| | |
|
RickSchwartzSecondPaper 6 - 26 Apr 2009 - Main.RickSchwartz
|
| |
| META TOPICPARENT | name="SecondPaper" |
|---|
| | | PrivacyMinder | |
<
< | Since the FTC won't realistically require anything other than self-imposed privacy obligations, users must demand that sites adopt real obligations as a condition of use. One step in the right direction would be the invention of a browser extension (that I would proposedly name "PrivacyMinder") that would prominently display, in easy-to-understand terms or iconography (again, like Creative Commons), the kinds of data collection and uses the currently-viewed website performs according to its privacy policy (or otherwise known facts about its data use). Privacy policies deliberately obfuscate their own terms in order to disincentivize all but the most ardent investigations into their terms; this extension would eliminate some transaction costs of parsing legalese and putting otherwise overlooked terms of use to the fore. The extension would also ideally incorporate information about the terms of use to which users must agree. Just as Firefox displays whether the browser is on a secure server within the address or status bar (and Firefox could just as easily and prominently display whether or not a website is storing cookies), the end product would hopefully give users a more automatic and intuitive understanding of the degree to which websites invade user privacy. A change in attitudes on the demand side should encourage a more bilateral dialogue about the terms a website chooses to set for itself. And, however unlikely it is for a court to hold that a unilateral act constitutes acceptance of those terms, such an extension could include a pop-up asking for affirmative assent to privacy-protecting policies before continuing to browse in order to attempt to make browsewrap binding. | >
> | Since the FTC won't realistically require anything other than self-imposed privacy obligations, users must demand that sites adopt real obligations as a condition of use. One step in the right direction would be the invention of a browser extension (that I would tentatively name "PrivacyMinder" like the discarded AT&T project) that would prominently display, in easy-to-understand terms or iconography (again, like Creative Commons), the kinds of data collection and uses the currently-viewed website performs according to its privacy policy (or otherwise known facts about its data use). Privacy policies deliberately obfuscate their own terms in order to disincentivize all but the most ardent investigations into their terms; this extension would eliminate some transaction costs of parsing legalese and putting otherwise overlooked terms of use to the fore. The extension would also ideally incorporate information about the terms of use to which users must agree. Just as Firefox displays whether the browser is on a secure server within the address or status bar (and Firefox could just as easily and prominently display whether or not a website is storing cookies), the end product would hopefully give users a more automatic and intuitive understanding of the degree to which websites invade user privacy. A change in attitudes on the demand side should encourage a more bilateral dialogue about the terms a website chooses to set for itself. And, however unlikely it is for a court to hold that a unilateral act constitutes acceptance of those terms, such an extension could include a pop-up asking for affirmative assent to privacy-protecting policies before continuing to browse as an attempt to make browsewrap binding. | | | | |
<
< | The icons and principles already developed by Mary Rundle or Aaron Helton would be a decent starting point for Privacy Commons, though they are a bit tame as they currently stand. Perhaps the non-judgmental attitude these icons currently would reduce resistance to the extension and even induce more cooperation by sites attempting to get favorable ratings. Whatever icons are used should also be color-coded in a traffic light style or otherwise graded in order to indicate the extent of any use or collection. Furthermore, a default icon for mealy-mouthed language that doesn't do anything for privacy protection (i.e., "no protection granted") ought to be jarring enough to remind users to be careful of activity performed on that site. | >
> | The icons and principles already developed by Mary Rundle or Aaron Helton would be a decent starting point for Privacy Commons, though they are currently a bit tame. Perhaps the non-judgmental attitude these icons currently would reduce resistance to the extension and even induce more cooperation by sites attempting to get favorable ratings. Whatever icons are used should also be color-coded in a traffic light style or otherwise graded in order to indicate the extent of any use or collection. Furthermore, a default icon for mealy-mouthed language that doesn't do anything for privacy protection (i.e., "no protection granted") ought to be jarring enough to remind users to be careful of activity performed on that site. | | | In the absence of machine-readable or standardized privacy policies, the extension could subscribe to a list containing manually-generated assessments of which protections, or lack thereof, every domain's privacy policy triggered in the same way AdBlock subscribes to a list containing ad servers to block. The subscription would be created and updated collaboratively through a wiki or other moderated community (perhaps EPIC?), and if the database lacked information for a given domain, or the community found the policy to be too equivocal, the default display would indicate no protection of data and potentially unlimited collection and use. Triggering the default icon might incentivize sites to adopt standardized privacy policies that the extension would automatically recognize as corresponding to various levels of protection. |
|
|
|
|
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
|
|
| | |