What happens to my data? A novel approach to informing users of data processing practices

  • Bibi van den Berg Leiden University
  • Simone van der Hof Leiden University
Keywords: privacy, data processing, privacy protection

Abstract

Citizens increasingly use the Internet to buy products or engage in interactions with others, both individuals and businesses. In doing so they invariably share (personal) data. While extensive data protection legislation exists in many countries around the world, citizens are not always aware (enough) of their rights and obligations with respect to sharing (personal) data. To remedy this gap, users ought to become better informed of companies’ data processing practices. In the past, various research groups have attempted to create tools to this end, for example through the use of icons or labels similar to those used in nutrition. However, none of these tools have gained extensive adoption, mostly because it turns out that capturing privacy legislation in simple, accessible graphics is a complicated task. Moreover, we believe that the tools that were developed so far do not align closely enough with the preferences and understanding of ordinary users, precisely because they are too ‘legalistic’.

In this paper we discuss a user study conducted to gain a better understanding of the kinds of information users would wish to receive with respect to companies’ data processing practices, and the form this information ought to take. On the basis of this user study we found a new approach to communicating this information, in which we return to the OECD’s Fair Information Principles, which formed the basis for (almost all) data protection legislation. We end the paper with a rudimentary proposal for an end user tool to be used on companies’ Web sites.

Author Biographies

Bibi van den Berg, Leiden University
Dr. Bibi van den Berg is assistant professor at eLaw@Leiden, the Centre for Law in the Information Society at Leiden University?s Law School. Prof.dr. Simone van der Hof LLM is professor of Law and the Information Society at eLaw@Leiden the Centre for Law in the Information Society at Leiden University?s Law School.
Simone van der Hof, Leiden University
Prof.dr. Simone van der Hof LLM is professor of Law and the Information Society at eLaw@Leiden the Centre for Law in the Information Society at Leiden University?s Law School.
Published
2012-06-27
How to Cite
van den Berg, B., & van der Hof, S. (2012). What happens to my data? A novel approach to informing users of data processing practices. First Monday, 17(7). https://doi.org/10.5210/fm.v17i7.4010