Slashdot Mirror
Undergrad Project Offers Site Privacy Information At a Glance
An anonymous reader writes "Not everyone can read legalese. Websites ought to have clearer, more transparent, and simpler privacy policies. One important step in this direction is a simple way of summarizing a privacy policy's features, to make it easy to see how a website will use and protect user data. Inspired by Creative Commons and the Mozilla Privacy Icon Project, we (a group of Yale undergrads) have designed a set of icons, as well as simple descriptions, to describe common features of privacy policies. Additionally, we have built a generator to make it easy for websites to add these icons to their own sites. To further encourage awareness, we have reviewed several popular websites' privacy policies, so that users can see for themselves how they fare." True to their word, the examples show some tiny but nicely scannable icons.
Nice idea and I hope the implementation is well thought out -- designing pictograms that make sense to many cultures is difficult. The other usual concerns also apply -- speaking of which, one issue I see right off the bat is that they're using color as a sole designator in the icon set. For people with red/green color blindness, this makes the set of icons unusable for its intended purpose.
I thought this was going to be about a parser that processes the legalese and summarizes it into a couple of icons. Now that would be worth looking at.
I had to look at the key to understand these icons. I know these are hard concepts to encapsulate in an icon, but some alt-text would have really helped.
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
Yup. This is privacy obfuscated, not "Privacy Simplified". If you're color blind, this is badly designed. And the examples have no "hover text", so you can't see what the icons actually mean without clicking on them.
Also, I noticed that in certain examples the text for the "red" and "green" compliance icons is identical. For example:
For example, Facebook (red compliance icon):
"This organization might provide your data to a government that asks for it without following the legally required process."
but Craigslist & Google (green compliance icon):
"This organization might provide your data to a government that asks for it without following the legally required process."
Ebay, Netflix, Pandora, & Spotify (green compliance icon):
"When an organization receives a phone call, letter, or other legally insufficient request for your data, they don't comply because the law requires the government to take additional steps before getting your data.
This website requires the government to comply, at a minimum, with the legal process provided by the law before getting users' data."
So, are Craigslist and Google supposed to be red? Or was somebody getting carried away with copy & paste?
Disclaimer: I am not affiliated with this source in any way; just a very satisfied user.
Check out the free EULAlyzer which can be downloaded from: EULA Research Center. EULAlyzer works on Windows 2000, XP, 2003, Vista, and 7.
Example: I took a look at the Privacy Policy for /. which is located at:
Geeknet Privacy Policy . "(Last Updated February 29, 2012)
(Effective Date May 24, 2008)"
EULAyzer summarized as:
The "Flagged Text" Called out the following, each of which can be expanded:
Each of these are expandable. Each expanded item provides an "Interest Level" graph and a link to its place in the License Agreement Text.
PS: I've lurked on /. since before there even were UID numbers, but privacy concerns delayed my signing up. I'm quite frankly surprised at how extensive the policy is and that just shows me how much has changed since the olden days. I should probably check other on-line site's policies to see what's new there, too.
I think this needs some work. Claiming Facebook doesn't collect information not necessary for the transaction?
Weasel Words says: Define "Facebook transaction."
An enigma, wrapped in a riddle, shrouded in bacon and cheese
Take a look at their ratings of major sites. That's a simple feature comparison checklist chart, but hard to read. Graphically, all the info is conveyed with colors only, which is awful. From a graphical standpoint, the icons are non-obvious. The picture of a human in a circle means "you can view and export your personal data". From a data collection standpoint, everything is either self-reported or manually set for major web sites, so there's a scaling problem. From an accuracy standpoint, Facebook has "will alert you to material changes" and "you can access all of your data" set to True, which is somewhat questionable given Facebook's history in those areas.
Compare "The evolution of privacy on Facebook" Now that's an excellent, and original, graphical representation of Facebook's privacy issues.
Presenting detailed information with multiple icons creates confusing visual clutter. Here's the chart for the international standard fabric care icons found on clothing labels.A liquid-filled cup with two dots and an underline means "Machine wash, warm, permanent press". A triangle with two diagonal lines means "Bleach with non-chlorine bleach as needed". Did you know that? It's on most garments.
We've struggled with this problem for SiteTruth We collect information about the business behind a web site, and present it to the user through browser add-ons. Doing this both concisely and effectively is tough. Right now, we have red, yellow, and green icons, with "do not enter", question mark, and checkmark graphics. We're about to launch a new system which brings up a small "dog tag" on link mousover, with information about the business. The dog tag uses text, not icons.
If you're color blind OR using a device with a monochrome display (think e-ink like the Kindle Touch) then color alone will not convey any information.
Going with "hover text" is also the wrong approach with more and more devices like the iPad, Kindle Fire and Kindle Touch being touch-screens browsers.