Many of us interact with technology on a daily basis. We use websites and mobile apps to digest dense streams of information and gain insight into our lives, our friends’ lives, and our community. Unfortunately, very little has been done to clarify the privacy policies we consent to when we use these services. That may be about to change, though, as new developments are underway to help distill privacy disclosures in a visually appealing, easily understandable way.
Before we take a look at these innovations in privacy notifications, it’s worth keeping in mind a simple privacy practice we can all incorporate into our lives. This practice empowers us to SEE clearly before we share information online.
SEE: Stop. Evaluate. Enter.
Stop
Focus your awareness on the choice you’re being asked to make about sharing your personal information. What is your emotional state at the moment? Are you multitasking, feeling anxious, stressed or numb, or are you feeling focused and grounded?
Evaluate
Assess the context and whether you have a basis for trusting how your information will be used. What information are you being asked to provide? How will it be shared and stored? Most often, you will need to read a privacy policy or review certain privacy settings before making a decision.
Enter
Make a conscious choice. If you feel comfortable with the service and how your information will be used and shared, enter your personal information.
Evaluation is the challenge
The evaluation step presents the challenge in our privacy practice. We know privacy policies contain important information, but we either don’t take the time to read privacy policies or if we do read them, we don’t fully understand their implications. Privacy policies are notoriously text-heavy, lengthy, and contain legalese that may not make sense to all consumers.
Where does that leave us? In a state of disinterest or utter confusion?
Privacy content isn’t meaningful if it can’t be understood. In an effort to develop innovative methods for improving privacy policy presentation, several companies are experimenting with design-focused notices rather than dense text. These approaches use icons and graphics to detail different categories of information to more effectively engage and communicate with consumers. Take a look, try them out and decide for yourself if these privacy notice formats are in fact more consumer friendly and actionable.
Disconnect and TRUSTe’s Privacy Icons Project
Disconnect, a developer of consumer privacy software, and TRUSTe, a data privacy management company, recently launched Privacy Icons, software which helps people understand privacy policies.
The TRUSTe Privacy Index found the average privacy policy was 2,464 words long and took a customer with university-level reading fluency 10 minutes to read.
Privacy Icons translates these often complicated privacy policies into terms ordinary people can understand. The icons reference how data is collected, shared, and protected by the websites users visit and the services they use.
For example:
Expected Use
Does this website’s privacy policy disclose whether data it collects about you is used in ways other than you would reasonably expect given the site’s service?
Red = Yes, without choice to opt-out. Or, undisclosed.
Yellow = Yes, with choice to opt-out.
Green = No.
Gray = Info unavailable.
The visual icons are meant to enhance transparency and user control. Users can customize the icons, see the icons in their online search results, and learn about the websites they visit and those sites’ data privacy practices.
The icons evolved from a Mozilla-led working group that included privacy organizations such as the Electronic Frontier Foundation, Center for Democracy and Technology, and W3C. Privacy Icons is powered by data from the TRUSTe Privacy Policy Database, which includes in-depth analysis of the privacy policies of thousands of websites around the world. The Privacy Icons software is available as desktop browser extensions for Chrome and Firefox, with versions for the other major desktop and mobile browsers soon to follow. Installation instructions and additional information about the Privacy Icons can be found at https://disconnect.me/icons.
Lookout’s Visual Privacy Policy Generator
In March 2014, Lookout, a cybersecurity provider, launched Private Parts, an open-sourced, customizable toolkit to help developers implement visual, user-friendly privacy policies. The tool is meant to “transform privacy policies into a clear, simple design that uses visual cues to allow users to understand how an app collects and shares their data.”
The company reformatted its own privacy policy and then opened up the approach to other developers. They created a responsive visualization framework for privacy policies, and made the tool available to developers on GitHub.
The tool kit provides instructions for lawyers and developers, and claims you can create your privacy policy in under an hour following their five steps. With an eye on enhancing the transparency and clarity of privacy policies, Private Parts aims to disclose the categories of information collected and not collected, the categories of information shared and not shared, and provide definitions of information categories. The generated policy includes an icon for each category of information that is collected, the reason for their collection, the entities with whom such information may be shared, and the reason for sharing. The privacy policy tool can work on any device, website or mobile app, and is customizable.
These projects are all moves in the right direction towards enhancing transparency and consumer choice. Responsible companies should embrace shining a light on their privacy practices and be mindful of how their policies are drafted and presented to consumers.
Until every privacy policy is a welcoming, well-lit room, remember how to SEE your choices a little more clearly. Be aware of how you share your personal information online.