Are privacy policies dead?
January 17, 2011
In 2009 there was a controversial view that “Privacy is dead and social media hold smoking gun”. Essentially, the author presents a somewhat pessimistic view of Privacy’s position in the public sphere. He considers it to be a choice between either having privacy and not sharing with others or sacrificing privacy for the benefit of participating in social media. However, a Pew survey found that 71% of social network users have changed their privacy settings on their profile to limit what they share with others.
Essentially people want to socialise online, are concerned about their privacy and have begun to actively manage who sees what.
But one of the main challenges in trying to protect the privacy of individuals within the sphere of social media is keeping up to date with the constant pace of innovation.
New ways of sharing an individual’s personal details, such as their location, their preferences, are introduced, but it takes time for the law to catch up and, in the meantime, businesses are left with little guidance and individuals proceed with little awareness of consequences.
In this ever-changing environment, it may be important to re-assess the adequacy of tools used to protect privacy and consider whether any additional tools may be used to supplement these.
Just in time notification
TrustE is a privacy services provider and offer certification of websites. Unlike the above author, it is their view not that ‘privacy is dead’ but rather ‘privacy policies are dead’.
Obviously privacy policies are not dead as they are an immovable legal fixture, but from reading the remarks of the author, Fran Maier, it is not so much that privacy policies are dead, but that additional tools are needed to face new challenges to privacy.
Here TrustE suggests the concept of ‘just in time’ notification. This would be relevant whenever a new piece of technology is introduced and new types of data are being collected. The idea is that whenever an individual is about to share their data using a new feature a notification would be available to a visitor to explain to them the implications of going ahead.
An example of this would be the ‘Like’ feature from Facebook. This is a feature where users of Facebook may share the websites or videos they recommend with their friends. This feature is added to third party sites so that a visitor would simply click on the feature on the site to express their approval of the content.
When this was originally launched, TrustE wrote a blog recommending to businesses who were integrating the feature on their website to add a Just-in-time notice. They suggested to add a ‘?’ next to the feature which, when rolled over with a mouse, would inform the visitor about the privacy implications of the Like button, such as that this information will appear on your friends’ newsfeed.
However, as you can see from the above post they have decided that it is no longer necessary to have this notice due to “the ubiquity of the Facebook like button across the internet and the time users have had to familiarize themselves with the button”.
Essentially the public need time to build familiarity with a new piece of social media technology and they benefit from short notices when their privacy is at risk so they can make informed decisions before proceeding. Once the public are familiar with a new feature or practice then these little warning signs can be phased out. Obviously the information on how data is used should also be found in a privacy policy and in no way could these notices become replacements of the role of privacy policies. They would merely be supplements.
Fran Maier’s definition of privacy is interesting: “confident in the expectation of the outcome”. This implies that an individual knows what is going to happen when they click on a button to, for example, share their location with friends. Underpinning this definition are the key principles of transparency, trust and accountability.
Businesses striving, therefore, to build a relationship with their customers on the basis of these three principles are likely to be reassuring their customers. The bottom line is, if customers can trust you with their privacy then this is likely to produce a halo effect where your customers feel they can extend their trust to your business as a whole and buy from you.
