Empirical review of privacy policies reveals that they are "incomprehensible" drivel
Writer and data journalist Kevin Litman-Navarro subjected 150 privacy policies from leading online services to programmatic analysis for complexity (the Lexile test), and found them to be an incomprehensible mess second only to Kant's Critique of Pure Reason in their lack of clarity.
Ninth graders are expected to be able to read and understand texts with Lexile scores up to 1050; college students are expected to be able to read texts with Lexile scores up to 1300; trained doctors and lawyers are expected to cope with Lexile 1440 texts.
Facebook's privacy policy is nestled comfortably between "A Brief History of Time" and "The Critique of Pure Reason."
Litman-Navarro cites Center for Internet and Society director of consumer privacy Jen King, who describes these as "by lawyers, for lawyers" and challenges the sector to produce "human-centric" privacy policies that are "consumer tools."
King suggests that privacy policies should contain "a list of companies that might purchase and use your personal information."
One hopeful note: the European General Data Protection Regulation has produced meaningful improvements to many policies.
A good privacy policy would help users understand how exposed they are: Something as simple as a list of companies that might purchase and use your personal information could go a long way towards setting a new bar for privacy-conscious behavior. For example, if you know that your weather app is constantly tracking your whereabouts and selling your location data as marketing research, you might want to turn off your location services entirely, or find a new app.
We Read 150 Privacy Policies. They Were an Incomprehensible Disaster. [Kevin Litman-Navarro/New York Times]
(via /.)