Every time we get a new app, upgrade our phones, or sign up for a new account, we are presented with an incredibly long set of “Terms and Agreements”. At this point, I’m guessing most of you are like me – scroll, scroll, check the box, next. Not bothering to read anything in between. How can we, when a study cited in Time Magazine a few years ago found that it would take the average internet user about 76 working days to read all the privacy policies (s)he encounters per year! I’m sure we’d all rather take those days as vacation! But these policies are often the only contract that we have with the service providers over the use of our data, and as a society we’re increasingly aware of egregious terms hidden in most of these. Before we continue, please note that these are typically referred to as “EULA”s (End User License Agreements).
In future blogs we’ll dig more into the actual intersection of technology and policy, but for today let’s understand EULAs. This will be important later when we discuss things like the General Data Protection Regulation (GDPR) and other upcoming issues.
Let’s take the frequently visited google.com. How do you find its EULA?
When you land on the page, notice the “About” option in the top left corner.
Clicking on that takes you to a page all about Google, but at the bottom once again you can find the link “Privacy and Security” under the “Responsibility” heading. Click this, and after scrolling through numerous statements of the great things that data collection empowers, you land on several boxes that let you explore the privacy settings.
From here, it’s pretty straightforward to explore the information and learn more about the privacy policy. This stands in stark contrast with many of the more traditional long text-only documents. It’s definitely worth exploring, since Google makes it clear what data they collect and how they use it. For example, in the “We do not sell your personal information to anyone” section, they explain how a lot of the data collected is kept for use by the company itself (ex: for targeted advertising), and any data going outside of the company is only shared in aggregated form.
(Note that many technology companies have dramatically redone their EULAs recently. I assume this is because GDPR required user-friendly EULAs, and went into effect May 2018. But more on GDPR and its impact later).
If you’ve never really looked into a EULA before, this is a great one to start with. Particularly explore the section about what you can control. Many technology services and products give you a moderate amount of flexibility and control over your data, if you know where to look.
TechLawLogy: The Art and Science of Technology Policy 