policy design & creating effective privacy policies presentation by travis pinnick user...
TRANSCRIPT
![Page 1: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/1.jpg)
Policy Design &
Creating Effective Privacy Policies
Presentation by Travis Pinnick
User Experience Designer, TRUSTe
NTIA Privacy Multistakeholder Process: Mobile Application Transparency
November 30, 2012
Washington DC.
![Page 2: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/2.jpg)
Problems with Privacy Policies
• Privacy Policies are difficult to read (Anton 2007)
• Misconceptions about protections (Hoofnagle 2008)
• Time required to read policies is too great (McDonald 2008)
• Lack of market differentiation (KnowPrivacy 2009)
![Page 3: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/3.jpg)
Machine-readable Policy Summaries
![Page 4: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/4.jpg)
Policy Short Notice Designs
![Page 5: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/5.jpg)
Icon-based policy summaries
![Page 6: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/6.jpg)
Icon-based policy summaries
![Page 7: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/7.jpg)
Layered Policy Design
![Page 8: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/8.jpg)
Policy Summary Data in Product Design
![Page 9: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/9.jpg)
User Testing - Policy Summaries
•Users don’t seem to have preconceived notions of what categories make the most sense regarding privacy •Icons aren't as important as presentation and finding the appropriate vehicle and context for delivery
•Users appreciate attempts to visually simply policy data, but that doesn’t mean it will necessarily influence their behavior
![Page 10: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/10.jpg)
Icon-based policy summaries
![Page 11: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/11.jpg)
Icon-reading user agents
![Page 12: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/12.jpg)
User Testing - Policy Summaries part 2
•Users respond positively to the idea icon-based summary data, but aren’t really able to articulate the meaning of the categories even after having viewed the descriptions •Once again, users appreciate attempts to visually simply policy data, but that doesn’t mean it will necessarily influence their behavior
![Page 13: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/13.jpg)
Mobile-optimized Policies
![Page 14: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/14.jpg)
Policy Summary Data in Mobile
![Page 15: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/15.jpg)
Challenges
Fundamentally, how useful is policy summary data?
1. Users report caring about privacy in vast majorities when polled, yet this attitude is not reflected by their actions
2. While summary data provides a helpful layer of transparency, there’s no reason to assume it will affect user behavior
3. Depending on whether summary data is self-attested or crowd-sourced, it may not be useful for enforcement
![Page 16: Policy Design & Creating Effective Privacy Policies Presentation by Travis Pinnick User Experience Designer, TRUSTe NTIA Privacy Multistakeholder Process:](https://reader033.vdocument.in/reader033/viewer/2022052701/56649cef5503460f949be2b7/html5/thumbnails/16.jpg)
Recommendations
An effective policy summary should:
1. Support a user’s ability to assess a site or app’s privacy practices at an appropriate time and in the right context (like a decision making moment such as app download)
2. Support a method of delivery that is informative without being overwhelming or intrusive to the user experience
3. Provide only the information that is most relevant, like the data collection practices which are invisible to users