|
 ABSTRACT
Studies have repeatedly shown that users are increasingly concerned about their privacy when they go online. In response to both public interest and regulatory pressures, privacy policies have become almost ubiquitous. An estimated 77% of websites now post a privacy policy. These policies differ greatly from site to site, and often address issues that are different from those that users care about. They are in most cases the users' only source of information.This paper evaluates the usability of online privacy policies, as well as the practice of posting them. We analyze 64 current privacy policies, their accessibility, writing, content and evolution over time. We examine how well these policies meet user needs and how they can be improved. We determine that significant changes need to be made to current practice to meet regulatory and usability requirements.
REFERENCES
Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.
| |
1
|
Adkinson, W. F., Eisenach, J. A., and Lenard T. M. "Privacy Online: A Report on the Information Practices and Policies of Commercial Web Sites" Progress and Freedom Foundation, Washington DC. March 2002
|
| |
2
|
|
| |
3
|
BBBOnLine. "Third-Party Assurance Boosts Online Purchasing: BBBOnLine Privacy, Reliability Seals Increase Consumer Confidence; Privacy Remains Public's Chief Concern (survey summary)". Arlington VA, October 17, 2001.
|
| |
4
|
Bellotti, V. and Sellen. A. "Designing for Privacy in Ubiquitous Computing Environments". European Conference on Computer-Supported Cooperative Work, ECSCW '93, Milan, Italy., ACM Press. 1993
|
| |
5
|
Culnan, M. J. and Milne, G. R. "The Culnan-Milne Survey on Consumers & Online Privacy Notices: Summary of Responses". Washington DC: FTC, December 2001.
|
 |
6
|
|
| |
7
|
Flesch, M. "The Art of Readable Writing", Macmillan Publishing, 1949
|
| |
8
|
Hochhauser, M. "Lost in the Fine Print: Readability of Financial Privacy Notices." Privacy Rights Clearinghouse, July 2001.
|
| |
9
|
Jupiter Research, "Security and Privacy Data." FTC Security Workshop, May 20, 2002
|
| |
10
|
|
| |
11
|
National Telecommunications and Information Administration. "A Nation Online: How Americans Are Expanding Their Use of the Internet" Washington, D.C. February 2002
|
| |
12
|
|
| |
13
|
U.S. Children's Online Privacy Protection Act of 1998, Public Law No. 105--277, October 21, 1998.
|
| |
14
|
U.S. Gramm-Leach-Bliley Financial Modernization Act of 1999, Public Law No. 106--102, November 1, 1999.
|
| |
15
|
U.S. Health Insurance Portability and Accountability Act of 1996, Public Law No. 104--191, August 21, 1996.
|
| |
16
|
U.S. Regulatory Fair Warning Act of 1999. H.R. 881 One Hundred Sixth Congress, June 29, 1999 478.
|
CITED BY 23
|
|
|
|
|
|
|
|
|
|
|
Nathaniel Good , Rachna Dhamija , Jens Grossklags , David Thaw , Steven Aronowitz , Deirdre Mulligan , Joseph Konstan, Stopping spyware at the gate: a user study of privacy, notice and spyware, Proceedings of the 2005 symposium on Usable privacy and security, p.43-52, July 06-08, 2005, Pittsburgh, Pennsylvania
|
|
|
|
|
|
|
|
|
|
|
|
Clare-Marie Karat , John Karat , Carolyn Brodie , Jinjuan Feng, Evaluating interfaces for privacy policy rule authoring, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada
|
|
|
|
|
|
Julia Gideon , Lorrie Cranor , Serge Egelman , Alessandro Acquisti, Power strips, prophylactics, and privacy, oh my!, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania
|
|
|
Nathaniel S. Good , Jens Grossklags , Deirdre K. Mulligan , Joseph A. Konstan, Noticing notice: a large-scale experiment on the timing of software license agreements, Proceedings of the SIGCHI conference on Human factors in computing systems, April 28-May 03, 2007, San Jose, California, USA
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Robert W. Reeder , Patrick Gage Kelley , Aleecia M. McDonald , Lorrie Faith Cranor, A user study of the expandable grid applied to P3P privacy policy visualization, Proceedings of the 7th ACM workshop on Privacy in the electronic society, October 27-27, 2008, Alexandria, Virginia, USA
|
|
|
Ian K. Reay , Patricia Beatty , Scott Dick , James Miller, A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future, IEEE Transactions on Dependable and Secure Computing, v.4 n.2, p.151-164, April 2007
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Adobe Acrobat
QuickTime
Windows Media Player
Real Player
Pdf
H.5