What to consider before accepting a privacy policy?

April 26, 2022

The doorbell rings, you answer it, and a representative from a large company is at the door offering to use a free service, something you know would be useful and convenient. All this person asks you to do is check a box on a piece of paper and the service is yours to use. You are handed 15 pages of 'Terms and Conditions' that look legal and complex and before you know it the rep is happily leaving.

The next day, an engineer shows up to install devices that monitor: your Internet activity, what TV shows, movies, radio and music you consume, keep track of what temperature you like in your home, when you turn off the lights, record who you're calling and connecting with, track what products you buy and how often, monitor where you're traveling in the car, and even open your mail and scan the content before you have a chance to read it yourself. Your partner is freaking out about the surveillance being installed in your home and is wondering if this invasion for access to a free service is really worth it.

If you have the sales rep at your door tomorrow, would you check the accept box?

When was the last time you read a privacy policy or reviewed the permissions when installing an application or creating an account to access an Internet service?

If you are reading this article, then you may be interested in protecting your personal data. But you've probably, like me, felt like you're hitting your head against a huge brick wall when you're trying to get the people around you involved in protecting the privacy of their personal information, or even appreciate that there's a problem about the which could do something.

Perhaps the main factor is that people trade their privacy to stay connected with family and friends. Nobody wants to feel disconnected; therefore, participating in social networks can be seen as essential for social interaction. The flip side, as we know from many whistleblowers and investigations, is the profiling, mining, and in many cases, the sale of our personal data or our general behavior online to give companies and organizations the opportunity to influence our behavior. future actions or thoughts.

What causes the lack of engagement, however, is potentially the complexity and length of privacy policies. In many cases, reading this policy could take more than 20 minutes and even then you may need to be an expert or a lawyer to understand the language and meaning of what you have read. Even if you are in the comparatively small minority of people who read a privacy policy, does it tell you the meaning of the data being collected, rather than a list of what data is being collected?

When I was studying programming in college, one of my professors used a rather inappropriate example to convey the point that data as a list of information may not make sense until it is put in the right order. He wrote three numbers on the board, in order from least to greatest, and asked the class what the numbers are related to. The class struggled with any meaningful explanation. Only when he rearranged the numbers did it become clear that they related to the dimensions of a person. The exercise, while inappropriate, got to the point.

Every little bit counts

Each personal and individual data collected may appear as an acceptable piece of exchange to access a service or use a product. What could change an opinion, however, is understanding what information is collected when analyzed holistically.

Imagine if a privacy policy stated the actual use of personal data collected: “The data collected will be used to identify if you are in a segment of society whose political views can be manipulated, resulting in you changing your voting position. ” or “Your online actions give indications that you can be easily manipulated into taking more risk when investing, which could result in financial loss (or gain).”

The comment often heard from users when warned about the importance of privacy is: "They already know everything about me, so why should I care?" It's not necessarily what they know about people that's most important, it's more about understanding what they can infer and predict from that data or how they can use it to manipulate your actions or thoughts. If people who agree to a company collecting their data were able to listen to internal data analytics team meetings on how they can use this information to generate revenue, they would be shocked by what they know holistically about the data owner. data.

We give up more data than we realize, and are often put in the position of agreeing that collecting just one piece of data is probably okay. We do this potentially without considering the scope and what the overall collection of all the data we ultimately agree to release actually means, and how that information may be used.

Next time when you hand over a small piece of personal data to a company, take a moment to consider the context of what they might know and if this small piece is the bit that ties it all together and creates a complete profile about you, which could be used in a way that you might not necessarily find acceptable or that might not be in your best interests.

For more information on this and other topics
you can send us a message

contact us