privacy – 'Cross The Breeze

With great power comes great responsibility: a Facebook Bill of Rights. That’s the headline of a post that appeared on Techcrunch today in which they have a go a what the 10 absolute rights should be for every Facebook user. Pretty interesting read and something we should all care about as user rights and privacy arrangements are ever more important with Facebook being the size it is today. Definitely worth reading.

“Facebook is a private company that people opt in to use. In this sense, the situation is not analogous to a government document like the Bill of Rights, as that document is meant to define national law.”

This last bit however made me think about an article in the NY Times from a few weeks back. It actually compares the growing word count in Facebook’s privacy settings with that of the United States Constitution. A nice way to compare both:

Also that full article is worth reading as it discusses how to manage your privacy on Facebook. Did you know you will need to navigate through 50 settings with more than 170 options to do so?

I think I got my account set up all fine, but then again it’s probably worth double checking that. And I must admit, even as an avid internet user, that when I get these Facebook popups in which apps ask access to all kinds of info on my profile (through Graph) I also don’t understand why all of that is needed really.

Today I came across an interesting post on a topic that’s been the subject of quite some discussion during the last few days. Alec Saunders (CEO of iotum) wrote a post called ‘A Privacy Manifesto for the Web 2.0 Era‘ in which he states the right we – consumers – should have online which he calls the 4 principles that form a Privacy Manifesto for this new web era:

Now, what rights should you have? Here are four principles that form a Privacy Manifesto for the Web 2.0 Era (in short):

Every customer has the right to know what private information is being collected
Every customer has the right to know the purpose for which the data is being collected, in advance
Each customer owns his or her personal information
Customers have a right to expect that those collecting their personal information will store it securely

The article also shows what the implications of these principles would be on a couple of examples the author gave in the beginning. Now all interesting, but it got me thinking. This just didn’t seem all the unfamiliar to me, and then when I saw @pascalvanhecke’s reply on Twitter it hit me: of course – this is all in the European law related to the protection of personal data. Read the full text at Wikipedia, but it is interesting to see what the initial guidelines where for this law (which data from 1980):

Notice—data subjects should be given notice when their data is being collected;
Purpose—data should only be used for the purpose stated and not for any other purposes;
Consent—data should not be disclosed without the data subject’s consent;
Security—collected data should be kept secure from any potential abuses;
Disclosure—data subjects should be informed as to who is collecting their data;
Access—data subjects should be allowed to access their data and make corrections to any inaccurate data; and
Accountability—data subjects should have a method available to them to hold data collectors accountable for following the above principles

Again, this isn’t the actual law – but this gives you the best idea of the intention and idea behind it. Read the full text and you’ll see. Interestingly enough, Dennis Howlett wrote a post today saying ‘Did Scoble break EU law on Facebook?‘ which is talking about the same law. And I agree with Dennis, the whole ‘hack’ was appalling to say the least.

[Update: Mike Butcher at Techcrunch UK also links EU laws to data portability]

What do you think?