Posted by Aaron Massey on 19 Aug 2013.
The Office of the Privacy Commissioner of Canada recently announced the conclusion of a study of more than 300 websites for their privacy policies. Here’s one of their preliminary findings:
Although it wasn’t the focus of our research, I can say anecdotally that we had similar trouble finding web-based policy documents on websites when collecting policy documents last year for our research published this summer. This is a problem, particularly when many jurisdictions require policy documents to be posted conspicuously.
Luckily, this problem is easily solved using an approach similar to robots.txt or humans.txt. Why not just have a plain text file listing the URIs of the policy documents for your organization? This would allow search engines or other web crawlers to quickly identify them, which would, in turn, make it easier for the average consumer to locate them.
To be fair, this approach won’t solve a lot of important problems with policy documents. Many of them are ambiguously worded or otherwise challenging to read. However, solving all of those problems with technologies is likely an effort in futility anyhow. Many of the problems of policy documents aren’t technology problems. Locating policy documents shouldn’t be one of them.
I’m not proposing a standard here today, but I don’t think it really requires a lot. It may simply require the title of the policy document, the URI where it can be accessed, and possibly some versioning information. If you have any thoughts about this, please contact me on Twitter: @akmassey.