The Internet is not always a safe place. Like life off the Internet, everyone is at risk of having crime being a part of their experience online. Usually referred to as cybercrime these activities, including fraud, terrorism, extortion, harassment and hacking are perpetrated by several types of criminals:
People with cognitive disabilities may not be able to easily use some of the common security measures used on the Web such as two-factor authentication and safe and unique passwords.
Extra security precautions to increase password strength often make this group more vulnerable to "human error". This can encourage risky behaviour such as keeping a list of passwords on a desk which can be used by anyone who has physical access to the room. Also, when users ask for assistance to complete these security procedures, they can put themselves at high risk of being abused by those they trust to help.
These cyber-criminals use deception to gain trust and this enables them to negatively influence the behavior of vulnerable individuals. People with cognitive impairment who experience difficulty understanding social cues will likely fail to accurately identify a risky or potentially harmful situation. Those who have difficulty understanding others can act contrary to their own hypothetical actions in a given situation (i.e., mind-blindness) are more trusting and may easily believe false information. Also, people with impaired reasoning, attention or memory may be similarly vulnerable to these situations as they are not especially cognitively equipped to validate presented information.
People with cognitive disabilities may be more at risk of being a victim of a sexual crime. This is more likely if:
Personalization is important, especially as a way to avoid conflict when meeting varying user needs, among many other reasons. However, there is a significant risk that if poorly implemented, user information and vulnerabilities can be exposed. This puts the most vulnerable users of this population at the greatest risk.
Safety should be priority when making content accessibile for people with cognitive disabilities extra care should be applied at the same time to keep them safe.
All user information must be kept safe, to the fullest extent possible. Any clues that the user has cognitive disabilities, such as a request for a simplified version, should be protected information.
Personalization systems should be designed so that any information implying vulnerabilities are on the user device and are secure. Use of functional requirements can also be a safer alternative to describing user needs in systems such as meta-data.
Security should be strong and easily used by those with cognitive disabilities, such as a biometrics option. For a full discussion see the issue paper on security.
Thanks to Crimes against Children Investigations Israel National Cyber Unit for the review.