How to make privacy policies both GDPR-compliant and usable

Renaud, Karen and Shepherd, Lynsay; (2018) How to make privacy policies both GDPR-compliant and usable. In: 2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). IEEE, GBR. ISBN 978-1-5386-4565-9 (https://doi.org/10.1109/CyberSA.2018.8551442)

[thumbnail of Renaud-Shepherd-IEEE-CSA2018-How-to-make-privacy-policies-both-GDPR-compliant-usable]
Preview
 Text. Filename: Renaud_Shepherd_IEEE_CSA2018_How_to_make_privacy_policies_both_GDPR_compliant_usable.pdf
Accepted Author Manuscript
Download (1MB)| Preview

Abstract

It is important for organisations to ensure that their privacy policies are General Data Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline. However, it is also important for these policies to be designed with the needs of the human recipient in mind. We carried out an investigation to find out how best to achieve this.We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers.

ORCID iDs

Renaud, Karen ORCID logoORCID: https://orcid.org/0000-0002-7187-6531 and Shepherd, Lynsay;
  • Item type:Book Section
    ID code:75574
    Dates:
    Date
    Event
    29 November 2018
    Published
    12 June 2018
    Published Online
    26 February 2018
    Accepted
    Notes:© 2021 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting /republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
    Subjects:Science > Mathematics > Electronic computers. Computer science
    Department:Faculty of Science > Computer and Information Sciences
    Depositing user: Pure Administrator
    Date deposited:25 Feb 2021 15:41
    Last modified:11 Nov 2024 15:24
    Related URLs:
    URI:https://strathprints.strath.ac.uk/id/eprint/75574
CORE (COnnecting REpositories)