by Johanna Gunawan, Privacy Intern
In our previous blog post in the Vendor Education Series, we briefly discussed why transparency is critical for building consumer trust. Transparency is integral to the Common Sense Privacy Program because it provides an avenue for people to understand a vendor’s data practices; without transparency, people have no way of knowing what a company is doing with their data. A vendor may have great intentions but a user will never know without clear explanations of its privacy and data practices.
Why is transparency such an important trait? When people have less information, it is more difficult to make decisions, let alone decisions that benefit them. Take a nutrition label, for example -- a label that only outlines total calorie count provides some information, but people with dietary needs or restrictions will struggle to understand whether or not the food is safe for them to eat. More information is needed, like ingredient lists and nutrient distribution. The same is true for privacy policies. The more information provided by a vendor, the more transparent the vendor’s policy is, the more the policy allows for robust decision-making.
People also vary in their privacy needs and wants, much like dietary needs differ between individuals. Informed individuals and parents can make higher-quality judgement calls about what software and services they use. Audiences of all types have different sensitivities and privacy wishlists. Providing as much information as possible up front facilitates choice and allows people to compare products that best suit their needs.
How Common Sense Privacy Does Privacy Evaluations
The Privacy Evaluation questions are derived from legal requirements and user expectations of privacy, as well as existing industry best practices in security, technology, and privacy. Each evaluation is conducted based on a series of questions, and results in a privacy rating and overall evaluation score to help parents and users understand how an app or website performs against our privacy standards.
After answering each question and annotating each policy, our reviewers provide a brief, easy-to-read summary of the product’s evaluation. These summaries provide an overview of the app or website’s purpose, as well as high-level notes on the website’s safety, privacy, and security practices, and compliance with data protection regulations.
Understanding the Privacy Evaluation Questions and Scores
All Common Sense Media Privacy Evaluation Questions address transparency, and many include an additional qualitative component. The transparency component asks whether a piece of information is provided at all, and the qualitative component corresponds to the nature of that information.
One question used for both Basic and Full Evaluations is: “Do the policies clearly indicate whether or not the product is intended to be used by children under the age of 13?” "Whether or not" questions like these may have a follow-up question. In this case, the follow-up qualitative question removes the "whether or not" portion and asks "Do the policies indicate the product is intended to be used by children under the age of 13?"
Both the transparency and qualitative components contribute to a vendor’s overall Privacy Evaluation Score. Policies that are transparent, but disclose privacy-eroding practices, receive half credit on these questions. Common Sense Privacy values both transparency and best privacy practices, but we consider transparency so integral that being transparent despite participating in weak privacy practices still has some value in our evaluations. Transparency leads to more informed decision making regardless of what a product’s practices are.
Why is Transparency So Difficult to Achieve? Multiple Influences on an End Product
Transparency is, in practice, difficult to achieve as it requires a delicate balance between multiple (and often competing) objectives and the interests of different stakeholders. There are several ways to achieve transparency, but vendors must weigh the benefits and costs to each method.
What is at stake?
Risk: Legal risk is also at stake; over- or under-disclosure can have other legal consequences for a vendor. Companies may be advised to be as vague and non-transparent as possible in their policies to avoid promising protective practices to users that they cannot deliver. A company may wind up being well protected legally, but have fewer customers as a result, because users shy away from privacy policies that offer very few assurances.
Sales: In some cases, best-effort transparency can deter the target audience if they see those disclosed practices in a negative light. For example, vendors who sell and collect information may provide detailed information about their practices up front, which may result in a discerning user choosing to work with a different vendor’s product. This complicates the motivations for transparency for a vendor but does not diminish the importance of being up front with users regarding data practices.
How to Be More Transparent
Though difficult, it is incredibly important to continue trying to improve transparency within these policies. This is a long-term effort; as technology progresses in complexity and capability, there will always be new opportunities to inform users.
Communication: Improvements can and should come from a variety of sources -- "being more transparent" isn’t something that is only achieved by rewriting a policy, though that is part of it. One step is to improve communication and documentation between teams in an organization, especially between groups that develop software or interfaces and those that write the policy. Centralizing this information internally and standardizing practices across different development teams helps avoid confusion later on. This communication also contributes to policies that are easily understood not only by users, but also by internal and external stakeholders.
Quality: Where possible, the policy should be more explicit about what the product or service does, and aim to use words that reflect the language of the laws in question. For example, our evaluations include the question "Do the policies clearly indicate whether or not the product is intended to be used by students in preschool or K-12?" A vaguer, less transparent indication would say that the product is designed for students, without noting school types, grade levels, or ages of the students. A more transparent indication would say that the product is intended for primary, secondary, or high school students. An even more transparent indication would explicitly mention "preschool" or "grades K-12," which echoes the language used by laws like SOPIPA and ELPIPA. Not all privacy laws use the same level of detail in their language, but in many cases, several different privacy laws contain text that contribute to the same question in our Privacy Evaluations. In this example, using the terms "students" or "primary and secondary students" may seem to be good enough -- but opting for more detailed, informative options makes it easier to measure compliance against more laws and help parents, educators, and technology coordinators determine if a product is appropriate for a given audience. Greater detail additionally makes it easier for users and the Common Sense Privacy Program to quickly find the most accurate description of privacy practices.
Overall the purpose of transparency is to be accurate and open about data practices and to leave less room for interpretation, confusion, or deception. Improving transparency in policies benefits everyone, not just users and parents.