Could your privacy policy be improved?

Earlier in 2015, the Privacy Commissioner (the figurehead of the Office of the Australian Information Commissioner), not content with a week devoted to privacy awareness, conducted an audit of the Privacy Policies of 21 of the nation’s biggest entities. Our ‘big four’ banks were included, as well as dozens of other businesses like Twitter, LinkedIn and Instagram. This article will look at ways to improve your Privacy Policy.
Australian Privacy Principles
Privacy policies were evaluated against Australian Privacy Principle 1, which requires organisations to have a privacy policy that is clearly expressed and up to date. If you’re interested, the Australian Privacy Principles are contained within schedule 1 of the Privacy Act 1988 (Cth).
Under privacy law in Australia, businesses must include certain information that will allow people to be informed about how their personal information will be handled if they choose to interact with the business. The Commissioner distributed gold stars to a select few for their stellar privacy policies but noted that some organised remained firmly in the sin-bin. Organisations fell down when relevant information took too long to locate, or when they skirted around the issue of how information could be accessed and corrected. Black marks were also given when information on how a privacy complaint could be made or how information was protected was fudged or unclear.
The Commissioner’s findings boil down to ensuring that organisations doing business online have privacy policies that are ‘clearly expressed’. As an objective criterion, being ‘clearly expressed’ is a difficult concept to clearly and objectively define. Our Commissioner does his hardest to try, however, using instruments such as the Flesch-Kincaid Grade Level. Yes, this is a real measure.Using this system provides a result equivalent to the number of years of schooling a reader requires to be able to understand an organisation’s privacy policy.
The result is calculated using the formula below:
Grade Level = 0.39 (total words/total sentences) + 11.8 (total syllables/total words) – 15.59
For an instrument used to measure Plain English, the level of irony of using the formula above probably tops the scale.
Tips from the Commissioner
The Commissioner does have some excellent advice everyone can use to improve their privacy policy:
- “Think about your audience. Don’t treat the privacy policy as a legal document to manage legal risk. It should be a document that creates trust in your entity and speaks to your customers or clients;
- Don’t just repeat the words in the Australian Privacy Principles. Make the privacy policy specific to your business or operation;
- Seek input from all areas of your entity including your public relations department, which may have ideas about innovative formats for better communicating the policy, for example, through video or other mechanisms relevant to the communication channel (paper, telephone, email, online) that you are using;
- Focus on what is important to the reader. Do not try to cover everything in minute detail;
- Keep it simple. Use simple language and test readability in content and format against external standards such as the Flesch-Kincaid grade level;
- Take a layered approach. For example, for online publication provide a condensed (summary version) of key matters in the privacy policy, with a link to the full policy; and
- Consider having more than one policy. For large or complex entities, consider whether you need to have more than one policy (for different parts of your operation or business, or different functions or activities).”
Conclusion
In summary, make sure you tailor your privacy policy to your audience, make it as clear as possible to understand and include information on how data is obtained, stored, used and how a complaint can be made. Perhaps hold back from dotting your policy with emojis and the odd ‘YOLO’. Get in touch with LegalVision on 1300 544 755 if you have questions.
Corporate Governance 101: Responsibilities for New Directors
Friday 13 May | 11:00 - 11:45am
Online
How Franchisors Can Avoid Misleading and Deceptive Conduct
Wednesday 18 May | 11:00 - 11:45am
Online
New Kid on the Blockchain: Understanding the Proposed Laws for Crypto, NFT and Blockchain Projects
Wednesday 25 May | 10:00 - 10:45am
Online
How to Expand Your Business Into a Franchise
Thursday 26 May | 11:00 - 11:45am
Online
Day in Court: What Happens When Your Business Goes to Court
Thursday 2 June | 11:00 - 11:45am
Online
How to Manage a Construction Dispute
Thursday 9 June | 11:00 - 11:45am
Online
Startup Financing: Venture Debt 101
Thursday 23 June | 11:00 - 11:45am
Online
Was this article helpful?
We appreciate your feedback – your submission has been successfully received.
About LegalVision: LegalVision is a commercial law firm that provides businesses with affordable and ongoing legal assistance through our industry-first membership.
By becoming a member, you'll have an experienced legal team ready to answer your questions, draft and review your contracts, and resolve your disputes. All the legal assistance your business needs, for a low monthly fee.
If you would like to get in touch with our team and learn more about how our membership can help your business, fill out the form below.