3

For instance:

  • Object ids (e.g. users ids)
  • emails
  • Addresses, are part of them
  • Photos
  • Videos
  • Usage
  • Reviews
  • Number of associations
  • etc.

The user can be:

  • The user owning the data
  • Another user
  • An anonymous user

The application is:

  • A community of users separated in groups that can interact with the users of the other groups

Does anybody have a general pattern/rule to identity what should be published and what should not?

Dorian
  • 133
  • 5
  • 3
    This question seems a bit broad. Without more information, the best we can say here is that only information that is required to be public should be public, all other information should be private. Can you limit your question to only certain kinds of information, and only certain kinds of applications? (the topic of ids, emails, and usernames have also been covered before here, but in more specific applications) – tim Mar 22 '17 at 20:45
  • @tim I didn't find questions about ids, emails and usernames for instance, and I didn't want to create lots of questions for every kind of data, that's why I created only one generic question – Dorian Mar 22 '17 at 20:49
  • 1
    [usernames](https://security.stackexchange.com/questions/4729), [ids](https://security.stackexchange.com/questions/56357/). I couldn't find one about emails, but it's common sense because of spam and privacy issues. This is also the problems with such a broad question. Just regarding emails, it really depends on whose email it is, why it may be needed to be public, to whom it would actually be shown, etc. Your edit helped a bit, but really, books could be written about this topic. I'm not voting to close (because you ask "how to decide", not "should it be public"), but others may. – tim Mar 22 '17 at 21:00
  • I thought there was some kind of pattern like "if it is unique to an user and used as an unique outside then it should only be shown to the user who owns that data" but yeah I can't find a general pattern right now – Dorian Mar 22 '17 at 21:05

1 Answers1

1

Like commented by @tim this is a very broad question. I think it boils down to two things:

  1. Look at the privacy laws in your region (GDPR in Europe for example). These are legally binding and should always be adhered to especially when talking about personal data (like combination name, birthdate, address). These laws normally (and should) contain the want for a privacy statement that explains what data is stored and how the data is used/shared. These laws always include what I will say in part 2.
  2. Principle of least privilege (or how you would say that for data) should apply. Everything you show publicly (and everything that you store!) you should ask yourself: "Do I need to show it for correct use of my application?"

So actually read the law (or articles that summarize it) and try to limit what you show and do not hide behind the: "they gave the data voluntarily so it is mine now to do with whatever I want!".

Further, your explanation of the application is a bit vague so I am not sure what it should do. But let's answer the more detailed questions:

  • After adhering to point 1 and 2 all data that you need and a user has provided you can be shown to the user that owns that data.
  • If you want to share videos/photos or other personal media you can but be sure to have a clear privacy statement that explains the who and how of data sharing.
  • I would say never share anything with anonymous users. Unless it is the whole idea of the application then again clearly state it in your privacy statement.
  • Never share: addresses or phone numbers, and I would say do not store them unless absolutely necessary.
  • E-mail addresses: make those opt-in to share. So a button that someone can choose to share this (default is OFF)

I hope this helps you google around for templates and how other sites have implemented their privacy (-by-desing), here are some links:

GDPR wikipedia

Privacy policy/statement template

Wealot
  • 879
  • 2
  • 12
  • 25