Protect Personal Data for Children

Think you have years before it’s time to worry about your children’s personal data being compromised online? Thanks to increased educational tracking and the tendency to require online accounts and registrations for all sorts of childhood activities, even kindergarteners accumulate personal data profiles online.

It’s much easier to keep records tight right from the start than it is to clean up identity theft or a social media nightmare for a teen. Here’s how to protect personal data to keep your children safe and secure.

Capping the school data spiral

Among the many forms you can expect to review and sign every school year is an acknowledgment of the Federal Educational Rights and Privacy Act, which protects the privacy of your student’s records. Among other things, FERPA addresses one common point at which a child’s personal data is often first released into the wild — the school directory.

Schools may release “directory” information without consent, including your student’s name, address, telephone number, honors, awards, and so on. The school must notify you about the directory information and give you a reasonable amount of time to request not to be included. You can opt-out of sharing your child’s information with third parties and other families.

The whole thing seems fairly safe until you consider that so-called directory information can include your child’s date and place of birth — the jackpot for identity thieves. That’s something worth thinking twice about.

Another thing worth monitoring is how your school collects and shares your child’s educational data. Schools are permitted to share certain information without parental consent, including individual education plans, attendance, disciplinary records, and even health information such as prescribed medications on file and body mass index data from physical education classes. Find out if data from programs at school is being shared with or sold to outside parties, which could potentially be used to disqualify your child from future educational, scholarship, and job opportunities.

Keep tabs on releasable information by asking what information your school collects, how it's stored, who it’s shared with, and how it may be used in the future. Under FERPA, you have the right to inspect those records and request corrections for anything you feel is inaccurate or misleading.

Steps to take right now

Protect personal data and privacy for your children at home, just as you would your own. The Federal Trade Commission recommends these tips for protecting your child’s personal information.

• Protect your child’s Social Security number. Don’t carry your child’s Social Security card with you, and don’t share it with any organization or business you don’t know and trust. If you’re asked to provide a Social Security number for something like a sports team, ask to use an alternative identifier or use only the last four digits.
  
• Check your teen’s credit report. Thanks to fraud and identity theft, it’s entirely conceivable that you could discover a credit report for your child already exists. A year or so before such milestones as applying for a job, college scholarships, or a car loan, check for a credit record on your child by contacting Equifax at 1-800-525-6285, Experian at 1-888-397-3742, or TransUnion at childidtheft@transunion.com.
  
• Turn off location services and electronic “listening” services. To prevent privacy and location breaches, turn off microphones and location services for smart toys such as Mattel’s Aristotle, smartphones and mobile devices, and devices such as Amazon Alexa and Apple Siri. When signing up for online accounts for smart toys, don’t provide unnecessary or invasive details about your children.
  

One thing to keep in mind regarding location services — they can also be used to find a missing child, regardless of the reason, and possibly an abducted child since the phone can be tracked. Parents should evaluate the intended use of “location services” and make their own decision of the best use of that feature.

Age 13: The great divide

At age 13, your child becomes legally able to share personal data with websites, including social media, without the consent of a parent or guardian. This puts the responsibility on parents to make sure kids are savvy enough to navigate the internet safely.

Teach kids what constitutes oversharing with help from the Federal Trade Commission’s document called “Net Cetera: Chatting with Kids About Being Online”. You’ll probably have to personally supervise the creation of strong passwords for smartphones, tablets, and laptops. Check to make sure passwords get updated regularly and remind kids not to share their passwords with their friends.

PenFed helps you stay abreast of best practices for online security and fraud for your entire family and your financial security. Visit the PenFed Card Security Center for actions to protect personal data for your children and yourself.