Privacy notices and privacy policies are standard practice today, but they primarily explain how data is processed. What specific risks are users exposed to? In other areas, such as drug safety or consumer protection, explicit risk warnings are taken for granted. Instead of merely disclosing data practices, users should be specifically informed about potential harm.
The publication “From Procedures to Peril: Towards Risk Transparency in Information Privacy for Users” by CYREN argues that users should not only be informed about data practices, but also warned directly about specific data protection risks.
Ebert, N., Fischer-Hübner, S., Human, S., Kitkowska, A., Kollnig, K., Mitrović, J., Pan, S., Schaltegger, T., Schaub, F., Smullen, D., & Xian, L. (2026). From procedures to peril: Towards risk transparency in information privacy for users. Telecommunications Policy. Elsevier. https://doi.org/10.1016/j.telpol.2026.103195