Privacy Commons

The goal of Privacy Commons is to create privacy policy frameworks which are complete, informative, enforceable, and easy to adopt. When a privacy policy adopts a Privacy Commons (PC) framework, it means that they have made certain disclosures about how personal information is collected, used, stored, and kept secure.

Privacy Commons will have a set of core disclosure requirements which will be common to all frameworks, as illustrated below (we hope you like flower-looking Venn diagrams). In addition to the core disclosure requirements, individual industries with unique regulations, challenges, and practices will have additional disclosure requirements.  Use Case 1 to demonstrates this idea.  We have identified ten industries with unique privacy requirements for now, and these are listed below.  All disclosure requirements will be split up into Required Representations, Optional Representations, and Prohibited Representations.

• Goods and Services Activities
• Healthcare Activities
• Financial Activities
• Education Activities
• Social Networking Activities
• Network Provider Activities
• Non-Profit Activities
• Government Activities
• Non-Networked Activities
• Personal Activities

Privacy Commons (PC) seeks to do for privacy what Creative Commons (CC) has done for copyright.  One important difference, though, is that while CC works under intellectual property (IP) law, PC must operate under a combination of contract, tort, and IP law, and take advantage of market forces.