Problem Summary

The lack of suitable graphical symbols to aid in comprehending and communicating legal concepts affects user engagement and understanding of privacy policies, which are typically long and unappealing.

Rationale

Companion icons are icons that accompany the text to clearly indicate where specific information appears in long privacy policies [2]. These icons function to support the information-seeking activity of the reader more quickly and effectively, helping users understand essential data protection concepts [2]. This improves the clarity, comprehension, and usability of privacy policies.

Solution

The use of graphical symbols, such as icons, to enhance the communication of privacy policies. These visual aids aim to simplify complex privacy information, making it easier for users to understand. By incorporating icons, privacy policies can effectively convey key data collection and processing practices, improving user comprehension, engagement, and trust.

Holtz, Nocun and Hansen [1] introduced the concept of using privacy icons to simplify privacy policies and make them more usable to users. Privacy icons were proposed to effectively convey core information about data collection and processing, particularly in contexts such as social networks where user interactions are paramount
The research was part of the PrimeLife project, funded by the European Union, which concluded in October 2011. The project's website, PrimeLife, is archived and accessible at PrimeLife Archive.

Rossi and Palmirani [2] presented the Data Protection Icon Set (DaPIS), which addresses the challenge of designing privacy icons to enhance the usability of privacy policies. DaPIS was created through a multidisciplinary approach involving technical experts, lawyers, designers, business representatives, and laypeople. The aim was to ensure the icons were clear, legally accurate, and user-friendly. The project employed an ontology-based framework where each icon represents a specific concept (e.g., data processing purposes, rights). This modular and compositional design allows complex ideas to be visually communicated by combining simple, standardised elements. The resulting set of 33 icons is intended to make privacy policies more usable to users. The icons were designed to be machine-readable, supporting integration with semantic technologies for efficient retrieval and navigation of legal information. The icons provide visual representations of data protection concepts such as personal data processing, user rights, and legal bases for processing, thereby facilitating better user comprehension and engagement.
The icon set (version 3 as of this writing) is maintained and available for free download at Zenodo.

Gerl [3] presented a practical application with an extended version of The Layered Privacy Language (LPL), called LPL Personal Privacy Policy User Interface (LPL PPP UI). The LPL PPP UI integrates a set of icons and elements to support the Privacy Icon Overview. This feature provides a visual summary of the privacy policy, enhancing the user's ability to identify and understand data processing purposes quickly. The icons' design considered modularity and compositionality, allowing complex privacy concepts to be broken down into simpler, visually represented elements. The icon set is also intended to be adaptable to officially agreed-upon GDPR icons (See GDPR Art. 12 No. 7).

Platforms: personal computers, mobile devices

Related guidelines: Enhance Privacy Policy Communication with Automated Information Extraction, Implement Visual Strategies for Effective Communication of Lengthy Privacy Policies

Example

Some of the DaPIS icons for subject rights [2]. (See enlarged)

Overview of LPL Privacy Icons [3]. (See enlarged)

Example of a Privacy Policy User Interface using icons to inform the Data subject 'at first glance' [3]. (See enlarged)

• Participatory design methods combined the perspectives of legal experts, designers, and other relevant stakeholders while employing canonical principles from aesthetics, ergonomics, and semiotics. User studies empirically determined the strengths and weaknesses of the icon set as a communicative means for the legal sphere. The evolving PrOnto ontology, the foundation of DaPIS, holds the potential for the introduction of new icons [2].
• Evaluated with users [1][2], and involving individuals from different cultures [1].
• The presence of privacy icons led to users spending more time engaging with the privacy policy information, suggesting increased attention to detail. Additionally, the LPL privacy icon set is designed to be exchangeable, allowing for future adaptation to officially agreed GDPR icons [3].

• The initial results suggest that some large icon sets may be overly complex, potentially confusing users. Providing information about the icons' meanings through mouse-over functionality and links to the corresponding parts of the written privacy policy could enhance the usability of the privacy icons. Further iterations to enhance the icon sets and their integration into applications, along with public discussion for feedback and validation, are necessary, requiring clarity on the legal binding and its scope [1].
• Limited sample size and diversity among study participants [2], since cultural variations can affect the understanding of specific icons, as illustrated by the Chinese test users' misinterpretation of an icon related to postal services [1].
• Lack of familiarity with graphical symbols can hinder recognition, so further research is needed to study the effect of training to increase recognition, as well as on the number of icons individuals can effectively learn and retain [2].
• The effective presentation of complex privacy concepts, such as anonymisation methods or privacy models, remains challenging, particularly for special user groups like children. While the results support the potential of icon-based interfaces in enhancing privacy communication, they are not considered reliable due to the limited extent of the experiments, necessitating more extensive future testing with more tasks and participants [3].

Such solutions aim to communicate personal data handling practices through privacy notices. Considering the design space for privacy notices [4], this guideline can be applied to the following dimensions:

Transparency [5] is the main privacy attribute since this mechanism involves the proactive distribution of information to users, promoting visually accessible communication of privacy risk level, and helping users to make privacy-informed decisions. Other related privacy attributes: