For the nocturnal individual struggling to find methods to fall asleep, you may consider reading the terms and conditions of sites such as Facebook, LinkedIn, and Twitter to name a few. These are long reads, often longer than a commitment to a cell phone plan. Maybe they were not meant to be complicated, perhaps they were a task for a team of lawyers to draft and end-user consumption was never considered. Or – perhaps this design is intentional, to hide and complicate the details, otherwise aware of the fact we would decline with extreme prejudice. For now, bring on the free cat pictures.
Intention aside, the average person will usually, without consideration, accept the terms so they can continue with whatever task they began with. Meanwhile, the service provider smiles and has another new agreement and something to sell.
When I accept this agreement, where is my receipt? I heard at a conference I recently attended that when we buy a coffee we get a receipt, but what about when I give my consent? How am I to know that the original consent of a policy has not changed? You don’t, we put so much blind trust in companies that are known to bundle and sell our data – this is their business.
Remembering back to my school days, when needing to get through a boring assignment (so I could get on to more interesting things). We would buy a condensed summarized book called Coles notes, this would get to the important points in an easy to read way. Privacy agreements and Terms and Conditions should have this as well. A Coles notes version of the document so I can glance and agree (or optionally read further if I am trying to get to sleep) and move on to what I came to the site in the first place.
I believe the industry should adopt a consent template that has a checklist that is common, a checklist that displays to the user what they should consider before accepting. How about something like this:
1. Will some or all my information be shared with other users of the system?
2. Will it be sold to third party companies?
3. Will I be informed of a data breach?
4. Will I be informed and allowed to opt out of changes in conditions?
5. If I choose to delete my account what happens to my data.
6. Is there visibility on how my information is being used.
I am sure that is a start, but the list should not be too lengthy, it needs to be a brief read in front of the lawyer’s version to inform the user of what’s what, without getting a law degree.
Policy’s, agreements, terms, and conditions may have lots of lawyer talk, I just want to see what is important to my privacy and move on.