An overview of the technology sector’s public expressions of privacy initiatives and values.

Privacy is top-of-mind for technology companies and their consumers. Since Facebook’s data-sharing practices came under scrutiny following reporting on Cambridge Analytica, consumers and legislators have sharpened their interest in big tech’s use of data. In response, many companies continue to review, refine, and clarify their data practices for the benefit of consumers. Some of that clarification comes in the form of prominent public statements from CEOs or published op-eds, dedicated privacy sessions during developer conferences, and marketing-style promotion of privacy as a product feature.

To understand how companies are messaging their approach to privacy to consumers, the IAPP reviewed consumer-facing privacy webpages, prominent publications, public statements by CEOs, and general promotional materials of the tech industry’s main consumer-facing players (Google, Facebook, Microsoft, and Apple; see the note at the bottom of the page for a comment on Amazon). The goal was to summarize how each company is expressing its view of privacy to consumers. This review was not an assessment and comparison of each company’s privacy notice and associated disclosures, its focus was on each company’s promotional efforts to communicate its approach to privacy to consumers—i.e., how each company expresses privacy. The omission of a value or privacy strategy from one company’s column does not indicate that the company does not hold that value or practice that strategy, instead, it is indicative of the fact that the company chooses to emphasize different elements of its approach to privacy. For example, all the companies express a commitment to encryption, but Facebook and Apple make it a more prominent element of their consumer-facing privacy communication than the others.

Amazon was also considered for this chart, but unlike the four companies included, it does not have a central privacy webpage/website and does not make a concerted marketing and promotional effort to communicate its vision of privacy to consumers. Rather than comprehensive privacy resources, Amazon’s consumer-facing privacy communication is limited to traditional privacy notices and product-specific announcements that touch on privacy elements. Amazon does communicate certain aspects of its approach to privacy (for example, in this blog post about differential privacy), but because the company does not promote its vision for privacy directly to consumers, it was not included in this chart.

The Ranking Digital Rights 2019 Corporate Accountability Index provides another perspective on each company’s approach to privacy:
Ranking Digital Rights published its 2019 Corporate Accountability Index on May 16. The report evaluates twenty-four of the largest and most powerful internet, mobile, and telecommunications companies in the world for their performance in three domains: governance, freedom of expression, and privacy. During the introduction of the index, Ranking Digital Rights Director, Rebecca MacKinnon, noted that “[a]cross the board companies are doing more to govern privacy-related risks than they are doing to govern freedom of expression-related risks.” The four companies included in the IAPP chart are included in the 2019 Corporate Accountability Index.

Source Links:
The following is a list of the source URLs reviewed to create the chart.

  Google Search free icon
  Data & personalization
  Google’s Sundar Pichai: Privacy Should Not Be a Luxury Good
  Google AI Blog
  Introducing auto-delete controls for your Location History and activity data
  Google will now let you use your Android phone as a physical security key
  Introducing TensorFlow Privacy: Learning with Differential Privacy for Training Data
  Google vows greater user privacy, after decades of data collection
  A Very Long List of Privacy Features Google Talked About Today at Google I/O
  Privacy Controls
  Privacy & Terms
  Facebook Search free icon
  A Privacy-Focused Vision for Social Networking
  Mark Zuckerberg: The Internet Needs New Rules. Let's Start in These Four Areas
  Facebook’s Mark Zuckerberg Says He’ll Shift Focus to Users’ Privacy
  Four Ideas to Regulate the Internet
  Facebook Privacy Basics
  Microsoft Search free icon
  Privacy at Microsoft
  Privacy at Microsoft (Trust Center)
  Microsoft Account Privacy
  Microsoft Security Development Lifecycle
  What are the Microsoft SDL practices?
  Windows 10 Privacy
  GDPR’s first anniversary: A year of progress in privacy protection
  Increasing transparency and customer control over data
  Microsoft wants a US privacy law that puts the burden on tech companies
  How Microsoft works with customers to keep their trust: A story from the Netherlands
  Apple Search free icon
  Manage your Privacy
  Approach to Privacy
  Examining Safeguards for Consumer Data Privacy
  Apple CEO Cook: Apple in full support of a comprehensive US privacy law
  Tim Cook: You Deserve Privacy Online. Here’s How You Could Actually Get It
  Apple introduces ‘Sign in with Apple’ to help protect your privacy
  Developer News & Updates
  Federal Law Search free icon
  US federal privacy law? Apple, Google, Facebook, Microsoft all hope so
  This Is What Tech Companies Want in Any Federal Data Privacy Legislation
  RSA Conference 2019: Microsoft, Google, Twitter on Federal Privacy Regs
  Microsoft wants a US privacy law that puts the burden on tech companies
  Tech Giants weigh in on Federal Privacy Law
  Microsoft calls for federal regulation of the tech industry
Company icons made by Freepik, Pixel Buddha, Twitter from

Credits: 2

Submit for CPEs