| Edit: just realized pbhjpbhj has written much of this elsewhere in this thread, upvote that instead, although I'll keep mine since it is slightly different: https://news.ycombinator.com/item?id=20607528 It would help if companies could respect the rules in EU that says data collection should be voluntary and opt in. Then the privacy policies could be really short. That said I agree with others that reasonable standard policies would be great for both consumers and businesses: Something like the Creative Commons licenses comes to mind: - 0, green: nothing (no analytics, no state, so no login possible) - sessions, green: login possible - telemetry, yellow: anonymized, short lived (< 3 business days) data, not linked to use, not shared outside of development - 1 party analytics, yellow: like telemetry but longer lifespan and shared outside of development - 3 party analytics, red: uses Google Analytics standard edition or any other 3rd party tracker that shares data |
>The information to be provided to data subjects pursuant to Articles 13 and 14 may be provided in combination with standardised icons in order to give in an easily visible, intelligible and clearly legible manner a meaningful overview of the intended processing. Where the icons are presented electronically they shall be machine-readable.