The key topics to include in an abridged policy are PII collection, data sharing, cookies, security, and updates. Examples of short form policies can be found in the footer. If you’ve ever browsed Wikipedia on your smartphone you are already familiar with this economic content delivery method.
If the goal is to inform consumers about everything that you do with their data, it should be done with the user experience (and future) in mind.
There are numerous creative efforts underway to simplify the way privacy information and other necessary disclosures are delivered. And while many websites and apps today continue to use standard formats for how they introduce, index and hyperlink their policy categories, emerging methodologies aim to increase the clarity and transparency of privacy policies through graphical or other unifying means. Some concepts being developed include:
Privacy scores. Another interesting visualization experiment is the PrivacyChoice platform, which combines objective privacy risk scoring capabilities of PrivacyScore (a Firefox add-on), browser Do-Not-Track customization, and the wizard-based PrivacyMaker.
Privacy icons. A couple of years ago the Disconnect Privacy Icon project was launched to help consumers understand a website’s key privacy practices through icons populated into the browser’s address bar.
Short URLs and badges. As the line between personal expression and advertising continues to blur on social networks, startups like CMP.LY are innovating ways to generate “links and badges that provide clear and conspicuous notice directly in the body of a social post.”
If “the disclosure cannot be made clearly and conspicuously on a device or platform, then that device or platform should not be used.”
In October of 2012, the California AG warned a number of companies that their privacy policies were not “readily accessible” to consumers as required by law. Two months later the AG offered privacy best practice recommendations to app developers, stressing the need for privacy by design. In January of 2013 the California Attorney General published Privacy on the Go recommendations for the mobile ecosystem. In March of 2013 the FTC revised their Dot Com Disclosures to highlight similar concerns arising from the rapid adoption of mobile technology and social networking, particularly among children.
One common theme among regulators is the need for “enhanced measures” such as ‘just-in-time’ geo-location access requests. Another is the need for disclosure mediums that address channel-specific challenges such as limited character space within SMS and Twitter messages.
Given the rapid online/mobile convergence, when developing your privacy policies and disclosures be aware of how that information may be accessed and read.
Here’s a recap of what you can do to ensure that your brand and marketing efforts keep up with privacy expectations and obligations.
- Ensure privacy policies and other disclosures are clear and “readily accessible.”
- Put Parts I, II and III together. Mix and repeat.
 Examples of good short form privacy notices:
Proctor & Gamble: http://www.pg.com/privacy/english/privacy_notice.shtml