Upload
guestbc2fbe
View
696
Download
3
Embed Size (px)
Citation preview
Legal implications … this time it’s all about the data
Vanessa Barnett, Internet lawyer
28 November 2007
The main bit of law …
The Data Protection Act says all “personal data” must be processed in a “fair and lawful” manner
(In a nutshell) “fair and lawful” means that any personal data uploaded by users must only be used for the disclosed purposes it was uploaded for, held legally, held for no longer than necessary and there must be controlled access to that personal data
The “disclosed purpose” is KEY
When a user signs up to Facebook the privacy policy discloses how their personal data will be used
It’s all driven by Facebook’s Principles:– “You should have control over your personal
information”– “You should have access the information others
want to share”
Facebook tells users …
“… third party developers who have created and operate Platform Applications ("Platform Developers") may also have access to your personal information (excluding your contact information) if you permit Platform Applications to access your data. You may opt-out of any sharing of certain or all information through Platform Applications on the Privacy Settings page. ”
http://www.facebook.com/policy.php
Facebook tells developers …Treat users' privacy with the same respect we do. If you directly collect personally identifiable information from users, you must post a privacy policy detailing what you'll do with that infoBe honest and accurate about what your application does and how it uses information from Facebook usersOnly show information from Facebook Platform to a user if you retrieved it on behalf of that particular userTo assist with performance cache user information only for up to 24 hours
It really all boils down to this …
tell users what data you are going to collect
tell users how you will use their data
ESPECIALLY IF YOUR USE IS WIDER THAN THEIR GENERAL EXPECTATIONS FROM THE FACEBOOK PRIVACY POLICY
then REALLY IMPORTANTLY stick to what you’ve told them!
And if you don’t, beware!
Risk being investigated by the Information Commissioner which can be VERY damaging for PR (e.g. HM Revenue & Customs recently!)
RISKS HIGHER WITH LARGE USER BASES/HIGH PROFILE APPLICATIONS
And the Information Commissioner has got some teeth: COURT ORDERS, FINES AND JAIL TIME
A quick word about spam electronic marketing
It’s not a Platform Developers holy grail
users must OPT IN for electronic marketing
Thank you
If you would like a copy of this presentation please email [email protected]