Results of the first GPEN Internet Privacy Sweep
The aim of the sweep was not to check how transparent every individual website is about privacy protection, nor to draw up a complete list of privacy issues. It was especially about how users experience information on privacy protection when surfing to a particular website, since this is very useful for future awareness raising by data protection authorities.
- in some cases the website only contained a very general statement on privacy protection, lacking details about the way in which the organisation collected and used its customers personal data;
- proportionately, more large than small and medium-size organisations publish privacy policies on their websites;
- in quite a few privacy policies standard paragraphs were discovered, which are not adapted to the privacy protection rules in force on the territory in which the organisation works;
- approximately 38% of the privacy policies examined were difficult to read. They were often a simple copy of privacy legislation;
- It contains information that can easily be found and which is brief, clear and pleasant to read, for example in a table or edited as FAQs;
- The contact details of the person in charge of privacy protection are clearly communicated and this person can be contacted in more than one way, for example by letter, at a free phone number or by e-mail.
Follow-up of the initiative
The GPEN members have committed to taking into account the sweep's results for their awareness raising campaigns. At any rate, a new sweep has been planned for 2014.
- The Authority
- European Data Protection Board (EDPB)
- European Data Protection Supervisor (EDPS)
- Customs Information System Joint Supervisory Authority
- Europol Joint Supervisory Body
- Schengen Joint Supervisory Authority
- Visa Information System (VIS)
- Global Privacy Enforcement Network
- Working Party on Police en Justice
- European Conference on Data Protection
- Berlin Group
- International Conference of Data Protection and Authorityers
- Conference of the Association francophone des autorités de protection des données personnelles