The Information Commissioner's Office (ICO) has launched a consultation on a new draft Code of Practice (PDF), inviting relevant organisations and members of the public to participate in developing more user-friendly privacy notices.

The ICO believes that many existing privacy notices, which detail how an organisation will handle customers' personal details, contain too much legal jargon, and are written to protect the company rather than to help the public understand how their information will be used.

As part of the Data Protection Act anyone who processes personal information must make sure that the information is:

* Fairly and lawfully processed
* Processed for limited purposes
* Adequate, relevant and not excessive
* Accurate and up to date
* Not kept for longer than is necessary
* Processed in line with your rights
* Secure
* Not transferred to other countries without adequate protection

"Collecting information about people in the proper way lies at the heart of good data protection practice," said Iain Bourne, head of data protection projects at the ICO.

"The draft Code of Practice says that organisations should not be scared of using personal information in a reasonable way which people would expect.

"Where organisations are going to use personal information in a way that is controversial or unexpected, or if sensitive or confidential information is involved, organisations should ensure that they explain this to people."

An increasing amount of our personal details are collected, stored and processed, and Bourne believes that people simply want to be able to understand what others will be doing with that information and the likely consequences of its use.

The draft code contains examples of good and bad practice, and warns that organisations must not mislead the public, or provide people with choices that they cannot understand or that will not be honoured.

The consultation will run until 3 April.