Computerworld - A European Union initiative to develop standards for shorter and more readable data-privacy notices on Web sites is shining a spotlight on a similar need in the U.S., and large companies such as Microsoft Corp. and The Procter & Gamble Co. are already adopting the condensed format.
On its corporate Web site, P&G has created a "privacy notice highlights" page that uses a modular format identical to the one approved by an EU panel in late November. The modular approach lets companies provide Web site visitors with capsule descriptions of their privacy policies as the initial step in the disclosure process.
Sandy Hughes, P&G's global privacy executive, said last week that the Cincinnati-based maker of consumer goods set up the new page after a survey of users who visited the Web site showed that 95% of them found shorter data privacy notices helpful.
The information on the page fits in a single screen on a PC and is separated into six data fields, each containing concise, bulleted information about P&G's privacy policies. Links are included that open separate windows with more detailed descriptions of the policies.
P&G has yet to implement a similar short-form notice on its European Web sites, but Hughes said it plans to do so. "What will take time is the multiple language translations to go on top of our policies, which are already in 17 languages," she said.
Peter Cullen, Microsoft's chief privacy strategist, said the software vendor also plans to implement a layered notice approach similar to the one being used by P&G.
Focus-group research done last year by Microsoft in Germany and Hong Kong showed that consumers were overwhelmingly in favor of shorter privacy notices, he said.
Microsoft will begin by implementing short-form notices on its MSN Web sites in Europe, Cullen said. He noted that the challenge is in figuring out exactly what information needs to be included in the shortened notices to make them suitable for the bulk of Microsoft's customers.
The EU's data privacy commissioners are proposing the adoption of the modular notices as a way to make privacy statements more user-friendly, said Jonathan Bamford, assistant commissioner in the U.K.'s Information Commissioner's Office.
Legal Obligations Remain
The short-form proposal does not eliminate the legal obligations that companies have to disclose their privacy polices in full, according to Bamford. "What it does is provide another layer of clarification beyond what the law says you have to do," he said.
Under the multitier approach, companies still must offer a full notice that spells
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
