«

»

Feb
17
2011

Privacy Short Notice Design

By Travis Pinnick
User Experience Designer | TRUSTe
@xtratrav

Part II: Recent Activity
[This is part 2 in a series about the design of a TRUSTe Privacy Short Notice. For the proposed design see part 3]

TRUSTe Short Notice and Icon Design
TRUSTe is currently in the process of designing an icon-based privacy short notice for simplifying and summarizing consumer-facing privacy statements in a browser-based client. The tool will initially be a simple, consumer-facing presentation layer of a TRUSTe-hosted XML-based policy database, but could ultimately become an open-source standard for inclusion by browser manufacturers available for certification by other third-party privacy authorities.


Recent Activity in Short Notice Design
Last April Mozilla hosted a Privacy Icon Workshop about the use of privacy icons to communicate important information practices to consumers. Several members of the privacy community attended and it was a great start on what the privacy icons should represent and how icons can be utilized to help consumers make informed decisions.

Aza Raskin, then lead UX Designer at Mozilla, released his initial privacy categories soon after, and concluded from workshop feedback that privacy icons should ONLY be used when the user does NOT have a reasonable expectation regarding how data is used, and that the icons needed to represent a small number of categories in order to be useful in a consumer-based short notice. The initial proposed categories were:
- Is data used for secondary use
- Is data bartered
- Under what terms is data shared with government
- Is data used to create a profile for non-primary use
- Under what terms are ad networks able to access data
- Does the service provide user control of data
- Are reasonable measures taken to protect data during collection/storage


Next Steps
This exercise was a good start, but there are problems with the list. The first five categories are all variants of ‘data used for secondary use’ and the last category is about security – out of scope for privacy icon project. Note also that the concept of data types are absent from this list, which focuses entirely on data uses.

Early this year, with the feedback from the Mozilla workshop Raskin released a proposed design for Privacy Icons for a refined list of categories. The icons in the revised version represent:
- Secondary Use
- Data Bartered or Sold
- Data Shared with Advertisers
- Data Retention

Last July Alissa Cooper (Center for Deocracy & Technology) also proposed a Privacy Ruleset for the W3C. The categories in this ruleset and their accompanying elements were:

- Data Sharing – [Internal, Affiliates, Unrelated]
- Secondary Use [Contextual, Customization, Profiling]
- Data Retention [None, Short, Long]

Note the similarities between the categories in Cooper’s ruleset and Raskin’s icon design – three of the four categories are almost identical.


Conclusions
A takeaway I got from the icon workshop and Cooper and Raskin’s category proposals – there seems to be general agreement that a short notice needs to be much simpler than previous attempts to be effective.

One way of accomplishing this goal is to simplify the types of practices represented in the notice. For example rather than representing things users probably already know, such as the types of data collected (ie. name, age, financial or purchase information), the short notice can focus more on transparency around the data practices and uses which are invisible to users (secondary use, data sharing, third party tracking, data retention).

There seems to be a growing consensus within the privacy community that an effective short notice should:

- Represent only a few categories
- Represent data uses rather than types of data collected

Based on these conclusions I proceeded to design and test TRUSTe’s icon-based short notice.

Continued in part 3 of this series.

Comments