This wiki is no longer active and is left here for historical purposes. Please visit for up-to-date information.


Public Commons


As with Creative Commons, there is currently no standard way to express, from a data owner perspective, how you would like your data to be used on remote services once you've given access to it.


The idea is of the PublicCommons is let Consumers (remote services) know what they can and cannot do with protected resources (i.e. your data). If you specify that you support this extension, Consumers cannot do anything unless explicitly granted.


Simple examples:


  1. Any data retrieved with an OAuth Token must be protected and only exposed to the same User who authorized the Token. This will prevent sites like from showing my private tweets (my the private tweets of those I am following) to anyone else on the map. - Basically keep the same limits OAuth enforce.
  2. Use and discard. Flickr should be able to say, Consumers can grab Users' photos and do something useful with them but not store them locally. Usually the right to store the resources will be tied to the Token lifetime (which makes this very simple).


It might even be something as simple as saying "Don't share", "Don't store", etc.


Like any Privacy statement and TOS, this is just a declaration and does not actually stop anyone from obeying, but the same way Google respects your preferences in the robots file, the major players will resepect directives given in an OAuth extension.


Examples in the wild



Facebook | Add Pibb?


Types of data



Previous work