Privacy on SNS II

PRIVACY AND ONLINE SOCIAL NETWORKS

Marc Gallardo *
marc.gallardo@alliantabogados.com

It’s an undeniable fact that Social Network Sites (SNSs) are a part of our lives and it looks as
though they are here to stay. ey have grown exponentially. Facebook, alone, has more than 800
million registered users. Besides this internationally known platform, there are many others quickly
gaining followers thanks to the spiral effect inherent to these networks: Twitter (200 million users),
LinkedIn (120 million users), Tuenti (headquartered in Madrid and 10 million users) and more
recently Google+ (which in its short lifetime, has already accumulated 40 million users) are all well-
known success stories. us, it is very difficult nowadays to escape from the force of attraction that these
social communication platforms exercise on us and our more or less immediate environment, both
personally and professionally. Without going into details, there is undoubtedly something about SNSs
because ever more suppliers and users are investing more of their time and resources in them.

Nonetheless, this article is focused on various legal constraints arising from its set-up and use by
all the players involved, starting with another undeniable fact: the main business of these SNS consists
of commercially exploiting a large quantity and quality of personal data we provide their owners in
exchange for using their platform for free. Based on this, it is commonplace to refer to the risks of using
these networks for people’s personal lives and, particularly, for minors who form the fasted-growing
group on the networks and use them the most. Within the context of this new social network and Web
2.0 phenomenon, the legal issues raised are very diverse. is article focuses on identifying some of them
exclusively from a privacy perspective and by using European personal data protection law as a reference
in addition to the recommendations issued by some authorities, with an emphasis on the Spanish
situation and the rst resolutions passed by the Spanish Data Protection Agency (AEPD, as it is known
by the Spanish acronym) sanctioning Web 2.0 conducts.

SUMMARY: 1. INTRODUCTION.- 2. LEGAL FRAMEWORK.- 3. REVISING DATA
PROTECTION PRINCIPLES IN THE SCOPE OF SNSs: 3.1. Requirements of consent
provided by SNS users; 3.2. Users can be data controllers; 3.3. Minors.- 4. LAW APPLICABLE
TO SNSs.- 5. CONCLUSION.

___________________________________________________________________________

* Partner, Alliant Abogados Asociados S.L.P. and Head of the New Technologies and Data
Protection Area. University of Barcelona (IL3) Professor of post-graduate courses on very different subjects
in the elds of trade and technology law.

Alliant Abogados is on Twitter, Facebook and Google+. If you’d like more information, you can
visit our legal rm's website www.alliantabogados.com and the LinkedIn pro le: http://
www.linkedin.com/in/marcgallardo

is article is disseminated under a BY-NC-ND Creative Commons license. You can download
the electronic version of this document and keynote presentation in our legal rm's website.

Gran Vía de les Corts Catalanes, 702 Pral. 1ª Barcelona 08010 || t. 34 93.265.58.42 f.34 93.265.52.90 || info@alliantabogados.com www.alliantabogados.com

1. INTRODUCTION.

Before reviewing the main challenges SNS pose to people’s private lives, I shall brie y
explain what they are and how they work.

Broadly speaking, SNSs can be de ned as Information Society Services1 that offer users an
Internet communication platform to generate a pro le with their personal data, facilitating the
creation of networks based on common criteria and permitting users to connect and interact with
each other. eir growth model is primarily based on a viral process whereby an initial number of
users offer others the possibility of joining by sending e-mail invitations.

SNSs are just one more manifestation of what is known as the Web 2.02, where users are no
longer mere spectators as they create and deposit information on the Internet. us, in this new
framework the Internet has evolved towards, users are not just passive subjects who turn to the
net exclusively to obtain some type of service or information, but rather they become active
subjects who contribute information (their own or a third party’s) and interact with other users.

ere are many online social networks of all types, although they can be grouped into two
major categories: generalist or leisure and professional3 .

e main objective of generalist or leisure networks is to facilitate and strengthen personal
relations among the individuals joining them. In general, these networks offer a large variety of
applications and/or functionalities allowing users to do without external communication tools by
making a platform available that integrates all of the necessary applications on a single screen.

It is tting to establish sub-categories considering the purpose or theme of these networks:
a) Information and content exchange platforms such as Youtube and Google Video which offer
free, easy to use tools for exchanging and publishing digital content (videos, photographs, etc.) in
order to later link to them in one’s pro le on the network used; b) Pro le-based networks such
as Facebook, Google+, MySpace and Tuenti, the most representative and most-used of the social
networks which offer more and more new possibilities for communicating and interacting with
other users; and c) Microblogging or nanoblogging networks such as Twitter which allow you
to send text messages (limited to 140 characters) to other users in the same network in order to
inform them of activities, thoughts and opinions (your own or others’) you wish to share for some
reason (social integration, professional promotion, fun, etc.).

Professional social networks are con gured as support tools for establishing professional
contacts with other users (for example, LinkedIn). ey are created and designed for the purpose

1 at is to say, any service normally provided for remuneration, at a distance, by electronic means and at the
individual request of a recipient of services (Directive 98/34/CE).
2 e term Web 2.0 is associated with web applications that facilitate participatory information sharing,
interoperability, user-centered design and collaboration on the World Wide Web. A Web 2.0 site allows users to
interact and collaborate with each other in a social media dialogue as creators (prosumers) of user-generated content
in a virtual community, in contrast to websites where users (consumers) are limited to the passive viewing of content
that was created for them. Examples of Web 2.0 include social networking sites, blogs, wikis, video sharing sites,
hosted services, web applications, mashups and folksonomies (http://en.wikipedia.org/wiki/Web_2.0).
3 is classi cation was obtained from the Study on Personal Data Privacy and the Security of the Information on
Online Social Networks, published by the Spanish National Communication Technologies Institute (INTECO) in
collaboration with the AEPD; pp. 45 et seq.

2


of making contacts and maintaining professional relations with different people that may be of
interest to the user.

Notwithstanding, there is an ever-growing trend to use networks initially con gured for
leisure and the exchange of personal information such as Facebook and Twitter for professional
reasons meaning both SNS categories can easily be confused at the sole decision of the users, who,
make the nal decision at all times as to how to con gure their space on the social network and
for what purposes.

Another common aspect of SNSs lies in that, irrespective of their design or aim, in all
reality they are databases that feed off of information of all kinds provided by users. ese
databases are exposed to very sophisticated, continuous data mining techniques with an aim to
make money off or pro t from the platform as much as possible, offering targeted and speci c
advertising of products and services based on the information gathered in relation to user
interests.

erefore, users utilize the social network for free, but not without “associated costs” as the
price they (we) pay, many times unknowingly, is the commercial exploitation of their "pro le" by
the platform owners who generate most of their revenue with the advertising spread through the
spaces network users create and those they access.

In general, SNSs operate in three phases: registration, usage and deletion from the social
network. And in each one of these phases a series of conducts can often be identi ed, performed
by the different parties intervening in each one of these processes (typically the SNS provider and
the service user), that can constitute serious personal data protection threats for members and
non-members of any of the social networks.

At the time of registration, the SNS privacy policy may not be sufficiently clear and
transparent to users or it may not accurately inform them of each and every one of the purposes
for which their data will be used and they are not given the option to opt out of certain data
processing. Likewise, the privacy options pre-set by default on the social network may be the
most permissive for data publication even allowing for indexing by search engines. And when it
comes to minors, there is a danger that the SNS provider does not implement effective measures
to verify the age of their users and determine whether, in certain cases, parental or guardian
consent is required to process their data4 .

When using the service, the SNS provider may engage in invisible data processing (for
example, through the IP address or the installation of a cookie on the user’s personal computer)
without having duly informed the affected party or, consequently, obtained the necessary consent
to do so. As far as SNS users, they may be responsible for the processing of the third party data
they publish or spread through the social network without the third party's consent. It also can be
difficult for users as well as people not affiliated with the SNSs whose data is processed in such
virtual environments to exercise their rights of access and recti cation.

Finally, when trying to delete an account, users can nd that their data is not eliminated, or
at least not completely, which raises great doubts about their right to have the SNS provider
cancel their data.

4 Pursuant to Spanish law, parental authorization is required in order to process data on minors under 14 years of age.

3


2. LEGAL FRAMEWORK.

In Europe, the SNS regulatory framework concerning personal data protection is basically
represented by two Directives: General Directive 95/46/EC5 and e-Privacy Directive 2002/58/
EC6 (as per the nal version provided by Directive 2009/136). Each one of the 27 EU Member
States has incorporated the principles and aims of both Directives into their respective laws7 . In
the case of Spain, this has been done through Organic Law 15/1999, of 13 December, concerning
Personal Data Protection (LOPD, as it is known by its Spanish acronym), Royal Decree
1720/2007, of 21 December, which enforces the LOPD, and Law 34/2002, of 12 June, on
Information Society Services and Electronic Commerce (LSSI, as it is known by its Spanish
acronym8 ).

Speci cally, the General Directive applies to SNS providers as they are considered the data
controllers9 . In eﬀect, they are the ones that provide the resources that make it possible to process
user data as well as all of the "basic" services linked to user management such as account
registration and deletion. ey are also the ones who decide how user data may be used for
advertising purposes including third-party advertising which, let’s not forget, constitutes the most
important source of revenue for an SNS10 . As individuals obliged to comply with the provisions
of the General Directive, SNS providers must respect a series of basic principles according to the
internal Member State rules to which they are subject and which, in practice, translates into the
following obligations:

• To register personal data les they are responsible for with the National Data
Protection Control Authority (the AEPD, in Spain).

• To inform users, when they provide their data, of the identity of the SNS provider, the
existence of a le and any data processing, the purpose or use of the data obtained, the
possible assignment of the data to third parties, and their rights to access, rectify,
oppose and cancel their data.

• To process the data in accordance with the data quality principle. What’s worth
emphasizing here is that the data must be a) processed fairly and lawfully; b) processed
in a manner that is compatible with the purposes for which they are collected and; c)

5 Directive 95/46/EC of the European Parliament and of the Council on the protection of individuals with regard to
the processing of personal data and on the free movement of such data.
6 Directive 2002/58/EC of the European Parliament and of the Council, concerning the processing of personal data
and the protection of privacy in the electronic communications sector, as ammended by Directive 2009/136/CE.
7 For the speci c regulations in each MS implementing these Directives, go to http://ec.europa.eu/justice/policies/
privacy/lawreport/index_en.htm
8 is Law implements Directive 2000/31/EC of the Parliament and of the Council, on certain legal aspects of
information society services, in particular electronic commerce, in the internal market (Directive on electronic
commerce).
9 In summary, understood as the natural or legal person that determines the purpose and the essential means of the
processing of data.
10Some social networks combine advertising revenue with revenue obtained through the sale of Premium services to
users. is is the case of the professional network LinkedIn.

4


adequate, relevant and not excessive in relation to the purposes for which they are
collected and for which they are further processed.

• To obtain informed and unambiguous consent from users to process their data or
have other legitimate grounds for processing it (for example, a formal law), which
would hardly be the case of SNSs which means consent is the fundamental basis for
any processing.

• To adopt the necessary security measures in order to guarantee the security and
con dentiality of the data stored in their information system, including noti cation of
security breaches according to e-Privacy Directive (thus, this noti cation only applies
to providers of publicly available electronic communications services).

• To guarantee the exercise of users' rights of access, recti cation, cancellation and
refusal.

Even though they were devised and formulated in the mid 90's, in my opinion these
principles continue to be valid for regulating data processing in a technologically evolved
environment with respect to the Web 1.0 where users were mere spectators of the websites they
visited. But some review is necessary to enhance data protection rights. As a good example, the e-
Privacy Directive adds other speci c obligations of great signi cance in an SNS environment
given that it regulates speci c cases for the use of cookies and other similar mechanisms that make
it possible to track clicks or how a person browses through a speci c website or on an SNS.

Article 5(3) of the former e-Privacy Directive which said (emphasis added): “the use of
electronic communications networks to store information or to gain access to information stored in the
terminal equipment of a subscriber or user is only allowed on condition that the subscriber or user
concerned is provided with clear and comprehensive information in accordance with Directive 95/46/
EC, inter alia, about the purposes of the processing, and is offered the right to refuse such processing by
the data controller”. is should be compared with the new wording of Article 5(3) of the e-
Privacy Directive as amended by Directive 2009/136/EC, which states that “(…) the storing of
information or the gaining of access to information already stored, in the terminal equipment of a
subscriber or user is only allowed on condition that the subscriber or user concerned has given his or her
consent(…)”

I follows from this change in the wording of Article 5(3), that the Members States should
have incorporated into their laws no later than May 201111 , requires users' prior and informed
consent to legally store information or gain access to information stored on their terminal
equipment. Under the scope of the former article 5.3, no consent requirement was established
meaning that the obligation of the data controller, an SNS for example, was limited to providing
clear and comprehensive information to the user about the purposes of the processing and
offering the right to refuse said processing. But the need of consent, now, is different from the
right to object. is means consent based on the lack of individuals’ action, for example, browser
settings, which would accept by default the targeting of the user through the use of cookies,
should not meet Article 5(3) requirements.

In my opinion, this regulatory modi cation requires a greater level of exigency from SNS

11 is is not the case of Spain which is not expected to comply with these obligations until the beginning of next
year.

5


owners that should translate to the need to obtain explicit consent (and therefore an “opt-in”)
from the users, giving them the opportunity to make a decision and to express it, for instance by
ticking a box in view of the purpose of the data processing.

Insofar as the SMS provider integrates other functionalities in the platform (for example,
a chat and e-mail or sms/mms service) susceptible to generating electronic communications
within it, Directive 2006/24 concerning data conservation will also apply12 .

Other parties responsible for data processing in an SNS include application suppliers
whenever they develop applications that work on the SNS and that users decide to use, providing
some personal data for this purpose to said supplier which then becomes a data controller. e
SNS provider should clearly inform users of the data they will provide to the supplier of the
application they wish to use so they may grant their informed consent.

3. REVISING DATA PROTECTION PRINCIPLES IN THE SCOPE OF SNSs.

Even though current EU data protection regulations can be considered valid for delimiting
the responsibilities of SNS providers doing business in the EU, there are situations speci cally
created within these virtual spaces which, in my opinion, require that the “classical” principles as
set out in Directive 95/46 be revised so as to more eﬀectively protect personal data subjects.

is reassessment arises not only because of the technological advances but also because of
the social changes the Web 2.0 has brought with it, which, in the case of SNSs, is re ected in the
ease with which social network users can voluntarily and conscientiously reveal their privacy and
that of their acquaintances. Somehow a sort of conceptual tension is produced between privacy
and SNSs that could create doubts about whether or not privacy actually exists in this new
environment where it is characteristic of users to disseminate information.

3.1. Requirements of consent provided by SNS users.

As a general rule, consent to data processing must be freely given, unambiguous, speci c
and informed13 . However, on most SNSs, consent could be mistakenly given from the start,
especially among the youngest of users due to the very design of the network and the use of
concepts such as “friends”, “community” and “my space14 ” which create a false notion of privacy.
In order to prevent these confusions in users, SNS providers should supply clear and precise
information on the scope of the possible publication of data on their platform15.

At other times, the consent does not ful ll the necessary criteria to be considered informed.

12 Directive 2006/24/CE of the European Parliament and of the Council of 15 March 2006, on the retention of data
generated or processed in connection with the provision of publicy available electronic communications services or
public communications networks and amending Directive 2002/58/CE.
13 An accurate analysis on the de nition of consent is in Opinion 15/2011 and also Opinion 5/2009 on online social
networking http://ec.europa.eu/justice/policies/privacy/workinggroup/wpdocs/2011_en.htm
14 e name of the social network My Space could lead per se to error on the real eﬀects of publishing information on
the platform, generating a sort of “illusion” regarding an assumed private and intimate environment which it is not.
15 ink about, for example, minors who have a reasonable expectation for privacy when sharing their information
on an SNS.

6


Supplying this information corresponds to the SNS providers and oftentimes they do so by means
of clauses you access via links such as "disclaimer" or "privacy policy" but this information is not
always written in simple and clear language which is a necessary requisite for social networks
essentially aimed at minors. Moreover, the way it is granted may be classi ed as weak when all
you have to do when registering is click on a button that says “Send Form”, “I Agree” or
something of the like when it would be more appropriate to set up a procedure where users have
to actively participate in such manner that they may declare their will in one way or another
through the SNS and with a warning of the consequences of their non-declaration. In short,
SNS providers should offer a privacy policy that is not too extensive, that is easily accessible, with
simple language that includes express information concerning the level of privacy applied by
default on the network and the options and steps to modify it at the user's choice.

Another of the most common problems that arise in SNSs lies in users publishing personal
information with a certain purpose - sharing the information with their "friends" or
"acquaintances"- but then the information may later be used for uncertain purposes (for example,
analyzing SNS user preferences obtained from their browsing or the publication of data in said
medium and offering them custom advertising). erefore, SNS owners must be required to
inform users of the purpose for which they will process personal data and speci cally indicate the
end purpose of the information provided. Again, SNS privacy policies need to comply with the
aforementioned information requirements so users have a real power to control their data and
grant informed consent in accordance with the essential content of their fundamental data
protection rights.

It can also be questioned whether tacit consent is an adequate way to grant consent on an
SNS. It is known that if the data processed are not specially protected or sensitive, current
regulations do not oppose tacit consent formulas for valid data processing. However, the problem
of admitting this type of consent on an SNS is there may be situations where a subject has
seemingly granted consent to appear in a video or photograph when in all reality they are
unaware how a net user is processing the image. For this reason, it does not seem adequate to
admit tacit consent and it would be advisable that it be explicit, thus requiring a future
modi cation of the regulations.

Last but not least, consent should be revocable at any time by SNS users. is attribute is
confronted with not just a few practical problems given that information published on the
Internet is very difficult, if not impossible, to control a posteriori, which does not make it easy to
effectively cancel personal data after consent is revoked by the data owner. is difficulty could be
overcome, in part, by applying a privacy policy that permits users to delete their data from the
SNS servers when they have deactivated their pro le or even when they have deleted certain
content from their pro le. Likewise, it would be recommendable for SNS providers to have a
“complaint center” so any affected party could request the cancellation of their image or other
personal information published by a SNS user without the consent of the claimant16.

3.2. Users can become data controllers.

Generally, users are considered to be interested parties with regards to the processing of
their data by SNSs and, therefore, they are fundamentally subjects of rights whereas the SNS
owners (and, where applicable, application suppliers) are the data controllers. But this equation is

16 National Data Protection Authorities can help facilitate the exercise of data subjects’ rights of cancellation and
refusal: For example, the AEPD protects the right to oppose the indexing of personal data in search engines.

7


not always constant.

At times, a user may also be considered a data controller of third party data they
disseminate on the social network when said processing is not covered by the household
exemption provided for in Directive 95/46 and which each Member State has incorporated into
their respective internal laws. is exemption, which was established in article 3.2 of the General
Directive, implies that the data protection regulation does not apply to the processing of personal
data by someone in the course of a purely personal or household activity.

e subsequent question that must be posed then is: In which cases could an SNS user be
considered the data controller of a third party’s data?

One possible criterion could be that which was established by the European Court of
Justice (ECJ) in the Lindqvist case 17 to determine the application of data protection regulations
to the publication of information on the Internet via a website. In this case, the ECJ declared that
the conduct consisting of referring to various people and identifying them by their name or other
means on a website constitutes data processing subject to Directive 95/4618 . It also stated that the
household exemption did not apply because this exemption is only related to activities which are
carried out in the course of private or family life of individuals, which is clearly not the case with
the processing of personal data consisting in publication on the Internet so that those data are
accessible to an inde nite number of people.

Under the Lindqvist standard, the private life exception would only apply when users
con gure their social network space so that it is only visible to a group of expressly authorized
friends.

is matter was speci cally analyzed by the Article 29 Working Party in its Opinion
5/2009 on online social networks19 . According to this advisory body, the household exemption
would not apply in various circumstances: a) when an individual acts on behalf of a group,
association or company; b) when an individual acquires contact data from third parties when
there is no direct relationship between them; and, c) when an individual "knowingly" maintains
its pro le public.

If the household exemption does not apply, a user will assume full responsibilities as a data
controller and, if they do not have consent or other legal grounds to lawfully process data, they
could be sanctioned with a ne or at least warned if this type of sanction is provided for in the
internal law.

ere is still no court sentence in Spain sanctioning a social network user for having
processed third party personal data without being covered by the household exemption. is is
likely because SNS providers implement internal claims management systems that make it

17 Judgment of the ECJ of 6 November 2003 (C-101/01).
18 Although the Web 2.0 did not exist when this sentence was passed, the criteria can be perfectly extended to the
new social network environment insofar as the characteristic behavior is publishing a text, photo or any other
material on the Internet. e only diﬀerence is that now it is much easier to publish information on the Internet
(just as on a social network) without needing to have the prior technical knowledge required to do so through a
website.
19 http://ec.europa.eu/justice/policies/privacy/news/docs/pr_25_06_09_en.pdf

8


possible to solve these types of problems. However, the AEPD has sanctioned people who have
published photographs or videos without the consent of the affected parties on other Internet
platforms that do not constitute social networks in a strict sense. e rst AEPD resolution
sanctioning a social network user for identity theft was also recently revealed20.

3.3. Minors.

SNS providers should pay special attention to how the personal data of minors are
processed. Although there are other legal instruments used to protect minors (civil and criminal
laws protecting the honor and image of individuals, among others), they are particularly
vulnerable in the scope of SNSs and therefore it needs to be considered whether the legal
guarantees currently applicable are sufficient or not in guaranteeing their data is adequately
protected.

Pursuant to Spanish law (Royal Decree 1720/2007), a data controller has three
responsibilities here: a) at the information on how their data is processed is expressed in
language that can be easily understood by them; b) at data is not collected that enables
obtaining information on the other members of the family group without the consent of the data
subjects; and c) at procedures are articulated guaranteeing effective age veri cation and the
authenticity of the consent granted by the parents or legal representatives if they are under 14.

e Spanish Data Protection Agency has demonstrated special concern for this group and
has issued recommendations for mothers and fathers and also SNS providers. anks to these
actions by the AEPD, Tuenti and Facebook revised the minimum age necessary to be a user of
said social networks in Spain, setting it at 14 years old. And in the case of Tuenti, it seems that an
age veri cation procedure has been implemented that amply exceeds the standard system of
asking users to declare they are over 14 by marking a box on the registration form. According to
Tuenti, this procedure has led to the elimination of thousand of pro les due to a lack of proof of
the minimum age requirement.

e European Commission has fostered and implemented a self-regulation system based
on 7 principles with a view to improve minor privacy and protection issues on SNSs without
having to, at least for the time being, pass legislation on this matter21 . ere are other initiatives
aimed at creating international protection standards related to the safe use of the Internet and
SNSs by children. In this regard, the Montevideo Memorandum and the Safer Internet program
approved in 2009 by the European Parliament stand out22 .

20 PS 137/2011, Resolution of 27 July 2011.
21 http://ec.europa.eu/information_society/activities/social_networking/eu_action/selfreg/index_en.htm
22 Memorándum sobre la protección
de datos personales y la vida privada en las redes sociales en Internet, en particular de niños, niñas y adolescentes
http://memorandumdemontevideo.ifai.org.mx . Safer Internet Program: http://ec.europa.eu/information_society/
activities/sip/index_en.htm

9


4.- LAW APPLICABLE TO SNSs.

Section 2 mentioned the fact that the SNSs operating in the EU are subject to a legal
framework comprised of two Directives (General and e-Privacy) and, possibly, a third on data
retention if the SNS provider offers electronic communication services. Determining the law
applicable to SNS personal data processing matters means applying article 4 of Directive 95/46
which opts for the criteria of establishment without the location of the data processing, the
nationality, legal address or residence of the subject whose data is processed being relevant. us,
the law of the Member State where the SNS owner is located shall apply. If it has various
establishments and processes personal data through the activities of each one of them, it shall be
governed by the law of the country where each establishment lies.

In all, we must not lose sight of the fact that the most important SNSs by volume of users
are established outside the EU and, speci cally, in the United States, and any con ict is submitted
to the laws of the State where their principal place of business is located. us is the case of, for
example, Facebook (Delaware), LinkedIn (California), Twitter and My Space (New York) which
together account for more than 1 billion users!. In principle, these companies escape from the
application of European data protection laws and as a result, from national control authorities
except in situations where they use instruments or means situated in EU territory. is is the
case, for example, when they use mechanisms such as cookies to actively collect data from user
computers situated in a Member State for the purpose of future processing, unless such means are
only used for purposes of transit (article 4.1.c of Directive 95/46).

5.- CONCLUSION

One of the greatest dangers of the SNSs is generated in the private life of users and not only
theirs but also other people who may or may not be affiliated with these platforms and whose
personal data, for whatever reasons, appear published on an SNS. It is essential that SNS owners
comply with currently existing data protection regulations but we must also be aware that the
technological changes and, as a consequence, social changes they bring with them demand a
revision of the principles and guarantees currently applicable. e Law is not always the most
ideal instrument for preventing violations in this area. is has been well understood by different
international bodies (including EU institutions) upon promoting global self-regulations systems
as well as awareness programs in order to achieve the responsible and safe use of the tools offered
by the Web 2.0. Without a doubt, each one of us must be called upon to use social networks
responsibly and conscientiously. Perhaps this is an important part of the solution to the problem.
In short, the questions posed vary whereas the answers are not de nitive. In matters of privacy,
“today is tomorrow” and therefore, considering that SNSs are here to stay as mentioned at the
beginning of this article, there is nothing more to do besides continuing to deepen the debate on
how to better protect our data in environments such as social networks which, by nature, afford
so little privacy.

10


Privacy on SNS II

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (18)

Andere mochten auch

Andere mochten auch (15)

Ähnlich wie Privacy on SNS II

Ähnlich wie Privacy on SNS II (20)

Mehr von marcgallardo

Mehr von marcgallardo (6)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Privacy on SNS II