The privacy manifesto

Today I came across an interesting post on a topic that’s been the subject of quite some discussion during the last few days. Alec Saunders (CEO of iotum) wrote a post called ‘A Privacy Manifesto for the Web 2.0 Era‘ in which he states the right we – consumers – should have online which he calls the 4 principles that form a Privacy Manifesto for this new web era:

Now, what rights should you have? Here are four principles that form a Privacy Manifesto for the Web 2.0 Era (in short):

  1. Every customer has the right to know what private information is being collected
  2. Every customer has the right to know the purpose for which the data is being collected, in advance
  3. Each customer owns his or her personal information
  4. Customers have a right to expect that those collecting their personal information will store it securely

The article also shows what the implications of these principles would be on a couple of examples the author gave in the beginning. Now all interesting, but it got me thinking. This just didn’t seem all the unfamiliar to me, and then when I saw @pascalvanhecke’s reply on Twitter it hit me: of course – this is all in the European law related to the protection of personal data. Read the full text at Wikipedia, but it is interesting to see what the initial guidelines where for this law (which data from 1980):

  1. Notice—data subjects should be given notice when their data is being collected;
  2. Purpose—data should only be used for the purpose stated and not for any other purposes;
  3. Consent—data should not be disclosed without the data subject’s consent;
  4. Security—collected data should be kept secure from any potential abuses;
  5. Disclosure—data subjects should be informed as to who is collecting their data;
  6. Access—data subjects should be allowed to access their data and make corrections to any inaccurate data; and
  7. Accountability—data subjects should have a method available to them to hold data collectors accountable for following the above principles

Again, this isn’t the actual law – but this gives you the best idea of the intention and idea behind it. Read the full text and you’ll see. Interestingly enough, Dennis Howlett wrote a post today saying ‘Did Scoble break EU law on Facebook?‘ which is talking about the same law. And I agree with Dennis, the whole ‘hack’ was appalling to say the least.

[Update: Mike Butcher at Techcrunch UK also links EU laws to data portability]

What do you think?

 

Advertisements