stephtngu-CR
commented
4 years ago Thank you @zenitrami ! We appreciate your contribution here.
One existing Digital Standard criteria is "I know what user information this company is collecting and when." meaning "Does the company clearly disclose the type of user information collected?" which we think this currently covers. The notifications (and choice of frequency) is context dependent. It may work for some products and people, but not always.
Data sharing.yaml asks for clear explanations and disclosure on information use. I love the idea of this, but think that this proposal as-is will allow providers to surface ToS in an ignorable, one-time way.
A potential solution is to add stipulations saying that users should be regularly told how their data is used. I'm not sure about the exact time interval -- could be once a month, a few times a year.
Another idea is to have a section on websites/apps that covers all information specifically related to the user's data (ownership, sharing, etc.)
Both of these could be through a popup or notification.
Happy to discuss more!