These aren’t the only examples of updated privacy policies garnering public and media ire. Like other instances before it, Snapchat followed up last month’s media scrutiny with its own PR emergency response:
— Snapchat (@Snapchat) November 2, 2015
They faced the ire of the media as well. And yet again, we see a lack of trust between companies and consumers.
It’s highly likely that with this new era these, let’s call them, "privacy-notice misunderstandings," will only increase as exponentially as the iPV6 addresses upon which IoT devices rely.
One company, however, is offering a potential solution for consumer-friendly privacy notices. Called Privacync, the tool aims to provide IoT manufacturers with an easy-to-read dashboard for consumers, complete with information such as what PII is collected, with whom it’s shared, whether it’s encrypted and other data security info, plus opt-out options as well as links to the full, lawyer-friendly policies.
“I’ve noticed that every time an FTC commissioner gives a speech, they ask for someone to do this in the real world,” said company co-founder Dale Smith, CIPT. “This product is based at its core on the FIPPs,” he added. “We’ve developed a set of ‘best questions’ geared toward the manufacturer, and our concept is, ‘why not build in questions an expert would ask a vendor?’”
The company lists other samples from existing IoT products in the automotive, garden, health, home, manufacturing, pet, security and toy industries as well.
“Our set of ‘best questions’ are not enough to satisfy a lawyer, but they’re good enough for the consumer,” Smith said. “We put together a survey—a list of those best questions—and look at the features and benefits of a product. It’s not just a one-sided notice written from the perspective of the lawyer.” The manufacturer then fills out this survey and decides what inputs they want for this dashboard, he said.
Smith was careful to point out that Privacynq is not designed to replace standard privacy policies. The goal, rather, is to cultivate trust with the consumer.
“We want to promote digital trust,” he said. “If we can agree, ‘Yeah, I’ll give you certain data, if, and only if, you treat it right,’ then we can trust each other,” he said.
Privacynq isn’t the first foray for Smith in the startup world. Nor is it his first go at a privacy-focused product. Two years ago, he and his team looked into building a verifiable parental consent tool for compliance with the Children’s Online Privacy Protection Act (COPPA). AgeCheq applied to the FTC for two separate verifiable consent methods. However, both were denied. One proposal featured a real-time common consent mechanism. The FTC noted that such a method had already been recognized. The second device-signed parental consent form was denied because, according to the FTC, it was not compliant with COPPA’s requirement “regarding the type of parental information” that can be collected for verifying a parent’s identity.
But these denied requests have not deterred Smith. He and his team, which includes his brother, have worked with the Online Trust Alliance (OTA) in developing Privacynq. “Our concept is that the IoT needs this tool somewhere,” Smith said. “We’re trying to bring together the best practices of the IoT space and make it consumer ready.”
OTA Executive Director Craig Spiezle said Privacynq recently joined the OTA and shares "our view of the need to move privacy from a compliance discussion to one of stewardship." He said with a growing rift between manufacturers and consumers—he points to the rise in use of ad blockers as proof of that gulf—businesses need to communicate "in a simple straightforward manner, weighing privacy best practices against good faith need for consumers' personal information." Spiezle also said Smith and his team "have been very receptive to the OTA working group's input to brief consumers regarding their privacy in context and in accordance with industry best practices."
Smith says he believes this is just the beginning. “We’ve tried to take the long-term view on this,” he said. “We don’t believe the standoff between the manufacturer and the consumer will continue. We want to educate and build trust.”
It looks like the needs of the IoT space, and time, will tell.
If you want to comment on this post, you need to login.