Icons for Privacy Policies
Users struggle to understand privacy policies, even when reduced to a reasonable length. This discourages them from putting in the effort required to understand risks to their data, and invalidates consent.
- Users want to understand the risks to their data in using a service, but do not want to read long or overly complex policies
- Many users want to be able to decide for themselves which policies apply to them, but do not want to read complex or time consuming summaries just to identify them
- Controllers need users to be informed before their data may be processed
In this pattern, privacy icons should not be used in place of the full policy document, but used to augment it. They should be shown in a manner which explains the policy explanation, excerpt, summary, or full detail as appropriate. Examples of usage include describing kinds of data processed, means, purposes, and legitimate interests or other justifications.
This usage should aid users in determining not only whether to further explore a policy, but also a rough idea of what each policy entails. More than one icon may be used per policy to achieve this, so long as the content becomes less complex.
Icons should be consistent and yet distinguishable from one another. This may justify a certain size limit. The icons should also be self-explanatory. These aspects need verification from a representative sample of the user population.
Furthermore, using standardized icons aids in both understanding and in promoting further use, but should not conflict with the norm. Doing otherwise may confuse users. If Icons are used in the same way on many of the applications or websites the user visits, it will be easy for the user to learn their purpose and to accept them as assistance. When users are aware of the icons from other purposes it will be also become more easy for them to create a mental model which supports them when reading a policy.
Without dedicating too much effort, a user may quickly determine the potential risks of processing under a given policy. The user will be able to also quickly locate the other relevant policies both when first using a service and when revisiting policy.
When the icons are sufficiently standardized, or at least for the subset which are, the user will not first need to familiarize themselves with explanations. Where not the case, education can assist in changing this if the icons are indeed widely used and consistent.
The use of this measure will make policy more transparent, which will enhance the level of trust placed by users. Users which provided an invalid form of consent due to lack of policy understanding may then choose to retract it, or modify permitted usage.
Alice is totally unaware of this secondary use of her data and may not agree to it. But accessing this policy involves accessing a website and going through a lengthy and legally oriented document.
Comparatively, the tracker could have provided a short policy summary on the packaging using icons to convey more information with less space. Alice would have noticed an icon she recognized to convey third party sharing. Curious of whom this third party might be, and what extra risks she might be taking, she searches the online policy and finds it to be a company she does not trust. As a result she would not have consented, and potentially not purchased the device.
See also the Privacy Icons entry at Ideas for a Better Internet (kind of a pattern repository by the Berkman [Klein] Center for Internet and Society in Harvard).
Recital 60 as well as Art. 12(7) of the General Data Protection Regulation suggests the use of standardized icons, informing users in an easily visible, intelligible and clearly legible manner.
This pattern complements Impactful Information and Feedback, Informed Secure Passwords, Layered Policy Design, Privacy Aware Wording, Privacy-Aware Network Client, Awareness Feed, and Privacy Color Coding. It also implicitly complements Trust Evaluation of Services Sides through Awareness Feed.
As a visual cue, this pattern aids in providing Impactful Information and Feedback by augmenting it with quickly interpreted information. These visual cues additionally help towards Informed Secure Passwords, as they may indicate password strength and policy.
Like many patterns which inform users, elements of Awareness Feed and its methods for establishing awareness also go well with visual cues like this pattern. It also implicitly aids Trust Evaluation of Services Sides, which provides visual representation to highlight trust levels to the user.
S. Fischer-Hübner, C. Köffel, J.-S. Pettersson, P. Wolkerstorfer, C. Graf, L. E. Holtz, U. König, H. Hedbom, and B. Kellermann, “HCI Pattern Collection - Version 2,” 2010.
C. Graf, P. Wolkerstorfer, A. Geven, and M. Tscheligi, “A Pattern Collection for Privacy Enhancing Technology,” The Second International Conferences of Pervasive Patterns and Applications, vol. 2, no. 1, pp. 72–77, 2010.
European Parliament and Council of the European Union, “General Data Protection Regulation,” Official Journal of the European Union, 2015.