The privacy review process is the process by which we assess privacy risks that involve the collection, use or sharing of people’s information and external representations about our privacy and security practices. The process is also designed to help identify and mitigate the privacy risks we identify.
Our development of products and features and reviews of new or modified practices are guided by our internal privacy expectations, which include:
- Purpose Limitation: Process data only for a limited, clearly stated purpose that provides value to people.
- Data Minimization: Collect and create the minimum amount of data required to support clearly stated purposes.
- Data Retention: Keep data for only as long as it is actually required to support clearly stated purposes.
- External Data Misuse: Protect data from abuse, accidental loss and access by unauthorized third parties.
- Transparency and Control: Communicate product behavior and data practices proactively, clearly and honestly. Whenever possible and appropriate, give people control over our practices.
- Data Access and Management: Provide people the ability to access and manage the data that we have collected or created about them.
- Fairness: Build products that identify and mitigate risk for vulnerable populations, and ensure value is created for people.
- Accountability: Maintain internal process and technical controls across our decisions, products and practices.
Privacy Review is a deeply collaborative, cross-functional process used to evaluate and comply with our compliance obligations, and identify and mitigate broad privacy risks that go beyond our legal requirements. It is led by our privacy team and is conducted by a dedicated group of internal privacy experts across legal, policy, and other cross functional teams with backgrounds in product, engineering, legal regulations, security and policy. This group is responsible for making privacy review decisions and recommendations.
As a part of the process, the cross-functional team evaluates privacy risks associated with the project and determines if there are any changes that need to happen before launch to control for those risks. If there’s no agreement between the members of the cross-functional team on what needs to happen, the team escalates to a central leadership review, and further to the CEO, if needed for resolution.