Privacy rating shows how websites handle your data

| Michaela Nesvarova

Do you know what a website or an online shop does with your personal data? Do they use it for marketing or even sell it to a third party? In order to inform users about how their data is handled, University of Twente researchers developed ‘Privacy Rating’. The tool gives every online service a label, clearly showing how well they score in terms of privacy.

Privacy Rating is a digital tool, which clearly visualizes websites’ privacy policy – by giving it a label from A to G. ‘Our goal was to make data handling practices more transparent,’ says Susanne Barth, one of the UT researchers behind the project. ‘Data gathering isn’t bad in itself. That is certainly not our message. Certain services cannot function without it. But if you gather data, you should do it responsibly – and inform your users about it in a way that they can understand. We want to empower the end-user to make informed decision about their online privacy.’

From green to red

‘Based on user preferences we came up with a simple label, comparable to an energy label,’ explains Barth. ‘The score is assigned based on how the service collects and shares data, based on what level of control users have and the level of security provided to protect the data. What kind of information is collected and why? Is it anonymized? Can users opt-out of sharing their data? The privacy label summarizes answers to these – and many more - questions.’

For example, if an online service only uses data for functionality, they don’t receive any penalty points and are given the best rating: A. Do they use data for customization? Then they get one penalty point and are downgraded to B. And so on. ‘The label is based on the total amount of penalty points,’ clarifies Barth. ‘The final rating is a visual indication of risk – green for the lowest risk, dark red for the highest.’


After five years of development, the Privacy Rating is now ready to be used. ‘For now, online providers can fill in a questionnaire and their answers determine their rating. Here we have to trust the honesty of the service providers. In order to make the tool more reliable and less subjective, we are looking for partners who can act as an independent approval authority and support us to maintain and disseminate the tool,’ says Barth.

‘We are still searching for the right way to implement the tool in practice,’ adds the UT scientist. ‘However, users told us they really appreciated it, that it’s something that is currently missing. It won’t change the business model of large companies, such as Google, but it works very well for smaller enterprises. Imagine that you are interested in three similar apps, but each has a different privacy rating. Then you might choose the one with a better score. It can also help companies to find a better way to handle user data. We think it is a great tool with a lot of potential and we hope to make it a European standard.’

privacy rating project

The NWO-funded project involves scientists from the Services and CyberSecurity Group (EEMCS faculty), as well as from various groups at the BMS Faculty at the UT. Namely professor Hartel, Dan Ionita, Susanne Barth, professor Menno de Jong and professor Marianne Junger.


Stay tuned

Sign up for our weekly newsletter.