• United States



by Meg Mitchell Moore

Ambiguous Privacy: Read It Or Weep

Jan 01, 20042 mins

How companies hide behind their muddy privacy policies

The privacy debate, if it were a Hollywood movie, would probably be a whodunit: Which companies violated a privacy, and how and why did they do it? But it’s possible for companies to confuse consumers without dishonoring a policy. “There are still kinks in the system,” says Chris Hoofnagle, associate director of the Electronic Privacy Information Center (EPIC), a public interest research center. Hoofnagle points to Yahoo’s recent alteration of its privacy policy to opt all customers into receiving marketing information. “Yahoo is hiding behind a clause in the policy that allows the company to change the privacy standards at will, but in traditional contract law, that is considered an ‘illusory promise,’ and courts are likely to invalidate such a clause,” he says.

Meanwhile, a visit to Yahoo’s website reveals that the current policy, which is some 1,300 words long (in other words, more than half as long as the magazine article you’re reading), is too much for any but the most tenacious customer to wade through. That means that companies can play both sides of the fence: remaining technically true to a privacy policy while drowning sections that may be unappealing in soupy language.

Someday, then, a succinct, readable privacy policy might turn into a competitive advantage for companies that employ them. Until then, it’s up to consumers to read carefully, or be prepared to let their information go.