Patterns — choose
Discouraging blanket strategies
Give users the possibility to define a privacy level from a range of options each time they share content.
Users are more willing to contribute valuable input when they can do so without leaking personal data, or perceive an equal or greater exchange in value either monetarily or socially.
Single Point of Contact
The Single Point of Contact is a security authority who protects the privacy and security of sensitive data stored online by validating the authority of requests and ensuring secure communication channels.
Selective access control
Allow users to specify who may access the content they generate, both during and after submission.
Give users some benefits in exchange for providing information or content.
Over time, build user preferences from a privacy-preserving default semi-automatically, through opt-in/opt-out, semantics, and informed solicitations.
By default, isolate users to a selection of social connections in a user-defined circle of trust. Allow them to expand this circle or create new ones based on the existing members.
[Support] Selective Disclosure
Many services (or products) require the collection of a fixed, often large, amount of personal data before users can use them. Many users, instead, want to freely choose what information they share. This pattern recommends that services Support Selective Disclosure, tailoring functionality to work with the level of data the user feels comfortable sharing.
Enable sharing and re-sharing without wide public visibility or cumbersome authenticated access control.