How Privacy Icons could save web users from themselves

Gallery: Mozilla, the EFF, the FTC and the W3C have come together to create a set of visual icons to help understand privacy policies online.
Written by Zack Whittaker, Contributor

Throw together some of the world's foremost thinkers of online privacy and representatives from Mozilla into a room, and given enough time something incredible will be created.

Introducing a prototype alpha version of 'Privacy Icons', these visual representations of online privacy policies could revolutionise the existing policies for websites and services into a readable and understandable format for ordinary users.


This combined effort will help transform text-based contract-like policies into a system where the ordinary user will know where their data goes. For example, knowing that a website or service will only use your data solely for the intended use for that site, versus a service which uses your data to sell on to spammers and junk mailers could be the difference between using it and not.

GalleryTo take a look at the proposed new Privacy Icons to revolutionise the understanding of online privacy policies, check out the gallery here.

To find out more, I spoke to my old friend, Aza Raskin, former head of user experiences at Mozilla Labs and now startup entrepreneur of Massive Health, about his prototype idea of Privacy Icons.

I asked him about enforcement and how privacy policies can be amended to accommodate Privacy Icons:

"The current thinking for Privacy Icons is to use a bolt-on approach. That is, when a site uses a Privacy Icon, the icon appends legalese to the site's existing privacy policy to make it as enforceable as privacy policies can be.

Just like copyright or privacy policies in general, Privacy Icons cannot be automatically enforced. A site can lie in their privacy policy today to mislead their users. Enforcement and accountability has and will continue to come from third-parties and governments.

The exact legal mechanisms by which this works is still an open question, but the copyright symbol is a good anology: the simple act of its presence confers a set of rights. Just like Firefox warns when you are visiting a potentially malicious site, it can also warn if the symbol appears without the appropriate text existing in the privacy policy.

But think about it this way. If the Privacy Icons are used maliciously to mislead people then that implies Privacy Icons have succeeded in a big way. If people are making decisions based on now easily-understood privacy attributes, the icons have succeeded at informing and educating web users about the importance of their and with whom and how they share it. Misuse is a classy problem to have."

Could Privacy Icons be automatically brought into web browsing and email software?

"Absolutely. As Privacy Icons evolve, I expect to see a number of extensions made by a variety of parties. Places like the CDT have already expressed interest in doing just that."

Will Privacy Icons act as a conduit to ensuring the younger generations are more careful with their privacy, and more careful with the data they directly and indirectly hand over to websites?

"Privacy Icons are fundamentally about transparency. They make it easier to know exactly what a company intends to do with your data in a way which is understandable to most people. As people begin to realize what happens to their data, at the most basic level, it will help them make better decisions about which new services they use.

Given a choice of a two Facebook applications that do roughly the same thing, where one sells data to advertisers, with Privacy Icons it is much easier to decide which to use. I expect the more technically savvy folks to blog, tweet, and evangelize the sites which are better actors. That, in turn, will influence the broader demographics."

Do you think Privacy Icons could work, or do you think they only work when in good faith? Have your say.

Editorial standards