Submitted via IRC for Bytram
Opinion | We Read 150 Privacy Policies. They Were an Incomprehensible Disaster.
[...] here are several privacy policies from major tech and media platforms. Like most privacy policies, they’re verbose and full of legal jargon — and opaquely establish companies’ justifications for collecting and selling your data. The data market has become the engine of the internet, and these privacy policies we agree to but don't fully understand help fuel it.
To see exactly how inscrutable they have become, I analyzed the length and readability of privacy policies from nearly 150 popular websites and apps. Facebook’s privacy policy, for example, takes around 18 minutes to read in its entirety – slightly above average for the policies I tested.
Then I tested how easy it was to understand each policy using the Lexile test developed by the education company Metametrics. The test measures a text’s complexity based on factors like sentence length and the difficulty of vocabulary.
[...] The vast majority of these privacy policies exceed the college reading level. And according to the most recent literacy survey conducted by the National Center for Education Statistics, over half of Americans may struggle to comprehend dense, lengthy texts. That means a significant chunk of the data collection economy is based on consenting to complicated documents that many Americans can’t understand.
[...] Despite efforts like the General Data Protection Regulation to make policies more accessible, there seems to be an intractable tradeoff between a policy’s readability and length. Even policies that are shorter and easier to read can be impenetrable, given the amount of background knowledge required to understand how things like cookies and IP addresses play a role in data collection.
“You’re confused into thinking these are there to inform users, as opposed to protect companies,” said Albert Gidari, the consulting director of privacy at the Stanford Center for Internet and Society.
(Score: 4, Insightful) by JoeMerchant on Friday June 14 2019, @10:30PM (1 child)
What could a company possibly gain by providing a clear, easily understood, or even self-coherent Privacy Policy?
Far better to pay a junior lawyer for a day or two and have them craft something completely meaningless which appears at a glance to meet the requirements of the regulations. Then, if they're ever called out for having a nonsense policy, they can pay another junior lawyer to engage with the toothless corrections group to help clarify the policy and maybe come into minimal compliance with the law.
It's not like consumers walk away from a new shiny just because there's a 16 page privacy policy they have to click through.
🌻🌻 [google.com]
(Score: 2) by bob_super on Friday June 14 2019, @11:12PM
Yup. I object to the word "disaster".
The end result is exactly as designed.
(Score: 1, Insightful) by Anonymous Coward on Friday June 14 2019, @10:33PM (4 children)
... where is Soylent News' privacy policy?
(Score: 0) by Anonymous Coward on Friday June 14 2019, @11:05PM
Feel free to use this one, it came with phpBB software that we use for a forum for a tiny organization, I've replaced our specific additions with "website", "org_name" and "URL" to protect the guilty:
--------------
This policy explains in detail how “website” along with its affiliated companies (hereinafter “we”, “us”, “our”, “org_name”, “URL”) and phpBB (hereinafter “they”, “them”, “their”, “phpBB software”, “www.phpbb.com”, “phpBB Limited”, “phpBB Teams”) use any information collected during any session of usage by you (hereinafter “your information”).
Your information is collected via two ways. Firstly, by browsing “website” will cause the phpBB software to create a number of cookies, which are small text files that are downloaded on to your computer’s web browser temporary files. The first two cookies just contain a user identifier (hereinafter “user-id”) and an anonymous session identifier (hereinafter “session-id”), automatically assigned to you by the phpBB software. A third cookie will be created once you have browsed topics within “website” and is used to store which topics have been read, thereby improving your user experience.
The second way in which we collect your information is by what you submit to us. This can be, and is not limited to: posting as an anonymous user (hereinafter “anonymous posts”), registering on “website” (hereinafter “your account”) and posts submitted by you after registration and whilst logged in (hereinafter “your posts”).
Your account will at a bare minimum contain a uniquely identifiable name (hereinafter “your user name”), a personal password used for logging into your account (hereinafter “your password”) and a personal, valid email address (hereinafter “your email”). Your information for your account at “website” is protected by data-protection laws applicable in the country that hosts us. Any information beyond your user name, your password, and your email address required by “website” during the registration process is either mandatory or optional, at the discretion of “org_name”. In all cases, you have the option of what information in your account is publicly displayed. Furthermore, within your account, you have the option to opt-in or opt-out of automatically generated emails from the phpBB software.
Your password is ciphered (a one-way hash) so that it is secure. However, it is recommended that you do not reuse the same password across a number of different websites. Your password is the means of accessing your account at “website”, so please guard it carefully and under no circumstance will anyone affiliated with “org_name”, phpBB or another 3rd party, legitimately ask you for your password. Should you forget your password for your account, you can use the “I forgot my password” feature provided by the phpBB software. This process will ask you to submit your user name and your email, then the phpBB software will generate a new password to reclaim your account.
(Score: 2, Insightful) by Anonymous Coward on Saturday June 15 2019, @03:37AM (1 child)
About as useful as a Code of Conduct.
(Score: 2, Informative) by realDonaldTrump on Saturday June 15 2019, @09:24AM
We had to put in a Code of Conduct for events at the White House. Because Fake News CNN sent us Crazy Jim Acosta. Major problem person!!!! foxnews.com/politics/white-house-will-not-seek-to-remove-cnn-reporter-jim-acostas-credential [foxnews.com]
(Score: 4, Informative) by rigrig on Saturday June 15 2019, @09:31AM
Buried in the wiki [soylentnews.org]
Which is a shame, because it's one of the few decent privacy policies on the internet (although it probably doesn't fully comply with the law):
No one remembers the singer.
(Score: 1) by fustakrakich on Friday June 14 2019, @10:35PM (1 child)
Anything you say can and will be used against you, and you ain't gettin' no lawyer!
La politica e i criminali sono la stessa cosa..
(Score: 2) by RS3 on Saturday June 15 2019, @02:26AM
I've read many "privacy" policies. I can only remember one that basically said "we value your privacy and will never share your data with anyone without your express written approval".
The rest of them say: "We value your privacy. ... blah blah blah words babble ... We will share your data with our trusted partners." Which means anyone we want.
"We value your privacy. Er, what we mean is your perception of privacy has value to us. And value = $. So just you go ahead and trust us and give us your personal info and let us turn it into our stockholders' value."
(Score: 2) by krishnoid on Friday June 14 2019, @10:35PM (5 children)
This should be taught to kids as soon as they learn how to read; that a lot of text that they'll be presented with is designed primarily around concerns/intents other than intelligibility, and a list of what those common concerns/intents are -- legal coverage, poetic symbolism, etc. Not that they'll need to read that stuff -- just to simplify identifying it when they see it, and maybe not try to waste a lot of time trying to decipher it using typical reading methods.
(Score: 4, Interesting) by JoeMerchant on Friday June 14 2019, @10:54PM (4 children)
Like patents? If I were king, and still gave a damn about the patent office, I'd impose a sliding scale for patent fees: the more instructive a patent is, the easier it is to reproduce what is being patented solely from the text and figures provided, the lower the fee. Not a penalty for obfuscation, mind you, just a discount for those patents which can be processed through the examiners in less than the average amount of time engaged.
You want to hire a bunch of patent lawyers to obfuscate what you're patenting, ratchet up their fees and the fees of the opposing parties as they try to decipher the whole thing for a potential conflict or licensing? Sure, play that game, just be prepared to share your fee orgy with the patent office before you get any legal protection.
🌻🌻 [google.com]
(Score: 1) by anubi on Saturday June 15 2019, @12:03AM (3 children)
Let it be well known that the more incomprehensible it is, the likelihood of it being dishonored is is just that much greater. Claim something already in public use, the whole thing is apt to be tossed out like a half rotted apple.
I
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 2) by JoeMerchant on Saturday June 15 2019, @12:48AM (2 children)
True, however, that does not spare the legal teams of companies attempting to operate in or around the IP space from having to attempt to decipher it just to determine if it is a threat or not... Once granted, a patent is in essence notice of legal threat of suit, and due diligence includes a competent evaluation of that threat - which is considerably more costly when there are 200 claims and a barely comprehensible background with confusing diagrams.
🌻🌻 [google.com]
(Score: 1) by anubi on Saturday June 15 2019, @01:42AM (1 child)
We need judges that are more inclined to toss the whole shebang.
Once litigants realize their hard won patents are getting tossed in courts over trivial patent troll efforts, they will prefer a defendable position over trying to patent a cloud.
"Prove all things; hold fast that which is good." [KJV: I Thessalonians 5:21]
(Score: 4, Interesting) by JoeMerchant on Saturday June 15 2019, @03:00AM
We need a system where the plaintiffs aren't free to shop jurisdictions (ahem, East Texas).
In 2003 I had 6 patents, I was hired into a new company on the same day as a high powered IP attorney - on that day he mentioned that he expected to be writing many more patents for me... well, he also happened to be the Treasurer of the House majority leader's campaign and so the CEO used him for lobbying instead for the next 2 years. I filed a bunch of invention disclosures, but they were ignored.
One day, fresh back from New York, the CEO walks into a meeting and says: "Our main competitor has had sixty five patents granted in the last year, SIXTY FIVE!!! Anyone know how many we've had? Two. Anyone know what that means? We're sixty three behind, let's get out there and get some patents, PRONTO! All of a sudden there were $500 bonuses for inventors on filing, another $500 on granting - we brought in outside counsel to help speed things up, fully half of my old invention disclosures got filed, plus another three or four before I left that circus for a different one.
From the CEO's perspective, it's nothing about quality, it's all about quantity - sixty five patents at an average cost of $25K per issuance was just a good investment for him, 1.6 million investment in IP bumped up our value multiplier by something like 5-10% (moving from a "weak" IP protection rating on Wall Street to an "average" rating), which translated to an additional 50-100 million in market cap, and a nice kick in the margin on his options. Cue ball couldn't tell you the first thing about the specific merits of any one of those patents, and it just didn't matter in his world.
🌻🌻 [google.com]
(Score: 3, Interesting) by darkfeline on Saturday June 15 2019, @06:43AM (3 children)
Uh, yeah, you have to understand the basics before more complex things can be explained to you. You can't expect someone to explain reality to you in baby language because reality is complex. This is like expecting someone to explain rocket science to you without chemistry or aerodynamics, then when you go build a rocket that lurches sideways, smashes through the window, and explodes, killing your pet dog, you blame your teacher.
If you refuse to take the time to become informed and make choices, then don't whine about choices being made for you. Yes, that means learning about cookies and IP address, boo hoo, and god forbid, reading for 20 minutes.
Join the SDF Public Access UNIX System today!
(Score: 1) by khallow on Saturday June 15 2019, @04:23PM (2 children)
One of the first things that should be coming to your mind is why does humanity need rules so complex that even the people writing them have trouble understanding what they mean? Obfuscation is a big reason why.
(Score: 2) by darkfeline on Sunday June 16 2019, @04:12AM (1 child)
Yes, cookies and IP addresses are all a big conspiracy to make it hard to understand technology. Complex things are complex.
And yes, that includes legal literature. It turns out simple rules don't work because reality is complicated. More and more exceptions get added over time, and here we are.
Join the SDF Public Access UNIX System today!
(Score: 1) by khallow on Monday June 17 2019, @03:34AM
You don't need to "exceed the college reading level" in order to explain cookies and IP addresses.
(Score: 2) by Thexalon on Saturday June 15 2019, @01:02PM
Back in 2009, then-professor Elizabeth Warren did an interview where she outlined how she, a professor of contract law at Harvard Law School, couldn't make heads or tails of her own credit card contract. Neither could her colleagues at Harvard Law. Neither could anybody the Government Accountability Office.
Pretty much all these contracts amount to: "We can do whatever we want, and you can't stop us. Nya, nya, nya nya nya." That's it. And good luck getting cell phone service, Internet access, a bank account, electric power, or all sorts of other basics of modern life without signing one.
The only thing that stops a bad guy with a compiler is a good guy with a compiler.
(Score: 0) by Anonymous Coward on Saturday June 15 2019, @01:24PM
Oh they understand it all right. They just haven't decided to reply yet.