medium bookmark / Raindrop.io |

Privacy empowers users with control over how companies collect and use their data.

If you’ve used the internet you’ve likely noticed a privacy policy or a terms of service on a website you’ve visited. The term privacy policy gives people the impression that the website offers privacy protection when you’re on the site. These documents are actually the website’s way of protecting themselves legally with respect to how they gather and use your information.

To sign up for a service you have to agree to this policy or terms of service.

“Is consent really the best and only way in this modern Information Age to provide meaningful control and to protect the individual?”

1. Consent has become overused.
2. Modern information practices conflict with general consent requirements.
3. Other privacy measures do more to protect privacy and data control than consent.

Privacy Policies and Consent are Flawed

Privacy policies protect companies legally. They tell consumers how the company collects, stores and uses their data. Unfortunately though, these privacy policies aren’t negotiable — to use the service users have to agree to the policy in its whole.

Privacy policies offer transparency, but not control.

If people want to use a service, they are required to agree to the service’s privacy policy. This becomes a passive step in the sign-up process because it doesn’t matter if users disagree. They can’t opt out of the parts they don’t like and opt in to parts they are okay with.

This complacency is great for companies, because it means people will sign up for their products without reading the terms of service and privacy policy. Later on, if users are upset about the ways the company uses their information, the company can just point to the privacy policy.

Well, you agreed to the privacy policy, didn’t you?

Sign up pages are specifically designed to take focus away from the privacy policies and encourage quick and passive agreement.

Companies Need to Let Users Control Their Data

Airbnb’s Douglas Atkin eloquently said, “In the distant future, we’ll forget the idea of engaging in technology at all. We’ll swallow it, absorb it and wear it, without us really thinking we’re engaging in technology per se.”

New technologies all bring about their own privacy risks. It’s no doubt that technology, especially IoT devices, is moving into more aspects of everyday life. As it does, a line needs to be drawn as to what is acceptable data use and what is not.

Eduardo Porter said in The New York Times:

“The cloud of questions aimed at Mr. Zuckerberg — Is Facebook too dominant? Does it censor information? Whom does it share our data with? Does it help sell OxyContin? — suggests that we don’t really know what the problem with Facebook is. It also suggests we don’t understand what Facebook does.”

As far as we know, Facebook completely explains its data collection measures in its privacy policy. However, there is still very little transparency into the ways that Facebook processes and uses its users’ data.

To ensure its compliance with new European privacy law, Facebook is adding new privacy features. GDPR requires Facebook to get explicit permission for tracking personal information — so the company will need to ask people for permission to target ads and use their faces for facial recognition.

So far, the ways Facebook asks for consent aren’t accept or decline. You can either “Accept and Continue” or “Manage Data Settings” — neither of which allows users to directly opt out.

Facebook Deputy Chief Privacy Officer Rob Sherman said,

“People can choose to not be on Facebook if they want.”

This is an issue. If users don’t want to opt in to Facebook’s tracking and targeted ads, the alternative is choosing to “not be on Facebook”. The company is effectively saying give us your data or get off our platform. Without bending to Facebook’s requests for your data, you can’t use the social network.

Privacy Complacency

People have been forced into accepting privacy policies that they don’t care to read or have no control over for so long, they have grown completely complacent — or helpless. If people need to use a certain service for work, for example, whether or not they agree with the company’s data policy doesn’t matter.

Since websites have continuously made people agree to complex and non-negotiable policies, consent has been watered down to mean nothing. One example of this is a study done by two communications professors, in which they tested how much students engage with privacy policies. They created a fictional social networking site, which they called NameDrop.

In the signup process, it read “By clicking join, you agree to abide by our terms of service.” Only 25 percent of 543 students even looked at the fine print. Just because they looked at the fine print doesn’t mean they actually read it. Included in the fine print was an agreement to give their first-born child to the fictional social network.

“There’s a real concern that consumer protection law is basically being swallowed by click-by-agree clauses,” said David Hoffman, a professor at the University of Pennsylvania Law School, who researches the law and psychology of contracts.

What if Snapchat’s privacy policy said that Snap could publish all of the Snaps you’ve ever sent on their website?

Snapchat’s Privacy Policy does say this:

“We may share your information with the following third parties:

• With service providers, sellers, and partners.

• With third parties for legal reasons

• With third parties as part of a merger or acquisition

We may also share with third-parties — such as advertisers — aggregated, non-personally identifiable, or de-identified information.”

This means Snapchat can share your snaps, and other information, with any number of third parties. Yet most people either don’t know this or don’t care.

But, How Can You Opt Out of These Policies?

This is where the problem lies — by using a service, you are opting in. However, if you find that you don’t agree with all aspects of the policy, in many cases your only choice is to stop using the service completely.

This gives people no control over their data. Once someone has clicked the “I agree” to the privacy policy or terms of service, there are very few ways they can change the ways websites collect their data.

Users need to realize that the current privacy landscape isn’t aligned with their best interests. An internet that works for users and not for big tech companies will solve other societal issues. Privacy gives power back to users and gives them the choice of how their data is used and if it’s collected all all.