About those fun Privacy Policies

01. September 2013 Security 4

We all know they exist but most never read them. Privacy Policies (and Terms of Use) never used to be a concern and if people were willing to read them it was just a few paragraphs of clear, understandable language anyway. Not so much anymore. Privacy Policies have changed in to lengthy, often vaguely phrased and carefully worded books where concern about your privacy is often replaced by concern of covering one’s ass. But motives aside, it’s the length of these policies that causes most not to read them and we don’t like long texts anymore. Take a look at the history of Apple Privacy Policies below for example (click for full size 6MB). It started off so simple, what the hell happened??

I’m using Apple as an example but this goes for almost any website and company out there that has been around for a while. It starts simple, we collect this, we use it for this, we use cookies and do not hand out your info to anyone. Then come the mentions of “third parties”, “partners”, “affiliates”, “law enforcement” and “national security”. As companies grow and products and services are added the privacy policy grows. Location-based services were not a concern 10 years ago, there was no Google Analytics, pixel tags or web beacons but as the web and the technology developed and evolved, so did privacy policies of companies that use them. As Privacy Policies grew longer and more complicated those that bothered reading them before now no longer did. Meanwhile, as this is happening, companies gather more and more information about you. We share more online every year and more companies harvest user information because it’s worth cold hard cash. Knowing what information a website or company collects, stores and trades is more important than ever.

Out of all the times you accept a privacy policy (or terms of use) without reading them, at the very least 70% of them have something in it you do not like or agree with. Don’t think so? Look for the privacy policies on the websites of companies you use products or services from. Check your applications for terms of use. Agree with all of it? Didn’t think so. Still, you click that “Accept” button every single time, admit it. Why would you admit to something you do not agree with?

“If i don’t click “Accept” I do not get to use the product” is of course the number one reason. What’s ironic is that everyone complaining about the companies that are part of PRISM has agreed to the collection, storage and distribution of their information by accepting the privacy policies that belong to those companies. Maybe they thought it was an acceptable risk at the time or didn’t know what it meant and now changed their mind but let’s face it, the vast majority did not even read the privacy policies.

So, do yourself a favor, start reading privacy policies and terms of use. Even if you just glance over it and focus on the important parts (what’s collected, how is it used & to whom is it given). Next time you hear Facebook, LinkedIn or Twitter was hacked, you know the potential information that was compromised. Next time The Guardian or New York Times release any of the 20.000 Edward Snowden documents revealing something unpleasant, you’ll know what kind of information they got on you.

If you don’t understand a policy, ask questions. See something you don’t like or agree with, ask questions. Imagine if everyone refused to use iTunes because they don’t agree with the Privacy Policy or Terms of Use, Apple would have no choice but to change it. Imagine if everyone stopped using Facebook because their Privacy Policy is outrageous, they’d have to make changes. We as consumers/users have the power. A few people can create awareness, a lot of people can get things done (look at what public knowledge of PRISM and government spying is doing right now).

In the end, it’s you covering your own ass, which is always a good idea.

4 thoughts on “About those fun Privacy Policies”

  • 1
    Krowface on September 2, 2013 Reply

    Thinking about how your view is on freedom of expression and expectation of privacy, what would *your* ideal TOS look like? I bet it would be honest, easy to understand, and just snarky enough to keep the lawyers on their toes.

    • 2
      Jay on September 3, 2013 Reply

      Absolutely it would 🙂

  • 3
    Bob Bobson on January 14, 2014 Reply

    After “Agreeing” to a privacy policy, I usually email the customer service team to tell them I did not read the privacy policy.

    I do not know what the implications of this are exactly, but I hope that sending them the affirmative statement that I did not read the policy will create some discomfort on their end.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.