The New York State Attorney General’s Office published a comprehensive guide on website privacy controls to assist businesses in complying with New York’s consumer protection laws. The guide aims to enhance consumer privacy by ensuring that businesses’ tracking practices and privacy disclosures are accurate and transparent. It outlines several key areas of concern and provides practical recommendations for businesses to improve their privacy controls.
Regulating Online Tracking
Different U.S. states and countries have varying regulations for online tracking. Depending on the jurisdiction, websites may need to disclose tracking activities, allow consumers to opt-out, or obtain consent before tracking. Although New York does not have a comprehensive privacy law, businesses must adhere to New York’s consumer protection laws, ensuring their privacy practices are truthful and not misleading.
Key Issues Identified:
- Uncategorized Tags: Many websites fail to categorize tracking tags correctly, leading to broken privacy controls. Seven of the thirteen websites investigated had at least one uncategorized tag.
- Misconfigured Tools: Consent-management and tag-management tools must be properly configured to work together. Misconfigurations can result in privacy controls not functioning as intended.
- Hardcoded Tags: Tags that are hardcoded into websites bypass consent-management tools, undermining user privacy choices.
- Incomplete Understanding of Tag Data Collection: Businesses often lack complete information about the data collected by tags and how it is used, leading to improper data handling.
- Cookieless Tracking: Businesses must ensure that privacy controls are effective across all tracking technologies, not just cookies.
Recommendations:
- Accurate Privacy Representations: Ensure that all statements about privacy controls are truthful and not misleading.
- Clear and Accessible Interface: Design privacy controls that are intuitive and easy to use, avoiding ambiguous or misleading language.
- Equal Weight to Options: Provide equivalent options for accepting and declining tracking, making it equally easy for users to choose either.
- Ongoing Reviews: Regularly review and test privacy controls to ensure they function correctly and align with user expectations.
Read it here.
♻️ Share this if you found it useful.
💥 Follow me on Linkedin for updates and discussions on privacy, digital and AI education.
📍 Subscribe to my newsletter for weekly updates and insights – subscribers get an integrated view of the week and more information than on the blog.
