Can users control their data in social software? an ethical analysis of control systems

Abstract

The concept of data access and data flow control has a central role in the preservation of users¿ privacy in social software. Various frameworks employ access control and accountability approaches to enable users to control who can access their data, and identify who is accountable for misconduct. The technical and legal frameworks realise these two approaches differently. This paper presents the realisations of these approaches in the two frameworks. It discusses the level of control each approach offers, and the entailed privacy and ethical issues. It demonstrates how the two approaches are at variance in the level of control offered and the privacy aspects protected, and how the issue becomes more complex when comparing the realisations of these approaches in the technical and legal frameworks. Such complexities raise an open issue of what the appropriate balance is when employing the various realisations in one system at once.