Dangling domains present massive ongoing safety harm to people, businesses, governments, and institutions. We observed the unique harms of dangling domains during our K12 edtech research last year, and decided to act to raise the issue and encourage others to do the same.
The Research Project Part of our work at Internet Safety Labs is to assess the practicalities of safer technology for the mutual...
Dangling domains dangerously threaten more and more people each day, including students and parents at K-12 schools.
Any visit to a website, app download, purchase of a digital service, or use of new software involves legal policies. People typically encounter both a privacy policy and Terms of Use or Terms of Service (TOS/TOU) policy. But do they understand what functions these two types of policies serve? It seems they don’t.
As we’ve been performing independent product audits over the past year and a half, we received some push-back on our passing criteria related to the automatic translation of IP address to geographic location. Vendors felt that automatically calculating the user’s geographical location was, in fact, a benefit. However, in our specification, that behavior will receive a failing score. At an impasse, we decided to conduct some validation testing with Me-s.
Over the past month, the Me2B Alliance product testing team has been investigating something we refer to as “dangling domains” and the risks they pose to people, especially children and families.
A “dangling domain” refers to any URL/domain previously owned by a legitimate organization or business, but which has been either abandoned due to the business shutting down, or due to a mistake where the organization or business forgets to renew their own domain.
The reality of online data flows is nothing like what we expect. Our personal data flows do not start light and increase with time and trust. Instead, a firehose of personal information is released – and shared with a host of unseen third parties – as soon as we open an app or website. Me2BA’s Respectful Tech Specification V.1 is largely focused on testing for these invisible parallel dataverse data flows.
The Me2B Respectful Tech Specification measures technology behavior against 10 attributes that respectful Me2B Commitments should possess. These attributes represent how technology should treat us and our data at every step along the Me2B Relationship Lifecycle.
Over the course of the digital Me2B Lifecycle, individual “Me-s” (Data Subjects) will have the choice of deepening the relationship through a series of Me2B Commitments with the online vendor, “B” (Data Controller). This guide provides examples of common Commitments and Deals, and shows how they map to the stages of a Me2B Lifecycle. It also reflects social norms for being anonymous, recognized, or known at each stage.
The key to creating a safety standard to measure the behavior of technology is the ability to take several contexts into consideration, including the current status of the Me2B relationship. The Me2B Lifecycle model provides a framework and vocabulary to articulate and account for the dynamic “relationship context” over time when evaluating the behavior of technology.
Me2B Relationships in the digital world have even more layers than those in the physical world. In addition, our relationship with connected technology includes a set of “hidden affiliates” (third party integrations) that most of us are not aware of. This guide describes how these relationships – conscious or not – emerge as we interact with digital technologies.
The Me2B Deals or transactions that occur online typically involve three types of “currency”: money, attention or data. The individual consumer (Me) exchanges one of these currencies for goods or services online. Data monetization has emerged as the primary method of income generation to subsidize so-called “free” digital services, with little to no regulation or oversight. What sets online data monetization apart from the other two currencies is that often, customers have no idea what they are paying with – or that they are paying at all.
There currently isn’t an adequate vocabulary to describe people’s experiences in the digital world, which impedes understanding and conversations around what’s actually happening, and what harms are lurking. The Me2B Alliance has developed a set of terms to help bridge this gap. Central to the vocabulary is the concept of Me2B Relationships, which are the relationships people (Me’s) have with purveyors of products or services (B’s), and the concept of Me2B Deals, which are exchanges of value between a person (Me’s) and a business (“B”).