Quoting Dewald Pretorius <dpr...@gmail.com>:

Here's another issue that probably needs to be considered.

It applies mostly to DMs, because people will tend to use DMs for
sensitive information, and would expect a certain level of privacy.

Right now, an OAuth authorized site can query a user's DMs and do with
that info what it likes. It could present privacy issues, but at least
you have an audit trail of the DM request by the authorized site in
your logs/system.

You lose that audit trail with Site Streams. The DMs are
indiscriminately distributed out to all OAuth authorized sites that
subscribe to the user's stream.

It may not seem like a big deal, because it's status quo minus the
audit trail. Until you're hit with a multi-million dollar class-action
lawsuit for indiscriminately distributing potentially sensitive
information. Then it is a big deal. It's not only the lawsuit, it's a
privacy PR disaster as well.

Ayup - *Twitter* loses an audit trail - they can track sends / TCP acknowledgements but have no idea what the receiver is doing with the packets. The consuming site must maintain an audit trail, though, right?

Something like this happened at Facebook when they changed their developer TOS. Here's the wording they used:

?You must give users control over their data by posting a privacy policy that explains what data you collect, and how you will use, store, and/or transfer their data. You may cache data you receive from the Facebook API in order to improve your application?s user experience, but you should try to keep the data up to date. You will delete all data you receive from us concerning a user if the user asks you to do so, and will provide a mechanism for users to make such a request.?

I'm assuming Twitter will want to do something similar, and I'd think it would also include honoring the "delete" messages that come down the streams. That could be *very* interesting if the service was doing indexing. ;-)
M. Edward (Ed) Borasky
http://borasky-research.net http://twitter.com/znmeb

"A mathematician is a device for turning coffee into theorems." - Paul Erdos

Twitter developer documentation and resources: http://dev.twitter.com/doc
API updates via Twitter: http://twitter.com/twitterapi
Issues/Enhancements Tracker: http://code.google.com/p/twitter-api/issues/list
Change your membership to this group: 

Reply via email to