Facebook whitepaper says current privacy communication practices insufficient1 min read . Updated: 16 Jul 2020, 11:40 AM IST
- The whitepaper though doesn’t talk about the changes the company is making, and is more of a thought experiment and makes suggestions about how companies can look at designing privacy policies in future
NEW DELHI: Facebook on Thursday published a whitepaper calling for privacy policies that are clearer and easier to understand.
The whitepaper, authored by Erin Egan, vice president and chief privacy officer, Public Policy at Facebook, is part of the Privacy Matters series the social media company has been running to explain changes it’s making to its privacy practices. The whitepaper though doesn’t talk about the changes the company is making, and is more of a thought experiment and makes suggestions about how companies can look at designing privacy policies in future.
“In short, the current practices for informing people about how companies use their data, and the laws setting out transparency requirements, may be insufficient to provide meaningful notice to people," wrote Egan.
The paper lays out three questions around how privacy communications are designed, including how organizations, regulators and stakeholders can work together to develop new ways for communicating about privacy, legal and regulatory support for designing “people-centered" practices and how regulators can hold organizations accountable.
“Transparency efforts by organizations, as well as the policy frameworks that underlie them, must be built to anticipate and meet varying needs," the whitepaper said. “There are no easy answers, nor has anyone ‘solved’ the problem of how to design transparency to address these needs," it added.
Further, the whitepaper says “effective laws and regulation" can help in creating “people-centered" design practices for privacy communication but many laws incentivize “traditional, long form — and historically ineffective — forms of notice". The whitepaper also called for regulators, industry and other stakeholders to “co-create" standards for privacy communications.
“Another idea for regulators could be to regulate the process for making privacy design decisions, not the outcome of those processes," the paper added.