Wanted: Privacy policies written for human beings
The biggest problem with online privacy is that nobody understands it. Poorly written privacy policies are a big reason why. UPDATE: StickK responds.
You know the biggest problem with online privacy? Online privacy policies.
As a concept, privacy isn’t difficult to grok. People should have control over their personal information and how it is used. If they don’t want it used, there should be a simple and permanent way to prevent that from happening. Period, full stop.
If you want people to understand privacy – and maybe not be either so blasé or so paranoid about how their data is being used – we need privacy policies that human beings can understand.
(Remember, this is a site where people confess to being overweight, addicted to drugs or alcohol, adultery, failure to floss, or any number of other personal shortcomings. Not the kind of thing you’d necessarily want buttered all over the InterWebs with your photo attached, or entered into a background check database.)
Fast forward two years. Through the magic of Google, my blog post on StickK is now the fourth hit on any search for “Stickk.” And even though there’s a comment at the end from StickK noting that it had changed its policies post facto, the company wanted to add a disclaimer to the top of the piece.
So Computerworld added a disclaimer. No big.
He went on for a bit after that, but that’s the simplest, clearest explanation he provided to any of my questions.
Privacy policies like this are fine, if you happen to have a lawyer in your pocket at all times -- and then maybe another lawyer to translate what the first lawyer said.
Otherwise they’re not so fine. They’re effectively useless. So here’s what I propose. Keep the legalese for the lawyers, if you must, but boil it down to the essentials for the rest of us mere mortals.
The first time you visit a site or log into it, the site should display a pop up window with four bullet points listing:
* The personal identifiable information the site gathers. Name and address? Credit card? IP and location? A simple list would suffice.
* What the site does with your PII. Will third parties have access to your data? Will advertisers?
* The ability to opt out on the spot. Don’t like what the site is doing with your info? Click this link to remove your data or limit sharing.
* Want to dig into the minutiae? Here’s a link to the longer legalese.
Simple, easy, effective, and no migraines. Is that really so difficult? I don’t think so. What do you think?
UPDATE: After I first posted this, StickK's general counsel sent me an official response. Here it is:
But in short, and to be clear, stickK takes privacy issues very seriously and has not had a user issue to date.
ITworld TY4NS blogger Dan Tynan writes privacy policies while he sleeps -- which may be why he always wakes up with a migraine. Visit his eHumor site eSarcasm or follow him on Twitter: @tynan_on_tech.
Thumbnail image courtesy rpongsaj/Flickr