Raise your hand if you regularly read the privacy policies posted by the applications and services you use.
With new data breaches occurring every day and phishing attempts hitting our inboxes in record numbers, it's more important than ever to consider the personally identifiable information (PII) you're surrendering to companies. So what's the solution? Is there an alternative to wading through a slog of dense legalese 1,500 times per year? While we can't recommend skimming privacy policies (or ignoring them altogether), there are some ways to find out what you need to know in less time.
- Is your data used for secondary use; i.e. for uses other than that for which you are explicitly providing it?
- Is your data shared with third parties? If so, does it specify for what purposes? (For example, it's often a red flag if the policy states that data sent to third parties is used to deliver ads; that could equal a lot of spam in your inbox.)
- What are the terms for sharing your data with the government and with law enforcement?
- Is your data protected in all phases of collection and storage?
- Does the service allow you to delete your data?
- Does the service use your data to build and save a profile for non-primary use?
Search Smart. Now that you know what information you're looking for, is there a way to hone in on the answers to those specific questions? German recommends using the manual search option on your browser to find key phrases. Some suggestions that are likely to lead you to the answers you seek:
- waive or waiver
Another helpful strategy is to search the policy for any words and phrases in boldface or all caps. There's a good chance that important information is set off this way.
Consider an add-on. Several companies, such as TRUSTe and P3P, offer enrollment-based services that search privacy policies and quickly highlight pertinent information. The Center for Identity also recently released PrivacyCheck, a free Google Chrome extension that's a fast alternative to the manual search process outlined above. PrivacyCheck uses a data mining algorithm—developed using input from experts in law, public policy, and computer science, along with representatives of the FTC and the Electronic Frontier Foundation (EFF)—to provide a graphical, 'at-a-glance' look at the ways in which companies use their customers' personal data.
Consumers may be used to sticking their heads in the sand about privacy policies, but there are options for those of us without an extra 10 full days to spare. Try the methods above and you'll move into the 44 percent of privacy-savvy users in no time.
Funded by a partnership with the Texas Legislature, and powered by the Center for Identity, IDWise is a resource center for the public on identity theft, fraud, and privacy.