Welcome to Consumer Reports Advocacy

For 85 years CR has worked for laws and policies that put consumers first. Learn more about CR’s work with policymakers, companies, and consumers to help build a fair and just marketplace at TrustCR.org

Fair Digital Finance Evaluation Framework

Principle 2: Privacy

People have control over their data and understand what is collected, how it is used, and with whom it is shared.

 

  • Users know what user information this company is collecting and when.
    • The company discloses the specific data elements they collect.
    • The company discloses how data elements are collected.
    • The company clearly discloses its purpose for collecting each type of user information.
  • The only information the company collects about the user is what’s needed to make the product or service work correctly.
    • The user information collected is only that which is directly relevant and necessary for the service.
    • Product still works when all permissions not relevant to product’s functionality are declined.
    • Manufacturer does not discriminate or otherwise provide a lower level of service if a consumer exercises privacy rights or does not consent to unnecessary secondary data collection or use.
  • The default settings in this product prioritize user privacy; to give up privacy, users actually need to change the settings.
    • Targeted advertising is off by default.
    • The product or service contains settings that allow for different levels of privacy control.
    • The privacy settings can be adjusted to limit what data is accessible to other users.
    • Users can restrict the service from making any secondary use of data.
    • The privacy settings do not use dark patterns to trick consumers into oversharing.
    • The privacy settings are accessible to all users as measured by WCAG or a comparable accessibility standard.
    • The privacy settings are available in multiple languages, and the translations make sense to native speakers.
    • User interface settings which are optimal for privacy are set by default.
  • Users can see everything the company knows about them.
    • The definition of ‘user information’ includes information collected from third-parties.
    • Legal documentation describes or links to information about how users can download a copy of data the company holds about them.
    • Users can obtain all public-facing and private user information the company holds about them at no cost.
    • Apps allow and support transfer of user data from their service to another service when requested by the user
    • Privacy controls exist in the user interface.
    • Users have a right to review and correct data this is incorrect or missing.
    • Procedure for users to correct data is workable.
  • Data sharing and use of third parties are reasonably scoped and transparent.
    • The company clearly discloses what information it shares with whom.
    • The company clearly discloses the purpose driving any sharing of information.
    • The company clearly discloses the types of third parties with which it shares information.
    • The company clearly discloses whether it shares information with government or legal authorities.
    • Third party domains contacted by the product are named in the privacy policy.
    • Data that is shared with third parties is minimized according to the intended use of the app.
    • Third parties are rigorously/reasonably vetted to ensure that data is not transmitted to dangerous or high-risk endpoints.
    • Company provides adequate recourse to users in the event that data is mishandled by third party.
  • Data usage is consistent with the context of the relationship with the user and is transparent.
    • The company discloses how it uses data collected from users in a legally binding document.
    • The company only uses data to support the initial purpose for which the data was collected.
  • The company does not retain data for an excessive amount of time.
    • The company describes a secure data deletion procedure that deletes and destroys data no longer needed to support the service.
    • If the company does not describe a data deletion process, they clearly describe the legal or regulatory requirements that require data be retained.
    • The company on its own deletes outdated and unnecessary personal information.
    • The company does not delete all data, but specifies that some data will be retained in deidentified form.
    • The company provides specific retention periods for different types of information that are reasonably scoped to get rid of outdated and unnecessary information collected from or about users.
  • I can delete the data the company has about me that is not needed to provide the service.
    • The company offers easy-to-find and -use controls that allow users to delete data not necessary to render service.
    • The legally binding documentation defines user’s rights to delete their information.
  • My account and information are deleted when I leave the service.
    • All user information is deleted when the user deletes their account from the service.
    • All user information is deleted when the user’s service is terminated.
    • All user information is deleted if the service ceases to operate or goes out of business.
  • Use of Software Development Kits is appropriate.
    • Use of Software Development Kits is appropriate.