|TM. A visualisation of Privacy Footprint, part of the proposed standardised personal data scheme.|
Here's a quick response: our proposal is not primarily about icons.
And here's a fuller response...
My perspective on the Mozilla Privacy Icons project: it attempted to graphically represent all the ways that data could be used or shared, and capture this in an icon.
Where we - as in Julian Ranger and myself at Open Digital - are coming from is somewhat different.
We're not trying to encode a complex amount of information into an icon.
Instead we're creating a series of say 6-7 standardised privacy policies which become gradually more private so that users may easily compare like-for-like services to find which take data protection more seriously than others.
As an engineer myself there is a temptation to see this as a technical problem. But it's not - it's a social problem and an economic problem, caused by the massive increase in capability brought by technology and the commercial value in personal data today.
We can either try and fix the socioeconomics or attempt to control the technology to regulate the resultant data. Neither is an easy challenge, but I prefer the former over the latter.
Our scheme, instead of trying to offer a diverse range of visualisations to accommodate a diverse number of data-sharing practices, defines a handful of policies based on best-practice.
Our aim is to provide a driver for minimising the use of personal data, improving the storage of personal data and promoting the ethical use of personal data.
Our 'most private' licenses will require data to be stored securely within a system which is designed to be private. Their use may mandate the conformance to other emerging standards such as private by design.
Above this there will be a range of less-private options, showing data may be shared with selected businesses.
Icons are used in place of e.g. a simple numerical scale of 1-7 to aid visual recognition - a mixture of endorsement (certification marque) and visual guide.
Sure there will be businesses who don't want to be boxed in to our scheme. They will want to differentiate themselves.
But I sincerely believe there will be a push from users who want clarity. They want to understand what they're signing up to.
There are two unanswered questions. (1) can a suite of standardised licenses and associated iconography impact user behaviour and (2) will sufficient businesses adopt the scheme.
To answer these questions we first propose two studies. A socio-economic study to answer (1) and a business attitudes study for (2). We will use the results to decide whether and how to proceed.
As a society we're faced with 2 choices: regulate how data is used and take the consequences of either an over-bearing enforcement regime or widely circumvented laws; or, leave it to the markets and risk having corporate interests trump user interests in at least the short and mid term.
I don't think regulation will work, so I'm looking at ways to encourage the market to work more in the interests of users.