This is the time of year when we traditionally make resolutions to get fit, eat better, learn something new and so on. Often these resolutions don’t last past February. This year, why not try something different yet achievable: bring plain English writing into your data protection compliance work.
I previously posted about how to do data protection transparency well, and touched on the importance of writing clearly for your intended audience. In this post I want to specifically look at plain English in data protection: why it matters and how to do it.
Note: I use the term ‘plain English’ because that’s my main language and I work in the UK. You can substitute it for ‘plain language’ and some of the key principles can apply to any language.
What do you mean by ‘plain English’?
In a nutshell: read it once to understand it.
If you have to read something more than once to work out what it means, then it’s not written clearly enough. That doesn’t mean dumbing down or ‘Janet and John’ language, it just means say what you mean and get to the point.
The legal ‘problem’
Data protection / privacy is often seen as a legal thing. In some countries it’s almost exclusively a profession for lawyers. (Not so in the UK.) This means a lot of information provided as part of data protection compliance is seen through a legal lens, and often written by lawyers.
Lawyers are trained to write in a certain way, using specific terminology, and that works for the circumstances where that approach is needed. But it doesn’t work so well for communicating to non-lawyers. Sometimes, non-lawyers working in compliance also write in ‘legalese’ because they think that’s what’s needed.
This is not lawyer-bashing before anyone starts having a go. In my experience, privacy notices, compliance policies, data protection impact assessments and so on that are written in ‘legalese’ are not suitable for the non-legal audience reading them. They are hard to understand and so do not achieve their intended aims.
But data protection is about legal compliance: terminology and precision matters
Yes, to a certain extent that’s true. But it’s hard to get to a compliant place if you don’t understand what you’re being told. And you can’t really say you’re meeting your transparency obligations if your privacy notice is impenetrable. You can be both precise and clear.
But plain English will impact the legal standing of documents
I am not convinced by this argument. Based on my experience and my online research for this post* many legal systems these days take what is known as a ‘purposive approach’. So they look more at what the intended purpose is, rather than what individual words mean.
I recently rewrote my terms and conditions in plain English, inspired by Novation Consulting’s post and their service level agreement that it links to. I had it checked by lawyers to make sure it held up legally. Since I started using it I have not had any clients want to make any revisions to it, unlike the more 'traditional' terms I had before.
But some words have very specific meanings
Yes they do. Does that mean we can’t explain them in a way that makes sense to the reader? No it does not. Of course, there will always be some situations where you need to include a specific word or term, because it has a specific legal or compliance meaning. Plain English doesn’t mean abandoning that. It just means you can write clearly and explain terms and be confident your document will stand up legally if it needs to.
But the law tells us what we have to tell people in privacy notices
Does it tell you what words you need to use? No. It tells you what topics or content you have to provide, not how you have to provide it. You should always write for the audience, not the regulator. For more details on this, see my previous blogpost ‘How to do transparency well’.
I also find the US approach to consumer protection interesting, specifically the idea of ‘unfair and deceptive practices’ in section 5(a) of the FTC Act (that is enforced by the Federal Trade Commision (FTC)). I’m not going into details here about how it all works. It is clear though that US companies who need to comply with this Act need to make sure any information they provide on data collection and use is clear and not misleading or confusing. This seems to me a clear call to avoid legalese and jargon when communicating with the public.
But I need to show how clever I am
Very often, people write in lengthy, complicated jargon to show off their expertise. Arguably, if it’s impenetrable, it’s hard to know what the expertise even is. It just ends up intimidating people - which might be the aim - but that’s a really crappy way to treat users, customers or clients. And if you’re writing for your colleagues with the aim of helping the organisation with compliance, you’ll get more co-operation for what you want them to do if they clearly understand what you’re asking for.
In my view it’s much cleverer to be able to clearly explain complicated, technical or legal compliance points to any audience you have.
How to write in plain English
There are some key principles that everyone can use to write better. I recently explained these in a blogpost and video for Project Bijou - an initiative from the Guernsey data protection regulator. So I won’t repeat all that here. You can also get some good free resources from Plain English Campaign’s website.
A ray of hope
I am happy to see plain English in data protection getting more popular. As previously mentioned, Novation Consulting in South Africa are leading the charge there on plain language across all aspects of legal writing. In the UK we have Plain English Law, a law firm focused on data protection whose USP (unique selling point) is the same as mine: practical advice in plain English.
Your New Year’s resolution
Hopefully I have convinced you of the benefits of adopting a plain English approach to data protection compliance. It is something you can start now and improve as you go; unlike other resolutions it’ll be easy to keep it up all year.
The resources I linked to above will help you get started. But, if you do nothing else, get someone else to read what you have written as though they are the intended audience: do they get it first time?
If you aim to be clear, helpful, human and polite, you won’t go far wrong. And of course, if you want extra help, I and others in the field provide plain English editing and training services. Some of us also provide data protection compliance services, so you get a two-for-one!
* Main resources on the purposive approach:
https://www.lawteacher.net/free-law-essays/common-law/law-involves-a-dealing-with-words.php
https://www.open.edu/openlearn/society-politics-law/judges-and-the-law/content-section-6.5
Photo credit: Brett Jordan at Pexels.