Privacy Policies and App Labels
Have you ever read your product's Privacy Policy? (If you don't work on a tech product, pick the Privacy Policy of a website or app you use often.) Sit down and read it. Do you understand it? If not, that's the first red flag. Your customers should be shown a copy available in language that's easy to understand - and if you sell to children, it should be easy for them to understand too.
There are a range of ways you can make your Privacy Policy more accessible. Check out the suggested Privacy Patterns to inform users. Could you add a privacy label or use standardized privacy icons to communicate what you're doing with users' personal data? Could you offer a layered Privacy Policy, providing a simple overview in bite-sized chunks with one or more further layers of detail that users can click through to if they wish to see the full legal text? Could you provide users with ambient notice to remind them in real-time that their personal data is being used? ('Camera on' and 'microphone on' lights and icons are great examples of this.)
Your Privacy Policy can also serve as a guideline when you are designing new product features:
🔧 "Your product is your Privacy Policy" thought experiment (inspired by Nathan Good). Ask yourself these questions when working on a new product or feature:
- Does this design violate the promises you're making in your Privacy Policy? Does it reuse data for a new purpose? How would the Privacy Policy have to change to document this? Would you as a user be happy with that change?
- If you sat your privacy lawyers down with the dev team right now...Would they be horrified by the ways you're trying to manipulate the user or trick them into providing consent in the UI? Would they be shocked that you're integrating a new third-party service or transferring data to a different country?
- If you had one of your customers sat next to you asking you to explain the design as you coded it, would you still implement it the same way?
Privacy Labels
One of the informational privacy patterns we mentioned above merits a closer look: privacy labels. Both the Apple App Store and Google Play Store have now introduced these for apps. Like a nutrition label on packaged food in the supermarket, these labels aim to provide you a summary of what this app 'contains' from a privacy point of view so that you can make more informed choices. The label tells you what data the app is collecting about you and how this data is linked to your identity.
💻 Exercise: if you use an Android phone or iPhone, which app do you use most frequently? Do you know what kinds of data that app collects about you? Find its privacy label and privacy policy and read both.
(On the Google Play Store, go to the app and click 'See details' in the 'Data safety' section. On the Apple App Store, go to the app and scroll to the 'App Privacy' section. You can browse both stores online if you don't have an Android phone or iPhone - Apple's is tricker to browse, so we've linked directly to a specific app.)
- Are you surprised at which identifiers are being collected?
- Is the privacy policy available in a version written in simple language, or is it only available in confusing legal terminology? Do you think you understand what it means for your data?
- If you use the app in a language other than English, is there even a privacy policy available in that language?
❓ Where could you offer a privacy label for your product? While the concept is currently only in use for apps, you could provide a privacy label on your website and introduce privacy labels on any platform you provide for third parties (e.g. for plugins or extensions). Do you think this would be effective? Do you pay attention to nutrition labels on the food you eat, and do you think you'd be more or less likely to do so for apps? What could you do to make the label more appealing to read?
In 2023, Apple announced they will be taking privacy labeling a step further with privacy manifests: app SDKs will need to provide a manifest detailing their privacy practices. This can then be used by developers to understand the privacy impact of using the SDK, while Xcode (Apple's IDE) will use the manifests to generate app privacy reports. This is great progress for iOS app privacy and it highlights how important it is to critically assess all of your third-party dependencies. When you take a look, you might be surprised how much data they're collecting. We explore this further later in the course in Whose Servers Are You Sharing My IP With?
.Further Reading
- Here’s What You’re Actually Agreeing To When You Accept a Privacy Policy, Thorin Klosowski, The New York Times (2023)
- Building a Privacy Policy People Actually Want to Read, Richard Mabey, Artificial Lawyer - this is an excellent case study in how to design a readable privacy policy using icons and layering.
- App privacy labels show stark contrasts among messaging apps - Ben Lovejoy, 9to5Mac
- Apple's Privacy Nutrition Labels for its own apps
- Get started with privacy manifests - Apple WWDC23