The idea of having a browser slander websites that don't use some privacy icon is an evil one.
The idea of having a browser report sites as "safe" just because they have a privacy policy is even more evil. What does it mean for a site to have a "good" privacy policy if it's hosted in a country where it's easy to get a warrant? Should Firefox stigmatize every site hosted in China? What's the meaning of a privacy policy for sites that don't use https? What's the meaning of a privacy policy for sites that are hackable?
With that aside, anything that replaces the need to read gobs of legalese is a good thing. So put those things in the privacy policy, if you want to be friendly. I'd love to live in a society where legalese is broken into a short syntax of well-understood subroutines, where people simply walk away from complex contracts.
But, regarding the ideas of having browsers do things: having a browser tell the user their personal information is safe in the hands of some company's server is the wrong attitude to encourage and is also generally factually wrong.
Another problem with this idea is that, if it worked, it would stifle innovation online. What if there's a good reason to share a user's personal information? What if things like OpenID (or some other thing we haven't thought of yet) go against the technicalities of some standard privacy policy axis?
The idea of having a browser report sites as "safe" just because they have a privacy policy is even more evil. What does it mean for a site to have a "good" privacy policy if it's hosted in a country where it's easy to get a warrant? Should Firefox stigmatize every site hosted in China? What's the meaning of a privacy policy for sites that don't use https? What's the meaning of a privacy policy for sites that are hackable?
With that aside, anything that replaces the need to read gobs of legalese is a good thing. So put those things in the privacy policy, if you want to be friendly. I'd love to live in a society where legalese is broken into a short syntax of well-understood subroutines, where people simply walk away from complex contracts.
But, regarding the ideas of having browsers do things: having a browser tell the user their personal information is safe in the hands of some company's server is the wrong attitude to encourage and is also generally factually wrong.
Another problem with this idea is that, if it worked, it would stifle innovation online. What if there's a good reason to share a user's personal information? What if things like OpenID (or some other thing we haven't thought of yet) go against the technicalities of some standard privacy policy axis?