Can We Just Admit That The Idea Of A 'Privacy Policy' Is A Failed Idea?

from the no-one-reads-it,-it's-meaningless dept

At our Insight Dinner Salon on Privacy the other night, I got into a conversation about privacy policies, and how silly the concept has become. At this point, it's commonly accepted that very, very few people ever read a privacy policy. Furthermore, there's this bizarre belief that a privacy policy actually means a company will respect your privacy. Studies have shown that people will say that if a site has a privacy policy, it means that the site will protect their data, even if the policy makes it clear that the site operator can spread your data far and wide. In fact, the incentives are to write a "privacy policy you can't violate," by having it state you can do whatever the hell you want with the data you collect. It's the "best of all worlds," in which users think (incorrectly) they're protected, because a "privacy policy" exists... and the companies who use them can't get in trouble because it says the company can do whatever they want.

So forgive me for not being at all impressed with the Future of Privacy Forum complaining that so many mobile apps have no privacy policy. And things like the following statement don't do the FPF many favors:
FPF believes that a fundamental element of protecting the privacy of consumers using Apps is the availability of a readily-accessible, written privacy policy.
Honestly, this feels like the requirement for a talisman, rather than a deeper look at the actual privacy issues (of which there are many) in the world today. Calling for more privacy policies doesn't really do anything to keep people's data more private. It's just something that can be done in the belief that it must help, even if there's scant evidence to support it.

Filed Under: privacy, privacy policies


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    ShaunDakin (profile), 27 May 2011 @ 12:41pm

    Privacy Policies are a good first step

    Thanks for the post.

    We (the Future of Privacy Forum - FPF) are agreed that privacy policies are a failure as a consumer communication tool.

    That is why we helped pioneer the use of privacy icons on the internet, particularly with online advertising.

    But a privacy policy is a must for any sort of accountability as privacy enforcement is limited unless a company has made a public formal commitment that the FTC can hold them to. And as all of us who have drafted privacy policies know, the process of doing so forces you to actually map in detail practices that you may not have otherwise fully documented.

    And until you know what you are doing, you can't possibly start to communicate about it.

    So creating a privacy policy is step ONE.

    Of course you can't stop there, you need to figure out how to communicate the key elements to users.

    For many mobile apps today, that isnít easy, given space constraints and the fact that the mobile platforms manage some key parts of the process.

    For example, Apple and Android properly ensure that Apps donít obtain user location without giving affirmative consent. However, since Apple and Google manage this process, an application developer (in the application) doesnít have an easy way to explain until later why the application wants location and what it will do with it.

    We believe that lots of work to be done here.

    So when applications do have privacy policies, FPF will come back and assess how well they are doing at taking the key points and communicating them clearly to the user.

    The FTC has just kicked off a new look at its Dot Com Disclosures for Advertising guidance so they are following this issue closely and are in particular looking at apps and the mobile space.

    So donít wait for our next survey! Our new site for developers, www.applicationprivacy.org, should provide some assistance.

    Feedback is much appreciated.

    Shaun Dakin
    Fellow
    The Future of Privacy Forum
    Application Privacy Project

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Essential Reading
Techdirt Insider Chat
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.