Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: buckworks
Australian Privacy Commissioner, Timothy Pilgrim, said the results of the sweep were mixed with 83% of the sites having one or more issues in the following areas: 'easy to find', 'easy to read', 'contacts for further information', relevance and length.
'It is a concern that nearly 50% of website privacy policies were difficult to read. On average, policies were over 2,600 words long. In my view, this is just too long for people to read through. Many policies were also complex, making it difficult for most people to understand what they are signing up to,' Mr Pilgrim said.
'We did see some instances where organisations provided both a simplified and full policy to assist their customers to understand what will happen to their personal information. This attempt to use 'layered' privacy policies is encouraging.'
Major global trends observed
•One-third of policies raised concerns with respect to the relevance of the information provided. In some cases, sites would make brief over-generalised statements about privacy while offering no details on how organisations were collecting and using customer information. Many policies used 'boilerplate' language which did not take into account the relevant privacy jurisdiction. Too often, there was limited information on how organisations were collecting, using and disclosing personal information as it related to their business model.
•Approximately 33% of privacy policies viewed raised concerns with respect to their readability. Many of these policies quoted directly from applicable legislation. In doing so, these policies provide limited benefit to the average consumer seeking a clear and concise explanation of how their information is being collected and used.
Best practices observed
•Many organisations had privacy policies that were easily accessible, simple to read, and contrained privacy-related information that consumers would be interested to know, which demonstrates that it is possible to create transparent privacy polices.
•Many described what information is collected, for what purposes it is used, and with whom it is shared.
•Some of the best examples observed during the sweep were policies that made efforts to present the information in a way that was easily understandable and readable to the average person. This was accomplished through the use of plain language; clear and concise explanations; and the use of headers, short paragraphs, FAQs, and tables, among other methods.
Authorities who participated
•Office of the Australian Information Commissioner
•Office of the Privacy Commissioner of Canada
•Information and Privacy Commissioner of British Columbia
•Data Protection Inspectorate, Estonia
•Office of the Data Protection Ombudsman, Finland
•Commission Nationale de l'Informatique et des Libertés, France
•Federal Data Protection Commission, Germany
•Data Protection Commissioner of Berlin
•Data Protection Commissioner of Rhineland-Palatinate (Rheinland-Pfalz)
•Data Protection Supervisory Authority of Bavaria
•Data Protection Commissioner of Hesse
•Data Protection Commissioner of Brandenburg
•Office of the Privacy Commissioner for Personal Data, Hong Kong
•Office of the Data Protection Commissioner, Ireland
•Office for Personal Data Protection, Macao
•Office of the Privacy Commissioner, New Zealand
•Data Protection Authority, Norway
•Information Commissioner's Office, United Kingdom
•Federal Trade Commission, United States