Here are some of the points made in the paper:
- Context. User interfaces should take into account the limits and the uses of the devices. Small screens mean that users should not have to resize or endless scroll to access and understand privacy policies. User interfaces should provide the context for the value proposition to the user for the collection of the personal information. If the photo just taken is going to be shared on another platform, notify the user. If geo-location data is being collected, why is that beneficial for the user?
- Discoverability. User interfaces should be interactive and contain navigational aids. The functionality of websites and applications should be harnessed to deliver information in a way that is important as is already done for advertising and other important content.
- Comprehension. Layered privacy notices that deliver subsets of policy information and navigate to information that is important to the user should be considered. In addition, organizations should be considering “Privacy Centres” which bring together information on privacy practices and the tools to manage privacy setting.