User Experience Designer | TRUSTe
The original goal of privacy policies was to create transparency in data collection practices and to help users make informed decisions. Unfortunately most users do not read privacy policies and therefore little change has been made in data collection practices. This is partially because traditional privacy policies suffer from misaligned incentives. Privacy policies really serve as legal protection for the data collectors, and there is an incentive for websites to collect and share data about their users. This incentive should be balanced by the market with simplicity, transparency, and choice.
Designing a Short Notice
The need for a short notice policy is clear, but a lot of thought was put into the development of the content for this short notice. Last April Mozilla hosted a Privacy Icon Workshop about the use of privacy icons to communicate important information practices to consumers.
There seemed to be general agreement that a short notice needs to be much simpler than previous attempts to be effective. One way of accomplishing this goal is to simplify the types of practices represented in the notice. For example rather than representing things users probably already know, such as the types of data collected (ie. name, age, financial or purchase information), the short notice can focus more on transparency around the data practices and uses which are invisible to users (secondary use, data sharing, third party tracking, data retention).
Testing Short Notice Categories
In Feb 2011 we conducted a user test of a preliminary short notice design featuring the following categories: data use, data sharing, and data retention (focused on how data is used, not what data is collected). Based on the results of the user testing I reached the following conclusions regarding short notice design:
- Users don’t seem to have preconceived notions of what categories make the most sense regarding web privacy, they expect an authority (like TRUSTe) to do that for them.
-Icon Design is not as important as category selection and taxonomic presentation. Several users commented that initially the purpose of the short notice is to educate, and as long as the icons made reasonable sense in the context of the categories they would eventually come to be associated with their intended meanings.
Proposed Short Notice Design
The final design for the short notice consists of three categories (Data Use, Data Sharing, and Third Party Tracking). These categories were selected because they represent data practices that are invisible to the user. Each category has three possible values ranging from most to least restrictive data practices (ie. for data sharing: 1- data only shared for expected/transactional uses, 2- data shared with affiliates/marketing partners with user choice, or 3- data shared without choice or practice not stated.)
Mobile Layered Design
Designing for Consumer Expectations
The addition of the privacy short notice to our layered policy offering benefits consumers in the following ways:
-Transparency – the categories in the short notice were specifically chosen because they focus on creating transparency around the data practices which are invisible to consumers
-Choice – each category in the short notice provides consumers easy access to choices afforded to them for that data practice
We are excited to be releasing products for consumers that provide transparency around the data practices of the sites they visit. This project is currently ongoing and feedback is invited. If you have any questions or comments please contact Travis Pinnick, User Experience Designer at firstname.lastname@example.org.
Follow me on twitter at @xtratrav.