Communicating Privacy Choices: Challenges of Creating an Effective Privacy Icons Design
Do you know these icons?
In case you are unfamiliar with these icons, here is a quick summary of what they mean and how they came about: It’s currently common practise in online advertising that advertisers create user profiles to present more relevant information to the user. This process is called Online Behavioral Advertising (OBA) and lead the American Federal Trade Commission to suggest self-regulation to which the online advertising industry responded by forming the DigitalAdvertisingAlliance, a self-regulatory program for companies participating in OBA in 2009.
One year later, the AdChoices icon was introduced to inform web page visitors that they are targeted by OBA. A click on the icon should lead users to more information about the data collection practices on the website and provide an opt-out option.
Until this point – fair enough.
Unfortunately, the efforts of an industry that specialises in grabbing people’s attention and creating engagement fell short of their own ambitions. With more than 200 participanting companies ranging from AT&T, General Motors over Yahoo, Facebook, Google, and Microsoft to Procter & Gamble, the icon has been displayed on million ads every day for years. Still, five years after its introduction, only 25% of respondents in a study conducted in 13 European countries reported having ever clicked on the icon. In 2018 Garlach and Suthers tested the icon with 18 study participants and found various reasons compromising the visibility of the icons leading to limited consumer awareness and engagement:
- there is no standardised location of the icon, meaning it can show up in any of an ad’s four corners
- the icon is comparably small and thus it can easily be overlooked
- the icon’s low color contrast ratio does not draw a lot of attention depending on the background
The respondents indicated that they did not understand the icon as a link separate from the ad and did not associate opt-out options with it. It is also important to note that clicking on the icon did not forward users to opt-out menus but to intermediary pages requiring further orientation.
Therefore, this attempt at self-regulation can be summarised as fairly inefficient, which potentially influenced lawmakers to pass further legislation regulating the communication of user choice. This is the case with the Californa Consumer Privacy Act (CCPA) that went into effect in January 2020 and establishes procedures “for the development and use of a recognizable and uniform opt-out logo or button by all businesses to promote consumer awareness of the opportunity to opt-out of the sale of personal information” (SEC 20. Sec 1798.185. 4C).
Subsequently, the DAA implemented the green Privacy Rights Icon shown above, which apart from having a slightly higher contrast ratio, does not improve upon any of its predecessor’s shortcomings.
Habib et al.’s (2021) recently published paper addresses this issue by applying a rigorous empirical method to icon development for privacy choice. In a series of studies conducted in 2019 and 2020, they empirically investigated different combinations of icon designs and link texts, conveying information about privacy choice. Overall, the study consisted of two phases:
(i) Pre-studies: Testing icons and link text
The icon and the link text pre-studies include the development and preliminary iterative testing of icons that convey three concepts: Choice, opting out, and the sale of personal information. During a brainstorming session, researchers interested in privacy and security developed icons associated with these categories. Subsequently, the authors excluded themes that were too complex to depict as small icons. The chosen icons were designed by three graphic designers and used for the icon pre-study. In that study, half of the participants were presented the icon without context, and half with accompanying text. They then were asked to interpret the depictions in their own words. The pre-study included a questionnaire inquiring about demographic information, the DAA’s AdChoices icon, and awareness of US law. The authors performed a qualitative thematic analysis examining respondents’ associations and (un)intended interpretation, eliminating icons for the concept opt-out (too confusing and specific choice concept) and icons that yielded weak and ambiguous responses concerning understandability. Participants had experienced trouble understanding some icons, so they were later refined and coloured. These were tested again and interpreted more correctly, especially the ID-Card, the Stop-Dollar and the Stylized-Toggle.
Icons were often misunderstood without textual descriptions, so these were developed and refined for the three icon concepts in a second pre-study. During an ideation process, the textual passages were developed, including considerations of the text provided in the CCPA, observations about general vs. more specific prefix: “privacy” vs. “personal info” and the general vs. the more specific suffix: “choices”/”options” vs. “opt-out”. Overall, 14 link texts were chosen for the second pre-study, asking participants about their expectations after clicking the link and rating the likelihood of scenarios about privacy choices or do-not-sell options, as generated in the icons pre-study. A small first text pre-study was conducted to test the material (n=140). Subsequently, the icons were refined, and the study was redone with a bigger sample size (n=400). After a qualitative analysis of results, the studies resulted in two texts – “Privacy Choices”/”Privacy Options” – as creating the least misconceptions. The “Do not sell” text as proposed in the CCPA created expectations not necessarily related to privacy. The privacy prefix created the highest percentage of choices or control and general privacy expectations, the suffix only had a small effect.
(ii) User testing icons and text
During this part of the study, 23 combinations of icons and link texts were selected and evaluated by participants in an online experiment (n=1468) with a between-subject design, simulating a real-life use of the icons and accompanying text on a shoe retailer’s webpage. Three icons were chosen in line with the pre-studies, namely the Stylized-Toggle, the Slash-Dollar, and the DAA’s Privacy Rights icon. Furthermore, a fourth condition, namely no icon, was included. The link texts Do Not Sell My Personal Information, Do Not Sell My Info, Privacy Choices, Privacy Options, Personal Info Choices, and no link text were presented to participants. Each condition was combined and shown to participants (except for no text with no icon) on a fictitious website. Data were analysed qualitatively and quantitatively as in the pre-studies.
Finally, the authors tested toggle icon variants that the California Attorney General’s office had proposed based on their previous findings collecting further support for their use of the stylised toggle in combination with a privacy-related link text.
The study provides further evidence against the DAAs Privacy Choices Icon as only 40 (14.3%) participants recalled seeing this icon before. The most common expectation from the AdChoices icon was that it provided more information, as indicated by 152 (54.3%) participants. Only six participants expected it would lead them to choices related to targeted advertising.
The Stylized-Toggle icon and the Privacy Options text created the highest percentage of positive expectations among participants, and link text Privacy Options seems to be a good marker. The combination of icon and link text additionally seems to be an effective choice to display privacy information. The CCPA-mandated link texts yield the highest percentage of respondents’ expectation of do-not-sell choices (better than all other texts). Overall, the authors achieved what advertising self-regulation did not: create a visually salient understandable icon.
Testing icons properly requires a lot of effort. It is challenging to design a standardised icon that is recognised by users with varying perceptions, values, and preferences. It takes various experimental iterations and hundreds if not thousands of respondents in order to create an icon that effectively communicates a single concept like “privacy choice”. The developed icon in the study conducted by Habib et al. (2021) does not focus too much on educating users but on visual salience and understandability. Still, the authors emphasise the importance of educational efforts in combination with icons, which has not been widely pursued thus far. For the AdChoice icon, Europe, and in the US have seen some educational efforts but awareness remains low. Beside implementation, broad user education remains a challenge regarding privacy icons, especially as it seems necessary for standardised icons to be effective.
Both the AdChoice icon and the icon developed by Habib et al. (2021) focus on the communication of a single concept. Many other privacy icon projects differ in that regard as their goal is to better inform the consent given by users before using an online service. In this situation a lot of information about privacy policies and the use of personal data might need to be communicated to protect users’ rights and interests. Habib et al. (2021) conclude that multiple icons are used to display various aspects of privacy policies and choices would probably confuse and overwhelm users. Therefore, the question remains whether such an approach can be applied to more open privacy-related concepts with more icons and more icon combinations.