Privacy, Law, Code and Social Networking Sites

The problems created by the rise of social networks for user privacy have become well known throughout the world since the early paper co-authored by Edwards with Ian Brown of Oxford on data self regulation (http://ssrn.com/abstract=1148732). Reconciling the desire to self-disclose information with the simultaneous desire that this information be protected remains a difficult task, exacerbated by the increasing service provider monetisation of users data via profiling and targeted marketing both when interacting on and off the network itself. Building on the earlier work, this chapter analyses how law, code and norms all currently offer some but insufficient solutions to the problems of online social network privacy when faced with the market drive to make profits. The issues for children and young people are given particular attention, drawing on the work of inter alia boyd, palfrey and Livingstone. Although the law may provide some protections through traditional European DP law remedies, current law suffers from the general illusory nature of consent in the online consumer standard term contract environment. Regulation of SNS terms of service using ideas drawn from EU unfair contracts law may offer some help, bu tbest privacy protection is likely to arise from serious regulation of code in the shape of the defaults for disclosure on the sites themselves. The paper also proposes a user-friendly start up routine where users will shape their privacy preferences in a meaningful fashion and surveys some future solutions posited in the draft EC Data Protection Regulation.