How to Make Privacy Policies both GDPR-Compliant and Usable by Karen Renaud and Lynsay Shephered

A 2018 piece describes some new strategies, using usability-oriented design, to present privacy policies in better ways.

Its basic design pattern is a summary table, with icons and some call-out boxes  (along with a trust seal) to present the policy in a brief overview with a link to a fuller policy.

It is important for organisations to ensure that their privacy policies are General Data Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline. However, it is also important for these policies to be designed with the needs of the human recipient in mind. We carried out an investigation to find out how best to achieve this. We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers.

The piece provides some templates and analysis to determine

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.