The following criteria serve as the rubric for evaluating privacy policies using the PPGS ™ 2.1 framework, ensuring a comprehensive assessment of privacy practices and standards.
The PPGS ™ 2.1 by Ken Cox is a system for rating privacy policies using specific criteria. It assigns a letter grade (A to F) and a corresponding color to each policy. Here is the rubric for the PPGS 2.1:
Grading Scale and Colors:
A (Blue): The policy meets all criteria and provides strong privacy protection.
B (Green): The policy meets most criteria, but there is room for improvement.
C (Yellow): The policy partially meets the criteria, but there are significant shortcomings.
D (Orange): The policy meets few criteria and offers minimal privacy protection.
F (Red): The policy does not meet the criteria and offers little to no privacy protection
Transparency (Clear and Complete):
The privacy policy is written in clear and simple language, easy for users to understand.
The policy comprehensively covers the types of personal data and usage information collected.
The policy clearly explains the purposes for collecting personal data and usage information.
User Control (Access, Deletion, and Changes):
The policy allows users to access their personal information.
The policy provides users with the option to delete their personal information.
The policy allows users to change or modify their personal information.
The policy includes options for users to opt-out of certain data collection and sharing practices.
Third-party Sharing (Limits and Consent):
The policy clearly outlines when personal information is shared with third parties.
The policy explains whether users can give or withhold consent for sharing their personal information with third parties.
The policy details any limits on third-party sharing and the circumstances in which sharing occurs.
Security Measures:
The policy describes the security measures in place to protect users’ personal information from unauthorized access, use, or disclosure.
The policy provides information on the company’s commitment to maintaining the security of users’ personal information.
Notification of Changes:
The policy explains how users will be informed of significant changes to privacy practices.
The policy specifies the methods of notification, such as email or updates on the website.
Readability:
The policy is written clearly and concisely, making it understandable for an average 9th-grade United States student.
If the reading level is higher than that of an average 9th-grade United States student, the overall grade will be reduced by one letter.
PROVIDING A SIMPLE GRADE THAT ANYONE CAN UNDERSTAND
