MODEL PRIVACY POLICY

Owned by Former user (Deleted)
Last updated: Aug 30, 2013 by Former user (Deleted)
2 min read

MODEL PRIVACY POLICY

Contributor

Jeff Stollman / Iain Henderson

Scope of Work

P3wg can make a valuable contribution to privacy by crafting a model Privacy Policy. This model policy would consist of multiple choice options for the various standard elements of a privacy policy (e.g., what information we collect, with whom we share the information, how we protect the information). This would allow the sites adopting the model policy to rapidly craft comprehensive policies. But more importantly, the use of a standard model would have extensive benefits for users asked to sign the policy.

Benefits of such a policy include:

1. Users could read the policy once and determine their own standards for what terms they will accept. Currently, policies are not read at all (by most users) because they are each unique, lengthy, and in complex legalese terms. A standard policy could be appended with simple language explanations of the various terms and conditions. This would facilitate understanding and – once the model is in widespread use – make it worthwhile for users to review it.
2. Thereafter they will only need to verify that other sites employing the model policy conform to the user's standards.
3. Standardization could lend itself to iconic representation of terms which would further simplify end-user review.
4. Standardization would facilitate competition among offerors. If one site/vendor uses the model and conforms to the user's preferences, it may be preferred over another site/vendor that has a custom policy. If two sites/vendors use the model policy and offers similar services as another, the user may use the differences in the selection of standard terms to choose the site/vendor.
5. By establishing a basis for competition among sites/vendors by the stringency of the privacy terms that they offer, overall privacy can be expected to increase.

note (from Iain) - the Information Sharing Group will be developing equivalent 'information sharing agreements' as seen from the individual perspective; i.e. 'I will let you have data type X for purpose Y, subject to constraint Z'. If the two workgroups collaborate then we'd have the ability to icon based, machine readable policies agreements at both ends of the data sharing pipe.

Desired Output

Output 1

Privacy policy template(s) that can be used by enterprises collecting Personally Identifiable Information (PII) that cover most common policy considerations and offers a fixed menu of choices.

Output 2

Consumer guidance on the impact of their decisions in accepting/rejecting the various terms of the privacy policy.

Intended Audience

Output 1

Enterprises collecting Personally Identifiable Information (PII).

Output 2

Consumers.

Editor, co-editor, contributors

Jeff Stollman

Target date for completion

  Output 1

The first draft privacy policy template will be developed by the end of Q1, 2010.

Output 2

Draft consumer guidance for the first privacy template will be developed 60 after the template is completed.