PrivacyCamp SF and the Privacy API
Last week, CDT organized the first West Coast PrivacyCamp, focused on privacy in social networks. The turnout was great – with representatives attending from Twitter, Google, EFF, ACLU, Rapleaf and many other Silicon Valley standouts. Following the agenda-setting process of previous camps, we convened twice during the day to determine the morning and afternoon break-out discussions. The crowd was very active on Twitter, and lunch was accompanied by some great remarks on the future of Web identity by Craigslist founder, Craig Newmark.
Not unexpectedly, many of the conversations focused on Facebook’s recent privacy changes and the impact not only on user expectations, but on user loyalty. Conversations also raised interesting questions about how to avoid the various consequences of oft-changing privacy policies, either through add-ons or migrating to alternative social networks. Unfortunately, many of the attendees agreed that there was very little incentive for social media networks monetizing user information to change the trend of current practices.
What can the privacy community and users do to keep social networks free of charge and still a profitable business? How can user information continue to be a viable good without jeopardizing the implicit promise to users to preserve their privacy?
A fresh idea was raised at PrivacyCamp: The Privacy API. This would be code, released by the social network, which would allow application developers access to users' privacy settings. However, one high profile privacy mishap linked to the use of this technology and user trust is out the window. Instead, a "closed" API could be offered to developers from trusted organizations, academic institutions and advocacy groups.
Based on the trusted developers' discretion, applications could be created to build a "one-button" app that would appropriately reset users' privacy settings. These settings could be described in detail on the application download page; they would be easy to read and understandable. This idea would save users time, hassle and concern, and the applications could be updated to adapt to new privacy changes by the social network.
This approach offers a way for social networks to leverage the strong reputations of third parties while simultaneously illustrating their commitment to user privacy. If you attended PrivacyCamp, what were some of the other cool ideas you heard?