be opt-in (i.e. off by default), rather than turned back on automatically every time you log back in.
Next steps
Here, we’ve invited social networking sites to push the envelope a bit – your envelope, as it happens.
All of the things we’re suggesting here need to be mirrored by behaviours you agree to adopt yourself…
…so please head over to Mark Stockley’s 3 things you can do for your social networks to find out why they’re good for you!
Scott Johnson
So did you copy off each other? You raise the same three points.
Paul Ducklin
It’s not copying if you are co=operating :-) “We wanted the points to be the same: from when you log in, through while you’re online, to when you’re done.”
That’s why the articles refer to each other throughout – they were written quite purposefully as a pair.