Microsoft security strategist Scott Charney has urged organisations to dump verbose privacy documents, saying they only confuse users.
Charney said users were “overloaded” with information in lengthy privacy documents and could not be reasonably expected to trawl through dozens of pages.
“Even if you had the knowledge to read it through, you’d never finish,” Charney said.
“There’s a lot of debate on notice and choice, but now users get so many privacy statements they don’t know what to do with them.”
Instead, privacy documents should be shortened to a single page, he said.
In addition, obvious privacy clauses such as the need for users to supply shipping addresses for goods purchased online should be dumped.
But lengthy statements should still be made available for “lawyers and privacy experts” to peruse.
The call comes on the back of Microsoft’s own move to simplify its privacy policies. However, exactly what this will involve is unknown.
“In the early years we put too much burden on users – we need to provide more direct and actionable information to users, rather than just throw stuff at them,” Charney said.
Darren Pauli travelled to Redmond as a guest of Microsoft.
_(22).jpg&h=140&w=231&c=1&s=0)
_(20).jpg&h=140&w=231&c=1&s=0)
_(23).jpg&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
