Transparent Data Practices
Explain the specific purpose for each data request so users understand WHY information is needed, not just WHAT is collected.
Design Guidelines
Provide specific, concrete use cases for each type of data collection rather than generic benefit statements.
Link data requests directly to tangible features that users care about, making the connection between data and functionality explicit.
Be honest about commercial purposes such as advertising and analytics rather than obscuring them behind user-benefit framing.
Avoid vague corporate language like "enhance your experience" or "optimize services" and instead explain exactly what the data enables, using "Why we need this" tooltips or expandable context sections for each permission.
Do's and Don'ts
Don’t
Use generic language: "We collect data to improve your experience"
Hide commercial purposes behind benefit-focused euphemisms
Request data without any explanation of purpose
Use vague terms like "optimize services" or "enhance functionality"
Do
Provide specific use cases: "Location shows nearby events and local creators"
Be transparent: "Advertising data helps show relevant ads and measure campaigns"
Include "Why we need this" explanations for every data type requested
Explain concretely: "Usage analytics identify bugs and improve app performance"
Research Foundation
Participants repeatedly questioned why certain data was required, with one asking:
"I don't see why a social media app is asking for my location information. Is it a food delivery app?" (P06)
Generic purpose statements like "to improve your experience" failed to build trust or help users evaluate whether requests were reasonable. This aligns with contextual integrity theory, which posits that users evaluate privacy based on whether data flows match their expectations for a given context (Nissenbaum, 2004).