The Paper
Das G, Cheung C, Nebeker C, Bietz M, Bloss C. “Privacy Policies for Apps Targeted Toward Youth: Descriptive Analysis of Readability.” JMIR Mhealth Uhealth 2018;6(1):e3. http://mhealth.jmir.org/2018/1/e3/.
Note that page numbers were not specified in this version of the paper.
Summary
In this paper, Das et al. analyzed the privacy policies of 120 Android and Apple apps targeted at youth users for readability. The researchers measured the readability of these documents using several measures of reading grade level (RGL) and reading ease. The study found that these privacy policies had an average RGL of 12.7, equivalent to that of a freshman in college and significantly above the average American adult’s RGL of 8.0. This indicates that these privacy policies are not legible to much of their youth audience and even the parents of these users. The study notes that 70% of teenage users seek advice on internet safety, but the reading difficulty of privacy agreements indicates that even adult sources may not be fully informed. From these results, the researchers suggested that stakeholders, including medical service providers, ought to be involved in informing youth users of the privacy risks of app use. Additionally, the authors suggested the implementation of new standards for the readability of privacy agreements which limit word count to 500 and require agreements to have a maximum RGL of 8.0 to make these documents more accessible to their users. Identifying legal and technical jargon as a leading cause of low readability in these documents, the researchers suggested that privacy agreements presented to the public work to translate this unfamiliar language into common parlance. Given the evidence provided in this paper, as well as personal experience with privacy agreements in apps, these conclusions and suggestions seem reasonable and efficacious.
Application to College Connect
Because a large portion of College Connect users will be high school students, who are likely minors, we want to ensure that our privacy policy is clear and accessible to these individuals and adult authorities in their lives. While writing a formal privacy policy may be outside the scope of our project in this class, several of our usability testing participants expressed concerns about information and interpersonal privacy. Particularly because the app requires that users share personal information to effectively connect users, we want to make sure that all users are fully aware of how their information is used and shared. Accordingly, the standards suggested in this paper are helpful in considering how to communicate privacy information to our users. Our app undoubtedly has significant privacy risks, especially for its youngest users, and this research provides useful standards to begin addressing these (although systematic efforts will need to accompany these methods for improving communication). Beyond commnicating privacy standards, the metrics presented in this research will help to inform our design as a whole. Each aspect of our platform should simply and effectively communicate its purpose and functionality to all of our users, and considering measures like RGL and reading ease will help us to accomplish this fundamental requirement.