New ACLU Guide: Tips for Tech Companies on Protecting User Privacy and Free Speech in 2016
Last year, the privacy and free speech mistakes of tech companies led to tons of embarrassing and costly stories. Often, these missteps would have been avoidable with good planning and processes in place, but many companies lack the resources to navigate this increasingly thorny terrain.
To help tech businesses of all sizes plan around these issues and implement strong practices, the ACLU of California is releasing a new edition of Privacy and Free Speech: It's Good for Business.
This business primer (and its companion website) is packed with more than 100 real-life case studies and cutting-edge recommendations on everything from privacy policies to security planning to community speech standards. Together, the principles and examples show the business value in making privacy and free speech part of a company’s DNA.
This third edition addresses new challenges facing businesses today and shows how to avoid missteps while building privacy and free speech into products and company culture. The lessons include:
- Respect your data. Avoid Magna Carta-level mistakes by collecting only the data you need for your product and making sure that your algorithms and data use protect users and avoid replicating real world biases.
- Create a secure data ecosystem. Security isn’t just about outside threats – companies need to limit internal access to data to avoid Uber-embarrassment, incorporate encryption for data collection and storage to prevent disastrous breaches, and collaborate with security researchers to protect users.
- Be transparent about practices. Clear descriptions of privacy practices are essential to avoiding PR disasters, whether the product is a music streaming service, a useful app, or a connected “Internet of Things” device.
- Encourage speech by empowering users. Companies can create cohesive communities and avoid harmful, speech-chilling harassment by creating platforms with tools that empower users, account policies that respect user identities, and narrow rules focused on bad behavior rather than content censorship.
- Fight for your users. Companies that support user privacy and speech protections routinely receive praise, while those that seek to limit how products are used or that fold to legal demands lose the trust of users and public alike.
Regardless of company size, this guide helps take the guesswork out of protecting privacy and free speech by charting out the essential questions and providing practical tips for spotting issues in products and business models.
We look forward to tech companies using this resource to design and launch their products the right way. By following some pretty simple steps to incorporate privacy and free speech protections into products, businesses can make their services user friendly and avoid costly mistakes. As the primer illustrates, doing so is not just good on principle – it’s good for business, too.
Nicole A. Ozer is the Technology and Civil Liberties Director for the ACLU of California.