SoylentNews is people
SoylentNews
from the don't-make-them-100-pages-long dept.
The key to turning privacy notices into something useful for consumers is to rethink their purpose. A company's policy might show compliance with the regulations the firm is bound to follow, but remains impenetrable to a regular reader.
The starting point for developing consumer-friendly privacy notices is to make them relevant to the user's activity, understandable and actionable. As part of the Usable Privacy Policy Project, my colleagues and I developed a way to make privacy notices more effective.
The first principle is to break up the documents into smaller chunks and deliver them at times that are appropriate for users. Right now, a single multi-page policy might have many sections and paragraphs, each relevant to different services and activities. Yet people who are just casually browsing a website need only a little bit of information about how the site handles their IP addresses, if what they look at is shared with advertisers and if they can opt out of interest-based ads. Those people doesn't[sic] need to know about many other things listed in all-encompassing policies, like the rules associated with subscribing to the site's email newsletter, nor how the site handles personal or financial information belonging to people who make purchases or donations on the site.
When a person does decide to sign up for email updates or pay for a service through the site, then an additional short privacy notice could tell her the additional information she needs to know. These shorter documents should also offer users meaningful choices about what they want a company to do – or not do – with their data. For instance, a new subscriber might be allowed to choose whether the company can share his email address or other contact information with outside marketing companies by clicking a check box.
This article was originally published on The Conversation. Read the original article.
(Score: 3, Insightful) by Anonymous Coward on Wednesday October 11 2017, @02:22PM (6 children)
Nobody should read privacy policies because they don't matter whatsoever.
If a service collects personal information then it will be shared. Even when an upstanding business promises not to do nefarious things (and intends to keep their promise) one of two things will inevitably happen:
(Score: 3, Funny) by The Mighty Buzzard on Wednesday October 11 2017, @02:46PM (2 children)
Yes, they do. They let you know which company is trying to screw you and which is willing to give you a reach-around whilst doing so.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Wednesday October 11 2017, @04:14PM (1 child)
FTFY
(Score: 0) by Anonymous Coward on Wednesday October 11 2017, @05:19PM
FTFY
(Score: 2) by JoeMerchant on Wednesday October 11 2017, @06:58PM
Actually, the point of the written and agreed upon privacy policy is, in part, so that the successors and assigns of such information as is covered by the policy are also bound by the agreement. This would, in theory, extend to creditors, liquidators, and anyone who comes into possession of the covered information.
In practice: yeah, sure, whatevah, so sue me.
🌻🌻 [google.com]
(Score: 2) by stretch611 on Wednesday October 11 2017, @07:11PM
Not to mention the number of companies that later change their privacy policy after you read it. You may get a blurb saying it changed and that you need to re-read it.
And lets face it, there are plenty of companies that lie and say one thing while doing another. The FTC does go after these companies, but not nearly as often as necessary and their legal action results in a fine, but your data is still out there being shared to everyone willing to pay.
Now with 5 covid vaccine shots/boosters altering my DNA :P
(Score: 2) by bob_super on Wednesday October 11 2017, @09:31PM
You forgot the most common: The privacy policy gets "updated" (read: gutted) and the company does what it wants.
In the best of cases, you'll get a notice of the update, which nobody will ever read.