Handbook Revolutionary

Slashdot recently published a story about the difficulty involved in reading privacy policies. They claim that some policies require a PhD to read, and they’re absolutely right. I recently did an analysis of Google’s privacy policy, which was an all-day project for somebody who knows the law fairly well. In fact, a recent lawsuit against Facebook criticizes them for having a confusing privacy policy, saying that a user would have to read 27,000 words just to understand their advertising program.

Why do companies like Facebook and Google make their privacy policies so hard to understand? For one, these policies are written by lawyers. By nature, they will be more difficult to understand than most other parts of the site but it doesn’t have to be that way. By writing excess amounts of disclaimers and vague definitions, they can be sure that they’ve covered all of their basis and that they are immune to legal attack. Or, at least that’s the impression they get. The recent lawsuit against Facebook shows that by having a confusing privacy policy, they are opening themselves to attack on the mere basis that it is confusing and also because it is hard to be diligent about privacy with such large policies.

I finally cancelled my Yahoo account this week mainly because I never used it and also because it would just be one less entry about me in a database. After I cancelled it, I got a confirmation email stating that my account data would be deleted in 90 days. I think this is normal for an online business and they are honest about their data retention policies, unlike Google whose privacy policy says that they can collect any information they want and use it any way they want. The scary part about Yahoo’s email to me however, was the data retention on Premium Yahoo Finance accounts.