It's Time for Web Companies, Users to Face Facts About Online Privacy

By Mike Elgan  |  Posted 2014-10-28 Print this article Print
Online Privacy B

The biggest lie in technology is that end-user license agreements, or EULAs—as well as privacy policies—are read by users or have any effect on what users know about the services they use.

I would guess that less than 1 percent of users read them, yet everyone who uses such products clicks the button that says they've read or understood the documents.

Let's be clear: This is just legal butt-covering that shields the company from future criminal charges or civil lawsuits.

Because nobody reads them, companies go ahead and load them with permissions to do every possible thing with user data, all buried in a muddy pile of legal mumbo jumbo.

They are nothing more than a crutch. Companies convince themselves that just because the lawyers crafted an all-encompassing legal document that no obligation exists for companies to communicate to users what they're doing with their data.

4. Is personal data without personally identifiable information like name, phone number or email addresses really personal data?

Whisper is a perfect poster child for the gulf between what companies do and what users believe companies do.

Most Whisper users believe they're invisible on the service, completely anonymous—and that their posts are ephemeral—here now, gone tomorrow.

Whisper's argument that the services are anonymous is based on the fact that they don't retain your name or phone number. But every other scrap of data they've encountered about you is stored and kept in a database and has been for the two years the service has existed.

They're able to identify users by their locations and actions, both individually and as groups.

This is a case where the companies should know better. In olden times, if a company knew your age, gender and zip code they felt they knew everything they needed to sell you stuff.

Nowadays, location and other data, plus the content you post and the people you interact with can be combined to paint a very accurate picture of who you are.

In any event, companies tend to see such information as non-personal and people see it as personal.

I think everyone would agree that it's a good idea for companies and users to be on the same page about user data.

My proposed solution is that, in addition to the user agreement or privacy policy—which from the user's point of view is nothing but a wall of baloney that takes all control and power away from the user and gives it to the companies—these companies should universally provide clarity about all four of these areas of fundamental misunderstanding, complete with honest examples.

For example, I would like to see companies require an "I have read and understand" button at the bottom of documents that tell the truth from their own point of view:

1. All data harvested by this app now belongs to us. We will use it for experimentation, advertising and for other purposes and we will share it with other companies and governments as we choose.

2. We cannot be trusted with your data, so keep that in mind as you share it with us.

3. Our user agreement is not about communicating with you, but about protecting ourselves. Note that when you agree to it, you are essentially writing a blank check for us to do whatever we want with your information.

4. Unless you're a statistician or other specialist, it's impossible for you to understand the amount of personal knowledge that can be gained about you from the disparate and seemingly innocuous scraps of data collected on you. It's safe to assume, however, that the knowledge is deep and vast.

This is what should happen. Of course, it never will.

The bottom line is that personal data-harvesting companies aren't evil. They're just groups of humans trying to create a business for themselves. They're not infallible. They're not immoral. But they're not moral, either.

The problem with privacy isn't that companies are bad. It's that companies have a completely different perspective on your personal data than you do.

The solution to the privacy problem is for companies to offer true, full disclosure and for users to base their decisions on which apps or services to use and what information to divulge accordingly.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel