Privacy Policies, who reads them and why?

Whenever you browse the web, each company’s website that you visit will urge you to read their privacy policies and agree to their terms. These privacy policies are there to inform the visitor of who the company is, how they will collect, use and store your personal information and how a customer can control that use of their personal data. The policy informs you about what will happen after you provide your name, email address and other personal information. It is required by law that a company display a clear link to their privacy policy on their website at all points of data collection.

Google had more than 60 privacy policies for its various products and recently implemented a new policy by consolidating its many policies into one document. Google isn’t changing anything about their existing privacy settings or how any personal information is shared. However, the EU claims that the new policy is impossible to understand and that it violates data collection laws. Goggle suggests the new policy simplifies its privacy rules and improves the user experience but the few people who actually read it will notice several embedded links that lead to more terms and definitions. To be completely informed, you would have to read through all the information on the linked pages as well—not so simple after all.

Facebook is another media site that has been under scrutiny from privacy advocates and constantly updates its privacy policy. As Facebook has grown larger, it’s slowly been helping itself to more of its users’ personal information while limiting the users’ options to control their own data. Some of the latest updates have been to provide its users with a selection for privacy settings to make information less publicly available. In efforts to simplify their settings, Facebook now lets the users select if, and with whom, they want to share their information.

This sounds pretty important, especially as many of us worry about problems such as identity theft and privacy and wonder how much of our personal data is being kept and sold. Have you ever actually read through any of these? Who has? To become maximally informed you would have to read ALL the privacy policies on all the websites you visit. You might think this seems tedious and time-consuming and you’d be right. According to one study, it would take you 76 work days to read all the privacy policies you encounter in a year!

A few years ago two researchers estimated that every Internet user would spend 25 days a year just reading privacy policies, were they to read every policy on every website they visit. That’s the equivalent of 76, 8 hour workdays to complete the task. That ends up being 53.8 billion hours of time nationally! By estimating median length of a privacy policy, average time to read the policy, number of policies encountered in a year, number of hours it would take the U.S. to read them, and add in a few other factors, the researchers came up with a hypothetical national opportunity cost. That massive number ended up around $781 Billion!

Is this stunning number the real cost of privacy? Of course not.  Not everyone is going to read all those privacy policies. What that outrageous number is telling us is that something is wrong with the way these policies are written. According to a comparison study by privacy service company TRUSTe, the length of an average policy is about 2464 words. That’s almost half the length of the U.S. constitution, greatly exceeding the attention span of average internet users. In addition, most policies are written at a college sophomore reading level while the average U.S. reading level is that of an 8th grader.

Based on these studies, it’s not reasonable to expect a person to maintain a relationship with their own data if they can’t understand the information. This has to change. These enormous policies need to be re-worked and reduced to ensure a standard level of legibility. Privacy policies, like all copy, need to be more concise, to the point and useful to the reader. Policies need to depart from all the technical detail and make the text user-friendly! Some policies are only a few sentences long and hopefully will set a precedent for others to discourage the dense and lengthy documents we so frequently sign without reading.

Leave a Reply