tag:blogger.com,1999:blog-6974997875021040765.post8976334768736177967..comments2024-03-12T12:04:59.304+01:00Comments on Peter Fleischer: Privacy...?: Why Johnny can't read...a privacy policyAnonymoushttp://www.blogger.com/profile/09908660263905877338noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-6974997875021040765.post-56139699896840737352013-04-09T11:32:08.579+01:002013-04-09T11:32:08.579+01:00Coming from the E.U., I can tell that most end use...Coming from the E.U., I can tell that most end users are simply based on the fact that a privacy regulator has pre-surveyed a complex privacy policy and found it sufficient. I do not think that complexity necessarily means "black holes" for your privacy rights but I agree that it is blamed for scaring the average end user. A recent survey by ENISA showed that the end user is concious about its privacy but at the end of the day he will sacrifice it for a better price online! Anonymoushttps://www.blogger.com/profile/06260039152474256063noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-40021449626483387562013-03-29T10:15:17.837+01:002013-03-29T10:15:17.837+01:00At The i in online we have worked with kids on pri...At The i in online we have worked with kids on privacy policy icons for past 2 years. We published a report in July 2011 on childrens' understanding of data protection. Anyone want a copy?<br /><br />www.theiinonline.org Robert Bondnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-69263941862197911032013-03-28T14:56:16.505+01:002013-03-28T14:56:16.505+01:00Have you seen this report from the University of O...Have you seen this report from the University of Ottawa on best practices for privacy policies on kids' sites?<br /><br />http://www.idtrail.org/files/broken_doors_final_report.pdfMatthew Johnsonhttps://www.blogger.com/profile/04905727799828366356noreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-78259453268464892852013-03-28T01:09:47.224+01:002013-03-28T01:09:47.224+01:00Lots of research has already been done on this--ha...Lots of research has already been done on this--have you really missed the whole impetus toward privacy icons? Ryan Calo's articles on notice? The discussions at the FTC and California AG's office about the problems with the current incarnations of privacy policies? The only thing to be said for the current privacy policies is that they're better than no privacy policies at all.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-6974997875021040765.post-49693881960153350582013-03-27T19:56:50.546+01:002013-03-27T19:56:50.546+01:00I think it's wrong to have assumed all along t...I think it's wrong to have assumed all along that privacy policies have just one reader, the end user. Like contracts, insurance policies, mortgage documents and the like, Privacy Policies might better be aimed at lawyers. <br /><br />I agree with Peter, it's high time to review what needs are served by Privacy Policies. If there are different audiences then we might move towards different documents each addressing part of the puzzle. And we might need intermediaries to translate amongst them. Thus is not unusual in law and economics. Some arrangements between buyer and seller are so technical and complex that an intermediary (like an adviser, or a government agency depending on regulatory style) is needed to represent one side to the other. When critical societal functions collide with technological complexity (financial services is a classic example) consumer protection bureaus often intermediate some types of businesses and their customers. In Australia for instance we have legally mandated Plain English rules for how insurance policies are written. <br /><br />It seems to me privacy is much the same. Information flows and information-intensive business models are so complex now that they cannot be set out in a succinct document. But that's what a comprehensive privacy policy must do: set out what PII is collected, how, why, where and when, and who the PII is passed on to. <br /><br />Many new social media business models are win-wins for consumers and big business. So a big fat complicated privacy policy does not, ipso facto, rip off the consumer! I reckon that 100 word Privacy Policy statute (in California?) is well intended but frankly mad. <br /><br />We might expect privacy intermediaries to emerge in less regulated privacy environments like the US private sector to interpret privacy policies for the benefit of lay people. Lawyers can review the 'full' policies on behalf on consumers and rule on those policies, not just in respect of cut & dried legal compliance but softer criteria that translate into risk appetite. <br /><br />Actually this is already happening, with things like "traffic light" privacy labeling models, and similar proposals inspired by nutrition labeling. Such labels are produced or certified by intermediaries. <br /><br />Somehow I think we need to codify the privacy-publicness risk-benefit tradeoff in information businesses. Jeff Jarvis has written eloquently about the upside of dropping privacy (in "Public Parts"). I don't agree with the default "set point" that Jarvis advocates but his personal preferences and mine and everyone else's could be operationalised if privacy policies were more readily interpreted. <br /><br />Investment funds characterize their products according to the aggressiveness of their securities, using terms like "Balanced", "Low Risk" and "High growth". Perhaps we're getting to the point where consumers could think about social media privacy in this sort of way?Steve Wilsonhttp://lockstep.com.au/blog/privacynoreply@blogger.com