Dynamic innovation and privacy concerns are bound at the hip when it comes to the Internet. For every new wave of ingenuity, there are worries about the safety of user data. Now, the privacy debate has evolved from concern over the transparency of individual site privacy policies into discussion over how much access third party applications should have to private user information.

Back in 2007, Facebook launched its Beacon program and was blasted for violating user trust, using an obtuse privacy policy, and not directly disclosing what would happen to user data. The outrage forced social media companies to adjust to public demand and make their privacy policies more transparent. Now, it is far easier for users to tell what a site is doing with their data.  But the fundamental privacy issue remains unsolved because the problem has evolved: now the most serious concern for users is whether their data is vulnerable to outside, third party applications.

Third party applications now represent the greatest threat to the safety of user data. Path, a social media startup, was recently caught scraping user address books. The scraping helped Path find the users’ friends and connections to build the network but was not directly disclosed and a serious violation of user privacy.

Google ran into even more serious trouble for bypassing iPhone privacy protection to access sensitive user data. And both Google and Facebook routinely bypassed the Internet Explorer 9 privacy settings through a glitch in the web browser. The bottom line is it’s no-longer just about the site or platform you are using, it’s about all the other companies and applications that have access to those platforms and the data you have stored on them.

So, how can the new privacy problems be effectively addressed? There are a group of potential solutions, mostly a mix of self-initiative by companies, new government protections, and user awareness.

Both major websites and respectable third party applications will need to change their policies and ask the user for direct permission. This is already happening: Path has changed its policies while Google and Facebook will start respecting iPhone and Internet Explorer safeguards.  Platform operators will also need to update their technology to give users more control and educate the consumer so that they can make intelligent decisions when allowing different parties to access the various capabilities of their computer or mobile device.

New government protections may also be on the way. California’s attorney general is pushing for new application privacy settings on mobile devices, which could be a trendsetter for the rest of the United States. If the Federal government gets directly involved, there could be new laws either preventing third party access to certain parts of mobile devices or forcing companies to directly solicit user approval every time.

Most important, users will need to educate themselves and pay closer attention. As more and more individuals embrace advanced technology like the iPhone, they should try and learn what their device is capable of and how to control it. For example, understanding that third party applications can access their location, address book, notes, and other apps with consent will help users decide which services are worth the risk and which ones they would just prefer to do without.
So, change is coming. Ultimately, company self-initiative, government action, and user knowledge will help keep data safer in the future then it is right now.  But, once that happens, what will be the next evolution of battle between dynamic innovation and web privacy?