Decoding Online Privacy Policies

Have you ever been in a hurry to place a purchase or order a meal online and been slowed down by having to install yet another app? Then there is the legalese, the permissions. You click “accept” again and again without a thought, just to get the order entered.

One of those things you probably agreed to in a rush was the app’s privacy policies. Only recently have companies been required to show you their “Privacy Policy” that describes how they will handle your data. The primary purpose of privacy policies is to shield companies from legal action. The result is long, complicated policies filled with impossible to read legal language designed to get you to click the “ACCEPT” button without thinking.

In the moment, getting some dinner can take precedence over reading a policy. But what’s at stake is your data and your privacy. We have more control than we might think. We just need the knowledge to decode the secrets hidden in many privacy policies.

Most privacy regulations require companies to disclose details like the types of information collected, the purpose and how it’s collected, and much more.  Thanks to certain requirements in laws like the European Union’s GDPR, privacy policies may be getting shorter and easier to read, but for now knowing a few important keywords can help.

Use your computer or phone’s “Find on page” function to search for these keywords:

• Third Parties – your data is going to be sold to other companies, probably a data broker.  These companies collect online data and sell it to pretty much anyone interested in learning more about customers, voters, students, and consumers…like you.  It’s legal, but not always honest.
• Except – Whatever the policy just said, doesn’t matter.  Its’ not uncommon for companies to say they wont sell your data, “except under certain circumstances.”  Those exceptions probably make all the difference.
• Such As – This sneaky term is used when companies want to give you a few examples, but not the complete picture.  It might as well mean “whatever we want”.
• Retain – This tells you how long a company will keep your data.  Companies should only keep your data for as long as you’re their customer.  If longer, they’re mining your data.
• Delete – If the company gives you options to delete your data, they’re showing some respect for you.  If they don’t, they’re acting like they own your data, not you.
• Date – Check the date the policy was last updated.  If it’s recent, the company is taking your privacy more seriously.  If not, they might not deserve your trust.
• Control – This might be the most important word to find because it indicates your options in determining how your data is treated.  Many companies have privacy settings, but they aren’t always turned on by default.

Based on what you find, you might want to act. Consumers may have limited options, but we’re not powerless. A report from Cisco in 2019 indicated that nearly half of us have already ditched companies because of their data policies. You can too. Reward companies that do privacy right with your business. When we do, we might help encourage entire industries toward a more ethical future.

If a company provides options to do things like consent, opt-out, adjust privacy settings, or delete your data, you should take advantage of them. These tools aren’t helping you if you don’t use them. Get in the habit of checking each website’s or service’s options when you sign up.

If you see something unusual or alarming in a privacy policy, speak up. Your online voice can matter more than you think. Many companies are obsessed with their image, and constantly monitor social media for chatter about them, good and bad.  Change only happens when everyday people put pressure on companies to do the right thing.