Print this page
Published in News

Privacy policies are unreadable

by on14 June 2019

Easier to read War and Peace

Privacy policies are often too-complicated, novella-length texts that require a lawyer on hand to explain the fine print and most people can't be bothered even glancing at them.

A recent analysis published by the New York Times looked at 150 privacy policies of popular websites and apps. It found that most take more than 15 minutes to read, with some requiring a person dedicated more than half an hour to parse every bit of detail regarding how a company uses their data.

According to the  New York Times, the vast majority of privacy policies require a college or professional-level reading comprehension in order to understand them. The vast majority require university-level reading comprehension.

Even attempts to force companies into simplifying the language of these agreements have struggled to produce successful outcomes. The European Union's General Data Protection Regulation (GDPR) requires privacy policies be presented in a “concise, transparent and intelligible form, using clear and plain language”. But, after a full year of GDPR being in effect, most companies are falling short. The European Commission recently conducted a survey that found while 60 percent of Europeans attempt to read privacy statements, just 13 percent read them in full because the texts are too long or too complicated.

Florian Schaub, an assistant professor of electrical engineering and computer science at the University of Michigan pointed out that most privacy policies simply require users accept the terms in full or not use the service at all. Schaub said companies maintain the right to change their policy at will, and consumers are required to acknowledge and accept those changes or risk losing access to the service entirely.

Privacy policies need a rewrite. The texts need to be boiled down from the massive, unmanageable blocks of texts to something that just about anyone can read and easily understand. After all, sites like Facebook and YouTube allow users as young as 13 on their platforms and the language of the privacy policy should reflect that. One idea that's been kicked around by researchers at Carnegie Mellon is a privacy nutrition label that would present a standardized format that would have visual indicators along with text that would make it easier for consumers to get an at-a-glance and more detailed understanding of exactly what they are agreeing to. But really, anything would be better than the slog of legalese that users currently have to navigate.

 

Last modified on 14 June 2019
Rate this item
(0 votes)