Law, Society, Information technology and people

Privacy – a lot of interesting things happening in the tech cpace

Web2.0 is about controlling data – 4.13.07

Its about data, who owns and controls, and who gives best access to
Still in early stages b/c data isnt owned yet

when a company is a bounty of new resources – at a philosophical level – and generally what law regulates

question – who is the part in the best position to make decisions about how to treat data?
goivt, technologists, entrepreneurs

how we think about privacy is extraordinarily important

User’s privacy experienc is a combo of law an tech

nothing bad for privacy

what kind of society do we create

providing info to one company for one purpose – but used by another for another purpose
how cool you can tell company where you are and they will connect you with people in the same place – give co the info – provide with the service – tracking whereever you are

that info is valuable
how do we think about diff between privacy question and the secondary question of how info transfers beyond initial transaction

another issue – permanence of the data

can everyone have access (not just rich parties) but also – how does it turn people off from participating
what are the reprecussions down the line

“I dont want to play anymore”

link between online and offline ID

how are we combining info with how they are doing things online wiht their offline identity

how to dev a sep ID for themselves online
keep distinct

comes up in community websites – you know your neighbor b/c you have relationship – what happens when you know a lot more – how does that change our social relationships

whether the market is thebest way to judge consumer privacy concerns
ID theft credtcard fraud
downstream effects displaced in time
notice at point of transcation

Massive societal, technology changes

google-doubleclick deal

think about advertising in the traditional model – i know a certain type of

tech allows it – but is there value? businesses like targeting, is the connection of the ID with the data opens possibility for people who want to access more info about individuals

massive societal change to resooirtboundaries

ability to buy with anonymity gives you a freedom that you dont get when you have to attach ID

web2.0 and kids – not as able to judge downstream effects – is there a corp obligation to think about this when you enable kids to do things

loss of control for those – who uses and how it is used

harm – someone cant get mortgage because of identity theft

occupies entire life

constitution – overarching question
data you collect – someone may come asking for it at some point
respobsible, good corp citizen
if you have it, someone can come and get it
when you think aboutthe context of thhe user experience – that is part of it
privacy what the expectation is
set by the market – what people exp in the world
frames how courts and judges eval techhnologies
what was the exp. when they engaged

when you build and enable collection – would you feel comfortable

what internal protections do you have? so many problems not about externals – its about people internally not well trained in how to manage process and keep it safe

great arch to protect privacy
and then a CS person gives out info

who are the people and how are they trained

building privacy in –
how is data live
how do you cue people to being tracked
opt-in or opt-out

collection of info – who holds, third parties – how long kept, personalized – which country, and laws that are covered there

data or communications

Innovate in privacy

how to survive those big press events
privacy policy generator – where2.0 conf
giving info – give more practical tools

internet app that will allow you to go to website and ask questions
taking thru the process to create policy

harvard – ToS at Berkman
Cyberlaw doing privacy

David Hornik – VC – concerned about privacy implications

see what kind of advice they are giving the clients

would like to shop based on peoples privacy policy

doesnt make those choices – companies dont realize she isnt interested – dont build to the need b/c they dont know

informed choice – useful to your company
explanation of provisions

graphical tags – to allow groups to endorse and machine readable – that allows you to find thru semantic search

tool to reduce repetitive work
point of reference

social scientists and researchers

more standardization in the market

commentary cards (why wouldnt all of this tie into OpenID?)

need to know this can be connected back to a person’s name
need to notify them of that

back end – simple db – output gives your policy

chosen – program introduces class user profile, need advice from real lawyer

with appropriate disclaimers

people in the room should be thinking about this – need to get ahead of it, set good standards and create great user experience and not just higher level interaction with your service

does she read privacy policies – sometimes yes, and most of the time no

some services cause more concern than others

balancing disclosure with good user experience and non-cumbersome user experience

more protections, more cumbersome
depends on a particular thing – cookies great if they allow you to know where you were or remember prefs – but can have horrible applications

sometimes you do have to encumber user experience

UE – includes privacy – part of the experience – this is critical

reccomendation for good resources?
where should they go to learn more

reading caselaw wont help you – no magic bullet privacy answer

some things the law does deal with – health you need guidance – you need rules to provide experience to the user

writing privacy policices in lang users can understand (short of making it graphical)
on cyberlaw site – students wrote policy for muni wireless – took that approach – mom should be able to know what will be done with her info

how far is Stanford and Berkman in the work?
goal – have the legal part done b4 students leave for summer – now tech implementation part

tag content to tell people how you want to give them permission to use it
# of diff licenses and metrics – machine, lawyer, people and graphical code

CC license – huge choice – more than what the law requires
go to PP gen and allows u to do whatever you want with peoples stuff

educational element

2 diff rules that address
CDA – comm deceny act – provision that limits liability of service providers for content posted for third parties – any content that is not copyright

DMCA – notice and takedown process – if youhave that regime your liability is limited
reduces liabilty in most cases

in the current youtube viacom – how far that protection upholds is in question

myspace context – how far will we let the limitation on liability on content go?

wide ranging limitation on liability for companies

Posted in: Web2.0.
Last Modified: April 16, 2007

Leave a Reply