But, I can see some reasons for the case for a User-specified Terms-Of-Service (UTOS) and User-specified Privacy Policy (UPP):
Every user indicates in some simple syntax a UTOS and UPP, and services needs to conform to them to be able to provide a service to the user. I think it is time to take away the privacy policy from the lawyers to the computer scientists.
Here are some components of a UPP:
| Infolet | Actions | [Predicates] |
| Biographical Information | Retain | for 30 days |
| Share | with <n'th level of Social Graph, Other Services/Apps> | |
| Service Usage Information | Retain | for 90 days |
| Share | with <no one> | |
| User-generated Information | Retain | forever, unless explicitly deleted |
| Share | with <Provide Settings to control> |
If a service either violates the policy, or does not support some components of the policy, the user could easily decide to provide an exception and sign up or quit. Some services provide very good privacy policies in the beginning, and slowly start diluting them. It becomes impossible for humans to keep track of legalese english to see if something is amiss. This gets hard for the less popular sites which do not get media attention. The above policy specification if standardized could address user anxiety better I think.
No comments:
Post a Comment