Two decades after the first Conference on Computers, Freedom and Privacy, a group of privacy advocates, computer scientists, lawyers and others wrapped up a conference in San Jose on Friday with what they hope will be a milestone for the social Web: a “bill of rights” for social-network users.
It includes more than a dozen principles, set out in plain English, that range from requiring “honesty” and “clarity” for networks’ written privacy principles, to safeguarding users’ ability to quit a social service and remove their personal data.
“The underlying idea is that Facebook likes to describe itself as equivalent to the third-largest country in the world,” said Jon Pincus, chief technology officer of Qworky, a Seattle company that makes meeting software for small businesses, and co-chairman of the 20th CFP conference, which is sponsored by the Association for Computing Machinery. “What rights do the citizens of that country have?”
Amid a string of privacy snarls this spring by Facebook, Google, AT&T and others, and calls from a number of groups and pundits for a set of social-networking standards, conference organizers said it was time to set out a basic set of common principles that go beyond simple privacy. The CFP conference, held at San Jose State this week and attended by about 250 people from at least a dozen countries, is an annual meeting that includes privacy advocates and organizations, computer scientists, lawyers, interested individuals, representatives of big Internet companies such as Google and even government agencies such as the Department of Homeland Security.
Google, Facebook and other companies and government agencies participated in the conference, but not in the drafting and discussion on the bill of rights. In a 21st-century town hall debate Friday, participants contributed comments and votes in person at the conference and on Twitter and Facebook while organizers edited the proposed principles in real time on Google Docs.
The 14 principles were ultimately adopted unanimously, and organizers said they hoped the document, by encompassing ideas that have been talked about for years by tech pundits and privacy advocates, would prove to be historic.
“This is the first time any of these bill of rights have been voted upon,” said Dorothy Glancy, a professor at the Santa Clara University law school who was another chair of the CFP conference. “I think we’ll still be talking about this 10 years from now, because I think social networks are going to be with us for the long haul.”
The debate, which lasted more than three hours, wasn’t always easy. One proposed principle was about the “predictability” of social networks’ use of personal data, requiring them not to make changes in who has access to user data without consent from the user.
But David Singer, a retired IBM engineer from Los Gatos attending the conference, argued that could be too broad — it could require Facebook, for example, to notify all users every time a new advertiser bought access to Facebook’s ability to target advertising based on user data.
“We want social networks to be able to buy into this,” Singer argued. The group ultimately decided to slightly soften the principle, so it read: “Obtain my prior consent before significantly changing who can see my data.”
Getting the social networks to buy in may not be so easy. Asked to comment on the principles, Facebook said it opposed some, and Google and Twitter declined to comment, with a Google spokeswoman saying the company already has its own set of posted privacy standards.
Facebook said in a prepared statement that while it shared the goal of ensuring “a safe and trusted environment” for its more than 400 million users, “we don’t agree with all of the proposed elements of the Bill of Rights for social-network users.” Facebook has opposed allowing users to use pseudonyms; the social network says it is based on “a real name culture.”
The conference now hopes to build general support for its principles, perhaps organizing an online petition drive to encourage social networks to sign on. The 14 principles are posted at www.facebook.com/CFPBillOfRights, where anyone can vote to support or oppose them.
“It puts a marker down, and that’s what this bill of rights is meant to be,” said one conference participant, Christina Zaba, who was active in a national campaign in the United Kingdom to overturn a law requiring a national ID card. “These companies are not operating in a vacuum. They’ve got to be accountable.”
Contact Mike Swift at 408-271-3648. Follow him at Twitter.com/swiftstories.
Text of Social-Network Users” “Bill of Rights”
We the users expect social-network sites to provide us the following rights in their Terms of Service, Privacy Policies and implementations of their system:
Honesty: Honor your privacy policy and terms of service.
Clarity: Make sure that policies, terms of service and settings are easy to find and understand.
Freedom of speech: Do not delete or modify my data without a clear policy and justification.
Empowerment: Support assistive technologies and universal accessibility.
Self-protection: Support privacy-enhancing technologies.
Data minimization: Minimize the information I am required to provide and share with others.
Control: Let me control my data and don”t facilitate sharing it unless I agree first.
Predictability: Obtain my prior consent before significantly changing who can see my data.
Data portability: Make it easy for me to obtain a copy of my data.
Protection: Treat my data as securely as your own confidential data unless I choose to share it, and notify me if it is compromised.
Right to know: Show me how you are using my data and allow me to see who and what has access to it.
Right to self-define: Let me create more than one identity and use pseudonyms. Do not link them without my permission.
Right to appeal: Allow me to appeal punitive actions.
Right to withdraw: Allow me to delete my account and remove my data
