Letting kids play with technology can be as dangerous as leaving them alone in a playground.

Here's what you need to know:

Traveling is stressful enough—with planning, packing, long flights with delays, and screwed up hotels. The last thing most people think about is how they and their traveling companions stay safe online. Whether it’s a business adventure or family road trip, most people simply toss their laptops, iPads, and other tech into a bag without much thought.

So now you’re on that family trip with your spouse, young teen daughter, and 9-year-old son. Never fail, the kids are boisterous in a restaurant, and all you want is a nice, quiet family meal. Out comes the iPad for the little one and the young teen is told to stop pestering her kid brother and just play with her phone. The noise and cries from the young one stop. That worked. 

Let’s consider the iPad in the hands of the young boy. He signs into an online game, restores a recent session, and begins playing with others online. This is his current favorite game and, best of all, keeps the young one quiet in a busy public restaurant. You’re savvy and feel that this is a harmless activity—but is it? Unbeknownst to you, an avatar appears in the kid’s game and holds up a sign asking for his name and where he lives. The kid types a reply giving his real name and says he’s from Texas but on a family trip. The interaction continues between the avatar and the kid. More information is exchanged. To the young one, the questions seem harmless, and the interaction is just fun within the game.

Is there a problem here and what might that be?

Let’s consider the young teen daughter. She’s online in a chat forum with her school friends. She’s posting comments about the trip and how much of a brat her kid brother is. They’re texting both about school and the trip. At one point, your daughter updates her Facebook page with the fact that they’re in some boring restaurant in Winnipeg. She wishes she could just be at home, hanging out with her BFF in a big shopping mall in Dallas where she lives.

Is there a problem here and what might that be?

There are a couple of simple concepts illustrated in both cases:

1. Friends online: This is a term that means you’re in a chat, text, or game session with people that you really know.

2. Online friends: This term means you’re in a chat, text, web page, or game with people that you don’t really know outside of the session. 

There is a saying first coined by Peter Steiner in a 1993 New Yorker cartoon: “On the Internet nobody knows you’re a dog”. This simple phrase holds true now more than ever. It brings out the anonymity and lack of physical contact presented by an Internet relationship.

For the young boy, he’s playing in a game with online friends, but he doesn’t really know who they are. They are just like-minded kids out for some fun. The avatars have properties including the sign in name and information provided by the player. But the sign-in name is not their real name, and their claimed location can be anywhere. As the interaction progresses, the exchange of seemingly harmless information can be very dangerous.

The interaction can have very dangerous consequences and he may be getting groomed by a predator.

Until the teen daughter posted on Facebook, she was interacting with friends online. Even though she knows everyone in the chat session, dangers may still exist. She’s sharing information that should be considered personal, including information about relationships, her family, and the trip. In a Pew Research Center report (2022) some 54% of girls experienced cyberbullying, while 44% of boys experienced at least one incident. Although this data is a bit old, the FBI tells us that this problem is growing significantly. A significant number of perpetrators are known by the victims, think school colleagues and “friends”. When the daughter posted on Facebook, she interacted with online friends. That post could be read by anyone. Cybercrime starts with reconnaissance, or what we refer to as Open-Source Intelligence (OSINT) gathering.

The type of information the daughter posts can be combined with many other elements and lead to both online and physical problems. 

Here are four basic things that should be reinforced frequently with any young person using technology:

1. Keep personal information private. This includes your real name and location

2. Be careful what you post. Even simple posts with information can be combined with other information and used against you.

3. Know your privacy settings and use them!

4. Always use a strong password (numbers, upper and lower case letters, and symbols). Don’t be afraid to change it—and never share it with anyone.

For the young son’s iPad use, the password used to log into the game should be controlled by the parent. After use, the parent should log into the game using the same account and check for any activity that might be suspicious. The teen daughter’s situation may be more difficult to detect issues and deal with them.

Parents need to stay close to their teens and have constant conversations with them about using the technologies and reporting anything bad that may occur. 

This covers the young members of the family.

For the educator on the road, there can be many more issues about their own use of technology, the least of which is passive snooping. Hotel Internet connections, especially in countries like Egypt, can be monitored passively and information such as usernames, passwords, and other data can be stolen. This is a much larger topic that can be covered in a future article.

Suffice it to say, the kids are not the only ones at risk.

Take a read of The Digital Detective: First Intervention now on Amazon and Barnes & Noble. Although a fictional story, the tools, techniques, and processes presented in the book are absolutely real.

Be safe and enjoy your travels. 

Tom Arnold (CISSP, ISSMP, CISA, CFS, GCFE-Gold, GNFA, GWEB, GBFA) is a cybersecurity expert, digital forensics investigator, and educator. He lectures on digital forensics and incident response at San Jose State University and the University of Nevada, Las Vegas, where he is also helping to develop a new digital evidence and forensics degree program. A co-founder of Payment Software Company (PSC), now part of NCC Group, Arnold has led large-scale breach investigations—some involving more than 7,000 servers—and served as lead investigator in complex threat-hunting operations. He has testified before the U.S. Senate and House on cybersecurity legislation and sits on the steering committee for the Las Vegas branch of the USSS/Cyber Fraud Task Force. He also serves as Operations Manager at Cloud 10 Studios, a full-service animation studio that creates original series, long-form content, and commercial projects.

His novel The Digital Detective: First Intervention was inspired by a real-life cybersecurity scare when Arnold’s grandson was approached by a stranger on Roblox despite parental controls. That moment launched Arnold’s mission to help families and schools recognize hidden online dangers—and to give kids the tools they need to stay safe in the digital world.