Professor Nico van Eijk & Dr. Kristina Irion – Abstract

Co-authors:

Professor Nico van Eijk, Professor of Media and Telecommunications Law & Director, Institute for Information Law, Faculty of Law, University of Amsterdam
Dr. Kristina Irion, Senior Researcher, Institute for Information Law, Faculty of Law, University of Amsterdam, Netherlands; Associate Professor, School of Public Policy, Central European University

Topic: A Roadmap to Enhancing User Control via Privacy Dashboards

Abstract: In the 2015 Privacy Bridges Report, a group of international privacy experts put forward ten proposals (privacy bridges) to foster stronger international collaboration and advance privacy protection for individuals. The second privacy bridge called for practical solutions for enhancing user control that operate ‘regardless of jurisdiction, citizenship, and location of data.’ This study aims to make progress with the implementation of user controls in succession of the Privacy Bridges Report.

Being tasked with identifying practical solutions for enhancing user controls we grounded this research on three premises. First, user controls should correspond with the current landscape of online services offered to users, the platform and app economy. Second, we specifically recognize user controls as socio-technical systems which must be designed in the interest of users in order to advance privacy values. Third, user controls should have the flexibility to accommodate the existing differences between privacy laws.

This report presents and draws on multi-disciplinary insights into what characterizes effective user control over the collection and use of personal data. User controls arise from the interplay of a number of conditions. These are partly technical but also connected to different aspects of user behavior, the intricacies of design, as well as the internal and external incentives in privacy governance that exist today. Our review of the state of research underscores that devising effective user controls require close collaboration between different disciplines, clear regulatory guidance and scientifically-backed assessments.

Well-designed privacy dashboards currently present a realistic scenario for enhancing user controls that is attuned to the online, mobile and platform economy. Privacy dashboards are user interfaces that provide as a single point of access to information on the collection and use of personal data as well as the configuration of privacy settings by users. Online intermediaries and platforms are certainly in the best position to implement privacy dashboards that offer users scalable and persistent controls in their ecosystem.

We reflect how privacy dashboards fare in light of the research, summarize the existing overlap in privacy commissioners’ guidance on privacy dashboards and develop a set of recommendations for further optimization of existing privacy dashboards. We propose as a recommended course of action that privacy commissioners jointly develop actionable guidance on user control enhancing privacy dashboards. Such guidance should go hand in hand with a scientifically-backed methodology that is developed by a multi-disciplinary group of researchers against which actual privacy dashboards can be assessed.