Patterns — inform

• Minimal Information Asymmetry

  Prevent users from being disenfranchised by their lack of familiarity with the policies, potential risks, and their agency within processing.

• Informed Secure Passwords

  Ensure that users maintain healthy authentication habits through awareness and understanding.

• Awareness Feed

  Users need to be informed about how visible data about them is, and what may be derived from that data. This allows them to reconsider what they are comfortable about sharing, and take action if desired.

• Who’s Listening

  Inform users of content where other users or unauthenticated persons having accessed the same content are listed, and may access any further disclosures.

• Privacy Policy Display

  The goal of this display is to provide the user information about why what information by whom is requested. It should be used whenever personal data is required from the user.

• Layered Policy Design

  Make privacy policies easier for users to understand by layering detail behind successively more concise and summarized information.

• Asynchronous notice

  Proactively provide continual, recurring notice to consented users of repeating access to their personal data, including tracking, storage, or redistribution.

• Abridged Terms and Conditions

  Enables the user to better understand the Terms and Conditions presented by a system through summarization. The most important elements therein are condensed into a more concise overview.

• Policy Matching Display

  Allow users to specify what privacy preferences they have and non-intrusively bring policy mismatches to their attention.

• Ambient Notice

  Provide unobtrusive, non-modal, continuous notice when personal data is being accessed to increase awareness of real-time tracking.

• Dynamic Privacy Policy Display

  Provide standardized contextual policy information on the nature and risks of disclosure through tooltips.

• Privacy Labels

  Standardize warning labels similar to nutrition information to quickly inform users about privacy policies and preferences.

• Data Breach Notification Pattern

  Ensure that unauthorized access and processing of personal data is detected and reported to the supervisory authority and any sufficiently affected users without any undue delay.

• Trust Evaluation of Services Sides

  A visual highlight provided by an authority which signals the extent to which given privacy criteria are fulfilled. It should be clearly placed and easily found, with links to additional information.

• Privacy icons

  A privacy policy which is hard to understand by general audience is summarized and translated into commonly agreed visual icons. A privacy icon is worth a thousand-word policy.

• Privacy-Aware Network Client

  Enhance user awareness of privacy policies by automatically converting it into a standardized and easily readable format over a secure channel.

• Informed Implicit Consent

  Controllers must provide unavoidable notice of a users implicit consent to the processing of their data, where reasonable to do so.

• Privacy Color Coding

  Provide visual cues in standardized colors about privacy policies and preferences to help convey information to users more quickly.

• Appropriate Privacy Icons

  Use consistent icons in place of policy aspects. The icons should convey these aspects reliably, without allowing room for misinterpretation once explained to the user.

• Icons for Privacy Policies

  Icons are capable of conveying information more quickly than a document, and are therefore a useful way to augment policies.

• Privacy Mirrors

  Disclosure awareness is needed to adequately manage digital identity. Provide the user of a system with a high level reflection on what personal data the system knows about, what access is given to others, and what kind of personal data can be deduced.

• Appropriate Privacy Feedback

  Supplies the user with privacy feedback, especially concerning that which is monitored and accessed, and by whom.

• Impactful Information and Feedback

  Provide feedback about who a user will disclose their information to using certain privacy settings before that information is actually published.

• Platform for Privacy Preferences

  Use privacy policies which consist of standardized and extensible vocabulary and data element sets, both of which user agents should be aware of, in order to streamline their review by eliminating redundancies.

• Privacy dashboard

  An informational privacy dashboard can provide collected summaries of the collected or processed personal data for a particular user.

• Preventing mistakes or reducing their impact

  Prevent accidental automatic disclosure of personal information.

• Informed Credential Selection

  Ensure users are informed of the potential privacy consequences of sharing various authenticating data.

• Privacy Awareness Panel

  Establish user awareness of the risks inherent in the disclosure of their data, whether to the controller themselves or to other users.

• Privacy Aware Wording

  Ensure that the content of privacy related information provided to the user is worded carefully, maintaining both attention and understanding.

• Personal Data Table

  In order for users to see what information a controller has about them, they can be provided with a detailed tabular overview of that data upon request.

• Informed Consent for Web-based Transactions

  This pattern describes how controllers can inform users whenever they intend to collect or otherwise use a user's personal data.

• Increasing awareness of information aggregation

  Inform users about the potentially identifying effects of information aggregation to prevent them from unknowingly endangering their privacy.

• Unusual Activities

  Prevent suspicious access to user data through alerts and authenticate through multiple factors upon potential compromise of an account.