Abstract
We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers.
| Original language | English |
|---|---|
| Title of host publication | 2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA) |
| Publisher | IEEE |
| Number of pages | 8 |
| DOIs | |
| Publication status | Published - 29 Nov 2018 |
| Event | Cyber Science 2018: Security, Safety and Survivability in an era of constant, contemporary and complex Physical and Cyber Attacks - Grand Central Hotel, Glasgow, United Kingdom Duration: 11 Jun 2018 → 12 Jun 2018 |
Conference
| Conference | Cyber Science 2018 |
|---|---|
| Abbreviated title | Cyber SA |
| Country | United Kingdom |
| City | Glasgow |
| Period | 11/06/18 → 12/06/18 |
Fingerprint
Cite this
}
How to make privacy policies both GDPR-compliant and usable. / Renaud, Karen; Shepherd, Lynsay.
2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA). IEEE , 2018.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
TY - GEN
T1 - How to make privacy policies both GDPR-compliant and usable
AU - Renaud, Karen
AU - Shepherd, Lynsay
PY - 2018/11/29
Y1 - 2018/11/29
N2 - It is important for organisations to ensure that their privacy policies are General Data Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline. However, it is also important for these policies to be designed with the needs of the human recipient in mind. We carried out an investigation to find out how best to achieve this.We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers.
AB - It is important for organisations to ensure that their privacy policies are General Data Protection Regulation (GDPR) compliant, and this has to be done by the May 2018 deadline. However, it is also important for these policies to be designed with the needs of the human recipient in mind. We carried out an investigation to find out how best to achieve this.We commenced by synthesising the GDPR requirements into a checklist-type format. We then derived a list of usability design guidelines for privacy notifications from the research literature. We augmented the recommendations with other findings reported in the research literature, in order to confirm the guidelines. We conclude by providing a usable and GDPR-compliant privacy policy template for the benefit of policy writers.
U2 - 10.1109/CyberSA.2018.8551442
DO - 10.1109/CyberSA.2018.8551442
M3 - Conference contribution
BT - 2018 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA)
PB - IEEE
ER -