Activist Mirror (Facebook game) Privacy Statement

We realize that (1) people are concerned about Facebook privacy in general; and (2) there isn't much information about privacy made available to Facebook game users. So, here is what we know about privacy and the Activist Mirror game.

We do NOT access the player's profile, we access only the most basic information (such as name and user id). We cannot read any non public data and we cannot read the player's wall. The request for the basic information is the default request, so every app on Facebook at the least must request this, and there is no way to not ask it. That is the way Facebook does it and most interactions with Facebook at least require knowing who the player is.

We have access to a really limited amount of data: name, profile picture, gender, networks, user id, and list of friends. The only data we save are: answers to the questions, patterns shown to the player, the player's user id, the player's vote on the patterns (and the issue the player is analyzing) and whether the player's clicks on a pattern and goes on the pattern page on the Public Sphere Project site.

The answers we get help us understand what answers are being selected the most, this helps us fine-tune the game. The patterns shown also help us for tuning. The player user id is really the only info about the player we store, we use this only to understand if the player re-plays the game. The player's vote on the pattern help us know what patterns are more interesting to the player (also relating to the issue the player is analyzing).

The last data we save is to understand if, by looking at a card, the player is intrigued enough to click on it to see the description and if after reading the description he goes to the pattern page on PSP. This gives us important data on the patterns: how intriguing they are initially and how interesting they reveal themselves to be once the player reads their description.

The data regarding the patterns is obviously of no use to anyone but the developers and we believe it's impossible to extract relevant psychological information from the 8 questions and answers. We aren't planning on sending emails but if we decided this in the future it wouldn't affect users that play the game now (as we don't save this data) and we would need to follow the Facebook policy and the CAN-SPAM Act.

The data is stored in a database in a server hosted by the Civic Informatics Laboratory (LIC) at the University of Milan (Italy). On the issue of trusting this third party, we believe we can trust it as it's not a corporation that would gain anything from the data stored. Recently a group of hackers attempting to show how insecure the information systems were leaked passwords for many Italian universities,; the University of Milan wasn't in the list, so we can presume that the protections are pretty good — at least for now.

Sadly there is no standard approach to privacy that Facebook game developers use. In fact even Facebook's data collection policy is anything but clear! There are HUGE grey areas in their Automated Data Collection Terms, as well as some more disturbing (and declared) clauses, such as the fact that everything you post on Facebook (be it text, image and so on) is Facebook's property. Our opinion is that just being on Facebook is surely more risky that playing our game in terms of data collection.