Parental Controls Problem Statement
Computer usage for online and offline activities opens a new world for information gathering, communication, commerce, productivity, and entertainment. It also presents new risks for predators, information disclosure, and easy access to inappropriate content in websites, messages, file downloads, and game and audio/video multimedia. For adults, the risks may be controlled by filtering technologies configured by an adult for his or her own account, or for a computer as a whole. Cookie management, pop-up blockers, anti-spam filters, trusted and blocked website settings, and instant messaging buddy list management are common examples of self-filtering efforts.
Enforcing parental controls is different than self-filtering. Policies set by a parent or guardian must be enforced on dependents without the dependents being able to easily alter those policies. The same is true for tampering with activity logging information that may be essential for a parent or guardian to have sufficient information to set and maintain effective policies. The bastion for control and status becomes a privileged identity, associated with a reduced rights identity whose processes typically implement monitoring and activity restrictions without being able to trivially modify the policies or logging data.
For purely online identities, it is relatively easy to set up privileged and protected identities and their associations exposed by online user names and passwords. Extension to offline computer activities such as playing PC game titles or DVDs, or using online clients other than web browsers becomes much more difficult. Implementing parental controls today therefore typically results in singular solutions from individual ISVs. Achieving comprehensive coverage over the bulk of risk areas may require use of multiple products, with resultant distribution of activity monitoring data and policy settings among multiple user interfaces. Also, solutions today often must be implemented in layers of software that may not have sufficient context for filtering or legal rights to protocols, and expose concerns over access to sensitive data. Such solutions may also be hampered by link encryption.