By Angelique Carson, CIPP/US

At the Federal Trade Commission one-day public workshop May 30, experts discussed online and mobile disclosures. The FTC is looking to update its last guidance on mobile privacy disclosures, released in 2000.

Moderated by FTC staff, panelists discussed such topics as how, when and where to make advertising disclosures to consumers, especially given the small screen sizes of mobile devices.  

A researcher on human computer interaction at University of California Berkeley, Jennifer King, opened a session on universal and cross-platform advertising disclosures by explaining the concept of user-centered design with a digital presentation based on a users' perceptions, expectations and needs. Because people are goal-oriented, King explained, when performing a task, they narrow their focus to only what's necessary to reach that goal. Such "selective attention" is important to keep in mind when considering advertising disclosures, King said.  

Additionally, users have been trained to scan a webpage for the most relevant information by reading it in an "F" shape pattern, King said, and so need a visual hierarchy to decipher meaning. Websites' disclosure models--generally lacking such hierarchies--aren't doing a sufficient job, she added, and stakeholders must realize that simply applying that model to smaller-screened mobile devices won't be effective. A more successful model may be that which was recently developed by Carnegie Mellon University doctoral candidate Patrick Kelley and colleagues. Kelley's disclosure resembles a nutrition label, effective for both its readability and "the distillation of the text into key points," King said.

During a panel discussion on cross-platform advertising disclosures, panelists largely agreed that putting disclosures behind hyperlinks is an acceptable disclosure method but agreed that material disclosures should be displayed more prominently.  

In a session on mobile advertising disclosures, the Interactive Advertising Bureau's Anna Bager noted the inherent struggles associated with small screens, not only because of the size but also because the user is often in a different mindset than when operating on a desktop or larger platform.  

"Consumer expectations are different on mobile phones," agreed Michelle De Mooy from Consumer Action. "It's a very personal product. Users are pretty unaware of the ecosystem that surrounds them, the marketing ecosystem. They tend to think of their phones as something that is not a website."

Though some panelists advocated against having a "check-the-box" disclosure method, De Mooy said no matter how advanced technology becomes, "it's still going to be pretty easy to check a box" and lauded its utility from a design standpoint.  

Jim Halpert, general counsel to the Internet Commerce Coalition, noted the importance of providing "proximite notice" when it comes to recurring or negative-action contracts. Notice should be placed "close to the point where the user is going to click to accept the arrangement of the disclosure, because that's a material term and there's potential class-action liability under state laws for failing to comply," Halpert said.  

Texas Assistant Attorney General Paul Singer said that from a regulator's standpoint, proximity is "still a very key concept to making sure consumers see and understand disclosures."

Noting its practicality for every device--regardless of size--the IAB's Bager said responsive design "solves a problem across many platforms."  

Panelists seemed to agree with De Mooy's comment that businesses today would be wise "to start with mobile and then head to the web. It makes more sense to design that way."  

In a session on mobile privacy disclosures, Create with Context, Inc. CEO Ilana Westerman presented research indicating consumers don't quite understand the extent to which companies are using their data and do care about transparency and having options on how their data is used. The research also found consumers don't want to be interrupted with disclosures and only want the disclosure at a point that they care, such as before they hit "buy," for example.  

As one solution, Westerman recommended the development of a trust icon for disclosures, a pull-down screen indicating to users that personal data is being sent and allowing them to click for more information.  

Jim Brock of PrivacyChoice said it's important to speak in a language that users can actually understand and warned that a privacy icon could be problematic because of the numerous iterations of privacy policies from company to company.  

"It's going to be hard to have icons that are not, in many cases, cryptic to the user," he said.  

The World Privacy Forum's Pam Dixon said she recommends companies use every medium available to reach consumers when it comes to disclosures, including e-mail, Facebook and Twitter. She said it's important to have robust disclosures and be creative with that robustness.  

"When you're researching something, after a notice is read the first time, it's toast," Dixon said, adding she recommends monthly disclosure reminders if necessary.  

Kevin Trilli of TRUSTe said the company is creating a short-notice privacy policy for mobile devices and apps.  

"How do you get a consumer to read a policy in three seconds?" he said, adding "consumers don't have time to decide more than three things."  

Westerman closed the panel by noting her research indicates there's more to be done when it comes to mobile disclosures.

"But that's because we're just getting started," she said.  

The FTC is expected to release a report on mobile and online privacy disclosures in the fall, and is accepting comments from the public through July 11.


If you want to comment on this post, you need to login.


Related Posts


Board of Directors

See the esteemed group of leaders shaping the future of the IAPP.

Contact Us

Need someone to talk to? We’re here for you.

IAPP Staff

Looking for someone specific? Visit the staff directory.

Learn more about the IAPP»

Daily Dashboard

The day’s top stories from around the world

Privacy Perspectives

Where the real conversations in privacy happen

The Privacy Advisor

Original reporting and feature articles on the latest privacy developments

Privacy Tracker

Alerts and legal analysis of legislative trends

Privacy Tech

Exploring the technology of privacy

Canada Dashboard Digest

A roundup of the top Canadian privacy news

Europe Data Protection Digest

A roundup of the top European data protection news

Asia-Pacific Dashboard Digest

A roundup of the top privacy news from the Asia-Pacific region

IAPP Westin Research Center

Original works. Groundbreaking research. Emerging scholars.

Advertise in IAPP Publications

Find out how to get your message in front the people you want to reach. Download a media kit now.

Get more News »

Find a KnowledgeNet Chapter Near You

Network and talk privacy at IAPP KnowledgeNet meetings, taking place worldwide.

Women Leading Privacy

Events, volunteer opportunities and more designed to help you give and get career support and expand your network.

IAPP Job Board

Looking for a new challenge, or need to hire your next privacy pro? The IAPP Job Board is the answer.

Join the Privacy List

Have ideas? Need advice? Subscribe to the Privacy List. It’s crowdsourcing, with an exceptional crowd.

Find more ways to Connect »

Find a Privacy Training Class

Two-day privacy training classes are held around the world. See the complete schedule now.

Online Privacy Training

Build your knowledge. The privacy know-how you need is just a click away.

The Training Post—Can’t-Miss Training Updates

Subscribe now to get the latest alerts on training opportunities around the world.

New Web Conferences Added!

See our list of upcoming web conferences. Just log on, listen in and learn!

Train Your Staff

Get your team up to speed on privacy by bringing IAPP training to your organization.

Learn more »

CIPP Certification

The global standard for the go-to person for privacy laws, regulations and frameworks

CIPM Certification

The first and only privacy certification for professionals who manage day-to-day operations

CIPT Certification

The industry benchmark for IT professionals worldwide to validate their knowledge of privacy requirements

Certify Your Staff

Find out how you can bring the world’s only globally recognized privacy certification to a group in your organization.

Learn more about IAPP certification »

Get Close-up

Looking for tools and info on a hot topic? Our close-up pages organize it for you in one easy-to-find place.

Where's Your DPA?

Our interactive DPA locator helps you find data protection authorities and summary of law by country.

IAPP Westin Research Center

See the latest original research from the IAPP Westin fellows.

Looking for Certification Study Resources?

Find out what you need to prepare for your exams

More Resources »

GDPR Comprehensive: Registration Open

New! Intensive two-day GDPR training led by the sharpest minds in the field. It's a can't-miss event.

The Congress Is Cancelled

The IAPP Europe Data Protection Congress 2015 is cancelled. Click through to learn more.

Sponsor an Event

Increase visibility for your organization—check out sponsorship opportunities today.

Exhibit at an Event

Put your brand in front of the largest gatherings of privacy pros in the world. Learn more.

More Conferences »

Become a Member

Start taking advantage of the many IAPP member benefits today

Corporate Members

See our list of high-profile corporate members—and find out why you should become one, too

Renew Your Membership

Don’t miss out for a minute—continue accessing your benefits

Join the IAPP»