At Help Desk, we read privacy policies so you don’t have to.
Jen Caltrider, lead researcher at Privacy Not Include — a rating system for apps and gadgets from the nonprofit Mozilla Foundation — unpacks privacy policies for a living, she said, and she has it all. a bunch of tips. I’ve read quite a few privacy policies, and I always start with the same checks.
Keep in mind: We don’t need to become experts in the intricacies of long and confusing legal documents to earn our right to confidentiality. The burden of privacy should fall on the companies that build the the technology — not the people using it, privacy advocates say.
That said, here is your official guide to browsing privacy policies. If your eyeballs start bleeding, feel free to email me and we can sympathize.
At this point, you might be tempted to rely solely on the privacy label that Apple or Google displays. Despite the good intentions and easy-to-read format, these labels are unreliable, Caltrider said. Information is self-reported by companies and labels are not always accurate. For example, my investigation of the LiveIn and Locket Widget photo-sharing widgets revealed that LiveIn’s label in the Apple App Store did not reveal that it collects data to track you. (This was later corrected.)
Teens are flocking to new photo-sharing apps. Are they safe?
Check what the company collects
The first part of most privacy policies describes what data the company collects from you. Scan this section for anything wrong. You might not be surprised if the company collects the email address you signed up with, for example, but if they collect your precise location or audio from your phone’s microphone, it’s worth worth taking a break. Ask yourself: does this technology collect information without a specific purpose?
Many apps use your personal contacts. Few will tell you what they do with it.
Now it’s time to break out your keyword research and search for common offenders. (On a computer, use CTRL+F. On a smartphone, your browser app may have a “Find on Page” feature in its menu.)
First, search for “sell”. Will this company sell your data to third parties?
If it says it won’t, then search for “affiliates” and “partners”. Companies love to brag about not selling your data when they generously share it with third parties. Does this company make room to share your data with “affiliated companies” or “partners”? Does it list who these entities are?
Finally, search for “advertisement”. If this company is selling or sharing your data, is it to target you with ads? Sometimes companies cleverly avoid the words “targeted advertising” by saying that they use your data to “personalize” or “improve” the service or to ensure that the content you see is “interest-based”. – then search for those terms as well. .
Speaking of fancy linguistic footwork, pay attention to terms like “maybe” and “for example.” If a company “may” share your data with third parties, “for example” to check for security threats, there are likely more shady data-sharing examples it declined to call, Caltrider said.
If that sounds weird to you, it probably is.
A super long font, on the other hand, means “the lawyers really got into trying to cover [themselves] with many words,” Caltrider said.
Likewise, if the policy sounds too good to be true, it might be, at least when written in a user-friendly format written by professional corporate communications professionals. If you’re navigating your way through a fun privacy game or a beautifully rendered “privacy center,” beware of vague language, Caltrider advised.
Finally, know your rights. If you live in California or the European Union, you have additional privacy protections that many policies describe in a separate section at the bottom.
Companies accumulate personal data about you. Here’s how to get them to delete it.