Privacy policies are great regret-management tools. You can act now...or be forced to act later. Want to get going? Here's how.
1. Simplify and Consolidate
Privacy policies should be easy to understand.
What's likely happened is that your lawyer has drawn up a policy that the average Joe might not be able to understand. You shouldn't ditch it, but you can re-write it in layman language; separate disclosures into two sections: Plain English and Legalese.
Notify users of proposed changes to privacy policies. You build trust if you publicly post proposed policy changes and allow for your user base to comment on them before you implement them. Though this may slow product development, it will prevent the backlash experienced by Instagram, Facebook, and Path. In the past, Instagram suffered from unclear data ownership policies, and Path got in trouble for storing user contacts without explicit permission. Later, Path make phone calls to some of those contacts and e-mailed them about photos on Path, causing another uproar.
If your app needs to use user data, ask first, and let the user know what the data will be used for. These kinds of community concerns are important and will prevent people from losing trust in your brand and company.
2. Present Privacy Controls at the Point of Content Creation
Build trust and confidence with users by exposing privacy controls with every piece of content that can be created or shared in a given system. Instagram and Foursquare do this particularly well. Instagram displays sharing options for social networks every time a photo is posted to Instagram. Simple on/off switches make it easy to toggle where an Instagram post goes to. Foursquare allows users to check in "off the grid" with ease by simply pressing a button on the check-in screen. Be consistent, and be open, and your users will thank you for it.
3. Make Privacy Universal
Privacy consideration should be incorporated into every aspect of an app's lifecycle. This includes Web, legal, user experience, messaging, marketing, and development. Privacy policies need to be implemented across company divisions to make sure they work. From the user experience perspective, consolidate and simplify settings and permissions. Market your apps as respecting user privacy and data ownership. Develop your applications with privacy and user empowerment in mind, especially when storing and accessing sensitive data. Ensure your users understand what they are opting into and what giving their data will give them in return. The right messaging makes a big difference.
4. Remember: No One is Perfect
Hosting user data is a privilege, not a right. Apologize immediately when you make a mistake, and fix the problem immediately. Keep abreast of the current industry and it's regulations, and you'll be free and clear of complications. And remember, fight for your users and they will fight for you!
*Thirty percent of apps had privacy policies in Sept 2011. By June, 2012, 48 percent did, according to this June 2012 FPF Mobile Apps Study. Accessed 13 May 2013. http://www.balough.com/uploadedFiles/Mobile-Apps-Study-June-2012.pdf