First published: 15th December 2009
Internationally renowned security technologist and author Bruce Schneier has published a Taxonomy of Social Networking Data on his blog. Bruce's divisions are:
- Service data. Data you give to the site in order to use it.
- Disclosed data. Data you post on your own pages.
- Entrusted data. Data you post on other people's pages.
- Incidental data. Data other people post about you.
- Behavioral data. Data the site collects about your habits.
This is a useful starting point for discussing data on social networks, and who should have what control over it. However, things can get complicated very quickly. Using Roger Thomson's credit card "security question" incident, discussed earlier in this issue, as an example, his credit card company (probably) used the existence of a link between two people to generate the "security question" about the contact's disclosed data. The link is a new category: jointly disclosed data - it cannot be seen until both parties agree, but the site (necessarily) knows in advance: when one party has sent the "friend request".
Blogger José Ignacio Orlicki has proposed a different taxonomy, based on the destination of the data.