What Are Privacy Policies For?
A recent piece in The New York Times by data journalist Kevin Litman-Navarro caught my attention for both the originality of its approach, and the importance of its message.
The article compares the readability of 150 privacy policies from major tech and media platforms and concludes that they are, for the most part, incomprehensible to most of the people who are reading and consenting to them.
First, on the originality of approach.
Litman-Navarro starts by mapping the reading length and understandability of the selected privacy policies onto a two-dimensional plot.
The longest privacy policy reading length clocks in at nearly 20 minutes!
Then, using Lexile testing, which factors for things like vocabulary difficulty and sentence length, Litman-Navarro arranges the privacy policies in order of readability.
The readability of most-many of the policies falls into the range of …. professionally-trained readers, for example lawyers.
One of the analyses in the article benchmarks the reading-difficulty of the privacy policies against well-known texts ranging from J.K. Rowling’s "Harry Potter and the Sorcerer’s Stone” (easy) to Immanuel Kant’s "Critique of Pure Reason” (not easy). For example, Facebook’s old privacy policy, agreed to by over 2B people, came in above Steven Hawking’s “A Brief History of Time” in terms of readability. (It has since been updated.)
This has big implications.
Litman-Navarro cites the most recent literacy survey conducted by the National Center for Education Statistics, which says that over half of Americans struggle to comprehend dense, lengthy texts.
And it implies that the "data collection economy" is based on consumers consenting to terms that most of them literally cannot understand.
A plausible explanation comes from the head of the Stanford Center for Internet and Society, quoted in the article … “You’re confused into thinking [privacy policies] are there to inform users, as opposed to protect companies."
As marketers we should understand that informing users IS THE SAME THING as protecting companies. We need to think about the brands and consumers we are serving in a way that is humanizing and sustainable.
Big credit to the NYT and Litman-Navarro for explaining this in a way that has real impact. I have mentioned this article in my professional context nearly every day since I read it.
Last point: one of the more optimistic observations in the piece is a reference to the BBC’s privacy policy. The analysis found that the Beeb’s pp is exemplary for both its clarity and simplicity.
Related links here …
https://www.nytimes.com/interactive/2019/06/12/opinion/facebook-google-privacy-policies.html
https://www.bbc.co.uk/usingthebbc/privacy/
https://en.wikipedia.org/wiki/Readability