January 28th, 2010
Editor’s note: This is the first post in the live coverage of today’s Mozilla Privacy Forum.
Mozilla is situated at an increasingly relevant space to facilitate the interaction between users and entities on the web. Firefox has 360 million users worldwide, and aside from the obvious use case of serving users the websites they desire, Mozilla is also positioned to become a revolutionary intermediary between the privacy policies of websites and the users themselves.
Mozilla is already doing work in the privacy space, with projects like Weave with Account Manager and the data collection aggregation in Test Pilot. The data collected for Mozilla or utilized by the user in these services does not allow user data to be compromised via encryption and aggregation, and Mozilla is transparent about this process.
Aza began today’s privacy discussion with an overview of existing projects, such as P3P, Privacy Finder and Nutrition Labels for Privacy. These projects provide a useful framework for understanding the privacy debate but have yet to enter the mainstream. Mozilla seeks to conceptualize privacy and user data from a product perspective, meaning that Mozilla seeks to create a user-friendly experience to empower users to understand the privacy policies for the sites they use.
Today we focus on the concrete question:
What attributes of privacy policies should people care about?
This does exclude aspects of privacy policy debates, but will allow pointed discussion with outcomes that can be leveraged into actionable goals for Mozilla’s Privacy Icons Project. At this moment Mozilla seeks to implement a “bolt-on” approach, meaning that attributes which can be solidified (ie: who does a website share data with, how long do they maintain an archive of user data, how secure or encrypted is the data?).
As part of this process, Mozilla is willing to make normative claims about privacy with an aim to help users negotiate the privacy space in an informed way. Right now breakout groups are assessing the categorization of privacy policies, based on Mozilla’s initial brainstorm of the following topics:
- encrypted
- monetizable
- aggregated
- stored/retained
- can contact you
- 3rd party sharing
- shared internally
- personally identifiable
The goal of this breakout session is to assess whether these are the concrete (or at times nebulous) categories with which we can step into a discussion about user privacy norms. The groups are currently defining, re-naming and recalibrating this list to fit with their own personal understandings of privacy, and we welcome you to do the same in the comments.
Related posts: