In July 2010’s issue of IEEE Security & Privacy, Bruce Schneier in a one-page paper presented his taxonomy. It is extremely interesting. My comments are in italics.
- 1. Service data is the data used to manage the service such as your name.
You have control on the creation, although you may be obliged to give sometimes real data.
- 2. Disclosed data is what you post on your own pages.
You normally have full control on it.
- 3. Entrusted data is what you post on other people’s pages.
You have control on the creation, but lose control on its life.
- 4. Incidental data is what other people post about you.
You do not have control on the creation, nor on its life. Of course, your entrusted data are incidental data for other people.
- 5. Behavioral data is data the site collects about your habits by recording what you do and who you do it with.
This is the “raison d’être” of many social networks. Never forget that there is no free lunch. Most of the business models are based on “selling/using” your profile. You have no control, excepted that you may try to control your behavior.
- 6. Derived data is data about you that is derived from all the other data.
This is where the social networks are polishing your profile and thus increasing its value. The more they know you, the more valuable ads/personalized services they will be able to offer. You have definitively no control.
Category 5 and 6 are the most interesting ones from the privacy point of view. How can you control what the social network provider will infer from your activity on the social network.
The reference of the paper is
B. Schneier, “A Taxonomy of Social Networking Data,” IEEE Security and Privacy, vol. 8, 2010, p. 88.