Do you know who has your personal data? |
Info security expert Bruce Schneier has developed an interesting and useful taxonomy of social networking data.
It was published in the July/August 2010 issue of IEEE Security & Privacy and Mr. Schneier has made a copy of the taxonomy article on his web site.
Bruce provides a way to categorize data provided to social networking sites when we discuss privacy issues and the rights people have with respect to their data.
In the article the following types of social networking data are defined:
- Service data is the data you give to a social networking site in order to use it. Such data might include your legal name, your age, and your credit-card number.
- Disclosed data is what you post on your own pages: blog entries, photographs, messages, comments, and so on.
- Entrusted data is what you post on other people's pages. It's basically the same stuff as disclosed data, but the difference is that you don't have control over the data once you post it -- another user does.
- Incidental data is what other people post about you: a paragraph about you that someone else writes, a picture of you that someone else takes and posts. Again, it's basically the same stuff as disclosed data, but the difference is that you don't have control over it, and you didn't create it in the first place.
- Behavioral data is data the site collects about your habits by recording what you do and who you do it with. It might include games you play, topics you write about, news articles you access (and what that says about your political leanings), and so on.
- Derived data is data about you that is derived from all the other data. For example, if 80 percent of your friends self-identify as gay, you're likely gay yourself.
Keep in mind that social networking sites can monetize all of it: generally by selling targeted advertising.
No comments:
Post a Comment