Slashdot Mirror
Privacy Policies Are Great — For PhDs
An anonymous reader writes "Major Internet companies say that they inform their customers about privacy issues through specially written policies. What they don't say is that more often than not consumers would need college undergraduate educations or higher to easily wade through the verbiage. BNET looked at 20-some-odd privacy policies from Internet companies that received letters from the House about privacy practices. The easiest to read policy came from Yahoo, at a roughly 12th grade level. Most difficult? Insight Communications, which at a level of over 20 years of eduction officially puts it onto IRS Code territory."
Well--and this is all from the prospective of a geography ignorant non-lawyer American--the fact is that most policies are in place to avoid confusion. Ah, who am I kidding, they're there so nobody sues the hell out of anyone else. And a policy is there to stop the worst kind of lawsuits: class action. I'm sure you would notice this if you did the same analysis of other policies--like healthcare, dental or auto insurance policies. Yes, your health and your automobile might seem more important than your privacy but the United States Justice system (is supposed to--like in the NYTimes article) stop companies from swindling any of those.
And there's not a lot you can do about this, we're going to want to sue the pants off a bastard company if suddenly our name and address is being traded on a disc with 50,000 others on the black market. So they write these policies to be air tight and they use terms that have legal connotations because I'm sure the only time these things are scrutinized are in court anyway. And the second you take away that level of granularity, I'm sure you see yourself as a company open up to lawsuits.
My work here is dung.
Yes, but it's 5000 words long. Who has time to read 5000 words?
Commodore64_love: I don't comprehend people who're so frightened of death that they'll bankrupt themselves to stay alive
... in my over-20 years of education, is that some things just aren't worth reading.
Looks like it had an impact and my relative decided to close his account and destroy the tree. But geni claims they need my permission to destroy my account. Is it reasonable for a company that bribes its users with free family tree service in exchange for private info about people to follow a opt-out policy? Shouldn't they be required to notify me and get my consent before they add my name? I have received invites from other social networking sites, but they all require me to create an account first. If I ignore the email, I hope, they would not add me to their databases. Probably they will just sell my email address to spammers and stop with that.
I believe there is neither a technological or legal solution to this problem. A new geni.com could easily be run by Russian mafia outside US borders and thumb their noses at us. I think the only solution is social. They are using social engineering to pry private info from the public by offering some service or the other for free. We need to educate the public about the implications of succumbing to the temptations by them. Today if I set up a stand in a fairground and ask people to give the names, addresses and phone numbers of their relatives and friends in exchange for small token gifts the response would not be overwhelming. Somehow people believe it is wrong to tell strangers such information. But set up the same stand in the internet and people are punching in the email addresses of their friends and relatives like gangbusters. What would it take to educate the public about the menace to privacy these companies pose?
I did my best. I pointed out the liability issues the company has like some stalker tracking down someone hiding in a relative's home or identity thieves making use of the mother's maiden names data etc. Told the company that they must disclose their liability to their investors and to anyone they are trying to sell to. Made it official and made it difficult for the company officers to claim later, "We never anticipated that development". If we keep raising the liability issue with these companies, may be we can get their venture capital to dry up. Just a thought.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
I really think something needs to be done about this, because 99.9% of people don't read lengthy EULAs and privacy policies simply because they are too long, boring, and difficult to understand, yet we are agreeing to conditions we probably would never agree to if we knew about them. Perhaps a law stating that the policies must be written at a sixth grade level, use small and non-legal words wherever possible, and come with a 1-page summary of the major rights. I think that would be a fantastic idea.
I don't believe it for a second - the measures used are dubious at best (try the Word readability macros and see for yourself - they do Fleisch-Kincaid scores too). At minimum, they have to be used properly. For instance, the single word text "communication" is so unutterably high on all the indices that it skews the results completely. And the text of Alice in Wonderland on Project Gutenberg scored:
Coleman Liau index : 28.19
Flesh Kincaid Grade level : 11.95
ARI (Automated Readability Index) : 21.61
SMOG : 11.68
So that's a hefty margin of error, removes all use of any average and says that you have to be a virtual genius to read Alice in Wonderland, or a 11th-grader. Mmm. Yes. Accurate measure.
Insight Communications, which at a level of over 20 years of eduction officially puts it onto IRS Code territory.
Slashdot, on the other hand, is sitting somewhere around a grade 3 level.... :)
"City hall" in German is "Rathaus" Kinda explains a few things......
Um, as far as I can understand, privacy policies are there for legal reasons, written in legalese to give them a quasi-legal basis for defending their policies.
Unless you're a lawyer or have a lawyer present each and every time you agree to a privacy policy (assuming you even agree to it, most are just implied to "work"), then it's basically just embedded, textual bullshit to somehow protect the company from lawsuits.
I seriously doubt that a privacy policy would stand up very well in court, unless the judge is completely in the dark on matters of technology, in which case it's simply a matter of presenting the test case as a physical contract and seeing how it would stand up, or limiting the amount of power a privacy policy holds on a public website.
Disclaimer: IANAL
Once this is taken into account is it any surprise that the vast majority of web users simply click "I agree" to anything they see
politicians are like babies' nappies: they should both be changed regularly and for the same reasons
Are these privacy policies any more difficult to read than the rules to McDonalds' annual Monopoly game? Come on, they are worded in a way so as to protect the company posting them, not to genuinely inform their customers.
Whale
I knew I was making those student loan payments for SOMETHING.
And, given my experience working with the typical American, it would be impossible to dumb down anything enough for most of them to understand anyway. When I was in college, I took educated friends and co-workers for granted. When I came out into the "real world" it was a bit of culture shock to realize that the vast majority of real people not only don't have college degrees, but also read at about a "See Dick run" level.
SJW: Someone who has run out of real oppression, and has to fake it.
A year or so ago a man was being sued by M$ for having one copy of XP running on 3 computers (one purchased key). His defence was the EULA was unenforceable since it was only understandable by a lawyer and nobody has a lawyer looking over their shoulder when installing software. His lawyer (go figure) did a masterful job of saying that since the average person could not understand the EULA it was meaningless and unenforceable.
Does anyone know the outcome of that case?
Professional Politicians are not the solution, they ARE the problem.
I agree. It is amazing how many people I have met that had a college education, and not only had a very poor general education, but had a very poor understanding of the subject they majored in in college.