X hits on this document





32 / 100

Multi-level policies have been proposed as one way to increase comprehensibility and the percentage of users reading policies. In 2004, the European Union’s committee of data privacy commissioners, also known as the Article 29 Working Party, published a plan calling for EU member states to adopt common rules for privacy policies that are easy for consumers to understand [100]. This plan also called for displaying privacy policies in three layers: short, condensed, and complete. The short privacy policy, only a few sentences long, is meant to be printed on a warranty card or sent via a mobile phone message. It might contain a link to the condensed privacy notice. The condensed privacy policy is a half-page summary of the complete privacy policy. The condensed privacy policy summarizes the most important points, whereas the complete privacy policy might span multiple pages is comprehensive. Experimental evidence suggests that two-level policies are somewhat more successful at influencing users’ behavior [126].4

To systematize the wide range of claims contained in privacy policies, Anton and Earp produced a dictionary of privacy claims contained in the privacy policies of 25 major US retailers’ web sites [27]. Similar to Dourish et al. [86], Anton and Earp used Grounded Theory and goal mining techniques to extract these claims and produced a list of 124 privacy goals. They categorized claims in privacy policies as “protection goals” (i.e., assertions with the intent of protecting users’ data privacy) and “vulnerabilities” (i.e., assertions that describe management practices that may harm user privacy such as sharing of personal information). The privacy goals taxonomy reflects the usual categories of notification, consent, redress, etc., while the vulnerabilities taxonomy includes such issues as data monitoring, aggregation, storage, transfer, collection, personalization, and contact.

The emergent picture is that end-user privacy policies are complex instruments which need careful planning, constant updates, and careful drafting to ensure that users read them, understand them, and use them. Obviously, they must reflect to actual organizational practices, which can be a problem especially in rapidly-evolving organizations.

Deploying, Managing, and Enforcing Privacy Policies

The mere presence of a privacy policy does not mean that it will be enforced. A full treatment of policy enforcement is outside of the scope of this article, but has wide-reaching implications on information systems design and management. Furthermore, different kinds of enforcement procedures exist depending on the data protection legislation and institutions in place. For example, some companies have a Chief Privacy Officer, whose responsibilities may range from public relations to actual involvement in spelling out and enforcing privacy policies. As another example, in the United States, the Federal Trade Commission has been tasked with enforcing the Children’s Online Privacy Protection Act (COPPA), and has actively pursued remedies against businesses that are in violation.

Although the management of personal information has not traditionally been the topic of public research, there have recently been several efforts in this field, specifically in two areas:

4 Google Desktop’s privacy policy brings this structure to the extreme, and prompts the user with the following notice upon installation: “Read This Carefully. It’s Not the Usual Yada-Yada”.

end-user-privacy-in-human-computer-interaction-v57.docPage 32 of 85

Document info
Document views305
Page views305
Page last viewedWed Jan 18 18:23:52 UTC 2017