Elements of Effective Privacy Notices
71 Pages Posted: 1 Apr 2015 Last revised: 29 Aug 2015
Date Written: April 1, 2015
This paper will describe and define the core elements of effective notice in the online world. The core elements offered in this paper will provide greater insight into where online notice is inadequate and what concrete measures might be taken to improve it. Studies have shown that privacy polices routinely fail to apprise consumers with effective notice. Privacy policies are often articulated in ambiguous or misleading language that fails to inform consumers of the full scope of companies’ data collection practices. More so, privacy policies frequently display dense paragraphs of text in small type. This poor legibility deters consumers from reading privacy terms. In response to these problems, I will explore three distinct models of legal notice, each governing a different area of commercial practice. After studying these models, I will extract their most salient notice principles, and offer a set of requirements for effective notice in the privacy space. This paper will first examine the factors that courts often look for when determining if a party had sufficient notice of an arbitration clause in a larger agreement. Focusing on arbitration provisions will illustrate greater standards of notice in the domain of commercial contracts. I will focus on the doctrines of constructive and actual notice, as well as the “knowing and voluntary” waiver standard that some courts employ when assessing the enforceability of arbitration clauses.
Following a discussion of arbitration clauses, this paper will shift to an exploration of the Food and Drug Administration’s (FDA) labeling requirements for over-the-counter drugs. Exploring these standards will provide some insight as to what is required of effective notice in highly regulated industries. This portion of the paper will pay close attention to the FDA’s rules regarding the use of symbols and pictograms to convey product warnings to consumers. I will also discuss the Administration’s requirements for formatting devices like headings, bulleted statements, and bold type, which have been found to improve consumers’ cognitive processing of label information. Finally, this paper will discuss the substance of Federal Trade Commission (FTC) enforcement actions against companies that it found to cause privacy harms. This discussion will highlight notice standards concerning the privacy practices of general commercial entities. I will focus on cases in which the FTC determined that companies’ disclosures of data collection practices were inadequate or misleading. More so, I will discuss the specific notice requirements that the FTC has delineated in prior decisions and orders.
After exploring what these legal models assert about what notice requires, I will extract from them the most salient principles of effective notice. I will apply these principles to the online world, grouping them into broader classes of core elements. For example, FDA formatting practices may demonstrate that truly effective notice demands that text be prominently displayed, and may be classified under the broader notice element of “Visible and Conspicuous Statements.” The core elements that I will define will focus both on the requisite content and visual presentation of effective online notice.
By extrapolating notice requirements from settled legal models, I intend to inform expectations of what effective notice should look like in the online world. More so, by detailing these core elements, I aim to show what specific areas of online notice require improvement, and how they may be improved. Finally, this paper may help to provide a greater analytical framework for enhancing the effectiveness of online privacy statements. Though some have suggested innovative and technological approaches for improving notice online, I will suggest that referring to already available, established legal principles might also advance this aim.
Suggested Citation: Suggested Citation