People Don't Read Privacy Policies... But Want Them To Be Clearer

from the sounds-good-to-me dept

We already know that people don't read online privacy policies and often (falsely) assume that if there's any such privacy policy it means their data is safe. There are, of course, even questions as to whether or not a privacy policy is even valid if no one reads it. Still, many consumer and privacy activists continue to act as if the privacy policy is a key aspect of online privacy. In fact, regulators in both the UK and the US seem to be admitting no one reads privacy policies, but demanding they are improved anyway. Specifically, a study done by regulators in the UK shows that 71% of people don't read privacy policies, but 62% want them clearer.

Now, you could make the argument that the reason people don't read privacy policies is because they are too confusing and not at all clear. And, there's something to be said for simplifying privacy policies. To be honest, I'm surprised no one has come up with a Creative Commons-like standard setup for privacy policies (pick and choose a few attributes, have nice images, and make it all clear in a single link). However, it seems to be focused on the wrong issue. It seems likely that the uselessness of privacy policies has a lot more to do with the fact that people don't care (or they don't believe any privacy policy, no matter how clear) or that they think no matter what the privacy policy is, it won't matter once the data is leaked or the company changes its policy. So rather than focusing on creating better privacy policies, shouldn't the focus be on what companies actually do rather than what they say they do?

Filed Under: complexity, privacy, privacy policies

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    Steve R. (profile), 18 Feb 2009 @ 6:44am

    Gobbley Gook

    We just received a bunch of these privacy notices from the credit card companies, since they seem to be all changing their policies. I wonder why!?!?!?! (sarcasm).

    Anyway they all read: We respect your privacy so we will sell/give/rent/trade or whatever your personal information to anyone who asks (pays) so that they can send you even more junk mail. Oh, by the way, if the personal information that we sold to some unknown entity is used to "steal" your identity, it isn't our fault since you failed to sign-up and pay for this protection even though we said that we "protect" your data.

    What also gets me, if you want to opt-out of having your information broadcast to the world, these companies make it purposely difficult. If privacy/security really mean something, the trading/selling/renting of data that a company collects should be made illegal.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Show Now: Takedown
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.