Digitisation, connectivity and social innovation
Child protection
[G4-PR6] Group companies have undertaken numerous initiatives to protect children from content that may harm their psychological and physical development (for example, content that is violent, racist, offensive to religious sentiment, etc.). Among these, precise guidelines have been adopted for classifying and checking distributed content. These cover both the content offered directly by Group companies and content owned by third parties offering their own services on space purchased within Group’s portals. These guidelines are regularly updated in keeping with regulatory and technological evolution.
For this purpose, the Group, in accordance with current regulations and self-regulatory codes signed, implemented procedures to prevent children from accessing adult content on all the Group’s service platforms (tablet/smart phone app, web, IPTV, TIMvision by decoder, smart TV, Xbox, WAP services).
Specifically:
- TIMvision: is TIM’s TV on demand, with 8,000 titles available in a single monthly subscription which includes TV series, cartoons, films and documentaries to watch on TV with a TIMvision decoder or smart TV, web, smartphone and tablet. The adult-only content (highest classification CS 3.1), access only available with a decoder, is pay-per-view content and can only be viewed after entering the parental control PIN and purchase PIN. The parental control functions are governed by legal provisions and mentioned in the statement sent to customers after they sign up to the service;
- WAP services: content is always moderated in advance by TIM, in order to verify compliance with the classification guidelines, and delivered by a centralised platform. The PIN for accessing adult content is supplied by text message, at the customer’s request, after the person to whom the number is allocated is confirmed as being an adult;.
For fixed consumer broadband customers the Total Security software is available: a complete suite of security services based on ZoneAlarm® technology that protects you when surfing the Internet from viruses, hackers and spyware that may attempt to install themselves on your computer. Furthermore, parental control ensures that children can surf the Internet safely, only on sites suited to them, with antispam to protected them unsolicited emails. Total Security includes the following services:
- antivirus and antispyware, to detect and remove viruses and spyware;
- parental control, to protect young people against unsuitable content;
- firewall for networks and programmes to block any attacks by hackers and harmful programs;
- advanced download protection to analyse downloaded files before they can infect the PC and send a report if they come from a dangerous source;
- anti-phishing and site status, in order to block unsafe websites which deceive people into revealing their personal data;
- protection against unsolicited emails (SPAM), to block unsolicited emails automatically on their email clients. The email protocols are: POP (Post Office Protoc) 3/IMAP (Interactive Mail Access Protocol) incoming only, SMTP (Simple Mail Transfer Protocol) outgoing only;
- wireless PC protection to defend your PC against risks associated with connecting to unprotected networks;
- protection from keyloggers;
- advanced computer attack prevention.
The TIM-Protect solution is the exclusive TIM option for total protection against WEB threats:
- parental control: protects young people while surfing the Net, filters WEB searches, gives warnings in the case of behaviour that is judged to be dangerous, allows you to block access to sites or apps or limit their use (maximum usage time setting);
- theft protection: protects the device from loss and/or theft, ensuring remote control by sending a simple instruction (block device, find device, delete data, SIM change notification);
- protection and privacy: protects all access to e-commerce, home banking and social media websites. Ensures privacy by filtering unwanted calls and messages.
- antivirus: manages the device securely without affecting its operation, protecting it during use against viruses, malware and other threats.
The Company is particularly focussing attention on parental control, with the launch of offers dedicated to the younger generation (under 12s) with the TIM Protect service included, at no additional cost. The Company is also implementing comarketing initiatives with certain operating partners in the “kids” segment, which is particularly sensitive to matters of child protection.
New Android apps have been released to improve the User Experience of customers using the TIM Protect service. In December 2016 an IOS version of the app was released - in a test environment - in order to extend the features of TIM Protect to Apple devices too.
For the purpose of combating online child pornography and computer crime, from an organisational point of view and internally, TIM has identified, within its company Security department (Security Operation Center department) the role of “Key contact for the Postal Police.” This person manages relations, and the flow of information, with the Postal Police (CNCPO - National Centre for the Fight against Online Child Pornography, CNAIPIC – National Centre against Digital Crime for the Protection of Critical Infrastructure etc.) and the competent authorities, and has the task of coordinating, within the Group, the process of abuse management, in accordance with the relevant legislative framework. Furthermore, the Group has adopted the organisational model in accordance with Legislative Decree 231/2001, which defines the tools required to oversee and anticipate offences, particularly the dissemination of child pornography, as well as to ensure the organisational/disciplinary management of computer crimes.
For the purpose of combating online child pornography and computer crime, from an organisational point of view and internally, TIM has identified, within its company Security department (Security Operation Center department) the role of “Key contact for the Postal Police.” This person manages relations, and the flow of information, with the Postal Police (CNCPO - National Centre for the Fight against Online Child Pornography, CNAIPIC – National Centre against Digital Crime for the Protection of Critical Infrastructure etc.) and the competent authorities, and has the task of coordinating, within the Group, the process of abuse management, in accordance with the relevant legislative framework. Furthermore, the Group has adopted the organisational model in accordance with Legislative Decree 231/2001, which defines the tools required to oversee and anticipate offences, particularly the dissemination of child pornography, as well as to ensure the organisational/disciplinary management of computer crimes.
For this purpose, TIM has fielded resources, technologies, processes and tools to prevent and combat “abuse”, meaning any activity committed in violation of the rules of conduct and legislation that governs the use of network services, digital systems or means of communication in general. The prevention initiatives undertaken by the Security Operation Center (SEC.SOC) are detailed below:
- “abuse” topic area on the company Intranet, which informs company staff and makes them aware of the activities conducted and the tools that exist for preventing digital crimes and protecting children who use the Internet services provided;
- form available on the Group’s corporate and commercial portals, which can be used by end customers, or by outsider users, to report any crimes involving child pornography encountered while browsing the Internet. There is a guide to completion, and reports can also be submitted anonymously;
- management of the abuse desks: operational groups who handle abuse differentiated by type of service (consumer and business), formed in accordance with the national and community regulations on child protection, the prevention of digital criminality and the fight against sexual exploitation (child pornography). Their task is to receive alerts from external users/customers regarding alleged computer crimes or the presence of child pornography on the Group’s networks, and then direct them to the relevant department, where necessary involving the relevant authorities through the key contact for the Postal Police.
- filtering: in accordance with the implementing Decree of Law 38/2006 (Gentiloni Decree) which defines the technical prerequisites of filtering tools that providers of Internet network connections must use in order to prevent access to sites identified by the Postal Police through the CNCPO. TIM has also introduced a filtering system for foreign websites with child pornography content; The system is also used to block - in compliance with Law 296/2006 (art.1 subsection 50), relating to ending tax evasion and avoidance in the gambling sector - the resources flagged up by the Customs and Monopoly Agency;
- drafting of “Guidelines for combating child pornography on line”, which are intended to make the identification of cases of child pornography to be notified to the Postal Police as objective and uniform as possible. The aim is to minimise any potential interpretation uncertainty of the subjects concerned (chat moderators and/or community services, developers, abuse desk operators etc.) and to ensure compliance with current regulations. The guidelines are also modelled on those provided and implemented by the CNCPO and the major external organisations operating in this field (Save The Children, Telefono Arcobaleno etc.).
Moreover, the Agency participates in the following international activities:
- “GSMA - Mobile Alliance against Child Sexual Abuse Content” Work Group in the context of the GSM Association, for technological, policy and communications initiatives aimed at protecting children in the mobile phone sector. Amongst other aspects, the initiative deals with awareness raising, the fight against illegal content and the classification of content, and an important part of the programme is dedicated to Safer Internet Centres, present in more than 30 different countries, to provide support and information for children, parents and teachers. The scope of the activities implemented by the Alliance includes the agreement stipulated with Child Helpline International, aimed at protecting children and safeguarding their right to be heard. TIM has subscribed to the initiative, undertaking to support child helplines on a national level, through the drafting of a document that highlights the best practices for the applicable Notice and Take Down procedures. For 2017 there are plans to develop best practices, in cooperation with Interpol, on the enforcement procedures applicable in some countries;
- ICT Coalition for Children Online, launched in 2012, which sees TIM as an active member participating in the activities run by the coalition which promotes the safe and responsible use of the Internet. The Company has subscribed to the principles adopted by the Coalition, participates in the six-monthly forums and the meetings organised by the Coalition with the important stakeholders (e.g. NGOs) and the European Commission and European Parliament. In 2016, the Coalition updated the founding principles of its constitution, on the basis of which a new phase of verifying their implementation will be launched. The Coalition, moreover, participates in a series of meetings/conferences with the most representative institutions and bodies entrusted with child protection;
- activities of the European Commission as part of the Better Internet for Kids (“BIK”) strategy for defining and implementing the principles and technologies required to make the Internet a safer place for children. In this context, TIM has been invited and is participating in the “Alliance to better protect minors online” initiative proposed by the European Commission, DG Connect. In this context, the Company has been involved in preparing a Statement of Purpose for the Alliance (SoP), both individually and through the ICT Coalition (signed 7th February 2017)1. Signing the SoP commits companies to adopt a series of measures aimed at improving child protection online;
- TIM is a member of the COP (Child Online Protection) Board of the International Telecommunication Union (ITU) which seeks to protect children;
- it cooperates in the context of the Italian Child Abduction Alert System (ICAAS) project, for the creation of a web portal providing an “early warning” of missing children. In this context, in 2011, TIM signed the “Allarme Scomparsa Minore” (missing child alert) agreement with the Ministry of the Interior’s Public Safety Department. In this context, in 2016, the TIM Crisis Management Department - working with the Presidency of the Council of Ministers, the Civil Defence Department and other relevant institutional bodies - participated in five civil defence and protection drills intended to:
- test the soundness of the emergency planning and ability to respond of the operational structures;
- maintain staff, structures and tools of the emergency management system in a state of readiness;
- identify, where necessary, actions to improve internal company processes and the processes used to interface with the relevant stakeholders (institutions, communities, customers).
This involvement is necessary because TIM, as a provider of essential services, is part of the National Civil Defence System.
The Group has also implemented appropriate filtering and abuse prevention systems for services delivered in Brazil (video and audio content, and images). Customers can buy services with sexy content through the main page of the WAP portal; to enter, customers must click on “ADULT”, declare they are of age and enter a password. Tim Brasil restricts the portfolio of adult content to level 3.2 of the international classification.
1 The other companies subscribing the initiative are (in alphabetic order): ASKfm, BT Group, Deutsche Telekom, Facebook, Google, KPN, The LEGO Group, Liberty Global, Microsoft, Orange, Rovio, Samsung Electronics, Sky, Spotify, Super RTL,, Telefónica, Telenor, Telia Company, Twitter, Vivendi, Vodafone