What Questions Should I Ask Myself Before Clicking The ‘I Accept’ Button?

From IIW

What Questions Should I Ask Myself Before Clicking the "I Accept" Button?


Day/Session:Tuesday 5G

Convener:Andrew Hughes @idimandrew

Notes-taker(s): (1) Scott Mace & (2) Andrew Hughes


Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

(1) Notes from Scott Mace:


The Agree Button (andrewhughes3000@gmail.com)


Starbucks general privacy notice

The only concept here is, whenever your agree buddy detects an “I accept” button, reminds you of the questions you should ask yourself before you agree to anything on the Internet. If you’re okay with the answers, fine. If not okay, don’t click. If you object and clicked anyway, there’s a problem.

Version 5000 of the agree buddy would be actual buttons on this little popup thing. Keep your internal statistics, or maybe there’s a reporting service. I’m scared, I don’t want to do this. I’m unhappy but I want WiFi. Assume a nonprofit that will receive all these clicks against the domain all your customers are unhappy they are having to accept the terms but they are doing so anyway.

Q: I have no idea what kinds of questions to ask.

Q: Are you going to share my data with a third party?

Q: Putting more thinking on the user.

My hidden motive is I’m documenting consent management practices. Which ones are good, which are bad. If red flag goes off, would you leave the Web site? What would you like someone else to do? Tell a regulator to investigate?

Q: How risky is it?

“Safe browsing” service – Google Search (this exists), Mozilla

Community-sourced views about the site

Anti-phishing scripts are a good source

“How did I get to this site?” – Don’t click on stuff!

What are the top fraud-against-people situations?

Capture why the user is ok / not ok agreeing?

Micro-feedback companies do exist

Plain English translations of a contract

Is there a general expression of the tradeoffs?

Shows that the company actually cares


What would you want the service provider to inform you about?

We are / are not tracking you

Does your tracking stop once I’m gone

Are you sending my info to someone else?

Is someone profiting from my data directly?

Doc – Better boilerplate

With case precedent

Joyce Searls: Chrome plug-in called Magnify. Online dispute resolution company.

Privacy Chain by Live Ramp

  • Explainable
  • Understandable
  • Fair
  • Non-discriminatory
  • Not objectionable
  • For public good
  • Can I object
  • Can I change my mind
  • How do I benefit?


(2) Notes from Andrew Hughes:


Link to slide deck:


https://www.slideshare.net/AndrewHughes6/the-agree-buddy-andrew-hughes-iiw-slides-2018-1023

27T5G.jpg