COP: A step toward children online privacy

Abstract

We propose COP, a client-side system for protecting children's online privacy and empowering parental control over children's information disclosure with little manual effort. COP is compliant with the Children's Online Privacy Protection Act (COPPA) in the United States and it implements acquisition of parental consent before any private information submitted online by children, e.g., registration to aWeb service. Instead of restricting access to certainWeb services or blocking sensitive data from websites, COP employs perturbation techniques over personal data with the goal of concealing the sensitive information while providing certain usability of the data to the websites. We address several challenges in the implementation of COP, e.g., perturbation of different types of data, parsing user input and retaining transparency to children without obstructing their normal Web surfing activities.We apply COP in registrations to 23 most popular websites. The results indicate COP's effectiveness as a privacy protection tool. We also discuss some potential security attacks against COP's design and provide our countermeasures. © 2010 Springer-Verlag Berlin Heidelberg.