Instagram & Plan International Team Up With Girl Activists To Address Online Harassment

Instagram & Plan International Team Up With Girl Activists To Address Online Harassment

PR Newswire

NEW YORK, Oct. 11, 2020

After landmark survey by Plan International points to unchecked online harassment, social media platform will work with girls’ rights organization to kick off a series of listening sessions with girl activists around the world, which will inform work across Facebook properties.

NEW YORK, Oct. 11, 2020 /PRNewswire/ — Instagram will hear from a global panel of girl activists on how the platform can address online harassment, in collaboration with Plan International.

(PRNewsfoto/Plan International USA)
(PRNewsfoto/Plan International USA)

Insights will also be shared with Facebook and WhatsApp as part of this initiative.

Plan’s Listening Sessions, which are being announced on International Day of the Girl [October 11, 2020], will feature a diverse group of 15 youth activists.

The Listening Sessions will give policy and product teams from Instagram — as well as other Facebook platforms — an opportunity to hear directly from girls about their lived experiences on social media, creating a dialogue about more ways the companies can continue to invest in protecting girls from bullying and harassment.

The panelists will consult a broad network of girls and civil society organizations to offer insights from thousands of girls and young women worldwide.

This partnership comes after Plan International’s new report shines a light on the harassment and abuse of girls and young women on social media. Plan surveyed 14,000 girls in 22 countries, including the U.S., Brazil, Benin and India, revealing more than half (58%) have been harassed or abused on social media. The organization spoke to 1,165 girls and young women between the age of 15 and 24 in the U.S. and found 43% reported that they have experienced some form of online harassment on social media

Grindr flaw allowed hijacking accounts with just an email address

A Grindr vulnerability allowed anyone who knows a user’s email address to easily reset their password and hijack their account. All a bad actor needed to do was type in a user’s email address in the password reset page and then pop open the dev tools to get the reset token. By adding that token to the end of the password reset URL, they won’t even need to access the victim’s inbox — that’s the exact link sent to the user’s email anyway. It loads the page where they can input a new password, giving them a way to ultimately take over the victim’s account.



BERLIN, GERMANY - APRIL 22: The logo of the dating app for gay and bisexual men Grindr is shown on the display of a smartphone on April 22, 2020 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)


BERLIN, GERMANY – APRIL 22: The logo of the dating app for gay and bisexual men Grindr is shown on the display of a smartphone on April 22, 2020 in Berlin, Germany. (Photo by Thomas Trutschel/Photothek via Getty Images)

A French security researcher named Wassime Bouimadaghene discovered the flaw and tried to report it to the dating service. When support closed his ticket and he didn’t hear back, he asked help from security expert Troy Hunt who worked with another security expert (Scott Helme) to set up a test account and confirm that the vulnerability does exist. Hunt, who called the issue “one of the most basic account takeover techniques” he’s ever seen, managed to get in touch with Grindr’s security team directly by posting a call for their contact details on Twitter.

Loading...

Load Error

While Grindr quickly fixed the issue after hearing from Hunt, the incident underscored the platform’s shortcomings when it comes to security. And that’s a huge problem when the dating app caters to individuals whose sexual orientations and identities could make them a target for harassment and violence. This isn’t the first security issue Grindr has had to deal with. Back