ADVERTISEMENT

How to Read Long Privacy Policies the Easy Way

Here’s an easier way to read a privacy policy. 

Updated
Explainers
4 min read
There are certain keywords you need to spot when reading privacy policies.
i
Snapshot

So once I tried reading the privacy policy of a company and post that the process ran its natural course. There were parts I felt were absolutely inconsequential and the excessive use of jargon resulted in me giving up and ultimately clicking “I Agree”.

I’m sure it’s just not me and almost 90  percent of people who use these websites and services don’t even read the privacy policy.

I get it! You don’t have the time to go through a 2,500-word-long document. And, of course, the language used is a bit convoluted and filled with legalese.

Since data privacy policy holds some key information, many companies try to eschew critical information in order to sell the data to ad companies. The introduction of GDPR has instilled a certain amount of fear among such companies, but still users don’t find validity in reading the whole policy.

So, is there an easier way to extract the important bits of a privacy policy without diving into its extraneous side? Maybe this can help.

How to Read Long Privacy Policies the Easy Way

  1. 1. What is Data Privacy Policy?

    First let's try to understand what is a data privacy policy. In simple words, it’s a legal document or a statement that discloses all the ways a company can acquire, use, distribute and preserve user data.

    Some of the points covered in Facebook’s privacy policy 
    Some of the points covered in Facebook’s privacy policy 
    (Photo: Facebook.com screenshot)

    The document ensures that the company is legally bound to protect the user's data from getting into the hands of third party vendors. The document can be considered esoteric and not something common people will be able to gauge easily.

    Giants like Google and Apple require tech firms to display a privacy policy on their website. It does not matter if the company is not planning to collect the data personally, it might be using third-party services to collect data. And, if a company doesn't have one, it can attract heavy penalties and lawsuits.

    Expand
  2. 2. Hunt for Keywords

    This is a very good exercise and something that everyone should follow. Before starting to read the copy, make sure that you are trying to look for the answers to the following questions first:

    1. Will my data be used for secondary purposes, i.e anything apart from what the service provider requires it for?
    2. Will my data be shared with third parties? If so, then why?
    3. Are there terms for sharing my data with law enforcement bodies if ever?
    4. Is my data protected in every phase of collection and storage?
    5. Does the service provider create another profile for private use from my data?
    6. Does the service provider allow the deletion of my data if I require?

    The next step is to hunt for essential keywords in the document by using the browser’s default search engine (Command+ F for macOS, Ctrl+F for Windows). This exercise has been recommended by lawyers in the US who fell upon shortcuts on how to skim through the policy while still learning a thing or two about it.

    Search for keywords like:

    1. Marketing
    2. Control
    3. Not
    4. Such as
    5. Data policy
    6. Third-party
    7. Affiliate(s)
    8. Opt-out
    Expand
  3. 3. How the Keywords Help

    A keyword like “control" can help you discover settings of data and privacy controls which you didn’t know about. Usually, the document has hyperlinks that direct you to pages where you can edit your privacy settings.

    It can also help you track the date the policy was published. The more recent the policy is the better it is and it shows that the company takes its privacy policy seriously.

    Keywords like “such as” are usually not a good sign as they talk about a lot of things the company doesn’t want to reveal. It can talk about data it wants to share with third party sources; data ‘such as’ your cookie data.

    If you end up searching for a keyword like “not” there’s a chance you might NOT find a lot of content. That’s because a company wouldn’t want to let its users know what it cannot do.

    For example: In Instagram’s privacy policy, it states “we will not rent or sell your information to third parties outside Instagram (or the group of companies of which Instagram is a part) without your consent, except as noted in this Policy.”

    However, be vigilant about exceptions which are smartly concealed in the document.

    Expand
  4. 4. I "Agree" to Let You Spy on Me

    In today’s day and age we cannot survive without social media. Apps like Facebook, Instagram and also many games online collect your data. You cannot escape that fact. Many companies have their revenue model based on ads of which some are targeted based on user data that you agree to share by clicking the “I Agree” button.

    At the end of the day, it all boils down to you. It’s you who is giving the key to the vault to these private companies. But it’s not like you have a choice, right?

    I would recommend you be careful of what data you are sharing online and also have a look at the privacy policy in order to better understand how your data can be used.

    (At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

    Expand

What is Data Privacy Policy?

First let's try to understand what is a data privacy policy. In simple words, it’s a legal document or a statement that discloses all the ways a company can acquire, use, distribute and preserve user data.

Some of the points covered in Facebook’s privacy policy 
Some of the points covered in Facebook’s privacy policy 
(Photo: Facebook.com screenshot)

The document ensures that the company is legally bound to protect the user's data from getting into the hands of third party vendors. The document can be considered esoteric and not something common people will be able to gauge easily.

Giants like Google and Apple require tech firms to display a privacy policy on their website. It does not matter if the company is not planning to collect the data personally, it might be using third-party services to collect data. And, if a company doesn't have one, it can attract heavy penalties and lawsuits.

ADVERTISEMENT

Hunt for Keywords

This is a very good exercise and something that everyone should follow. Before starting to read the copy, make sure that you are trying to look for the answers to the following questions first:

  1. Will my data be used for secondary purposes, i.e anything apart from what the service provider requires it for?
  2. Will my data be shared with third parties? If so, then why?
  3. Are there terms for sharing my data with law enforcement bodies if ever?
  4. Is my data protected in every phase of collection and storage?
  5. Does the service provider create another profile for private use from my data?
  6. Does the service provider allow the deletion of my data if I require?

The next step is to hunt for essential keywords in the document by using the browser’s default search engine (Command+ F for macOS, Ctrl+F for Windows). This exercise has been recommended by lawyers in the US who fell upon shortcuts on how to skim through the policy while still learning a thing or two about it.

Search for keywords like:

  1. Marketing
  2. Control
  3. Not
  4. Such as
  5. Data policy
  6. Third-party
  7. Affiliate(s)
  8. Opt-out

How the Keywords Help

A keyword like “control" can help you discover settings of data and privacy controls which you didn’t know about. Usually, the document has hyperlinks that direct you to pages where you can edit your privacy settings.

It can also help you track the date the policy was published. The more recent the policy is the better it is and it shows that the company takes its privacy policy seriously.

Keywords like “such as” are usually not a good sign as they talk about a lot of things the company doesn’t want to reveal. It can talk about data it wants to share with third party sources; data ‘such as’ your cookie data.

If you end up searching for a keyword like “not” there’s a chance you might NOT find a lot of content. That’s because a company wouldn’t want to let its users know what it cannot do.

For example: In Instagram’s privacy policy, it states “we will not rent or sell your information to third parties outside Instagram (or the group of companies of which Instagram is a part) without your consent, except as noted in this Policy.”

However, be vigilant about exceptions which are smartly concealed in the document.

ADVERTISEMENT

I "Agree" to Let You Spy on Me

In today’s day and age we cannot survive without social media. Apps like Facebook, Instagram and also many games online collect your data. You cannot escape that fact. Many companies have their revenue model based on ads of which some are targeted based on user data that you agree to share by clicking the “I Agree” button.

At the end of the day, it all boils down to you. It’s you who is giving the key to the vault to these private companies. But it’s not like you have a choice, right?

I would recommend you be careful of what data you are sharing online and also have a look at the privacy policy in order to better understand how your data can be used.

(At The Quint, we are answerable only to our audience. Play an active role in shaping our journalism by becoming a member. Because the truth is worth it.)

Published: 
ADVERTISEMENT
Stay Updated

Subscribe To Our Daily Newsletter And Get News Delivered Straight To Your Inbox.

Join over 120,000 subscribers!
ADVERTISEMENT