Phil Windley at Technometria has an interesting post up about an alternative way of looking at privacy permissions – essentially, a user-driven system of classifying how a third party is permitted to use your identity information. Gist:

IRA’s should come in a limited set of configurations, like CC. This makes it easy for people to choose and become familiar with what they mean. So, they might be:

Post publicly (broadcast)

Share with anyone, but can’t broadcast

Share with self and partners with which you have a legal agreement to honor this agreement

Keep to self

Stored encrypted

Use for this purpose and destroy

These are just suggestions. There might be more and they certainly need better names and descriptions.