Privacy Icons

From MozillaWiki
Jump to: navigation, search
Privacyiconslogo.png Privacy Icons project (beta release)
Owner: Ben Moskowitz, Mozilla; Aza Raskin (initiator) Updated: 2011-06-28
“A bolt-on approach to simplifying privacy policies.” Subscribe to the Privacy Icons mailing list

The Icons (beta)

Here are the proposed icons. These are the result of a number of working groups convened by Aza Raskin. We are seeking to develop boilerplate legal text to back up each of the icons. The initial designs provided here are by Michael Nieling & Ocupop, designers of the official HTML5 logos. They are not yet final.

Retention period

Retention 3months.png

3 Months
Retention indefinite.png

Legal short notice: PrivacyIcons/Retention period
Short notice owner: Nobody
Your data is deleted before 1, 3, 6, or 18 months from the date of transmission have elapsed, respectively. Alternately, your data is stored indefinitely unless you opt-out.

Third-party use

Intended thirdparty.png

Intended use only
Reuse thirdparty.png

Limited re-use
Legal short notice: PrivacyIcons/Third-party use
Short notice owner: Nobody
Intended Use Only: The site that is collecting data about you is not trading or selling it. It will only share your data with other organizations in order to carry out the intended transaction.

Limited re-use: This means that a website is collecting data about you and selling or trading it with another organization, government, or person. An example of this is where a shopping website collects data about your shopping preferences, frugality, and ip address and sells that info to data aggregators or to other e-commerce sites directly.

Ad networks

Noshare ads.png

No ad share
Optout ads.png

Ad share with opt-out
Legal short notice: PrivacyIcons/Ad networks
Short notice owner: Nobody
No ad share: Besides the information exposed via on-page advertisement, the site does not share the data it collects about you with advertisers.

Ad-share with opt-out: This means that a site either shares the data it has about you with marketing or advertising companies or allows those companies to collect info about you while on its site.

Law enforcement

Statutory law.png

Statutory process
Transparent law.png

Transparent process
Legal short notice: PrivacyIcons/Law enforcement
Short notice owner: Nobody
Statutory process:This means that when an organization gets a phone call, letter, or other legally insufficient request for your data, they don’t comply because the law requires the government to take additional steps before getting your data. These organizations require the government to comply, at a minimum, with the legal process provided by the law before getting users’ data.

Transparent process:These organizations might provide your data to a government that asks for it without following the legally required process, but always follows a publicly-documented and consistent process.

Designs by Michael Nieling & Ocupop, designers of the official HTML5 logos


The problem: users need to know how companies intend to use their data—but privacy policies and terms of service are long-winded, complex documents that encapsulate a lot of situation-specific detail.

The solution: a set of Privacy Icons to “bolt on to” your existing privacy policy. When you add a Privacy Icon to your privacy policy, you’re essentially saying: “No matter what the rest of this privacy policy says, the following is true and preempts anything else in this document.”

Each Privacy Icon makes an iron-clad guarantee about what a company will do with a user’s data. Now, people can understand how their personal data will be transacted, with just a glance. At the same time, companies retain the flexibility needed to create comprehensive, detailed, and meaningful policies.

Privacy Icons are legal declarations, written in cooperation with privacy experts and a coalition of industry stakeholders. And soon, they will be machine readable—enabling users to communicate their preferences through trusted agents (like web browsers).

Who Are They For?

For any sites that store user data

For e-commerce sites, advertisers, and social networks, Privacy Icons are a competitive differentiator. Adopting Privacy Icons for your site signals respect for user choice and control, and doing business transparently.

There’s an emerging marketplace for personal data, where users exchange information about themselves for online goods and services. But personal data is a currency whose exchange rate is unknown. As users begin to understand the value of their data, the market will reward companies who treat their users transparently and with respect. Over time, the fair value of these exchanges will emerge, and companies who appreciate their customers’ privacy will be rewarded.

Differentiation based on privacy matters to users. Think about the large number of sites which vehemently promise to never share your email address when you sign up for their service or mailing list. Those are the kinds of sites, which make up a significant fraction of the web, that should adopt Privacy Icons.

For users who voluntarily share personal data

For users, Privacy Icons are the quickest way to understand the terms by which they offer information about themselves. They help users make informed choices about whether to share their data.

Privacy policies are long legalese documents that obfuscate meaning. Nobody reads them because they are indecipherable and obtuse. Yet, these are the documents that tell you what’s going on with your data — how, when, and by whom your information will used. To put it another way, the privacy policy lets you know if some company can make money from information (like selling you email to a spammer).

Following in Creative Commons’ footsteps—which used simple visual language to make copyright more understandable—we need to reduce the complexity of privacy policies to an indicator scannable in seconds. Privacy Icons provide a visual language for delving deeper into how our data is used.


Please help us evolve the FAQ.

Q: How do you account for complexity and diversity of policies?

A: We don't. The icons "bolt-on" to your policy. The Privacy Icon makes an iron-clad guarantee about some portion of how a company treats your data. This method means that without ever having to delve into the details, everyday people can glance at the simple icons atop a privacy to know if and how their data is being used.

Q: Nobody will use the bad icons?

A: Good icons will be competitive advantage. We won't invest time in "bad" icons, only honest ones.


Initial site design
Making Privacy Policies Not Suck
Is a Creative Commons for Privacy Possible?
The Seven Things that Matter in Privacy
Privacy Icons: Alpha Release Privacy Icon crowdsourcing effort
Related TrustE short notice program


Aza Raskin
Gerrit Betz

Alex Fowler
Ben Moskowitz
Mark Surman
Sid Stamm
Alexandra Moss
Ben Adida
Mike Hanson

Elizabeth Stark
Dennys Antonialli
David Kettler
Tony Lai
Brian Kennish
Casey Oppenheim