AARP Consumer Data Privacy and Security Principles


AARP’s digital privacy and security principles are intended to ensure strong and equitable consumer privacy and security protections. At the same time, they support beneficial uses of data that can spur innovation bringing lasting consumer change. 

Provide privacy protections while enabling meaningful innovation and data-driven decision-making—data privacy and security laws and regulations should provide meaningful data privacy and security consumer protections regardless of factors such as age, race, ethnicity, ability level, sex, gender identity, and sexual orientation. At the same time, they should facilitate innovation that has the potential to provide lasting consumer benefits. Data-driven decision-making should empower systems to identify and address disparities and other challenges. 

Safeguard consumer choice and control—consumers should control the extent to which their personal information may be collected, analyzed, shared, and sold. 

Ensure heightened protections for sensitive data—data that are sensitive and pose significant risk to the consumer if disclosed should receive heightened privacy and security protections. 

Promote privacy and security by design—privacy and security protections should be embedded into products and services. 

Foster transparency—organizations should provide accurate and understandable information to consumers about their privacy and security practices. 

Ensure accountability—privacy and security laws and regulations should include robust enforcement mechanisms to ensure compliance.