Computers, Privacy & the Constitution

Your RDA of Privacy: A Nutrition Facts Label for the Web

-- By GlennLortscher - 24 Mar 2008

How much are lists of nouns worth? Quite a lot, if you can tie them to individuals. Google's AdWords? network has seen unprecedented growth doing just that-- scouring information from email, forms, and website content to sell individually- and demographically-targeted advertisements. Yahoo, playing catch-up, has increased the number of times it collects such data from its visitors each month to 2,520 (compared to Google's 578). As long as targeted advertising stays profitable, this type of data collection will continue to grow in size and sophistication (see Phorm, for an extreme example).

This is arguably fine, as long as consumers consent to commercial use of their information. But website privacy policies are inadequate, and often cleverly worded to allay privacy concerns and maximize usage rights. If users knew the big picture-- how companies actually use their information and how much it is worth, many would act differently. Working toward this more results-based view of consent ("informed" consent, perhaps?), one solution is to require a Nutrition Facts-inspired label on all sites that collect any personal information. [1] In this paper, I flesh out why such a requirement is beneficial and how to implement it in a way that empowers consumers.

A Framework for Personal Information Online

Consumers generally provide personal information to commercial websites for three purposes: to make purchases, to access services, or to add content to a social network or message board. In the first instance, a consumer might buy a camera online. Her purchase information is kept in the form of electronic sales records. A consumer's expectations for usage of these records are grounded in the real world-- sales records can help resolve billing conflicts and facilitate product exchanges and returns, just like at the store.

In the second instance, a consumer provides personal information in exchange for access to online services, such as a social network or comparison shopping service. But the economic value of such information is rarely made clear. Take the New York Times for example, which uses personal information from free registrations to sell expensive, highly-targeted advertisements. But the NYT policy frames the exchange as being a matter consumer convenience-- targeted ads are more useful. The result being that users treat registration fields much like annoying End User License Agreements, clicking past them as quickly as possible, a behavior epitomized by the popularity of automated form-fillers like Gator and Roboform .

Third, where personal information, preferences, and opinions are revealed in user-generated content, consumers have no expectations for how this content might be mined and tied back to their various online identities. Users may be assuming that information revealed in content, as opposed to neatly-titled registration fields, is safe from mining and analysis, and the content fields lack privacy releases anyway. These assumptions are usually incorrect, since most registration agreements state that all user-created content is "public", giving the website carte blanche permission to analyze and map that data however it pleases-- an unexpected outcome for most users.

Of course, in reality the lines between information types aren't so clear. But the last instance strikes at the core of the Privacy Policy problem-- seemingly innocuous provisions that ultimately fail to inform users what is actually done with information. By consenting only to vague processes, and not their outcomes, websites are at most obtaining barely informed consent. While companies use consumer information for pretty distinct purposes, all web forms appear the same to the consumer. When Joe Consumer sees the Almighty Required Field Star when creating an Expedia account, is he going to enter "Easter J. Bunny" or his real name? With corporations in the better bargaining position, there is a strong case for regulatory intervention to achieve greater clarity for consumers.

The Solution: Before, During, and After

Revealing privacy outcomes is the first step toward informed consent online. I propose that as long as a website wishes to retain personal information for use that extends beyond mere purchase records, it must take comprehensive steps before, during, and after it retains such information to inform and empower users.

Before: Privacy Facts

Before a user submits personal information, a Nutrition Facts-inspired Privacy Facts label should inform the user of all usage and transfer rights (i.e. "Yes/No/Consent Required"). The label should also summarize any past transactions in user information with subsidiaries, affiliates, and third parties, describing of all data transferred (i.e. "names, zip codes, hobbies"). The result is nice, small labels for websites that minimize information collection; conversely, social networks should have huge labels. Forcing websites to reveal cold hard facts and numbers will cut off many attempts to allay privacy concerns with boring, overly general, and marketing-conscious privacy policies.

During and After: Disclosure and Destruction

As long as a website retains user information, that user should have an easily accessible and complete profile disclosing all retained information, how it is used, and to whom it is available. As long as that site wishes to use the information for more than purchase records, it must indefinitely present an offer to terminate service in exchange for information destruction.

Conclusion

There is a growing gap between the actual value of personal information and consumers' perceived value of such information. A Privacy Facts label would help close this gap by unveiling, concisely, what websites track. While there are private sector solutions, like the TRUSTe Web Privacy Seal, they still fail to inform consumers of the real outcomes of revealing personal information. Further, their voluntary nature makes true change difficult. Thus, as the personal information value gap increases, I argue that requiring a Privacy Facts label is the necessary path to empowering and protecting consumers.

[1] S. Tian, "All I Want for Christmas is A New Privacy Policy"

Word Count: 944

# * Set ALLOWTOPICVIEW = TWikiAdminGroup, GlennLortscher

Navigation

Webs Webs

r5 - 23 Jan 2009 - 15:28:37 - IanSullivan
This site is powered by the TWiki collaboration platform.
All material on this collaboration platform is the property of the contributing authors.
All material marked as authored by Eben Moglen is available under the license terms CC-BY-SA version 4.
Syndicate this site RSSATOM