
Data about parents and children breached in VTech hack - uptown
http://www.troyhunt.com/2015/11/when-children-are-breached-inside.html
======
krallja
I wonder if parents can build a strong enough lobby to require (de facto or de
jure) some sort of certification to apply to web applications for children?

~~~
JoshTriplett
I certainly hope not:
[https://en.wikipedia.org/wiki/Think_of_the_children](https://en.wikipedia.org/wiki/Think_of_the_children)

~~~
tzs
Can you elaborate? The article discusses something that _actually_ is
dangerous to children, so suggesting considering protecting children from it
is not necessarily a "think of the children" appeal to emotion fallacy.

~~~
JoshTriplett
"Terrorism" is actually dangerous to adults, but despite that, most laws
passed to to "prevent terrorism" represent appeals to emotional fallacy. (Not
least of which because of its rarity compared to many other day-to-day risks.)

In this case, first of all, the parents had the choice to not share their
kids' private information with a third-party service to begin with, as
alistairSH pointed out in another comment. Evaluate risk and reward before
sharing any information.

Second, no amount of "certification" will prevent data breaches from
happening. Software, like most things, cannot be made 100% safe; the thought
that it can would have a chilling effect on all software development. There's
a reason the majority of software licenses include prominent disclaimers of
warranty, either disclaiming it entirely or limiting it to no more than the
price of the software; only the largest software development companies could
afford to risk operating otherwise.

Attempts to do that kind of thing led to regulations like COPPA, which in
practice almost completely prevents children under 13 from using many online
services without lying about their age. See the various instances of kids
having their gmail or similar Google accounts deleted, as one of numerous
examples.

Third, people operating under a "think of the children" mentality do not
typically allow any kind of tradeoff or middle ground. If any possible measure
can be taken, it _must_ be, no matter the cost, risk/reward, or efficacy, you
heartless children-hating monster. Naturally, such people are perfectly
capable of designing sensible software requirements.

~~~
jonesb6
It is quite ironic how in the age of helicopter parents most online activity
by minors is entirely unsupervised. I'm not advocating some kind of draconic
parental filter, just finding the whole thing ironic.. probably because it
wasn't my data lost.

