We have a major problem with privacy policies.
Purple, a UK WiFi hotspot provider, hid a “Community Service Clause” into its service agreements. 22,000 people at coffee shops and restaurants across the UK agreed to 1,000 hours of menial labor when they signed onto use Purple’s WiFi. The labor included cleaning local parks of animal waste, cleaning portable lavatories at local festivals and events, and more.QuHarrison.com
Thankfully this “experiment” from a year ago was a joke meant to provoke conversation. However, our tendency to blindly agree to a company’s policies isn’t always harmless:
Alex Urbelis [a lawyer specializing in privacy] is concerned about Philips’ Sonicare electric toothbrush model that contains Bluetooth.Jennifer Schlesinger, CNBC
“When you sign up to use this particular toothbrush, it’s collecting information, sensitive information, about your brushing habits, where your cavities are located,” he said. “When you brush, it’s measuring things like the pressure that you’re using on a toothbrush, the frequency of your brushing habits.”
What could companies possibly want with my brushing habits and cavity info? I don’t know but I’d prefer not to find out.
Privacy policies are created to protect companies. A combination of vague language, parachute terms, and legal jargon makes it nearly impossible to understand and a marathon of a read for the average person.
Tim Berners-Lee, the father of the World Wide Web, ranked his top worries for the future of the Internet – and his number one concern was that we’ve come to blindly accept the labyrinth terms of service for most technologies.
Privacy Policies Solved
There are a few ways we can beat around this bush.
The second solution lies in reframing how we create terms of service.
“These are documents created by lawyers, for lawyers. They were never created as a consumer tool,” Dr. King said. “What would we do if we actually started over and did this from a human-centric point of view, knowing what we know now about how humans process information online?”Kevin Litman-Navarro, The New York Times
Any BBC apps you download to your mobile or TV can access certain data on your device. Some data gets collected automatically, like: The types of mobile device you’re using, a “unique identifier” (like the device ID or an IP address), info about how our apps are being used.
This lets the app remember you and give you whatever content you’ve asked for. For example, the BBC Weather app asks to use your device’s location to give you local weather.
This is something anyone can read and at least understand what they’re agreeing to. However, it doesn’t bode well for the company, who needs these policies for protecting.
An OO-certified app or site must meet three criteria. First, it needs to demonstrate “a basic level of transparency” by making its code and infrastructure — among other things — public and fully documented. Second, it needs to lay out its policy in the form of “claims with proof,” establishing what user data is collected, who can access it, and how it’s being protected. Third, those claims must be evaluated by an OO-certified auditor who then makes the audit results public.Adi Robertson, The Verge
Companies that meet these criteria will receive an OO-certified seal. I think it would be interesting if they evolved over time to rate the objective level of privacy on a grading scale – but I suppose you have to start somewhere.
Regardless, the kicker here is ensuring that they don’t lose their integrity or get lazy. I was just shopping for cars and I swear Consumer Reports have become useless in this sense because every car’s report is the same.
Ultimately, we live in a capitalist society. The Internet is an engine for data. To reconfigure the Internet around a new monetary, incentive structure would be very complex. I do believe we need to “bring a gun to a gunfight” and create more opportunities for companies to actually make money by providing privacy. Exactly how that happens is the real question.