(Photo: bioethics.net)

The Federal Trade Commission is looking to change regulatory lawsthat that protect children's privacy on the Internet. Although it's legal right now, a slew of apps and popular websites collect data and pictures from young users. In the most cringe-worthy example, pictures of children that were uploaded to a “get in the picture with Ronald McDonald” game in were kept by McDonald's in directories that were publicly available to anyone who wanted access to them. McDonald's tells the Times that they've now "blocked public access to several directories on the site."

The new laws say children’s websites would be required to obtain parents’ permission before tracking kids around the Web for advertising purposes.

But while government restrictions may help protect innocent children, it's hard not to feel that the responsibility (and the biggest hope for keeping kids safe) lies with their parents. After all, children don't only stick to apps directed to their demographic.

Instructing them in the basic--don’t give out your birthday, don’t put up any pictures of yourself, don’t talk to strangers, and don’t do anything you wouldn’t do if we weren't here--would go a long way.

Earlier this year, the Times covered what happens when kids find porn on the Internet. The article's conclusion was that no matter what parents can try to do, their kids are going to explore the endless web and it's up to the parents to explain what's right and wrong to do online.

The same rule for parenting should apply here. In today's article about the FTC's plan, the Times quotes a mother of two, who said:

“We are teaching our kids to ask, ‘What is the company getting from you and what are they going to do with that information?”

She's on the right track.

Unfortunately, when mom’s only password is “password” and dad keeps giving away his social security number to Nigerian princes, kids might have to teach themselves--or learn the hard way.

Last.fm staffers on a happier day. (flickr.com/lastfm)

Did every single cybersecurity professional on the Internet go on vacation this week? We're starting to wonder, because not 36 hours after breaches at LinkedIn and eHarmony comes word of another at Last.fm. Can't we trust anyone to keep our information secure? Apparently not.

Earlier today, Last.fm alerted users that the company was "investigating the leak of some Last.fm user passwords." From the phrasing, we can't tell whether it's connected to the LinkedIn and eHarmony hacks, or just a really unfortunate coincidence: "This follows recent password leaks on other sites, as well as information posted online. As a precautionary measure, we’re asking all our users to change their passwords immediately." Well, at least they preempted.

The LinkedIn and eHarmony breachers were connected--same hacker--so the obvious question is whether Last.fm is the third victim of a cybercriminal having a really great week. But this isn't entirely out of the blue, as it sounds like Last.fm has been having some issues with user information lately. This post from Knapster01 (a customer support manager for the company) indicates that as far back as May 16, someone unsavory had gotten ahold of users' email addresses, as Last.fm was investigating a flood of sketchy spam from gambling sites.  He wrote:

We’ve had reports from the community that a few of you are seeing spam from gambling sites. We want to make one thing very clear: We never give or sell your address to third parties without your explicit consent for a specific purpose.

We are investigating this matter urgently, running a security audit and looking at alternative ways the spamming of Last.fm users might have occurred.

We take this abuse of our community very seriously and we appreciate your understanding and support as we work out what’s going on and put things right again.

But as of Tuesday, users were still kicking up a fuss about the spam.

We've reached out to Last.fm regarding the leak and will update if we hear anything.