Law, Society, Information technology and people
Privacy – a lot of interesting things happening in the tech cpace
cyberlaw.stanford.edu
Web2.0 is about controlling data – 4.13.07
Its about data, who owns and controls, and who gives best access to
Still in early stages b/c data isnt owned yet
when a company is a bounty of new resources – at a philosophical level – and generally what law regulates
question – who is the part in the best position to make decisions about how to treat data?
goivt, technologists, entrepreneurs
how we think about privacy is extraordinarily important
User’s privacy experienc is a combo of law an tech
nothing bad for privacy
what kind of society do we create
providing info to one company for one purpose – but used by another for another purpose
how cool you can tell company where you are and they will connect you with people in the same place – give co the info – provide with the service – tracking whereever you are
that info is valuable
how do we think about diff between privacy question and the secondary question of how info transfers beyond initial transaction
another issue – permanence of the data
can everyone have access (not just rich parties) but also – how does it turn people off from participating
what are the reprecussions down the line
“I dont want to play anymore”
link between online and offline ID
how are we combining info with how they are doing things online wiht their offline identity
how to dev a sep ID for themselves online
keep distinct
comes up in community websites – you know your neighbor b/c you have relationship – what happens when you know a lot more – how does that change our social relationships
whether the market is thebest way to judge consumer privacy concerns
ID theft credtcard fraud
downstream effects displaced in time
notice at point of transcation
Massive societal, technology changes
google-doubleclick deal
think about advertising in the traditional model – i know a certain type of
tech allows it – but is there value? businesses like targeting, is the connection of the ID with the data opens possibility for people who want to access more info about individuals
massive societal change to resooirtboundaries
ability to buy with anonymity gives you a freedom that you dont get when you have to attach ID
web2.0 and kids – not as able to judge downstream effects – is there a corp obligation to think about this when you enable kids to do things
loss of control for those – who uses and how it is used
harm – someone cant get mortgage because of identity theft
occupies entire life
constitution – overarching question
data you collect – someone may come asking for it at some point
respobsible, good corp citizen
if you have it, someone can come and get it
when you think aboutthe context of thhe user experience – that is part of it
privacy what the expectation is
set by the market – what people exp in the world
frames how courts and judges eval techhnologies
what was the exp. when they engaged
when you build and enable collection – would you feel comfortable
what internal protections do you have? so many problems not about externals – its about people internally not well trained in how to manage process and keep it safe
great arch to protect privacy
and then a CS person gives out info
who are the people and how are they trained
building privacy in –
how is data live
how do you cue people to being tracked
opt-in or opt-out
collection of info – who holds, third parties – how long kept, personalized – which country, and laws that are covered there
data or communications
Innovate in privacy
how to survive those big press events
privacy policy generator – where2.0 conf
giving info – give more practical tools
internet app that will allow you to go to website and ask questions
taking thru the process to create policy
harvard – ToS at Berkman
Cyberlaw doing privacy
David Hornik – VC – concerned about privacy implications
see what kind of advice they are giving the clients
would like to shop based on peoples privacy policy
doesnt make those choices – companies dont realize she isnt interested – dont build to the need b/c they dont know
informed choice – useful to your company
explanation of provisions
graphical tags – to allow groups to endorse and machine readable – that allows you to find thru semantic search
tool to reduce repetitive work
point of reference
social scientists and researchers
more standardization in the market
commentary cards (why wouldnt all of this tie into OpenID?)
need to know this can be connected back to a person’s name
need to notify them of that
back end – simple db – output gives your policy
chosen – program introduces class user profile, need advice from real lawyer
with appropriate disclaimers
people in the room should be thinking about this – need to get ahead of it, set good standards and create great user experience and not just higher level interaction with your service
does she read privacy policies – sometimes yes, and most of the time no
some services cause more concern than others
balancing disclosure with good user experience and non-cumbersome user experience
more protections, more cumbersome
depends on a particular thing – cookies great if they allow you to know where you were or remember prefs – but can have horrible applications
sometimes you do have to encumber user experience
UE – includes privacy – part of the experience – this is critical
reccomendation for good resources?
where should they go to learn more
reading caselaw wont help you – no magic bullet privacy answer
some things the law does deal with – health you need guidance – you need rules to provide experience to the user
writing privacy policices in lang users can understand (short of making it graphical)
on cyberlaw site – students wrote policy for muni wireless – took that approach – mom should be able to know what will be done with her info
how far is Stanford and Berkman in the work?
goal – have the legal part done b4 students leave for summer – now tech implementation part
tag content to tell people how you want to give them permission to use it
# of diff licenses and metrics – machine, lawyer, people and graphical code
CC license – huge choice – more than what the law requires
go to PP gen and allows u to do whatever you want with peoples stuff
educational element
2 diff rules that address
CDA – comm deceny act – provision that limits liability of service providers for content posted for third parties – any content that is not copyright
DMCA – notice and takedown process – if youhave that regime your liability is limited
reduces liabilty in most cases
in the current youtube viacom – how far that protection upholds is in question
myspace context – how far will we let the limitation on liability on content go?
wide ranging limitation on liability for companies