People Don't Read Privacy Policies... But Want Them To Be Clearer

from the sounds-good-to-me dept

We already know that people don't read online privacy policies and often (falsely) assume that if there's any such privacy policy it means their data is safe. There are, of course, even questions as to whether or not a privacy policy is even valid if no one reads it. Still, many consumer and privacy activists continue to act as if the privacy policy is a key aspect of online privacy. In fact, regulators in both the UK and the US seem to be admitting no one reads privacy policies, but demanding they are improved anyway. Specifically, a study done by regulators in the UK shows that 71% of people don't read privacy policies, but 62% want them clearer.

Now, you could make the argument that the reason people don't read privacy policies is because they are too confusing and not at all clear. And, there's something to be said for simplifying privacy policies. To be honest, I'm surprised no one has come up with a Creative Commons-like standard setup for privacy policies (pick and choose a few attributes, have nice images, and make it all clear in a single link). However, it seems to be focused on the wrong issue. It seems likely that the uselessness of privacy policies has a lot more to do with the fact that people don't care (or they don't believe any privacy policy, no matter how clear) or that they think no matter what the privacy policy is, it won't matter once the data is leaked or the company changes its policy. So rather than focusing on creating better privacy policies, shouldn't the focus be on what companies actually do rather than what they say they do?

Filed Under: complexity, privacy, privacy policies

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. identicon
    Carolyn Hodge, 18 Feb 2009 @ 12:11pm

    Privacy Policies, A Neccessary Evil?

    I think people are missing the point slightly here. Privacy Policies, as they exist, are an important contract (like terms of service) to which companies are held legally accountable. Unfortunately because they are often, exhaustive, they have become a lazy way for companies to communicate customer data policies and practices to consumers. Typically the privacy statement is not the location for consumers to manage their preferences about their personal or anonymous information. Facebook is one of the best examples of this. You can manage the exposure of your detailed profile information to a single person or noone. Privacy controls in their best implementation should be seamless to us.

    Second thing, the free internet in all its wonder, is made possible by advertising. Advertising, while annoying sometimes, is arguably, not very harmful, and our surveys show that users prefer relevant advertising.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Special Affiliate Offer

Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.