CEOP Magic Button or Bitter Pill?
Having just mentioned the Home Office Cyber Crime Strategy, it's interesting to note the resurfacing of the "dispute" this week between Facebook and the UK's Child Exploitation and Online Protection Centre (CEOP).
Following further discussions in which CEOP flew to Washington DC to meet Facebook representatives, Facebook has continued to reject putting the CEOP Report "button" on user profile pages. It just seems strange that CEOP seem to be making this such a deal-breaking issue. CEOP's work is very important and should be supported; the media however seem to have identified that the "button" will solve all the internet's ills, and CEOP don't seem to be disagreeing with this idea.
After all, Bebo has been displaying the button for some time, but there doesn't seem to be any reference to CEOP at all on Bebo's safety pages, nor on the home page, sign-up pages or privacy statement. And you have to strain your eyes to spot it on other pages:
If the button's design and text have any meaning, rendering them so small they are illegible is pointless, and undermines the effort. Even CEOP's own page on Bebo has the same tiny button and no larger version.
Children and other people need consistency to identify its purpose. The CEOP buttons on various sites link to different sub-domains (ceop.police.uk, www.ceop.police.uk and www.ceop.gov.uk). Good practice would be only to use a single consistent domain and to enforce SSL to confirm the identity of the CEOP site and to ensure the information received hasn't been modified in transit.
The button's design seems to have changed since first introduced at the end of 2009. Is it "Report Abuse", "Click CEOP", "CEOP Report" or something else? This is the button on Childline:
and on Bully Aware:
Even Childline doesn't have the button on many pages. Facebook does seem to be trying, and it is perhaps its market leading position that has attracted all this intense interest from CEOP. I'm all for educating people, especially children and new users, about internet privacy, security and personal safety (and the CEOP advice is great), but is putting a highly-branded button on every page the right answer? I can foresee news stories "I thought it was safe because there was a CEOP Report logo on the page". Organisations should be judged on what they achieve, not whether they support every initiative by others in every country they operate. If Facebook get it wrong, they deserve to get into trouble. Apparent brand pushing doesn't help.
Let's get good advice into privacy notices, help pages and terms of use. And make sure it's easy for users to report possible problems and threats (personal or otherwise). And let's avoid the sort of legal mumbo-jumbo CEOP include in their sign-up form (yes, the form and submission really weren't over SSL, unbelievable) for organisations that want to use the CEOP Report logos, as opposed to those who might add them from copies elsewhere or to tempt people to web sites hosting malware or dubious goods and services. "Help I've been bullied" might otherwise quickly turn into "help my computer's been taken over and I've lost all my pocket money".
Posted on: 13 April 2010 at 19:53 hrs
Comments are filtered automatically and should appear shortly after they been checked.
I just saw this article now, but I agree. When I put the Report Abuse button on Bully Aware, I had permission from CEOP to use it, but the button image changed not long after. I also just now realized that the old link the button on Bully Aware was linking to now just goes directly to the CEOP homepage.
I'll get that changed as soon as I have a chance.
Good article - it was interesting, and if I hadn't read it I wouldn't have known that I needed to change the link.
I'm pleased you found the article of use.
I think anyone who sets up a scheme like this has an obligation to maintain it and ensure that all the participants are kept up to date. Otherwise it undermines the scheme itself. Changing the icon, and where it links to, just makes it more difficult.