This is concerning because privacy policies are a consumer’s window into the possible behaviors of the services they use. But even privacy experts struggle to get through the deluge of jargon. Lior Strahilevitz, a professor of law at the University of Chicago, yesterday admitted that “like most people, I don’t read the privacy policies that I’m sent - and I say that as a privacy lawyer”.
That seems like a startling confession. After all, if privacy lawyers aren’t reading the contents of privacy policies, surely the average person shouldn’t be expected to do so?
Why privacy policies matter
Revelations about Facebook have recently disclosed that data collected and inferred by Facebook analytics was used by a third party firm called Cambridge Analytica (CA). CA used vast amounts of data to target borderline voters and alter their news feeds for the purposes of influencing their decisions in both the 2017 Presidential elections - and the UK’s Brexit referendum.
Talking at Innovation fest, Blase Ur, an assistant professor at the University of Chicago Department of Computer Science, yesterday explained why he believes the Cambridge Analytica story has hit such a nerve.
“It is one of the few cases where an average consumer can see what happened with their data," he said. Normally we have data collected about us and it goes into the void and things get done to it, but we never really know what the outcome was.”
This time, citizens discovered explicit details about how their data “was scooped up by Cambridge Analytica and then probably used to influence Brexit and the Trump election,” added Ur.
During the session, Ur went on to explain that seemingly trivial facts about people can sometimes be important markers for particular beliefs or behavioral traits. It is these seemingly benign inferences that permit data analytics and behavioral experts use to influence people.
That is why it so important to understand what personal data you are permitting firms to collect, store and process.
The GDPR update rush
Although the legislation is European, some firms, such as Microsoft, have decided to roll out many elements of the regulation to their worldwide user base. For this reason, US citizens - and people elsewhere in the world - may also find themselves having to accept new policy updates in the coming weeks and months.
With so many privacy policies updates suddenly being published, what is the best advice when it comes to understanding and agreeing to those policies? According to Strahilevitz, the best thing to do is to rely on experts rather than to pick through the policy yourself,
In addition, independent privacy experts and researchers often analyze new privacy policies for nasty “surprises,” and you can find their blog posts by searching online.
For more information about GDPR in the VPN industry, take a look at our full GDPR report.
Title image credit: Wright Studio/Shutterstock.com,
Image credits: SB_photos/Shutterstock.com, Rawpixel/Shutterstock.com