Negligence of Policies

Legally speaking, companies have to provide access to it’s users about what kind of information they are taking from users. Obviously, most people do not read the Terms and Conditions of the account you are creating on Facebook. Additionally, suggesting that lay people attempt to read and understand the privacy policies of every website that they visit is untenable. The average privacy policy for a popular US-based website is 2,500 words long and contains “legalistic, confusing, or jargon-laden phrases” (http://lorrie.cranor.org/pubs/readingPolicyCost-authorDraft.pdf page 11). These publicly available “policies” are challenging to understand, even with users that have better readability scores.

Companies have multiple styles of presenting this information however, according to “A Comparative Study of Online Privacy Polices and Formats”, a paper in collaboration with individuals from Carnegie Mellon and Microsoft, a study of 749 internet users resulted in participants not being able to reliably understand companies’ privacy practices with any of the formats.

This paper is about a study conducted using multiple companies’ privacy policies and understanding how users from different educational backgrounds comprehended them. The appeal of ethos is used in the fact that almost all tested users felt uncomfortable by the method of delivery of the data policies of these companies.

The paper concludes with the conclusion that a user’s readability metrics does not provide a god way to differentiate between policies and a regulation of the format of these policies would not be beneficial. Companies purposefully do this to create confusion and create a facade for what the terms and conditions might actually imply. Keeping these policies confusing to average user is better for tech companies because it keeps users in the dark about data and privacy collection. The utilitarian perspective of this could be to maximize the benefit while minimizing loss to the consumer.

Two kinds of extremes for this could be a scenario where companies take no information from their users at all, and the other could be companies take all information over their data and the user would have none. Instead of focusing on only profits, companies should also be aware of the negative consequences of collecting such data (such as false positives).

Every choice you make with your personal information on the internet tends to have a domino effect and each action must be taken with extreme caution and a clear understanding of data privacy. However, the burden of such a responsibility cannot be put on the users of the internet, it has to come down to the technology industry as a whole or the government to take on the ethical dilemma surrounding the collection of consumer data.