Finally, we note that there is still a strong need for better tools and techniques for designing, implementing, and deploying privacy-sensitive systems. We discuss these issues as key research challenges in Sections 4.2.2 through 4.2.5.
3.3.1 Privacy Policies for Products
Privacy policies are very popular on the World Wide Web, both in nations that mandate them whenever personal data is collected (e.g., the EU) and where they are used because of market pressure (e.g., in certain industries in the USA). The specific content and format of privacy policies varies greatly between national contexts, markets, and industries. Under many legal regimes, the content of privacy notices is specified by law, and web site publishers have little leeway in writing them. The objective of these laws is to inform the user of his rights and to provide notices that enable informed consent. In other cases, privacy policies are written with the goal of increasing user trust and have a reassuring, rather than objective, tone. Certification programs such as TRUSTe and BBBOnline also mandate certain minimal requirements for privacy policies. These programs also verify that participating web sites comply with their stated policy, although such verification is “shallow” because the certification programs do not assess the internal processes of the organizations running the web sites.
Helping End-Users Understand Privacy Policies
There have been extensive efforts to make policies more understandable by consumers, especially for Business-to-Consumer (B2C) e-commerce web sites. However, the results thus far have not been encouraging. Controlled experiments by Good et al. on End-User Licensing Agreements  and by Jensen et al. on web site privacy policies  strongly suggest that users tend not to read policies. These studies also indicate that policies are often written in technical and legal language, are tedious to read, and stand in the way of the primary goal of the user (i.e., concluding the transaction).
Indeed, the general consensus in the research community is that privacy policies are designed more to shield the operators of IT services from liability than to inform users. Furthermore, Jensen and Potts’s evaluation of the readability and usability of privacy policies suggests that current policies are unfit as decision making tools due to their location, content, language, and complexity . Users instead tend to receive information about privacy-related topics such as identity theft from the media and trusted sources like expert friends.
end-user-privacy-in-human-computer-interaction-v57.docPage 31 of 85