Understanding Privacy Policy in a Connected World

In an increasingly connected world, consumers can feel a bit trapped between the desire to both take advantage of all of the perks of a high tech world and being secretly terrified that their private information could fall into the wrong hands. Each time a consumer signs up for a new online service they are met with a privacy policy: a long, scrolling document in size 9 font written in unintelligible legal jargon that they must sign in order to use the service. According to the TRUSTe Privacy Index , the average website privacy policy averages more than 2,400 words, takes 10 minutes to read and is written at a university-student reading level.

Most people simply scroll down to the bottom and click “accept” and go on to the next screen. What did they just accept without having read or understood the policy? Do they simply cross their fingers and blindly trust that the personally identifying information that they are getting ready to type into an online form is going to be kept safe by the company or organization that is collecting it? That is not acceptable.

When asked, “When a company posts a privacy policy, it ensures that the company keeps confidential all the information it collects on users,” some 52% of Internet users believe – incorrectly – that the previous statement is true and that a privacy policy would ensure the confidentiality of their personal information. The Pew Research Center conducted a survey that measured public knowledge of technology and the web. Researchers found that most people don’t read the privacy policies they sign, and most users don’t understand the scope of the data that is being collected about them.

What are the basic elements of a privacy statement that consumers need to be concerned about?

Until such a time when privacy policies are written in a clearly understandable, transparent way, ask yourself these questions about what a particular privacy policy does and does not promise to do to protect consumer privacy:

  • What kinds of personal information does the website or app collect?
  • How will the organization use this information?
  • How will the organization protect this information?
  • What personal information does the organization share with outside entities?

If you don’t feel like slogging through a website’s privacy policy, but you’d really like to have a more clear understanding of what you are agreeing to when you click “accept” on a privacy policy, there’s an app for that. Actually, it’s a browser extension. Privacy Icons, which was released last year on a pay-what-you-want fee structure, is a browser add-on that displays nine, color-coded icons in green, yellow and red which signify the level of concern about the website’s privacy policy in each of the nine categories. The goal of the Privacy Icons browser extension is to make privacy policies more transparent and to bring consumers more awareness about how the websites they visit handle their data.

Understanding how businesses and other organizations are collecting, using and protecting the data that they share is a vital step toward helping consumers feel more empowered in a connected world.

For more information, please contact Jonathan Nace of the Washington, D.C. based law firm Paulson & Nace, PLLC.