info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Proposed Revision to Privacy Principles
13 views
Skip to first unread message
Alina Hua
Jul 18, 2014, 7:46:16 PM7/18/14
to dev-p...@lists.mozilla.org, dev-se...@lists.mozilla.org, Stacy Martin
We'd like to propose changes to Mozilla's Privacy Principles
<https://www.mozilla.org/en-US/privacy/principles/>which were originally
created in 2010. Mozilla's principles stem from the Manifesto and inform
how we build our products and services, manage data, work with partners,
and shape our public policy and advocacy work.
*
Why Update?
The updates are a response to change within Mozilla and beyond. In four
years, Mozilla has grown and expanded with new products and services
that didn't exist in 2010. In 2014, the world around is often described
as "post-Snowden", after his revelations sparked an international debate
about Internet privacy and surveillance.
The Process
The initial draft was reviewed by a cross-section of Mozilla, including
legal, engineering, metrics, security, foundation, content services, and
engagement. After incorporating feedback, we're bringing it to
Governance for broader review.
The Changes
We are providing the summary of proposed updates in two formats for you
to review -- text and slides.
A text format is at the bottom of this post. The text includes a
side-by-side comparison to the original Privacy Principles with the
context for the changes to the proposed Trust & Safety Principles.
The second format is in the form of slides at this Google Doc link
<https://docs.google.com/a/mozilla.com/presentation/d/1j6F3G4u8zTQflVupV8vFED21kCOsi_-oyi4WmqqNwxI/edit#slide=id.g35eef50c2_049>.
The first slide includes Mozilla's proposed Trust & Safety
Principlesalong with a side-by-side comparison to the original Privacy
Principles. The second slide summarizes the context for the changes,
including the title change.
Please note that these changes are not final and the wording may evolve
based on feedback.
Next Steps:
Please read through the new Trust & Safety Principles and provide any
feedback or questions you may have. This will be posted for 10 days --
we would love to have your input by Monday, 28 July 2014. We plan to
finalize the Trust & Safety Principles in August to update the
Principles website
<https://www.mozilla.org/en-US/privacy/principles/>and communicate the
changes more broadly.
--
TEXT FORMAT OF CHANGES:
TITLE:
Previous: Mozilla Privacy Principles
New: Mozilla Trust & Safety Principles
Context: Intended to be broader than privacy, yet inclusive of both
privacy and security. The term Trust & Safety is used byTwitter
<https://twitter.com/safety>,EBay
<http://pages.ebay.co.uk/aboutebay/trustandsafety.html>,Airbnb
<https://www.airbnb.com/trust>and others.
NO SURPRISES
Previous: Only use and share information about our users for their
benefit and as spelled out in our notices.
New: Use information in a way that is transparent and benefits the user.
Context: Removed the word "only" because there may be disagreement over
whether "only" covers indirect benefits (ex: collecting data that helps
improve your experience). Did not remove 'user benefit', although
received some feedback that it doesn't fit well with no surprises.
Replaced "as spelled out in our notices" with transparent, because it
is broader than just notices, and transparency may also be achieved
through user experience.
SENSIBLE SETTINGS
Previous: Establish default settings that balance safety and user
experience appropriately.
New: Design for a thoughtful balance of safety and user experience.
Context: Replaced "Establish default settings" with "Design for" to be
less repetitive with the title and focus on the engineering design
phase. Replaced "appropriately" with "thoughtful" to indicate carefully
considered tradeoffs.
REAL CHOICES (removed)
Previous: Educate users whenever we collect any personal information and
give them a choice whenever possible.
Context: Eliminated based on feedback that the difference between choice
and control wasn't clear, and that the conversation has moved to
control, rather than choice.
LIMITED DATA
Previous: Collect and retain the least amount of user information
necessary. Try to share anonymous aggregate data whenever possible, and
then only when it benefits the web, users or developers.
New: Collect what we need, de-identify where we can and delete when no
longer necessary.
Context: Replaced "collect and retain the least amount" with the broader
"collect what we need". Removed "only when it benefits" seemed broad
enough that most things would fall in one of the three. Considered
adding "collect only" but concerns about differences in definition (ex:
indirect benefit vs. direct benefit). Replaced "share anonymous
aggregate data" with "de-identify" because it goes beyond sharing - also
includes storing. Added data deletion as an important part of limited
data. These three pieces, limited collection, de-identification, and
deletion are areas where businesses will need to have strong processes
in place to honor these.
USER CONTROL
Previous: Do not disclose personal user experience without the user's
consent. Innovate, develop and advocate for privacy enhancements that
put users in control of their online experiences.
New: Establish enhancements that allow individuals to control their data
and online experiences
Context: Removed the sentence about consent, because it is more of an
example of enabling control. Removed "advocate for" to simplify and to
focus on direct engineering action. Added 'control their data'.
TRUSTED THIRD PARTIES (relocated)
Previous: Make privacy a factor in selecting and interacting with partners.
Context: Incorporated into the introduction as "select and interact with
partners". All principles inform how we work with partners, so this
does not need to be a standalone principle.
IN-DEPTH DEFENSE (added)
New: Innovate multi-layered security controls and practices, many of
which are publicly verifiable by our global community.
Context: Initially called "Multi-Layered Security", but based on input
from Security members, the new term -- "Defense In Depth" -- more
accurately describes Mozilla's security approaches and practices.
Considered "open source community" but shortened to "global community".
*
--
Thanks,
Alina Hua and Stacy Martin
Data Privacy Team
<https://www.mozilla.org/en-US/privacy/principles/>which were originally
created in 2010. Mozilla's principles stem from the Manifesto and inform
how we build our products and services, manage data, work with partners,
and shape our public policy and advocacy work.
*
Why Update?
The updates are a response to change within Mozilla and beyond. In four
years, Mozilla has grown and expanded with new products and services
that didn't exist in 2010. In 2014, the world around is often described
as "post-Snowden", after his revelations sparked an international debate
about Internet privacy and surveillance.
The Process
The initial draft was reviewed by a cross-section of Mozilla, including
legal, engineering, metrics, security, foundation, content services, and
engagement. After incorporating feedback, we're bringing it to
Governance for broader review.
The Changes
We are providing the summary of proposed updates in two formats for you
to review -- text and slides.
A text format is at the bottom of this post. The text includes a
side-by-side comparison to the original Privacy Principles with the
context for the changes to the proposed Trust & Safety Principles.
The second format is in the form of slides at this Google Doc link
<https://docs.google.com/a/mozilla.com/presentation/d/1j6F3G4u8zTQflVupV8vFED21kCOsi_-oyi4WmqqNwxI/edit#slide=id.g35eef50c2_049>.
The first slide includes Mozilla's proposed Trust & Safety
Principlesalong with a side-by-side comparison to the original Privacy
Principles. The second slide summarizes the context for the changes,
including the title change.
Please note that these changes are not final and the wording may evolve
based on feedback.
Next Steps:
Please read through the new Trust & Safety Principles and provide any
feedback or questions you may have. This will be posted for 10 days --
we would love to have your input by Monday, 28 July 2014. We plan to
finalize the Trust & Safety Principles in August to update the
Principles website
<https://www.mozilla.org/en-US/privacy/principles/>and communicate the
changes more broadly.
--
TEXT FORMAT OF CHANGES:
TITLE:
Previous: Mozilla Privacy Principles
New: Mozilla Trust & Safety Principles
Context: Intended to be broader than privacy, yet inclusive of both
privacy and security. The term Trust & Safety is used byTwitter
<https://twitter.com/safety>,EBay
<http://pages.ebay.co.uk/aboutebay/trustandsafety.html>,Airbnb
<https://www.airbnb.com/trust>and others.
NO SURPRISES
Previous: Only use and share information about our users for their
benefit and as spelled out in our notices.
New: Use information in a way that is transparent and benefits the user.
Context: Removed the word "only" because there may be disagreement over
whether "only" covers indirect benefits (ex: collecting data that helps
improve your experience). Did not remove 'user benefit', although
received some feedback that it doesn't fit well with no surprises.
Replaced "as spelled out in our notices" with transparent, because it
is broader than just notices, and transparency may also be achieved
through user experience.
SENSIBLE SETTINGS
Previous: Establish default settings that balance safety and user
experience appropriately.
New: Design for a thoughtful balance of safety and user experience.
Context: Replaced "Establish default settings" with "Design for" to be
less repetitive with the title and focus on the engineering design
phase. Replaced "appropriately" with "thoughtful" to indicate carefully
considered tradeoffs.
REAL CHOICES (removed)
Previous: Educate users whenever we collect any personal information and
give them a choice whenever possible.
Context: Eliminated based on feedback that the difference between choice
and control wasn't clear, and that the conversation has moved to
control, rather than choice.
LIMITED DATA
Previous: Collect and retain the least amount of user information
necessary. Try to share anonymous aggregate data whenever possible, and
then only when it benefits the web, users or developers.
New: Collect what we need, de-identify where we can and delete when no
longer necessary.
Context: Replaced "collect and retain the least amount" with the broader
"collect what we need". Removed "only when it benefits" seemed broad
enough that most things would fall in one of the three. Considered
adding "collect only" but concerns about differences in definition (ex:
indirect benefit vs. direct benefit). Replaced "share anonymous
aggregate data" with "de-identify" because it goes beyond sharing - also
includes storing. Added data deletion as an important part of limited
data. These three pieces, limited collection, de-identification, and
deletion are areas where businesses will need to have strong processes
in place to honor these.
USER CONTROL
Previous: Do not disclose personal user experience without the user's
consent. Innovate, develop and advocate for privacy enhancements that
put users in control of their online experiences.
New: Establish enhancements that allow individuals to control their data
and online experiences
Context: Removed the sentence about consent, because it is more of an
example of enabling control. Removed "advocate for" to simplify and to
focus on direct engineering action. Added 'control their data'.
TRUSTED THIRD PARTIES (relocated)
Previous: Make privacy a factor in selecting and interacting with partners.
Context: Incorporated into the introduction as "select and interact with
partners". All principles inform how we work with partners, so this
does not need to be a standalone principle.
IN-DEPTH DEFENSE (added)
New: Innovate multi-layered security controls and practices, many of
which are publicly verifiable by our global community.
Context: Initially called "Multi-Layered Security", but based on input
from Security members, the new term -- "Defense In Depth" -- more
accurately describes Mozilla's security approaches and practices.
Considered "open source community" but shortened to "global community".
*
--
Thanks,
Alina Hua and Stacy Martin
Data Privacy Team
0 new messages