European regulators unveiled long anticipated plans this week for guidelines about how social networks such as Facebook and MySpace should handle European privacy rules, writes the Wall Street Journal. Regulation in a young and fast changing space is always risky, and many will argue lacks necessity because of the existing data protection directive. However the guidelines appear to have been set very low, simply reconfirming what would be common knowledge even for novice internet users.
The WSJ confirms that key elements include…
- Sites should offer privacy-friendly default settings.
- Users should be advised that pictures should only be uploaded with the individual’s consent.
- Sites must set maximum periods to retain data on inactive users. Abandoned accounts must be deleted.
- Users should be allowed to adopt a pseudonym.
The reason why this matters is that global players such as Facebook are based outside the EU’s jurisdiction and citizens from the 27 European nations would have different types (usually weaker) privacy frameworks on these global sites to the national equivalents. The recommendations also include getting social network owners to place default security settings at a high level and allow users to limit data disclosed to third parties. Sensitive information, such as race, religion or political views are also covered, along with behaviourally targeted advertising.
From the Wall Street Journal: http://online.wsj.com, 24/06/2009