On Fri, 2009-06-05 at 10:53 -0400, Matt Lee wrote: > The user should have at least the following privacy options, and their > defaults... > > * Make my listening data public by daily dumps -- off > * Allow a non-user to see more than my last 50 songs -- off > * Allow a non-friend to see more than my last 50 songs -- off > * Allow my profile to be seen by non-friends -- off > * Allow my profile to be indexed -- off > * Allow my listening data to be included in an anonymous dump -- off > > Do these seem reasonable? This errs on the side of giving the user the > most protection. Everything would be opt-in.
I think that depends on the nature of the site. For public (like libre.fm) instances, people would presumably join since they actually do want to share some information about themselves and their listening habits in order to find more good music to listen to. In these cases most of the above should be on by default. Having them off by default would be like when a badly designed desktop application asks you to confirm the thing you asked it to do — "Did you really mean to click "OK"? [OK] [Cancel]". For private instances, defaulting everything to off is probably valid, you'd maybe just use a public installation otherwise. So it seems that having the source code default to creating new accounts with maximum privacy might be a good thing, but being able to configure it so that public installations create accounts that share more information by default would also be good. Of course, there needs to be some decent UI to allow the user to tweak their personal settings, too. /Mike -- ⎊ Michael Gratton. "Mea navis aëricumbens anguillis abundat." ⎈ <http://web.vee.net/>
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Libre-fm mailing list [email protected] http://lists.autonomo.us/mailman/listinfo/libre-fm
