Data policies for online services

The invention claimed is: 1. A computer-readable medium having executable instructions to control use of data that is maintained on or by a service, the executable instructions, when executed by a computer, causing the computer to perform acts comprising: presenting a user interface to a user, the user interface comprising an entity with whom data is to be shared, a plurality of categories of data and a plurality of purposes for which the user may grant the entity permission to access the data; receiving, from the user, an indication of usage restrictions on data that the service maintains for the user, the indication comprising a selection for each combination of a category and a purpose, whether the entity with whom data is to be shared is permitted to use data falling into the category for the purpose; applying the usage restrictions to data that the service maintains for the user; and enforcing the usage restrictions. 2. The computer-readable medium of claim 1 , said entity being said service. 3. The computer-readable medium of claim 1 , data subject to said usage restrictions being maintained at a site operated by an operator of said service. 4. The computer-readable medium of claim 1 , data subject to said usage restrictions comprising a cookie that is maintained on said user's computer. 5. The computer-readable medium of claim 1 , the data categories comprising contact information for the user, demographic information for the user, or activity with the service for the user. 6. The computer-readable medium of claim 1 , one of the data categories comprising a photo album or other collection of data items defined by the user. 7. The computer-readable medium of claim 1 , the interface further comprising a count indicating a number of friends that trust the entity and the user interface providing a hover behavior in which hovering a pointing device over the count causes the interface to show the user which of the user's friends or contacts trust the entity. 8. The computer-readable medium of claim 7 , information on said user's friends' or contacts' trust of said entity being limited by restrictions that said friends or said contacts have place on use of trust data. 9. The computer-readable medium of claim 1 , said enforcing of said usage restrictions comprising: receiving a request to use data that said service maintains for said user; and granting or denying said request based on whether said request complies with said usage restrictions. 10. A method of allowing a user to control use of data on an online service, the method comprising: using a processor to perform acts comprising: presenting a first user interface to a user, the first user interface comprising at least: an identify of at least one entity which may be granted access to the user's data; a plurality of data categories and a plurality of purposes for which the user's data can be used; and a selection mechanism for each category and purpose combination, the selection of which indicates that the at least one entity may access the data category for the corresponding purpose; receiving, from the user, selections for each combination, the selections together comprising usage restrictions; applying, to the data, the usage restrictions; and enforcing the usage restrictions. 11. The method of claim 10 , the data categories comprising contact information for the user, demographic information for the user, or activity with the service for the user. 12. The method of claim 10 , one of the data categories comprising a photo album or other collection of data items defined by the user. 13. The method of claim 10 , wherein the user interface further comprises information on how many of said user's friends' or contacts' trust the at least one entity. 14. The method of claim 10 , said enforcing of said usage restrictions comprising: receiving a request to use data that said online service maintains for said user; and granting or denying said request based on whether said request complies with said usage restrictions. 15. The method of claim 10 , further comprising storing in memory a data structure that comprises: a plurality of entities comprising the at least one entity; the plurality of data categories; and the plurality of purposes, each intersection of an entity, a data category and a purpose representing an opportunity for the user to indicate whether access to the data category can be granted to the entity for the purpose. 16. The method of claim 15 , further comprising: selecting a user interface from among the first user interface and a second user interface, the second user interface comprising: the second user interface of the two different user interfaces comprising: a plurality of entities and the plurality of data categories; a selection mechanism for each entity and data category combination, the selection of which indicates that data corresponding to the data category can be shared with the corresponding entity; and presenting the selected interface to the user. 17. A system that allows a user to control use of data on a service, the system comprising: a memory; a processor; a display; and a component that is stored in said memory, that executes on said processor, and that displays, on said display, a user interface that shows categories of data and purposes for which data can be used, said user interface allowing a user of said service provide an indication, for an entity, which categories of data that said service maintains for said user can be used by said entity and which purposes data in each category can be used, said component applying said indication to said data that said service maintains for said user, said component enforcing, based on said indication, restrictions on how said entity can use said data that said service maintains for said user, said user interface indicating, for said entity, how many friends or contacts of said user trust said entity. 18. The system of claim 17 , information on said user's friends' or contacts' trust of said entity being limited by restrictions that said friends or said contacts have place on use of trust data. 19. The system of claim 17 , said categories comprising said user's contact information, said user's demographic information, or said user's activity with the service. 20. The system of claim 17 , one of said categories comprising a photo album or other collection of data items defined by said user.