Guest Writer: Greg Desmarais

11184467 - young people queuing to withdraw cash in an atm

Impersonation is Not Flattery

Charles Caleb Colton was the first to suggest that imitation is the sincerest form of flattery. In the late 18th century, though, the English cleric and writer obviously couldn’t imagine posers, catfishing, identity theft, or even the Internet. Today, online impersonation is increasingly common and state legislatures are scrambling to keep up.

Consider a few recent, notable cases:

  • Lori Drew is a mother who posed as a teenage boy online to flirt with, then dump a neighbor girl. Sadly, the girl committed suicide, as a result.
  • College football star Manti Te’o was tricked by the “death” of his online girlfriend who really did not exist.

Nine states have online impersonation laws on the books. In one of those states, New York, the crime is designated a class 3 felony. Imitation, it appears, can also be a sincere form of felony.

Kids and teens are extremely vulnerable to all forms of identity theft. What leaves them so exposed is their carelessness about protecting personal information, such as their password, e-mail address, date of birth, etc., which can easily lead a thief right to the child’s Social Security number. While the larceny nets the thief an unblemished credit score to exploit for the purpose of running up a mountain of debt, the targeted kids often won’t even know they’ve become victims for years to come. The bad news comes when applying for a student loan or other line of credit.

That’s why COPPA is so important. The Children’s Online Privacy Protection Act, enforced by the Federal Trade Commission (FTC), puts parents in control of where and how their children younger than age 13 provide personal identifiable information (PII) online. COPPA requires website operators and mobile services – game and app providers – to contact parents directly (direct notice), detail for parent exactly how the child’s PII is collected and used (via operator’s privacy policy) and wait for the parent to grant permission (verifiable parental consent) before the child may proceed. It’s not uncommon for pre-teens, determined to download a game, to impersonate their own parent to virtually game the system in an attempt to complete the transaction with the required “parental” consent. Finding and identifying a parent, then binding the parent to his or her child is essential to ensure COPPA protections for children through their parents’ active engagement. Recent fines brought against mobile app services demonstrate the FTC’s commitment to enforcing COPPA.

School or district risk managers also must now be aware of students’ use of technology beyond the borders of their own campus. In the classroom, teachers may want to direct students younger than age 13 to download an education-based app or to create an account on a website – especially a site developed for young children. The school acts as an intermediary between online operators and parents; therefore, no violation of COPPA. However, suppose a school-required app (used for education) is also fun for the student to use outside of the classroom (for entertainment). In this case, verifiable parental consent (VPC) is required. It’s risky business for districts/schools when the student accesses the same website/app at home or creates an account through a mobile device off school grounds – the school/district could be liable unless COPPA procedures are followed.

What’s needed is for schools, website operators and online service providers to take advantage of new educational analytics technology that can simplify and expedite the COPPA parental consent process. The key is to leverage an AUP Cloud Services/ParentPermit platform that uses school registration data and public records data to authenticate the identities of parents and their children and bind each child to his or her parent. Further, the resulting “binding score” indicates, in a number, the absolute strength of each parent/child relationship – similar to the role of a “credit score” in the financial world – to assure COPPA compliance and expose imposters.

In education, we seek to arm our children with the best information available to solve problems and make good decisions. This new technology provides schools and online service providers just that: the best information available to authenticate a child’s identity and, in doing so, solve a critical problem – preventing the child’s identity from being stolen. Right now, we have a choice: we can either try something new or continue to be “schooled” by fraudsters.

For more information about ISAFE, visit

Previous articleKeeping Stories Straight
Next articleLucrative Fraud
As Chief Information Officer for i-SAFE Inc., Greg oversees the product development and systems infrastructure ensuring that i-SAFE’s offerings comply with or exceed information protection requirements. He works directly with internal engineering and partners to drive product, and collaborates with the executive staff to set strategic direction.