Background: This paper was written by Seiiti Arata Junior in December 2004 for a book coordinated by the law firm Barretto Ferreira, Kujawski, Brancher e Gonçalves – Sociedade de Advogados. The project for the book was later cancelled. The paper was then updated in February 2005 and subsequently submitted to publication together with other papers on intellectual property and, after a long process, was published by Editora Campus/Elsevier (2007) in the book “Propriedade Intelectual – Novos paradigmas internacionais, conflitos e desafios”.
In the meantime, an adaptation of this paper focusing on privacy, entitled “Novos desafios à privacidade: os círculos sociais e as redes sociais (social networks)” (“New challenges to privacy: social circles and social networks”), was published in Revista de Saúde, Ética e Justiça da USP 2003 (“Public health, Ethics and Justice Magazine of São Paulo University”) year 2003 (printing year 2004).
In 2004, Orkut was one of the rising social network services and the Brazilian market was competitive and uncertain. There were no records of lawsuits involving Orkut at that time. Accordingly, this paper presents a neutral approach towards social networks in general. Technological and legal regulation of online social networks
Seiiti Arata Junior
Introduction
Online social networks received a remarkable acceptance in the Brazilian market from the year 2004 on. This paper presents brief observations on the relationship between the technological structure and its terms of use, along with the legal effects, focusing on themes such as database protection, privacy, personality rights of the person’s image and consumer protection.
As opposed to previous methods of using digital communication media, social networks aggregate a critical mass of users in multiple dimensions in such a way that the potential for abuse is heightened.
To explore such premise, this paper is divided into two sections: (i) a multidisciplinary introduction exploring sociology, psychology and general theory of law, and (ii) application of legal institutions to the identified scenario. Part I is necessary to circumscribe the novelty aspects that would justify a specific study for online social networks, especially considering the lack of literature on the theme at the time that this paper was written.
It is not the intention of this paper to exhaust the rich discussions surrounding the theme. Rather, it aims to demonstrate the need to balance technology, values and law when offering or joining an online social network service.
As this is still an unexplored issue, this paper will use analogy to similar activities and will also refer to technical terms and expressions. To facilitate the reading of those already familiar with such technical terminology, the explanation of these terms will be made by footnotes.
Section I – Introduction to the social networks
The dramaturgic persona
The Latin word persona, composed of the prefix per (through) and the suffix sono (sound), was originally used as a reference to the mask used by actors in theater presentations. In Vocabulário Jurídico (“Legal Vocabulary”), De Placido e Silva observes the connection between persona and the expression dramatis personae, a reference to the representatives or dramatic characters, i.e. the actors themselves1.
This etymologic analysis shows a theatrical notion related to the idea of the human person, which is constantly explored in the arts and human sciences. With a historical evolution
1 The Romans made use of the word persona as a general meaning for human being, independently of his status as a natural person, a holder of rights, or his condition as a slave, an object of rights. approach to the concept of human person, Fábio Konder Comparato2 identifies stoicism as the first landmark in the theorization of the concept of the person, in which the theatrical persona (the role played by individuals in social relations) is separate from the individual essence of each human being (which is then called personality), so that the dramatic role each of us represents in life shall not be confused with the personal individuality.
The dramaturgic concept of persona is also addressed in The Presentation of Self in Everyday Life3 of the Canadian sociologist Ervin Goffman, who argues that when an individual is in the presence of others, these others try to obtain information about him and also bring to the discussion elements of information they may already have about him. The interaction is understood as a performance shaped according to the audience and social environment whose script will try to transmit information in coherence with the objectives of the actors. The performance is independent of the mental state of the individual so that the theatrical persona manifests regardless of a conscious desire to perform.
Briefly, the necessary information for the performance can be obtained in two ways: (i) expressly verbalized and intentional and (ii) contextualized, non-verbalized and non- intentional. The individual seeks control over the behavior of others regarding himself; this control is obtained by a shift in his own behavior aiming to transmit a specific impression that would make others act according to his plans and also to present an idealized version of himself which is more consistent with social norms, compared to his behavior when not in front of an audience. This use of the persona as a mask defines the stage of a play with infinite acts of false revelations and elusions until a certain consensus is reached.
Performances inevitably suffer the effect of audience segregation, so that specific performances are made for specific audiences, according to their expectations. Spontaneity in this process is a fundamental element to avoid transmission of an artificial impression in the behavior.
Living in truth: multiplicity of opinions
Goffman recognizes that there are many cultural differences in the manifestation of the self. His study identifies that members of an Anglo-American culture tend to have a secluded social lifestyle, interacting in determined environments, keeping strangers at a certain distance, giving actors a certain freedom to perform their show and, in general, sharing a serious concern and union about common civic dramas. Cultural studies such as the one made by Goffman were performed in different contexts and places; in Brazil the magisterial study of the Brazilian people made by Sérgio Buarque de Holanda, Raízes do Brasil (“Brazilian Roots”) deserves to be highlighted by presenting the concept of the “homem cordial” (“cordial man”), whose intimacy designates an indistinctness between the public and the private and everybody are friends everywhere4.
2 Comparato (2003), p. 16. 3 This work, though valuable, does not present a complete description of the interactive process. The nature of marginalized individuals, the importance of ritual and ceremonies in dramaturgy and in the construction of characters is improved in later works of Goffman, such as Stigma and Interaction Ritual. 4 The ideas of Sérgio Buarque de Holanda also contribute to the understanding of the great success of social software among Brazilians, such as photologs and social networks, whose statistics demonstrate that Brazil is
However, notwithstanding these behaviors generally shared in a specific collectivity, there is a multiplicity of opinions that individuals can take before the question of how to be spontaneous and genuine.
Addressing the issue of the difficulty of sharing opinions and even reaching mutual understanding when people’s lives are well defined and structured based on different experiences is clearly illustrated in The Unbearable Lightness of Being, among so many other masterpieces of literature. Milan Kundera dedicates the third part of his masterpiece to The misunderstood words between Sabina and Franz, elaborating a lexicon of opposite notions on different issues, among which publicity and privacy are thus considered:
“LIVING IN TRUTH
Is a formula Kafka used in his journal or in a letter. Franz does not remember very well. He is seduced by this formula. What is living in truth? A negative definition is easy: is not lying, not hiding, and not dissimulating anything. Since he met Sabine, he lives in lie. Talks to his wife about congresses in Amsterdam and conferences in Madrid that never happened, is afraid of walking the streets of Geneva with Sabine. He thinks lying and hiding is fun, just because he never did it before. He feels the pleasure of the first one in his classroom who, one day, decides to cut classes.
To Sabine, living in truth, not lying at oneself or at others, is only possible if one lives without a public. By having one single witness of our acts, we adapt ourselves in one way or another to the eyes of the observers, and nothing else we do is true anymore. Having a public, thinking in a public, is to live in lie. Sabine despises the literature in which the author reveals all his intimacy and also the one of his friends. He who loses his intimacy loses everything, thinks Sabine. And the one who consciously renounces to it is a monster. Because of that, Sabine does not suffer for having to hide her love. On the contrary, to her this is the only way to live ‘in truth’.
As for Franz, he is convinced that the source of all lies is in the separation of life in the private and public domain: we are one person privately and another person in public. To Franz, to live ‘in truth’ is to abolish the barrier between public and private. He mentioned with delight the phrase from André Breton who said he would like to live in ‘a glass house’ where nothing is secret and is open to all eyes”5.
a leader with an impressive number of subscribed users. The cultural examination also explains the lesser concern of the Brazilian legal system regarding issues such as privacy and freedom of expression, which are of greater importance in the United States of America. Regardless of the differences between the legal systems, this paper refers to the American doctrine and experience in the definition of the issues concerning privacy and proposed solutions, with the proper reservations of compared law. 5 Kundera (1999), p.133 Through his characters, Kundera explores one of his main concerns, the fight to defend the right to intimate life. For him there is a mystical wall between intimate and public life that cannot be crossed without punishment6.
Weakening the frontier between public and private
The division between public and private, however, becomes more and more fragile as new computing technologies and multimedia communication innovations are more ubiquitous, increasing connections between places and people who used to be isolated before, in a virtualization7 process. As a result, individuals can no longer trust their own senses in determining which environment they are in to use the persona as Goffman’s mask8. Additionally, individuals have lost a significant part of control on the notion of being observed, heard and even tape recorded. The physical space perceived around the individuals is no longer an indicator of the places and people who may be connected to him anymore. Thus, places that may look private can be public.
Hannah Arendt discusses in detail the origin and evolution of the concepts of “public” and “private”, indicating that modern individualism contributes to the enrichment of the private sphere which, initially, indicated that the individual was deprived from the most honorable capacities of man that were exerted in the business of the res publica. There is some information that shall be hidden and some that shall be exposed to the public to be able to acquire some form of existence. For her, the distinction is necessary because the intimate life is only possible away from the light of the public.
When the two spheres are clearly distinct, it is possible to behave according to expectations and social necessities. When the spheres are intertwined9, this becomes harder and there
6 In Testaments Betrayed: An Essay in Nine Parts, London, Faber, 1995, Kundera argues that only a hypocrite would affirm that, because such a wall would not exist, he lives the same life both in public and in the intimate life. Those who would do so would be monstrous and would abdicate the spontaneity in intimate life and act without responsibility in the public life. Kundera’s position is opposite to Kant, who considers that the evil is secret by definition and the moral is that which is apt to be seen, so that morality would be translated exactly in the coincidence between public and private. 7 Pierre Lévy in Qu’est-ce que le Virtuel? (“What is the Virtual?”) defines the virtualization process as a heterogenesis, another series of transformations, so that the “virtual” is not opposed to the “real”. The “virtual” is opposed to the “actual, current”: while the actualization is the solution of an unannounced problem, a production of new qualities, the virtualization is the opposite movement, an “elevation to potency” of the considered entity. 8 The theme of the construction of subjectivity is addressed by countless scholars who dedicated studies on this complex subject. Goffman is the one chosen in this paper as the most appropriate author to identify the problem of harmonization of relationships in social networks connecting different social circles. For further sources in other fields of subjectivity, one can refer to René Descartes, Jean-Jacques Rousseau, Michel Foucault, Gilles Deleuze, David Hume, Lev Vygotsky, Mikhail Bakhtin, Anthony Giddens, George Berkeley, among others. In São Paulo, the Casa do Saber (“House of Knowledge”) periodically holds interesting courses and lectures on the theme. 9 Or even when the public space is no longer geographically defined (such was the Athens Agora) and the debate agenda is defined by the media. Further considerations on the transformation of the public sphere are elucidated by Habermas in The Structural Transformation of the Public Sphere. Celso Lafer, in A Reconstrução dos Direitos Humanos: um diálogo com o pensamento de Hannah Arendt (“The Reconstruction of Human Rights: a dialogue with the thoughts of Hannah Arendt”) points out the growing interference in the private sphere by the public authorities and an increasing possibility of third parties to interfere in the realm of exists a tendency to a behavioral contraction and lesser social interaction, or an inconsequent behavior subject to errors that would not be made if the individuals were in a clearer environment.
Social circles
Parallel and complementary to the dual public/private vision, to understand social phenomena one can also make use of the identification of social circles, in which certain information about the individual can be more public than others. Each of the social circles generically shares a shaft of viewpoints of our displayed individuality. The multiplicity of social circles is thus described by Pontes de Miranda:
“The social fact is the relationship of adaptation (act, combination, formula) of the individual to social life, to one, two or more collectivities (social circles) that he is part of, or of these collectivities to the individuals among themselves. These circles, pre-historically and historically, were the couple, the clan, the phratry, the family, the tribe, the nation of tribes, etc. At the same time, they can be, according to the extension: the sexual couple, the friendship, the family, the social class, the political party, the neighborhood, the City, the State Member, the State, etc.”10
About the legal treatment of the multiplicity of social circles, the classic author points out that in times of social evolution it is necessary to make a reference to sociology, particularly to the law of the increasing expansion and integration of social circles.
Integrating the social circles: networks
Social networks are made by groups of people connected by distinct forms and levels of familiarity. They have been the object of numerous sociology and anthropology studies. Their mathematical study is made by graph theory, which represents objects by vertices and links that allow the attribution of quantitative values to the social networks and better interpret how individuals interact in complex situations, such as viral epidemics, terrorist organizations and potential contacts for professional success. Through reputation systems that can be made from social networks, a technical possibility to better spam filtering11 is also visualized. In spite of the utility of different practical applications aiming at market optimization and the reduction of transaction costs, its usage shall have in mind the risks of violations to the right to privacy, personality rights to the image and abuse in database manipulation, among others to be briefly discussed in this paper.
intimacy of people. It is important to note this is not a one-way road: the discussion and exposure of intimacy in the public domain trivializes gossip into commonplace and vulgarizes public discourse. 10 Pontes de Miranda (1947), p.37 11 Jennifer Golbeck, Reputation Network Analysis for Email Filtering, available at http://www.mindswap.org/papers/Email04.pdf Networks, when properly used, allow people to reach goals that were considered remote12 and optimize demand and supply relations. In this sense, it is very positive to the execution of the Declaration of Principles and the Plan of Action agreed in the World Summit on the Information Society13. Just like any technology, however, their users shall be sufficiently educated to use the tools in the best ways possible, avoiding situations that could imply economic and non-economic loss.
Social networks in cyberspace
Through the Internet, social networks acquired efficiency and made a wide range of applications possible because of the easiness of crossing databases. They became a big sensation as of 2003 with the popularity of certain websites14. Just like the first studies made about cyberspace frequently made reference to Neuromancer, written by science fiction author William Gibson, the initial comments made about social networks invariably referenced the expression “six degrees of separation”15, associated with the Small World Experiment of Stanley Milgram, which shows that social circles are very close to one another and with wide intersection areas. Accordingly, the role played by the persona shall increasingly adapt to more than one audience simultaneously.
Notwithstanding the success in getting a huge number of users using viral marketing16 and popular interface, connecting individuals to their different social circles, it is possible to argue that social networks are not innovations17 as, since the first days of network communication, different platforms were made available for social relations, be it through bulletin board services18, Usenet19, multi-user dungeons20, Internet relay chat21, WELL22,
12 Social movement networks, for example, enhance the power of public discourse and articulation “between local and global, between particulars and the universal, between the single and the diverse, in the interconnections of identities of actors with pluralism”, writes Ilse Scherer-Warren in Redes de Movimentos Sociais (“Social Movement Networks”). 13 www.itu.int/wsis 14 According to David Pezcovitz, The Technology of the Year: Social Network Applications. Business 2.0. San Francisco, v.4, nº10, p.113, Nov. 2003, among the most popular projects are SixDegrees.com, founded in 1997 and with activities finished in 2000. Later, Ryze, eCademy, Spoke Software and LinkedIn for professional networking, Friendster focused on romance, Visible Path focused on commerce, and Tribe.net and Orkut, beta versions, bringing together different simultaneous uses. In Brazil, some projects that can be mentioned are 1Grau, Beltrano, NetQI, LINK, besides the launch of Gazzag and Multiply. 15 A postulate that any individual would be connected to anyone else in the world by a small sequence (six intermediaries) of acquaintances, which can be explained by the existence of hubs, people with a wide network and bring different groups together. 16 A marketing strategy that seeks to use existing social networks to provide an exponential growth in the strengthening of brands and products. More details can be found in the article An Epidemic of “Viral Marketing” available at http://www.businessweek.com/bwdaily/dnflash/aug2000/nf20000830_601.htm 17 New York University professor Clay Shirky includes in his definition of social software all kinds of software allowing a collective communication, from the c.c. email field to vast virtual worlds such as EverQuest, which can be uncontrolled such as a chat room or directed at a specific task, such as a wiki. See: http://www.shirky.com/writings/group_politics.html 18 Computer system using software to allow users to connect via dial up and, using a terminal program, run functions such as software and data sharing, exchange messages, news and interact with users from the same BBS. BBSs were very popular especially from 1985 to 1995, and Mandic BBS was one of the pioneers in Brazil. home pages23, websites for professional recruiting services, dating or miscellaneous discussion, weblogs24, photologs25, wikis26… so that the new generation of social networking websites is not the herald of the social software concept.
Notwithstanding the questions that can be made about the novelty of this communication style, one fact is that online social networks conquered popularity from 2003 onwards. These are technologies crafted according to a series of values and with certain consequences, some predicted, some unexpected. This is the first principle of Technorealism27: technologies are not neutral. Each of these has different values, and shall pay attention to certain legal risks, particularly from the new social interaction formats described above. Each of the communication channels is a reflex of technology and is shaped to permit a social interaction and a presentation of the social and conscious self.
However, the medium through which individuals connect digitally is so distinct from the physical world that social behavior tends to be different: technology not only connects people, but also defines how they interact. “The medium is the message”. Therefore, it is necessary to analyze how each manifestation of the social network deals with the fragile intimacy dome. Each of these is ruled according to different values and goals. In this sense, Paul Heyman, in Distributed Social Network Protocol says that information made available in social networks varies according to the nature of the premise of the provided service. Heyman classifies some social networks, which implicitly postulate that friends of friends can become potential friends or romance mates, and some others that postulate that friends of friends tend to share higher mutual trust, facilitating professional insertion.
The choice in focusing on a specific social circle is a mere technological and strategic option of the business plan of the one who makes a social networking service available. There are projects that connect different social circles simultaneously. This can stimulate non-obvious contacts (for instance, work colleagues facing information traditionally
19 An Internet discussion system, where users can exchange electronic messages to certain newsgroups in a very similar way to the BBS. It is one of the oldest computer network communication systems still in massive use. 20 MUDs are computer games for multiple players in the role playing game format, where participants represent the role of characters among different scenarios, objects, other characters (which can be controlled by other players, by the system administrators, or automatically as defined in the system). Among the most traditional, the fantasy scenarios such as from J. R. R. Tolkien can be highlighted. 21 Instant communication form using the Internet, especially used for group communication in channel forum. 22 The “Whole Earth ‘Lectronic Link” is the oldest virtual community still online. According to Wikipedia statistics,
Code is law
Considering that technologies always imply a series of effects, both positive and negative28, it is fundamental to analyze which values drive a certain technology to examine the effects that it can cause by its adoption. Lawrence Lessig, in Code and Other Laws of Cyberspace, leads a strong school of thought similar to the Tridimensional Theory of Law from professor Miguel Reale, which postulates that “Law is a normative integration of facts according to values”29. The Code is Law theory from Lessig emphasizes the technological dimension (facts) that, because of its regulatory force, interacts with the legal forces.
Philip Agre30 understands that data registries cannot imply privacy problems if the technological base does not allow identification of users whose lives they represent. In case databases identify users by universal methods such as name or social security number, data can be easily propagated and crossed, and then used for secondary activities against the interests of the individual. Accordingly, Chaum presents the alternative approach to use digital pseudonyms. However, the collection of data in a truth-based social network31 is opposite to a system that uses pseudonyms to protect privacy.
The lack of a truth-based system technologically allows for false information to be added to the system. This is not new - since the rise of digital communication, men presented themselves as women, children claimed to be adults, in a highly insecure communication
28 About this effect, see the introduction of Technopoly: The Surrender of Culture to Technology by Neil Postman. 29 Reale recognizes that in the regulation process there are three forces: fact, social values and norms, while Lessig identifies a fourth force: market, which can be understood as a manifestation of the facts. Thus, the behavioral decisions take into account the influence of each of these forces, so that the conclusion will be to act or to refrain from a certain attitude. Besides acting directly upon individuals, these dimensions interact mutually one over the other. One example is the anti-smoking campaign, using the force of law to stamp strong pictures repressing the smoking habit on cigarette boxes, posing a social value force. Legal limits are also imposed on the levels of tobacco and nicotine to avoid a chemical addiction, a fact force. 30 Agre (1998), p.52 31 In this paper, the “truth-based social network” expression is used as a reference to the one which uses true personal data from its users to promote interaction according to affinity of interests and relations already existing in the physical world. These networks would seek, contractually and technologically, to avoid false or partial information to be fed into the system, as they cause noise and would harm optimal operations. Note that until the present moment (December 2004) there is no record of a commercial operation of a truth-based social network with certification of information made available, one of the reasons being the operational costs according to the current state of the art. One initiative, which deserves mention is the True network < http://www.true.com/default.htm > which requires a certificate of criminal records and states that legal charges will be presented before married participants. On the other hand, other models of social networking are specifically targeted to fictitious profiles, such as those dedicated to role playing games like the multi-user dungeon. Meanwhile, social network sites targeted to romance stimulate a combination: the heteronym is used for the initial contact (such as “LonelyGirlNY22”), which assures higher privacy and only in a second stage the homonym is revealed if users find it convenient. Note that the distinction between “true” and “false” is a controvert one, and the words are used in this paper in the vulgar interpretation, with no philosophical consideration. environment. Truth-based social networks are harmed by the lack of secure systems that cannot avoid false profiles to be created, representing characters from literary and cinematographic fiction, or even real people different to the one who created the profile, with legal consequences to be examined in Section II of this paper. False profiles allow for innovative applications32, but represent risks of infringement to intellectual property, slander, libel, insult and misrepresentation, among other legal infringements that would diminish trust in the system and, consequently, reduce its optimized performance.
It is important to perceive that part of the problems found in the interactions of truth-based social networks happens because of the different expectations that each of the users has of the system. This expectation is reduced in the case of social networks that use pseudonyms or are focused at specific narrow applications, such as interactive games, romance, job search… and thus avoid the clash of different social circles. To deal with multiple necessities and expectations of users in a truth-based social network, apart from ethical, legal and market forces, it is imperative to assemble a technological architecture of communication that gives more control to the users.
This technological control must study which effects are obtained according to the infrastructure and interface of the provided service. To illustrate this relationship, one can refer to the concern about the interface and discussion about the control of receipt of direct marketing email: according to the standard adopted when filling out forms, there is a greater tendency for users to accept or to reject the proposal of sending marketing emails. During discussions about the regulation (both self-regulation and also statutory regulation) there were defenders of the opt-in standard33. This alternative results in fewer acceptances than the opposite standard: presume the acceptance of the user, who would then have to act (by clicking a checkbox) to not receive the messages. Each alternative represents a different value according to the facility or difficulty of the manifestation of will of the user in controlling the receipt of messages.
Additionally, technology has a fundamental role in the virtualization process that makes perception of users more difficult in recognizing whether they are in a public of private space and determines how to moderate their exposure and privacy expectations: Victoria Bellotti, when analyzing communication architectures, points out two phenomena that influence the control of information flow and, thus, privacy management: disincorporation and dissociation34.
32 For example, some motion picture studios are experimenting marketing strategies creating profiles of the characters of their movies in social networks. See more info: Daniel Terdiman. Friendster’s Fakester Buddies. Wired News. Available at < http://www.wired.com/news/culture/0,1284,64156,00.html?tw=newsletter_topstories_html> 33 Considering that the cost of receipt and storage is borne by the receiver of emails (because of connection time and computing resources, for example), spam was considered as a direct marketing to be charged against the receiver. However, the advocates of direct marketing point out the legitimate practice, when the user actively chooses to receive the messages in the opt-in standard. 34 Victoria Bellotti, Design for Privacy in Multimedia Computing and Communications Environments, In: Agre & Rotemberg (1998), p.74 Disincorporation happens when communication resources do not allow the personal presentation to be as effective as a face to face interaction. The representation in a chat room35 can be limited only to words, smiley36 icons and an eventual static photo37of the avatar38. Disincorporation also means that the communicator can be unconscious about the quantity of information being publicly transmitted, due to lack of feedback in the communication architecture. Some social network systems allow the user to have an ex post control of who retrieved his information, using a log of all users who accessed his profile. Other systems, more zealous about the need for control, use an ex ante policy so that private information is only made available to other subscribed users with a previous and express consent of the individual. Other systems still reveal the information to any user, without keeping any registry log (or just recording the number of total users who accessed his profile) or select some information with more sensitive data to be accessed only by a selected group of people – by doing so, it is necessary that users classify contacts in different categories, according to the intimacy level or social circle they belong to, depending, therefore, of an approximated or refined labeling according to the chosen technology platform. One of the disincorporation effects is a higher tendency to peeping when the communication structure allows the observation of another’s behavior without being noticed.
Dissociation is identified when a remote person does not have any detectable presence. The results of the actions are shared but the actors themselves are invisible or the actions cannot be attributed to a specific actor. One cannot determine who is doing a certain action or who did what. Thus, by dissociation, remotely connected people and their respective actions are hard to detect or identify. The possibility of complete dissociation is relative when certain computer forensics and investigation techniques39 are used. However, for the majority of users, the choice between this or that technological standard is a considerable influence in the dissociation level.
Both disincorporation and dissociation can be reduced by the implementation of higher feedback on the personal information being captured and displayed by users of the social network. Users shall have access to technical tools to control their personal data. Bellotti points out some principles to be followed and best practices necessary to rescue the consciousness that can be lost in virtualization: we can no longer know what kind of information we are transmitting, what it look like, how permanent it is, to whom it is transmitted and what the limits of those who intend to use it might be.
35 Online forum where users can chat online. 36 A smiley or emoticon is a sequence of characters such as :-) or ^-^ or ;-) or a small image trying to represent a facial expression and thus facilitate the communication of feelings in a textual communication. 37 Regarding the importance of visual contact with the face in computer system mediated interactions, see Judith Donath, Mediated Faces, available at http://smg.media.mit.edu/papers/Donath/MediatedFaces/MediatedFaces.CT2001.pdf 38 In the hacker culture, and in virtual reality interfaces, the avatar is an icon or visual representation of the user. 39 Examination of equipment in data processing, such as servers and personal computers, to check illegal, unauthorized or uncommon use. Parallel to the decision about the technological base that will guide the limits of the factual world about what can or cannot be done in a social network, one must also reflect on the market, ethical and, especially, legal aspects when drawing up the terms of use of a social network.
To exemplify, let us use the famous acronym YOYOW, which used to represent one of the most fundamental values of the WELL: “You own your own words”40. By the use of a contractual mechanism, users accept legal liability41 and ethical responsibility for their written contributions and also for images and other files made available through the social network service. Users are responsible for respecting the rights of third parties, including intellectual property and privacy, and shall refrain from slandering other members… in short: shall behave accordingly, based on moral and legal standards. Another effect of the YOYOW policy is that all content published by the WELL remains a patrimonial right of their original authors, unless they expressly renounce to it. Thus, accepting responsibility for their own words, the interlocutors are impacted by higher liability related to the consequences thereof. Additionally, the user has the right to remove his contributions to the WELL at any time.
This contractual property ensured by the social network certainly does not oppose the freedom of expression and copyright limits so that it continues possible, within reasonable limits, to make the citation of published comments in a WELL forum regardless of previous express authorization from its original author42.
However, the opposite is not necessarily true: if, instead of a YOYOW policy, the contract of the social network retains exclusivity to all the rights over all manifestation of expression throughout its system, the general rule is that it would be legally impossible to use any material published in the system without a previous authorization from the legal representatives of the social network service provider, with certain exceptions.
Moreover43, this hypothetical policy would give the social network the legal capacity (which, in its turn, would legitimize the implementation of a mechanism to enable the technical capacity) of restoring any content published in the system, in a way that the collective work would be preserved. On the one hand, this alternative raises legitimate concerns about the moral right of withdrawal pursuant to Section 24, VI of the Brazilian Copyright Law, Law number 9,610, of February 19, 1998. If, on the other hand, there is no guarantee that contributions in discussion forums will be deleted by the users, it is possible
40 www.well.com/member_agreement.html 41 When the opportunity arises, this paper will discuss that limitation of civil liability by private agreements is relative before Brazilian law. 42 Whittle (1997), p.248 43 Countless other examples related to intellectual property rights can be mentioned, such as the conflicts that can arise between the social network terms of use and eventual agreements held between the employer and employee in which the production of the employee is transferred to the employer, limits to fair use, debates surrounding hate sites… The intention here is only to discuss some of the legal aspects of social networks to call attention to the importance of harmonization between legal and contractual norms with technology and social values to minimize the legal risks of the operation and use of a social network. to face a massive digital suicide44 to the point of making its reading impossible. One technological approach to the problem of content corruption is the self-help mechanism, which maintains a history log of everything that was once published, allowing restoration, just like a wiki software. In the case of forums and thematic discussion communities where a moderator exists, and the user has greater technological power to control the individual contributions of participants, it is possible to make an analogy with the collective work45.
Having recognized the technological and legal forces46, it is necessary to combine them in a harmonious manner to effectuate the values sought by the social network.
Section II – Legal treatment of online social networks
Social network content and database protection and civil liability
The social network structure is made available to the users, who feed the system basically in two ways: personal information added in the profiles and messages published in discussion forums. This information directly produced by the users, as well as the system’s statistics and metrics produced by the social network administrators, are one of its most valuable assets: a database that must be legally protected. It is thus necessary to make a distinction between the database and the administration system of the database47.
The rich data stored in the system can be captured by different techniques, exploring software breaches or human flaws, which are typically known as “social engineering”. Software attacks are wrongly and popularly called “hacker attacks”, such as spidering, a technique used by many search engines to collect data. On the other hand, to illustrate social engineering, we can imagine the malicious agent who leaves a floppy disk with the label “CONFIDENTIAL” or “payment roll” in the corridor of a corporation, in the hope that one curious employee may insert the floppy disk in his computer and execute hidden files to facilitate the invasion.
In the hope of obtaining contractual protection, many online social network services determine, in the terms of use, a contractual prohibition against spidering and other techniques. This measure alone is not legally sufficient or adequate, since the “terms of use” only contractually bind the provider and users, not third parties who do not have an account in the system. From a technological perspective, it is also not enough to protect the database owner and the individuals whose information constitute the database. Once the
44 Blair Newman, after years of online participation with WELL colleagues, decided to delete all his comments posted in the social network. His attitude sparked questions about the trauma generated by a mass erase, as an intellectual suicide that was followed by his physical suicide weeks later. The online suicide of Blair was enabled by a software provided by WELL technicians that started to be used intensely in certain forums where “so much was missing that it was impossible to follow the gist of the conversation” – Rheingold (1996). 45 http://www.tuliovianna.org/blog/index.php 46 Ethical and social values and the market forces pointed out by Lessig (1999) are not touched in this paper. 47 Silveira (2004) makes clear that the database administration system is the software used to carry out the storage, recovery and handling of data in a certain database. information is captured, there is no way back, due to its volatility and easiness of reproduction, especially when no digital rights management technology48 is used.
It is necessary to deal with the expectations of the users who, by putting information into the social network, do not wish this information to be captured or transmitted to third parties, outside of the social network49. As examined in Section I, information plays different roles according to the context and this change can be sufficient to legitimize legal demands.
The Brazilian Copyright Law, section 7, lists databases and other works that, in their selection, organization or arrangement of content, constitute an intellectual creation. However, this protection relates to the database as a whole and not to each individual information entry.
Section 87 of the Brazilian Copyright Law also provides that “The owner of the patrimonial right over a database will have the exclusive right, regarding the form of expression of said database structure, to authorize or prohibit: (i) its reproduction, totally or partially, by any means or process, (ii) its translation, adaptation, reorganization or any other modification, (iii) distribution of the original or copies of the databases or its communication to the public, (iv) the reproduction, distribution or communication to the public of the results of the outcomes of the operations mentioned in item II of this section”. Brazilian law50 thus provides good protection against abuse committed against database owners, when the requirements of creativity and originality51 are met. Entrepreneurs interested in creating innovative social networks can guarantee protection of their assets against competitors interested in making use of existing databases of their property.
Apart from problems involving databases as a whole, there are problems related to the stored data. Abuses of intellectual property rights may take place through the social network by the users. A typical violation of the patrimonial rights of the author would be the hypothetical case of the publication, in a discussion forum, of the whole content of a copyrighted book of poems, without authorization. If the poems are published without proper indication of authorship, we would be facing a violation of the moral rights of the author. In such situations, an analogy could be made to the known copyright violation cases of home pages where the provider, content host, is brought to the lawsuit52.
48 Also known as digital restrictions management, it is a generic term to describe methods allowing control of material by the producer. Generally the material is a copyrighted work and the control can be done over the technical possibility of its copy, modification, printing, among others. 49 About the possibility of third parties using data from social networks, see Danny Sullivan in “Google’s Orkut Personal Information Offered Outside Orkut” < http://searchenginewatch.com/sereport/article.php/3350791 > 50 For protection of rights in the North-American law, check Keunecke (2002). 51 Silveira (2004) points out studies in which, when protection proposals also for database without the originality requirement are considered, the costs to access the information would rise and access to information would become more expensive. 52 Concerning civil liability situations in communication services provided through the Internet, it is worth checking “Responsabilidade Civil dos Provedores de Serviços de Internet” (“Civil Liability of Internet Service Providers”) by Marcel Leonardi. In these cases where the social network provider can be exposed due to user activity, the use of terms of use is more effective. The licenses of publication and reproduction, among others, shall be obtained from all users. However, the terms of use do not eliminate the risks entirely, when the network user publishing content does not have legitimacy to give the authorization to the social network in the first place, rendering the supposed license held by the social network provider by the terms of use null and void.
Those who provide social network services shall therefore be wary of actions carried out through their networks. We currently notice a tendency to increase the liability of a service provider over the content of discussions, user profiles, and all sorts of information published directly or indirectly by hyperlinks to information hosted outside the social network system.
The operational organization of the provider must be carefully reviewed, from what is learned from Special Appeal number 566.468-RJ (2003/0132555-7), which considered the existence of “operational fragility” of a dating website service provider.
The court decision from the Fourth Panel of the Federal Court of Appeals to the Special Appeal proposes the liability of the provider because of the inexistence of efficient control tools of user subscriptions and eventual abuse such as impersonation.
This case confirmed the examination of the First Instance Court, which condemned Terra Networks do Brasil S/A for moral damages suffered by a psychologist woman who, without authorization, had her personal data subscribed into an account and publicized as a “person offering to participate in programs with an affective and sexual nature”.
According to the ruling, the plaintiff was a “victim of the operational fragility of the defendant, since, without contracting with the defendant, she had her data published on the webpage of services under her responsibility”.
The tendency of the provider’s responsibility in these cases of abuse has a significant impact on the service industry in the Internet53. To avoid liability, providers would have to reach very high system security and user certification levels, which are still distant from the mass market. This way, their activities would become impracticable or the legal and operational costs would be transmitted to the consumers, and would negatively impact consumption. On the other hand, court rulings like the aforesaid one stimulate the research and development of new safer technologies at more affordable prices.
In the application of liability theories, two schools of thought are being discussed. One understands that the services under discussion do not essentially involve more risk than any other activity. Therefore, the general rule of the obligation of indemnification for illegal
53 One of the legal provisions that has not received enough attention in the discussions on liability is Section 4, III of the Brazilian Consumer Protection Code, according to Marco Aurélio Brasil, in “A Responsabilidade Civil do Site que Publica Conteúdo de Terceiros” (“The Civil Liability of the Site that Publishes Content from Third Parties”), published in eDicas: O Direito na Sociedade da Informação, organized by Regina Ribeiro do Valle. acts is applicable pursuant to Sections 186 and 187 of the Brazilian Civil Code. The other possibility is to assume that risks abuse from the users and invasions by malicious agents are inherent to the services, so that the theory of the created risk has to be followed, making the proof of negligence unnecessary.
The first school of thought understands that the services provided by the Internet do not essentially imply a higher risk than any other communication service, such as telephone or mail. Risks are noticed occasionally depending on the implementation of the business plan of each provider, according to the administration and implementation of certification, security and data protection systems.
It is a recognized fact that the interactivity made possible by the Internet decentralizes a lot of the previous control that the provider would have in such media as radio or television. Therefore, the channels opened to interaction can be used abusively both by consumers, who will subscribe to the services and by third parties willing to invade the digital systems. Being a characteristic of this communication model, the provider would only be responsible if, after being aware of the existence of abuse in its systems, it fails to take any measure for repression and control.
The second school of thought understands that there is no alternative on the Internet that can be claimed totally safe against abuse54, and, therefore, the created risk theory is applied, with support on the defects of the service. It is necessary to detect a flaw involving the service for strict liability to be constituted Similarly to the hypothesis of the fact of the service regulated in Section 14 of the Brazilian Consumer Protection Code, strict liability based on the sole paragraph of Section 927 of the Brazilian Civil Code is manifested when the service is not provided with the expected security.
It is up to the judge to identify in the concrete case the level of danger and the legitimate expectancy. Expectations are legitimate according to the state of art and economic conditions of the time, as plausible, justifiable and real.
The application of the created risk theory shall be cautious, because it is broad and, as seen, able to comprise any service made available on the Internet, which would negatively impact national online operations on a large scale. Providers, in their turn, shall be attentive to the level of technological development of the market that will constitute the state of art. Therefore, they will be less vulnerable when confronted with legal claims founded on the strict liability theory, with basis on the expectancy of consumers according to the implementation of their systems and operational methods related to the current technological stage.
An analogy can be made with the case of online auctions in operation in Brazil, although the court positions are still very controversial: there are some rulings establishing that the websites work only as a classified ads newspaper, publishing relations to which there is no
54 Notwithstanding the existence of developments looking for stronger and safer standards for technologies, such as trusted computing, independently of the criticism that can be made on how these technologies are being developed by the IT industry. More details at < http://www.trustedcomputing.org/home > liability or relation to the service provider55 and, on the flipside, decisions that understand that as there is a commission to be paid when the deal is closed, the website acts as an intermediary and is thus subject to solidary liability pursuant to Section 7 of the Brazilian Consumer Protection Code56, Law number 8,078 of September 11, 1990.
The liability of websites in case of product transactions infringing third party rights would imply the necessity of a preliminary control for each single piece of information to be published in the system57. This would pose a burdensome obligation of preliminary monitoring before any content is published, to avoid solidary liability pursuant to Section 186 of the Brazilian Civil Code, Law number 10,406, of January 10, 2002.
Taking into account the lack of specific legislation on these issues and the controversial positioning of the examined court decisions thus far, a cautious approach is to implement technological and contractual mechanisms to protect the interests of the involved parties and reduce the risk of facing liability for misuse of the social network system.
A study made by the Brazilian Chamber of Electronic Commerce, on April 13, 200458 emphasized the risks of imputing liability to websites especially if they connive, consenting to wrongdoings and fraud situations and receive a commission for the intermediation. On the other hand, if they participate as a classified ads newspaper, with no relation with the advertisers, they will have more sound arguments to be free of liability, except in the cases of deliberate fraudulent action or negligence.
Some social networks have repression rules against undesired behavior, which can be subtle like ranking made by the community of users aiming at establishing a reputation system that affects the display of the personality of users, or at other methods such as eliminating subscribed profiles or their temporary suspension. Regardless of the possible analogy of this repression to a digital prison, by restricting the freedom of individuals inside the social network, one cannot make use of the analogy to obtain habeas corpus in these situations59. However, in case of harm or damages resulting from the impossibility to perform any act through the social network, the user may have a legitimate expectancy of indemnification.
Another question to be confronted by social network architects is how to proceed in case of death, in the physical world, of the user who has a profile in the social network. Should the status of deceased be indicated, among his personal information? If this is not done, it
55 See, for instance, Process number JEC05-1-0489/2003 of the 5º Juizado Cível de Aracajú (“5th Civil Court of Aracajú”) and Appeal 2003.700.006915-1 of the Primeira Turma Recursal do Conselho Regional dos Juizados Especiais Cíveis e Criminais da Comarca da Capital do Estado do Rio de Janeiro (“First Panel of Appeals of the Regional Counsel of Special Civil and Criminal Courts of the Capital of the State of Rio de Janeiro”). 56 Process number 2003.03.1.014088-5 of the Juizado Especial/DF (“Special Court / Federal District”). 57 http://www.terra.com.br/istoedinheiro/346/ecommerce/346_leilao_pirata.htm 58 http://www.camara-e.net/_upload/Ata_13_04_04.pdf 59 On this subject, refer to Omar Kaminski, Liberdade Virtual: Juiz indefere HC para garantir locomoção no ciberespaço (“Virtual Freedom: Judge negates habeas corpus to guarantee freedom of locomotion in cyberspace”),
In truth-based social networks, these questions are directly linked to the importance and risk to promote a certification of users. Security and privacy are closely linked since on the one side the system must be safe in order not to allow bad faith third parties to obtain access to the personal information, while, on the other, the information available in the database of a social network shall enjoy credibility. Otherwise, it would be possible to create fake profiles impersonating third parties, whether celebrities or not, with playful purposes or even promoting fraud60.
The problem that is presented is that as more measures are taken by the corporation to certify data (e.g. requesting proof of the residential address, credit card number, personal visit to a company kiosk providing the social network service, or other forms of confirmation), the greater the trust deposited in the system and, thus, the bigger the damage that can occur in case of identity theft. An interesting legal dilemma can be developed regarding liability: as more advanced recognition technologies are developed and made available, such as biometrics, for example, and more advanced forms of identity control are stimulated by the Federal Government, such as the e-CPF (CPF is a Brazilian identification document so the eCPF could be compared to a “electronic social security number”) project are discussed, it is possible to affirm that the state of the art progresses as a whole and allows the implementation of more secure certification methods. If this theory is accepted, one could argue the negligence of the social network provider by not implementing the available resources and techniques, similarly to the examined case involving Terra Networks. The case analysis shall be carefully done by the system developers and their legal counsel in order to recommend the social network provider to take steps aiming at the certification of users or to refrain completely from any intervention, based on the principle of presuming the good faith of the users. The business plan must choose the most balanced modality, of lower risks, a solution to be achieved by crafting contracts of terms of use and privacy policies, and also implementing the technological mechanisms to prevent and eliminate abuse61.
While, on the one hand, the providers have to be increasingly more alert to develop and adopt systems that will reduce fraud and increase the truth of information, on the other, both the legislator who will face the emerging problems and also the interpreter of the laws and principles will have to be aware of the negative impacts on the market. In case there is a legal obligation to implement disproportionally high technological levels, under the risk of condemnation for abuse committed through their systems, either the service will be made totally impracticable or the increased cost will be transferred to the customers, resulting in a
60 Hackers, obrigado (“Hackers, thank you”), post published in December 20, 2004 in the blog of dramaturgist Gerald Thomas
The balance of privacy and the prohibition of anonymity in Brazil
Although a difficult task, privacy needs a definition so that the Law can deal with identified violations. Etymologically, privacy means to deprive, to separate, a reference to the distancing from the public things. In practical terms, it is neither “the right to be left alone”63 nor “the right to an inviolable personality”64 but, in the appropriate definition of American lawyer Kent Walker, the capacity to avoid that third parties use, store and share information about the individual. Alan Westin defines privacy of information as “the right of individuals, groups or institutions to determine by themselves when, how and in which proportion a certain information is communicated to third parties”.
Control over private information is the control over the personality displayed to the world, so that the right to privacy is the freedom against unreasonable limitations in relation to the construction of his identity65.
Part of these unfair limitations happen when only one or another element regarding the individual is considered, creating a stereotype very distinct from the perception that would be made in case the individual had the opportunity to be consulted and provide complementary information for a more consistent and complete perception. One imaginary case can be the person responsible for recruiting a candidate, and, facing the information that the candidate likes fast cars, immediately associates him to the profile of a street racer stereotype and, without even trying to get further information, excludes him from the interviewing process.
This example does not constitute a direct violation of an unquestionable right and lies mainly in the field of subjectivity of the decision makers. However, as this practice is increasingly adopted by human resource professionals, credit analysts, insurance companies, club administrators and all those who, before taking a decision, consult data publicly available on the Internet, and, more specifically, inside a social network database, regarding a particular individual, the defenders of more rigid privacy standards believe to live in a society presenting bigger problems.
In these situations, it is necessary to distinguish information that was made publicly available directly by the individual or by a third party with or without the individual’s consent. It is necessary to emphasize that even the publicity of information on the Internet
62 Robert Metcalfe postulated, in the “Metcalfe Law”, that the value or power of a network increases in proportion to the square of the number of modules in the network. It can be said that the logic behind this concept is applicable not only in terms of network engineering, but also of utility in a social network. Telephone white pages, for example, only have utility when almost the entirety of fixed telephone lines is listed. 63 Expression made popular in the case Olmstead v. United States, 277 U.S. 438, 478 (1928). 64 Expression used by Louis Brandeis and Samuel Warren in The Right to Privacy, article published in the Harvard Law Review, in 1890. 65 Agre (1998), p.7 has different levels. Extremely public data are those published in any website with no access restriction and searchable66. A lesser publicity level is for pages that do not have content indexed by search engines but that contain access restrictions, as pages accessible by the creation of a free account in a system, like the majority of social networks. At another extreme there are pages only visible to restricted users by authentication mechanisms. In all these environments, if the individual himself provided information about his person, the probability of privacy violation is smaller than when a third party publishes the data. And, when the publication is made by the individual himself, the probability of privacy violation is smaller, since the public nature of the information is higher.
Thus, privacy can also be defined as the capacity to determine what the individual wants to reveal and how much he wants to be accessible67. Using this concept for the preparation of a norm ends up being a difficult task since, for this, it will need the concrete case, in which certain elements will be necessary such as the intimacy level shared by the individuals, the environment where the interactions happen, the expectations of each one, among others.
It is clear that privacy is not a unitary concept. Professor Daniel Solove68 proposes that privacy cannot be suitably defined by the isolation of a common denominator to all the myriad situations in which we may understand there is a violation of privacy. He suggests a bottom-up concept that focuses on certain related problems but that do not necessarily share a common element. There are many privacy problems that, although related, are significantly distinguished.
The perception of privacy in a specific legal system at a specific historical moment can serve as a basis to control the legal risks that social network systems are exposed to and also to control the possibilities of expression users enjoy with legal support. It must therefore be decided whether information is freely and spontaneously made available to everybody, independently of whether the observer is a subscribed user or not, or available only to certain users who share some intimacy in a specific social circle.
It is also necessary to take the decision of understanding privacy through an objective or subjective prism. As seen in Section I, there are many subjective concepts about intimacy, which is one of reasons for the great difficulty in the legal definition of a minimum acceptable standard. If there is only a violation of privacy from the moment another human being has access to sensitive information, such as religious beliefs, sexuality, a record of diseases, an artificial intelligence system that would receive such information and would be programmed not to disclose the information in any fashion, using the data only with the purposes of statistical reports, would not infringe privacy according to this definition.
66 A searchable webpage is one with no spidering restrictions to search engines such as Google, Yahoo, Alltheweb, Cadê among others that use robots to crawl data for the search engine. Note that a person who is responsible for a webpage who does not want his page to be indexed by a search engine can use a file called robots.txt for this purpose. More information at
There is no specific regulation about privacy, which is protected in general terms by the Brazilian Federal Constitution of 1988 (“CF88”) and legislation on the issue is sparse. Section 5, X of the CF88 states that “the intimacy, private life, honor and image of people are inviolable, and the right to indemnification for material and moral damages from its violation is assured”. Intimacy is, therefore, according to the constitutional wording, a different concept from private life, honor and image of people. As José Afonso da Silva explains, the terminology is not precise and so his Curso de Direito Constitucional Positivo (“Course on Positive Constitutional Law”) uses the expression “right to privacy” in a generic and wide sense.
Commenting on the same constitutional principle, Celso Ribeiro Bastos69 affirms to understand the individual capacity as keeping strangers at a distance from his private and family life, impeding access to information on the privacy of each one and avoiding the disclosure of certain information in this field of existential manifestation of the human being.
The protection of privacy is considered both a fundamental and personality right. These are rights of the same essence, but as Gilberto Haddad Jabur explains, the first one is a protection of the individual against the discretion of the government and the second belongs to private law, directing relations between individuals.
One architectural solution is proposed by Lawrence Lessig for the privacy problems based on two premises: 1) grant each user a proprietary right over his personal information; and 2) use transmission protocols such as Privacy Preferences Project (P3P)70, which allows the user to control access to websites depending on pre-established preferences of privacy so that, for instance, price discounts on merchandise could be negotiated in case the user would decide to disclose more private information.
The discussion surrounding P3P and Lessig’s solution needs some examination with respect to the possibility or renouncing privacy as a fundamental right. In case there is a prevalence of the understanding that privacy cannot be renounced, the negotiation suggested by Lessig would be null and the website would remain responsible should the user later feel that his privacy was violated in a performed transaction and file a lawsuit. The risks are even higher considering that these rights do not prescribe with time71.
69 Bastos (1989), p.63 70 P3P protocol was not massively adopted for many different reasons, such as lack of interest from consumers and lack of a marketing mechanism to give incentives for its implementation and use. However, it is still a technical alternative to take care of privacy on the Internet. 71 About issues related to the efficiency of the creative proposals from Lessig, it is interesting to read Schwartz (2004).
In 1980, the Organization for Economic Co-operation and Development – OECD established a framework for privacy protection72. With respect to the Principle of Individual Participation proposed by the OECD, which seeks to provide the individual with the right to obtain the confirmation if data about him are inserted into a database, in a satisfactory way, and also to request the correction of inaccurate information, it is important to examine the habeas data regulated by Section 5, LXXII of CF88 and Law number 9,507 of November 12, 1997.
Still in the field of the general principles concerning the legal treatment of privacy, it is worth mentioning the new provision of the Brazilian Civil Code, Section 21, which establishes that the private life of a natural person is inviolable, and the judge, at the request of the interested party, will adopt the necessary measures to stop acts contrary to this norm.
Therefore, there are many technical and legal resources for the protection of privacy. There is an interest from individuals to control information that comes to them, illustrated in the cases of telemarketing and spam. However, there is value in information shared in society which can be lost in case of total control73. The capitalist economy and the free society depend on the exchange of information, regardless of previous prior request, such as electoral campaigns, outdoor advertisements, public protest marches… which need to respect pre-established limits. A balance can be met from the initial moment when additional information can be received according to the interests of the individual.
The benefits of information exchange, such as the reduction of prices because of lower transaction costs in a more transparent market74 are examined by Kent Walker (2004), who identifies, among other issues, the increase of access to information and the convenience of customized care. As private information is made available the community sense is also strengthened, allowing the formation of affinity links by intermediation of communication systems without geographical location as a starting point or coercion75. Security is also improved because of greater trust in the information: serial identification numbers in hardware and software can be used to know where attacks to protected systems come from, and even track back virus creation, such as in the case of the Melissa virus76.
Anonymity, in situations like these, would destabilize social and legal responsibility that could be imposed on reprehensible acts. Anonymity can have an important role in the context of repressing political systems where freedom of expression could not be exerted in another way, under the risk of retaliation. But in normal situations, it is not a value to be defended, and anonymity is even repressed by CF88, section 5, IV.
72 http://www.oecd.org/document/18/0,2340,en_2649_34255_1815186_1_1_1_1,00.html 73 This excess of control is a phenomenon described as oversteer by Shapiro (1999). Basically, Shapiro alerts to the risks that exist in the absolute control of information, which reduces random events that are necessary for a common experience, a social glue, among citizens of a democracy. This theory is later developed by Sunstein (2001). 74 Macedo Jr. (1999), p.20 75 Lévy (1996), p. 20 76 Walker (2004), p.17 Commenting the prohibition to anonymity, Alexandre de Moraes considers it to be “wide ranging, covering all communication media (letters, news, publicity, Internet messages, radio and television broadcasts, for example). Therefore, injury and slander messages are prohibited. The constitutional goal is designed to avoid the manifestation of futile opinions and misconceptions which only have the desire to disrespect private life, intimacy, the honor of others; or, even more, with the intention of subversion of the rule of law, the democratic regime and social welfare”77.
The constitutional prohibition to anonymity seeks to impute responsibility to those who exercise freedom of thought avoiding the abuse that could happen in case impunity would be facilitated by occultation. The excesses must always be avoided: excessive preoccupation with privacy, expressed by rigid norms, may cause the loss of other values. Hasty legislation without proper consideration can cause the end of a series of legitimate and innovative entrepreneur activities and also hamper the free flow of information necessary to the promotion of individual, community and social goals.
As already mentioned, technologies have both positive and negative aspects. The posture of society before privacy issues changes as new technologies present benefits, such as the tape recording of streets. Higher exposure of people in public environments before invisible authorities contributes to an improvement in the provision of public services, especially regarding crime combat78. Besides the immediate weight to be carried in the implementation of these systems, we must proceed with an examination of the damages that can occur in case the system is violated by bad faith third parties or gets out of control.
Reflections on the legal nature of privacy are necessary for its protection. The identification of the moment of infringement is one of the points requiring more definition: when does it happen? At the moment of the unauthorized capture? When an unauthorized third party obtains access to the data? During the data processing? When the results of processed data are published? When actions based on the processed and published data are taken?
Similar questions were raised by the working group constituted by the World Intellectual Property Organization – WIPO to deal with database protection: in the absence of an express authorization from the copyright holder to insert the work into a database, would the use of his work be an infringement or would the infringement be characterized only in the exit? Antonio Chaves tells that the conclusion was that “the entry (including the fixation in the internal memory of a computer) should be considered a reproduction, as the exit does not necessarily imply a violation of the copyright and the necessary authorization shall be obtained in the entry”. An analogy could be made regarding the moment when a privacy violation happens – is it in the insertion of data into the system?
77 Moraes (2002), p.207 78 The newspaper report Olhos por toda parte (“Eyeballs everywhere”) published in Revista Veja (“Veja Magazine”), edition 1865, year 37, nº31, of August 04, 2004, describes the monitoring experience using cameras in the streets of London, New York, Washington, Paris, Berlin, Joinville, Recife, Suzano, Belo Horizonte and Curitiba. In Curitiba, it tells that “there were public manifestations from the population when the cameras were installed. But, with time, people became accustomed”. In this sense, one alert is made: an excessive dependence on statistics techniques and user profile mapping can label users to the point that their exposure to certain content is reduced as the database management will understand that such content is not of the interest of the user. This excessive labeling would reduce the freedom of citizens79.
Personality rights to the image
Section 5, X, of the CF88 also expressly protects the right to the image, which enjoys autonomy in the Brazilian legal system, existing independently of other personality rights. Its inalienability shall be understood relatively, since its partial alienability by the individual consenting to the exposition, reproduction and even commercialization of his image is possible.
The resources of social networks to share images amplify the application of this exception. This facilitates the expression of the personality and social interaction but also implies potential infringement to the rights of the photographer when his works are circulated without authorization80 and, mainly, violations to the image rights of the photographed people, who may not have consented to be photographed or, in another hypothesis, even though they consented to be shot in a specific circumstance (by friends, to be kept in a photo album with moderate exposition), may not consent with the exposition to a wide and indistinct audience such as the one with access to a social network. On this argument, Zulmar Antonio Facchin paraphrases the classic work of Adriano de Cupis:
“The consent to image use, whether tacit or explicit, free or paid, has limits. Professor De Cupis establishes hypotheses and limits for the use of images: a) someone agrees to be photographed to leave a memory to a certain person: the picture cannot go around the world, because the person who consented to be photographed did so for a specific purpose and not for other ends; b) if the person consents to publish his own image in one way, this image cannot be published in another fashion (e.g. consents to take a picture for a display window so the picture cannot be used to illustrate a post card); c) if the person consents to have his image used during a certain period of time, the publicity cannot last forever; d) if the person consents to publish the image before certain people, before others the right to image remains unaltered”.81
In addition to these hypotheses, those who promote collage and deformation of photos resulting in damage, even if exclusively moral, commit an illegal act, according to the provision of Section 186 of the Brazilian Civil Code.
79 The study made by Lada Adamic, Orkut Buyukkokten and Eytan Adar, A Social Network Caught in the Web, available at
Trademarks
A brief observation can be made regarding trademarks: in environments promoted by online social networks, the rights of trademark owners are not affected by the new technology. On the contrary: they are not only fully effective but also constitute an important tool for the protection of the brands of the institution or its products. The understanding that is being established by Brazilian case law82 indicates that the trademark owner has a legitimate interest in promoting its removal when there is no authorization.
Copyright
Leaving aside the copyright of the creator of the social network system, we shall explore the theme from another aspect: the copyright of the participants of social networks.
Since the times of the WELL the online life was a vibrant one. As examined by Tim Jordan83, the Whole Earth ‘Lectronic Link has timidly started as a BBS in San Francisco, a service that allowed brilliant people to connect, leave messages and interact. The WELL had grown and gradually brought a community together that felt and acted as a community, transforming itself in a paradigm for online communities. WELL organized conferences in many topics and the participants used their homonyms so that their personality was perceived according to the exchanged messages. The individuals did not need, as Jordan tells, to physically get together, although they did so sporadically, to create friendship ties.
One of the WELL stories told not only by Jordan and Rheingold, but by many other network observers, is the case of a user identified by the heteronym “Philcat” who shared with WELL colleagues the sorrow in finding that his son had leukemia. Philcat not only received compassion and messages but also technical information on treatment and diagnosis.
The interactivity made possible by the Internet gets strength in online social networks that allow public spaces for discussion. In the online social networks currently under operation, there are many communities dedicated to discussing politics, science, amenities, entertainment, leisure or even disseminate anger and racism. Copyright, however, does not examine the merit of the quality or relevance of the object, granting the author two groups of prerogatives: moral and patrimonial rights of the author.
Once more the specificities of the Brazilian law have to be observed by social network providers with business models structured in foreign markets. According to Section 27 of the Copyright Act, moral rights are non-renounceable and inalienable. Thus, the mere
82 See Process number 2004.061.008554-0, ruled by the 2ª Vara Civil de Teresópolis, RJ (“2nd Civil Court of Teresópolis, Rio de Janeiro State”). 83 Jordan (1996), p.56 translation of terms of use stating that there will be the transfer both of patrimonial and moral rights to the service provider is not enough.
Therefore, once more reinforcing the purpose of this paper, which is the technological and legal integration of social networks, it is important to check if the technological system allows, for example, for the right of withdrawal. After a message has been added to the system, is it possible to remove it from circulation?
Going back to the moral rights of the author, it is also noticed that the system must also guarantee the right of paternity of the work. Therefore, considering the analysis made in the part related to civil liability, we understand that a system that presents fragility and allows a third party to appropriate content prepared and published by a certain individual, taking for himself the credits of the creation, is subject to liability.
This is what happened at the end of 2004, when the user known as “Vinicius K-Max” usurped the moderation of about 26 of the largest Orkut communities, exploring software vulnerability in the Internet Explorer browser, intercepting cookies from the victims with the goal of obtaining access rights to their accounts.
According to Túlio Vianna, “Just like in a collective work where many authors write chapters of a book that is published with credits emphasizing the organizer, the Orkut communities have as co-authors all their members and the moderators as the organizers. These are responsible not only for deleting offensive content, repetitions and threats outside the theme of the community, but also for the selection of the co-authors of the work, which even in open communities can be excluded by the moderators, if they disturb other co- authors”84.
It is relevant to mention that the discussions on copyright and online social environments are very rich as they allow for the formation of communities organizing diverse collective works, such as in the Wikipedia example. Greater reflection is necessary with respect to the validity of contractual mechanisms for transferring rights in these cases and the effectuation of the moral rights of the author.
Consumer protection
Initially, the question is asked as to whether consumer law provisions would be applicable in the relations between social network service providers and the Brazilian users, which would imply a differentiated legal treatment, in general with more protection to the user than that contractually provided for in the clauses of the adhesion agreements the service providers intend to see applicable.
To illustrate some aspects of this differentiated treatment, it is interesting to mention such principles as the reversal of the burden of proof, which determines that the provider has to prove that the claims of the consumer are unreasonable. The obligation of precaution and safety also deserves mention, which points to the obligation of keeping a relatively safe
84 http://www.infoguerra.com.br/infonews/talk/1105654396,59747,.shtml system for the protection of sensitive data. Protections against abusive clauses are also guaranteed, such as the prohibition of liability limitation of the provider for any sort of product liability.
Even being a relation often involving a service provider located overseas, the service providers must take into account Section 1 of the Brazilian Consumer Protection Code, which determines that the consumer protection laws are of public order and national interest. The Brazilian legal system, through the Introductory Law to the Civil Code, determines the inefficacy of foreign law that offends national sovereignty, public order and good morals.
In addition, legal scholars understand that no law or ruling that somehow damages or restricts consumers’ rights shall be recognized in Brazil85. Therefore, even if the contractual terms (which are frequently made available only in the English language – which, on its own, raises controversies about its effective application) provide for the application of foreign laws, this provision may not be accepted and the foreign law may not be applied if, in the concrete case, it results in a lower protection than the one established in the Brazilian Consumer Protection Code.
Furthermore, considering that the services submitted to the consumer protection legislation must be provided “subject to remuneration”, pursuant to paragraph 2 of Section 3 of the Brazilian Consumer Protection Code, it is necessary to determine if, in the case of services offered without a subscription fee, there could be an exception to the application of consumer legislation.
Apparently, the gratuitousness of the services for the final user does not remove the consumer relationship nature. This understanding is clarified in cases where the consumer service is paid indirectly by third parties, such as in the case of public transportation used by old people. Even though there is no direct remuneration from old people, the service cost is transferred to other users. Similarly, there is a perceived remuneration when the consumer provides his data, which has an economic value to promote statistics, increased traffic implying higher visibility for advertisements, and other modalities, which are typical of Internet-related business plans. In Business @ the Speed of Thought, Bill Gates illustrates the concept of being the first to enter a new market using the examination of Bradesco, a renowned hi-tech Brazilian bank that has a complex database about its clients. “This client database is one of the most valuable assets of the bank”, according to Gates.
On this subject, Claudia Lima Marques affirms: “Through remuneration: The expression used in Section 3 of the Brazilian Consumer Protection Code to include all consumer
85 It is a fact that the place of service providers located outside of the Brazilian territory hinders the efficacy of the application of the rights provided for in national legislation. However, more and more regulatory techniques are being improved to provide more control, such as the American case in Pennsylvania, where the local laws provide that the [Chief Prosecutor] obtains a legal order against Internet access providers to certain websites directed to citizens of this State. More info in “Internet Points of Control”, by Jonathan Zittrain, available at < http://papers.ssrn.com/sol3/Delivery.cfm/SSRN_ID388860_code030319570.pdf?abstractid=388860&mirid=1 > services is ‘through remuneration’. (...) To me, it seems that the option for the expression ‘remuneration’ means an important opening to include consumer services remunerated indirectly, i.e., when it is not the individual consumer who pays, but collectivity instead (a facility included in the price of everybody) or when the consumer pays only the ‘free benefit’ he is receiving. The expression ‘remuneration’ allows for the inclusion of all contracts in which it is possible to identify, in the hidden meaning (hidden [consideration), an indirect remuneration of the consumer service. (...) Remuneration and gratuity: As the offer and marketing of ‘free’ consumer services are increasing in the Brazilian market (...), it is important to highlight that Section 3, paragraph 2 of the Brazilian Consumer Protection Code is related to the remuneration of services, and not to gratuity. ‘Remuneration’ (direct or indirect) implies direct income or indirect gain to the provider. ‘Gratuity’ means that the consumer does not ‘pay’, and thus, there is no minus in his patrimony. (...)”
Being a consumer relation, the principle of legal solidarity among originators of harm to consumers applies, so that, in case there is more than one originator of damages, all of them will be held solidarily responsible for the indemnification, pursuant to Section 7 of the Brazilian Consumer Protection Code. The Brazilian Civil Code, Section 942 has a similar provision. The consumer can, thus, request full indemnification from any responsible party without necessarily waiting for the discussion and final decision about the liability among the solidarily responsible parties.
Consumer legislation also brings specific rules about privacy, which is a current compelling issue. Section 43 determines that consumers will have access to private and purchase information about them stored in registers, sheets and cadastres, as well as information about the respective sources of the data. There are also provisions that cadastres must be objective, clear, true, and written clearly and shall not contain negative information about the consumer for more than five years. Also, the opening of new cadastres, sheets, records and personal and purchase information shall be informed in written format to consumers when they have not requested it.
Still according to Section 43 of the Brazilian Consumer Protection Code, every time the consumer finds his data and cadastres inaccurate, he will have the right to demand their immediate correction. The filing clerk shall, in five business days, communicate the alteration to other receivers of the inaccurate information. Cadastres and databases related to consumers, credit protection services and similar services are considered as vested of public nature. Therefore, it is possible to make use of habeas data to access data and to certify that data will be corrected.
Failure to observe these rules can be considered a crime against consumer relations, in addition to other sorts of economic and non-economic violations. In this sense, Sections 72 and 73 of the Brazilian Consumer Protection Code determine criminal infringements in consumer relations: those who impede or hinder the access of a consumer to information about him existing in databases and those who do not correct information about consumers in databases that they know or should know to be inaccurate are subject to confinement or penalty. It is fundamental that the technological structures allow social network administrators to promote searches and correct data easily and at a low cost.
For this reason, considering the applicability of consumer protection rules to relations involving online social network services, the issues related to data protection have to be taken into consideration.
In the case of damage alleged by the user for a system inefficiency, which does not allow for the proper correction of information about him, or related to the lack of a notifying mechanism to the network administrators about the abusive conduct of other users who may offend his honor and integrity, from the consumer rights point of view, there is no significant difference in the legal treatment applicable to other services, such as photologs, weblogs, and even homepages that contributed to the expansion of the Internet in the 1990s.
According to recent case law tendencies in the field of liability for the intermediation of consumer-to-consumer business, the service provider is not generally held liable for the intermediation. However, it is possible to mention an obligation of keeping, to a reasonable level, an efficient administration and control system to correct inaccurate data and suspend user accounts that promote infringement of the terms of use as these are reported to the system administrators.
As technology advances, it becomes an interesting idea to consider the feasibility of implementing systems to recognize and authenticate data of subscribed users, to avoid fake profiles (called “bogus” in Orkut and “fakesters” in Friendster) which frequently impersonate celebrities or create misleading profiles sometimes followed by insults, slander or lead third parties to error. This is one aspect that service providers have to take into account, as they can also end up involved in indemnification obligations or even criminal lawsuits.
Conclusions
Regarding the solidary liability resulting from user activity, a tendency can be observed to make an analogy using the experience with Internet service providers – ISPs which were discussed in the late 1990s regarding trademark and copyright infringement, image rights violation, injury… among others. There are, however, new conflicts brought by the social networks, especially issues related to privacy and information simultaneously distributed by different social circles.
Social networks present new forms of social interaction and a question on the legal, contractual and technological limits for its use. Because of the network nature, the more it is used, the greater the power it has to attract new users, influencing the cost and benefit analysis of being or not a subscribed user of a social network system.
Database protection is different from privacy protection. However, the legal regulation of privacy is difficult because of the existence of multiple concepts about public and private spaces, bringing together different cost and benefit interpretations of the users of the social network, which becomes a collaboration of the individuals for a higher exposure of their private lives into public. Freedom of choice is a value to be preserved; however, it is necessary to avoid commoditization of privacy in case this is understood as an inalienable constitutional right.
The law shall not impose conceptions about what is public and what is private. Rather, it shall offer tools for those who want to protect their intimate lives and provide means of reparation in case it is invaded. As tools that permit abuses of new proportions, social networks must be attentive and responsible in alerting their users to the risks involved and in providing technological and contractual mechanisms in an effort to secure the maximum protection and minimum chance of execution of abusive practices through their systems. The presented risks are considerable in the operation of social networks because of the subjectivity of the concept of privacy. To properly manage the risks of the project, the social network technology should allow the choice of making information access private to a specific group of people or to an indistinct group. Thus, it is essential to combine technology and law. For that purpose, terms of use and privacy policies are very important, and it should be highlighted that the Brazilian law does not accept private negotiations about matters of a public and mandatory nature, so a contractual limitation has to be taken into account.
The collaborative construction of the regulation of social networks includes users, systems developers and, especially, legislators who will define minimum legal limits to reach an adequate and healthy balance between the public and private.
Finally, there is the question related to the responsibility of those who offer online communication services in authenticating users, creating safe environments86. The legal discussion of this point has not reached a consensus so far. The current tendency of adopting repressing measures after the damage takes place can be substituted for a previous control that avoids its occurrence.
In fact, as the Latin aphorism states, where there is society, there is law. As social relations become more intense, the possibility of the occurrence of different acts will also increase, including violations to established rights. More and more the press reports incidents of new abuses, so that more studies shall be made on this rich theme.
86 Although this is not the most rigid form for the creation of a safe environment and the repression of anonymity, the use of subscription using the CPF (a Brazilian identification document) in the Link network (www.link.estado.com.br) is praised by journalists of the Brazilian newspaper O Estado de São Paulo as a method to fight abuse: “(…) there is no total anonymity in Link. Those who subscribe can even invent a name, but will be required to register their CPF. Internet old-timers protest against the requirement. They consider it is a privacy violation. But, on the other hand, this attacks the root of the problem of the possibility of blossoming racism and violence that can be hidden under the veil of anonymity”, says the excerpt of the news article Sem o véu do anonimato, Link é isento de racismo (“Without the anonymity veil, Link is free from racism”), published on February 14, 2005 in O Estado de São Paulo. BIBLIOGRAPHY
AGRE, Philip; ROTEMBERG, Marc (Org.). Tecnhology and Privacy: The New Landscape. London, The MIT Press, 1998.
ARATA Jr., Seiiti. O Processo de Regulação do Comércio Eletrônico na Internet: Critérios e Conseqüências. 2000. 76 p. Scientific Initiation report presented to the Fundação de Amparo à Pesquisa do Estado de São Paulo – FAPESP, Universidade de São Paulo, 2000.
______. O Equilíbrio do Poder na Regulação da Internet. Revista da Associação Brasileira da Propriedade Intelectual, São Paulo, nº 53, p. 03 – 17, Jul.-Ago. 2001.
______. Enhancing the Digital Democracy Architecture. In: 32nd ISC Symposium, 2002, Sankt Gallen.
______. Dimensões Jurídicas da Governança da Internet. 2003. Essay awarded 2nd prize, category Computer Law, in the 2nd ABDI Essay Contest. In: 17º Seminário Internacional da ABDI.
ARENDT, Hannah. A Condição Humana. 10th ed., Rio de Janeiro, Forense Universitária, 2004.
ARRUDA ALVIM et al. Código do Consumidor Comentado. 2nd ed. São Paulo, Editora Revista dos Tribunais, 1995.
BASTOS, Celso Ribeiro; MARTINS, Ives Gandra. Comentários à Constituição do Brasil: promulgada em 5 de outubro de 1988. São Paulo, Saraiva, 1989.
BITTAR, Carlos Alberto; BITTAR Filho, Carlos Alberto. Tutela dos direitos da personalidade e dos direitos autorais nas atividades empresariais. 1st ed., São Paulo, Editora Revista dos Tribunais, 1993.
BOYD, Danah. Faceted Id/Entity: Managing representation in a digital world. In:
CASA DO SABER. Que País É Este – Pensando o Brasil. Course held by Edgar de Decca. 2004, São Paulo.
______. A Construção da Subjetividade do Homem Moderno. Course held by Clóvis de Barros Filho. 2004, São Paulo.
CHAVES, Antônio. Direitos Autorais na Computação de Dados: software, circuitos integrados, videojogos, embalagem criativa, duração dos direitos conexos. 1st ed., São Paulo, LTr, 1996.
COELHO, Marcelo. A estrutura viscosa do Orkut. Folha de São Paulo. Available at:
COMPARATO, Fábio Konder. A Afirmação Histórica dos Direitos Humanos. 3rd ed. São Paulo, Saraiva, 2003.
CONSULTOR JURÍDICO. Legítima Defesa. Promotor alega que matou estudante para se defender. Available at < http://conjur.uol.com.br/textos/252284/> Accessed 12.02.2005
FACHIN, Zulmar Antonio. A Proteção Jurídica da Imagem. São Paulo, Celso Bastos Editor: Instituto Brasileiro de Direito Constitucional, 1999.
GUERRA, Sidney Cesar Silva. O Direito à Privacidade na Internet: uma discussão da esfera privada no mundo globalizado. Rio de Janeiro, América Jurídica, 2004.
HEYMANN, Paul. Distributed Social Network Protocol. Available at
JABUR, Gilberto Haddad. Liberdade de Pensamento e Direito à Vida Privada. 1st ed., São Paulo, RT, 2000.
JORDAN, Tim. Cyberpower: The Culture and Politics of Cyberspace and the Internet. 1st ed., London, Routledge, 1999.
KEUNECKE, Karla. Das Bases de Dados – Proteção Jurídica no Âmbito da Propriedade Intelectual. Revista da Associação Brasileira da Propriedade Intelectual, São Paulo, nº 57, p. 48 – 55, Mar.- Apr. 2002.
LEONARD, Andrew. You are who you know. Salon.com. Available at: < http://www.salon.com/tech/feature/2004/06/15/social_software_one/> Accessed 16.07.2004.
LEONARDI, Marcel. Responsabilidade Civil dos Provedores de Serviços de Internet. 1st. ed., São Paulo, Editora Juarez de Oliveira, 2005.
LESSIG, Lawrence. Code and Other Laws of Cyberspace. 1st ed., New York, Basic Books, 1999.
LIMBERGER, Têmis. As informações armazenadas pela instituição bancária e o direito à intimidade do cliente. Revista de Direito do Consumidor. São Paulo, nº 43, p. 273, Jul.– Sep. 2002.
MACEDO Jr., Ronaldo Porto. Privacidade, Mercado e Informação. Revista de Direito do Consumidor. São Paulo, nº31, p.13, Jul-Sep. 1999.
MESSA, Eric Eroi. Começa a era do software social. Available at:
MIESZKOWSKI, Katharine. Faking out Friendster. Salon.com. Available at: < http://www.salon.com/tech/feature/2003/08/14/fakesters/print.html> Acesso em 14.07.2004.
MORAES, Alexandre de. Constituição do Brasil interpretada e legislação constitucional. 2nd ed., São Paulo, Atlas, 2003.
POSTER, Mark. CyberDemocracy: Internet and the Public Sphere. Available at
POSTMAN, Neil. Technopoly – The Surrender of Culture to Technology. 1st ed., New York, Vintage, 2000.
REALE, Miguel. Fundamentos do Direito. 3rd ed., São Paulo, RT, 1998.
______. Teoria Tridimensional do Direito. 1st ed., São Paulo, Editora Saraiva, 1968.
RHEINGOLD, Howard. A Comunidade Virtual. 1st ed., Lisboa, Gradiva, 1996.
SHAPIRO, Andrew. The Control Revolution: How the Internet is Putting Individuals in Charge and Changing the World We Know. 1ª st., New York, Public Affairs, 1999.
SHIRKY, Clay. Social Software and the Politics of Groups. Available at
SILVA, José Afonso da. Curso de Direito Constitucional Positivo. 12nd ed., São Paulo, Malheiros Editores, 1996.
SILVEIRA, Clovis. Bancos de Dados Originais e Não-Originais. Revista da Associação Brasileira da Propriedade Intelectual, São Paulo, nº 69, p. 31 – 35, Mar.- Apr. 2004.
SOLOVE, Daniel J. Conceptualizing Privacy. Available at < http://law.shu.edu/faculty/fulltime_faculty/soloveda/concept_privacy.pdf> Accessed 24.07.2004.
SUNSTEIN, Cass. Republic.com. 1st ed., New Jersey, Princeton University Press, 2001.
SCHWARTZ, Paul M. Beyond Lessig’s Code for Internet Privacy: Cyberspace Filters, Privacy-Control, and Fair Information Practices. Available at: < http://www.paulschwartz.net/pdf/Schwartz_final.pdf> Accessed 24.07.2004.
TOGNOLLI, Claudio Julio. Domingo Legal – Promotora Processa Gugu por Danos Morais e Pede R$ 750 mil. Consultor Jurídico. Available at < http://conjur.uol.com.br/static/textos/246975,1.shtml> Accessed 24.07.2004
WALKER, Kent. Where Everybody Knows Your Name: A Pragmatic Look at the Costs of Privacy and the Benefits of Information Exchange. Stanford Technology Law Review. Available at:
WEBSTER, Frank (Org.). Theories of the Information Society. 1st ed. London, Routledge, 1995.
WHITTLE, David. Cyberspace: the Human Dimension. 1st ed., New York, W. H. Freeman and Company, 1997.