Chris Babel, CEO, TRUSTe
Chris Babel, CEO, TRUSTe

Privacy is hotter than ever these days, and many companies struggle to stay ahead of the curve. 

Every week a new story breaks around a business that failed to safeguard personal information or used it in a way that violated user expectations, or worse, the law. Privacy fallouts create huge distractions that can disrupt product cycles, incur large PR and legal fees, and entangle a company in draining lawsuits and investigations.

Good privacy means providing your customers and users with transparency, choice and accountability over their data.

It starts with privacy policies. Most websites have a privacy policy, but the same cannot be said for today's mobile and tablet-based apps. No matter the platform, you need a privacy policy governing your use of customer data for that platform, and it needs to be both accessible and readable.

The standard 2,000-word privacy policy found on most websites, for example, is not an appropriate substitute for a mobile app. The limitations of the small, mobile screen size will render such a document practically unreadable.  Elevating key privacy notices to the top, embedding user-friendly navigation, and leveraging short privacy notices that occur outside the privacy policy and at the point of data collection/use can help make a company's privacy practices more transparent to its users.

To provide users with sufficient privacy notice and choice you need a complete and accurate understanding of the data collection activities that occur on your website or app. This sounds obvious, but it's often overlooked. 

Apps and websites these days are crammed with third- and first-party code that collects data. Often, various departments across an organization will add such code incrementally, which can result in a complex web of data collection whose full scope remains obscured to any one individual or group at the company.

Know what data you collect, how you collect it, and what you do with it. Know the same for your partners and third parties with embedded code in your product. Without this knowledge, you cannot properly inform consumers.  

Where possible, offer your customers options over how you use their data. Retroactively providing choice when a product or platform is already built and launched can be difficult, so it's essential that companies build products with privacy in mind these days. 

Make privacy an upfront investment instead of an afterthought. Ask important questions during product development cycles, such as: Would this data collection surprise users in a negative way? Do I offer them meaningful control over their data? Do I properly safeguard the data I collect? Is my company accessible and accountable to user privacy concerns?

Answering these questions before you launch a product or platform can save you a lot of headaches down the road.