The Power and Pitfalls of Transparent Privacy Policies in Social Networking Service Platforms
This research addresses the problem of ineffective privacy policies for users and designers of social networking services, showing that current transparency efforts are insufficient, which is incremental to existing work on privacy communication.
The study investigated whether transparent privacy policies increase informed consent on social networking platforms, finding that 50% of participants incorrectly recalled even the most user-friendly policies and often overestimated privacy protections, while users self-censored disclosures for visibility threats but not for secondary data use.
Users disclose ever-increasing amounts of personal data on Social Network Service platforms (SNS). Unless SNSs' policies are privacy friendly, this leaves them vulnerable to privacy risks because they ignore the privacy policies. Designers and regulators have pushed for shorter, simpler and more prominent privacy policies, however the evidence that transparent policies increase informed consent is lacking. To answer this question, we conducted an online experiment with 214 regular Facebook users asked to join a fictitious SNS. We experimentally manipulated the privacy-friendliness of SNS's policy and varied threats of secondary data use and data visibility. Half of our participants incorrectly recalled even the most formally "perfect" and easy-to-read privacy policies. Mostly, users recalled policies as more privacy friendly than they were. Moreover, participants self-censored their disclosures when aware that visibility threats were present, but were less sensitive to threats of secondary data use. We present design recommendations to increase informed consent.