How to create better privacy policies

By | October 13, 2017

A 2008 study estimated that it would take 244 hours a year for the typical American internet user to read the privacy policies of all websites he or she visits—and that was before smartphones with dozens of apps, cloud services, and smart home technologies. If you’re like most people, you don’t read them.

Florian Schaub, assistant professor of information at U-M, thinks there is a better way to make clearer privacy policies that are easier to follow. “People are confronted with terms of service agreements and privacy policies all the time. Regulations requiring these notices aim to ensure that consumers can make informed decisions, but current privacy policies miss the mark. They are surprisingly ineffective at informing consumers,” he writes. According to Schaub and his colleagues, the key to turning privacy notices into something useful for consumers is to rethink their purpose. “The starting point for developing consumer-friendly privacy notices is to make them relevant to the user’s activity, understandable, and actionable,” Schaub explains.