With all the recent privacy issues that keep cropping up in the various social networks, it's no surprise that people are looking to find a way to protect users in a more proactive, permanent way. This week, the EFF got more deeply involved by posting a proposal for a Social Networking Bill of Privacy Rights.
Not surprisingly, it's centered around the core tenets that users should always be kept in the loop and offered an "opt-in" instead of an "opt-out" when changes are made that could potentially affect issues of privacy, disclosure about who can or has already viewed users' personal information, and the ability of users to delete their own data. Check out the proposal after the fold, and let us know what you think about it!
- 1. The Right to Informed Decision-Making.
Users should have the right to a clear user interface that allows them to make informed choices about who sees their data and how it is used.
Users should be able to see readily who is entitled to access any particular piece of information about them, including other people, government officials, websites, applications, advertisers and advertising networks and services.
Whenever possible, a social network service should give users notice when the government or a private party uses legal or administrative processes to seek information about them, so that users have a meaningful opportunity to respond.
- 2. The Right to Control.
Social network services must ensure that users retain control over the use and disclosure of their data. A social network service should take only a limited license to use data for the purpose for which it was originally given to the provider. When the service wants to make a secondary use of the data, it must obtain explicit opt-in permission from the user. The right to control includes users' right to decide whether their friends may authorize the service to disclose their personal information to third-party websites and applications.
Social network services must ask their users' permission before making any change that could share new data about users, share users' data with new categories of people, or use that data in a new way. Changes like this should be "opt-in" by default, not "opt-out," meaning that users' data is not shared unless a user makes an informed decision to share it. If a social network service is adding some functionality that its users really want, then it should not have to resort to unclear or misleading interfaces to get people to use it.
- 3. The Right to Leave.
Users giveth, and users should have the right to taketh away.
One of the most basic ways that users can protect their privacy is by leaving a social network service that does not sufficiently protect it. Therefore, a user should have the right to delete data or her entire account from a social network service. And we mean really delete. It is not enough for a service to disable access to data while continuing to store or use it. It should be permanently eliminated from the service's servers.
Furthermore, if users decide to leave a social network service, they should be able to easily, efficiently and freely take their uploaded information away from that service and move it to a different one in a usable format. This concept, known as "data portability" or "data liberation," is fundamental to promote competition and ensure that users truly maintains control over their information, even if they sever their relationship with a particular service.
So, is this proposed Bill of Privacy Rights enough? Or do you think it needs more? Let us know in the poll below.Go there...