Education and awareness
Policy actions sorted A-Z.
Policy actions sorted A-Z.
Government policy should focus on technology as a priority. Legislation should be enacted that benefits all industries.
Technologies prioritised don’t contribute to a strong foundation for the benefits to emerge.
Poor contract negotiation locks Governments into particular providers.
Organisations should set standards, or regulators should enforce standards, on the communication of terms and conditions to users. This would improve users understanding the contract they enter with a digital service.
Terms of Service; Didn’t Read gives an overview of the main points of various digital services terms and conditions, assigning a rating on their fairness to their users.
IF’s Data licences explores how a consistent design pattern can improve people’s understanding of how their data will be used.
Products that meet certain requirements of transparency, privacy and security are awarded a certification mark so that people know they can trust the product.
European Union: EuroPriSe is a privacy seal for organisations in the EU.
United Kingdom: The Information Commissioners Office is developing their own privacy seal that will be awarded by other organisations.
United Kingdom: BSI, known for their Kitemark Symbol, created a standard for secure digital transactions. IF have proposed a transparency mark that acts as both a certificate and as a link to more information about a product.
Consumers may not understand what a seal means and this could create a false sense of confidence in a service.
Seals establish a lowest common denominator.
Seals prove expensive to audit.
Government and technical organisations should recommend best practices to developers to ensure safety, particularly in environments where computers have control over the physical environment. Existing guidelines are biased towards space and nuclear science, but there will be a need for consumer advocacy here as self-driving cars near readiness for everyday use.
Digital skills are mapped so policy makers understand the quality of these skills in different regions and are able make effective interventions. This improves consumer access to the benefits of the digital marketplace.
United Kingdom: Doteveryone have created a heatmap, showing digital exclusion on a regional basis.
United Kingdom: Lloyds Bank have conducted research (PDF) on the relationship between digital skills and financial skills, arguing that those without digital skills are unable to benefit from the savings and banking accessibility found online.
European Union: The European Commission have 100 indicators that illustrate the success of different aspects of the European information society. Information about eCommerce has relevance to consumer empowerment, including statistics around people who order goods and services online and those who have encountered problems.
If skills mapping isn’t done at detailed geographic level, the information could be insufficient for effective policy intervention.
If measurements used to map skills are too broad, actionable assistance could be impossible.
A team or service exists to inform companies about best practices for digital security, consumer privacy and consent models.
United Kingdom: The National Cyber Security Centre provides guidance to organisations and government to manage their IT and information more securely. CareCert, part of NHS Digital, provides information security advice for the public health sector.
United States: The United States Computer Emergency Readiness Team, from the Department of Homeland Security, publishes advice on computer security for a non-technical audience.
Elsewhere: Various countries have computer emergency response teams that respond to information security emergencies.
Guidance is issued in specialist terms, requiring third parties to interpret it.
Guidance doesn’t adapt quickly enough to changing threats or technologies.
Promote best practices, such as strong passwords and two-factor authentication, to improve public understanding of digital security.
It is difficult to engage the general public with an issue of a technical nature.
Some campaigns may over-simplify digital security.
Consumer rights organisations can act where they believe people are being de facto forced to accept a change in the terms and conditions of a digital service.
Italy: The Italian Competition Authority have launched investigations into the mobile messaging app WhatsApp, over alleged violations of the Consumer Code. These relate to users being “de facto forced” into accepting new terms and conditions that allows data sharing between WhatsApp and Facebook, its owner. It also relates to unfair terms and conditions provisions like the ability to “unilaterally change contractual provisions” and other clauses favourable to WhatsApp.
Norway: The Norwegian Consumer Council streamed the reading of the terms and conditions from the 30 most common apps in Norway.
Create a means for a consumer to easily resolve a consumer dispute without having to resort to court action. This ensures the consumer is treated fairly in online transactions and avoids the resource intensive process of going to court.
European Union: An online dispute resolution service has been created that allows citizens of European member states to create complaints against organisations.
India: Online Consumer Mediation Centre provides digital infrastructure for resolving consumer disputes through physical and online mediation.
Mexico: Profeco, a consumer organisation, provides an online dispute resolution service called Concilianet.
Elsewhere: Online commerce services like eBay and PayPal provide dispute resolution services to resolve issues around non-payment, non-receipt of product and false advertising.
Administration and arbitration overheads could produce a backlog of complaints.
Services could be built to meet the needs of the digital platform rather than the needs of consumers.
Government or private organisations provide access to digital skills training to those who need it, enabling them to take advantage of consumer services and advantages that are only available online.
Training could focus too narrowly on specific tools and doesn’t give people the confidence to use other services.
Training could be seen as a luxury or soft target for public funding reductions.
Doing it properly in a targeted and relevant way accessible to all is costly and needs investment.
Can be seen as a replacement for regulation, as opposed to complementary to it, so there’s a risk that risks are passed on to consumers.
Laptops or tablets are provided for use by the public, for example in libraries, to increase the number of people who can access digital services and participation in the digital consumer market.
Many public libraries provide access to computers within their buildings. In the United States, 98% of libraries offer free public access to computers and the internet.
United States: The Library of Things at Sacramento Public Library in California offer access to 3D printing and scanning services and expensive peripherals like projectors and graphics tablets, stretching the definition of digital access beyond essentials to tools for content production, rather than just consumption.
Loaned devices are at risk of theft or damage.
Poorer areas may be less capable of providing a loaning service.
Access may be limited if there is a heavy demand for a small number of devices.
Loaned devices may only allow for content consumption and not content production.
Government issues guidance on how it procures services, which in turn has the potential to improve the quality of consumer products available in the market.
Rules stipulate how the pricing of digital services should be presented so people know what they are buying.
United Kingdom: Price Marking Order 2004 requires that goods must have their price clearly indicated and be inclusive of VAT. The Consumer Contracts Regulations 2013 covers the accurate description of digital content.
United States: Some States have rules around showing pricing at point of sale. Section 5 of the Federal Trade Commission Act generally prohibits “unfair or deceptive acts or practices in or affecting commerce”.
Australia: Section 48 of the Australian Consumer Law specifies the “single price for the goods or services” must be shown “in a prominent way and as a single figure”.
Brazil: Brazilian internet service providers must provide at least 20% of the speed they advertise.
Many countries have advertising standards agencies that enforce rules around accuracy in advertisements.
The Australian Competition and Consumer Commission wants service providers to provide better broadband speed information.
The Advertising Standards Authority in the United Kingdom is making plans for reforming the way broadband speeds are advertised.
In the UK, mobile phone companies are breaking down prices show the cost of the handset and the contract. Broadband adverts must be clearer about the length of a contract and the full cost of it.
Data controllers handle and protect personal data that is generated through consumer transactions to protect the privacy of consumers.
Most countries have a general right to privacy written into their national law or constitutions.
Different industries have their own data privacy laws.
Confidentiality of medical data is enforced in the United States by the Health Insurance Portability and Accountability Act. In Turkey, patient privacy is guaranteed in Articles 78 and 100 of Legal Code 5510. In Canada, medical confidentiality is protected at federal and provincial level. In Australia, it is protected under the Personally Controlled Electronic Health Records Act 2012 and the Privacy Act 1988.
Financial institutions also have implied privacy unless required to disclose transactional information to law enforcement.
UNGCP 2016 and OECD Privacy Guidelines 2013 mention recognition of right to privacy as a major element of consumer protection.
LEGO’s website, which connects children through games, has no third party cookies or connections to social media accounts, and advises users to use pseudonyms.
The same data is treated differently across industries and national borders, weakening how people perceive the right.
Challenges in identifying, defining and quantifying risks, as well as enforcing the right.
Individual services comply, but, in the aggregate, companies breach intent of privacy.