But it’s automation of the process rather than removing it. You publish your requirements and the participant connects or not. The actual step of having terms/policy does not disappear. In the UK there is legislation about sale of goods which entitles you to what it says on the tin – but if they told you it was a diesel car and you put petrol in it, it’s your fault not theirs - their terms stated that the car would only run on diesel, it’s in the paperwork. A photo sharing site is not a photo sharing site is not a photo sharing site – some sites take your photos for their gain, some keep your photos private, some specifically promote the images for the commercial gain of the photographer. These services may look all the same functionally, but need different terms/privacy and so the process of agreeing remains, the question is how easy and clear you can make it. Taking the car analogy one step too far, we are all clear about the difference of hailing a cab, renting a car, leasing a car and buying a car and though they largely result in the same transport related outcome, we enter into the arrangements mainly on the clear understanding of what we’re getting into. We assume the cab driver is insured. We assume that a breakdown in the rental car will be immediately fixed for free, etc etc. The challenge perhaps is to develop the clarity of _expression_ of the variety of information exchanges in a way that we are reasonably able to make assumptions. Take email for example. I assume that (subject to my security mechanisms) email is private. But as soon as a provider like Google say starts to process my email, this previously fundamental assumption is challenged. So where previously I had the model “email=private” now that is not the case. We need another term. Perhaps Google should call it Admail, then we would know that is what they meant. But not surprisingly Admail is not a very attractive name... So for my money it’s not about having agreements or not, it’s about transparency and ease... or frankly we’ll be just fuelling the law industry with money through post assumption/agreement legal cases. M From:
[mailto:
] On Behalf Of Drummond Reed Here here! (And I really mean "here" - what Alan is preaching is what Respect Network is building - a VRM network where you'll never have to read a privacy policy again.) On Thu, Feb 14, 2013 at 1:00 AM, <
" target="_blank">
> wrote: I'm not sure I really understand this debate. Why should we have to read a privacy policy in the first place? If we buy say, an automobile, we are not presented with a long and detailed list of its various components, their quality and functions, and asked if we agree or disagree with the choice of component or how it is being used. Quite rightly, we expect the car company to address all these issues in ways we can trust - and we expect them to be taken to the cleaners if they fall down on quality, safety and so on. The mere fact of introducing an 'agreement' between the buyer and the car company on the quality/functionality of its components would open up a huge temptation for the car company to blind the buyer with science, cut corners, take advantage --- all now with the defence 'but you agreed to it'. That's exactly what has happened with so-called 'privacy'. I do not see why I should have to read anything, tick anything to agree to anything when I share my data with a company for commercial purposes. I should 'just know' that I am only sharing data that is 100% related to the task in hand, that any data I share will only be used for the purposes of providing the service and facilitating the transaction, that it will not be passed on to anyone else, and that it will be kept by the seller only for as long as service provision is necessary. I shouldn't have to read small print or tick boxes about this. It should be the standard, default norm - just taken for granted - and any company transgressing on this norm should be taken to the cleaners (by regulators and public opinion), just as a car company transgressing on quality and safety should be taken to the cleaners. I blogged about this recently here. As soon as we start arguing about whether the small print is readable or not, we have already ceded the principle and the argument to the data landgrab industry. Alan M -----Original Message----- I don't think the proscribed reading level is the problem with the bill.. that would probably work out fine. It's the length and the fact that it's customary to have multiple policies.. 2-4.. that would cause this bill to be toothless. And I'm not sure you can tell people not to speak (or companies that == people). What if just the list of collected data, in the slimmed down 100 word privacy policy, were more than 100 words? Then what? For facebook, this list is all possible Ip Address IP location Name Address City State Zip Code Country Birth date Browser Type OS Type Pages visited within site Pages clicked upon within site "likes" "comments" Pages arrived from (offsite) Pages going to (offsite) Location checkins contact's list friend types friends recommended to others friend requests sent friend requests received Pages visited (offsite, with "like" or "comments" Status updates Shared from others Payment information (for promoted posts and gifts) Pages promoted Gift and recipient Ads clicked photos uploaded videos uploaded links shared searched within FB searched outside FB messages and IMs promoted job history job years quotes liked items for profile relationship status schools attended school years history and year privacy settings login settings I'm sure I've missed a bunch.. but that list is 116 words.. Even at 200 words, which Adrian's white paper on consent dialogs suggests, there's not a lot left for the rest of the dialog and privacy information. mary On Feb 12, 2013, at 4:14 AM, Phil Wolff, PDEC wrote: A few examples come to mind in support of this attempt. Readers' Digest targeted sixth-grade reading level for its entire history. They are famous for explaining law, foreign affairs, human biology, anatomy and physiology using simple language and illustrations. "This is Joe's liver" Wikipedia has a "language" of "Simple English". This is a very restricted vocabulary (850 words) and writers are translating everything from engineering and Einstein's relativity to social sciences into Simple English. It really works, stripping away jargon, hundred-dollar-words where a five-penny word will do, losing all pretension. Intensely valuable for people for whom English is a second language, with some kinds of cognitive challenges, or for whom vocabulary is a barrier. http://simple.wikipedia.org/ http://simple.wikipedia.org/wiki/Special_relativity Apps that score text for readability often check word length (in syllables), sentence length, paragraph length, structure simplicity/complexity, and grammar rules that prevent semantic confusion. So overall length of a contract or advisory should help, but there are many other factors that contribute to readability and access by someone who doesn't read much or read well. I don't know if it's still true, but I was told when I first study technical writing that the average person is most comfortable reading three or four years below their highest academic grade level. Where inclusion is a goal, and I'd think it would be in the case of readable contracts, shooting for 6th grade seems both important and attainable. On Feb 10, 2013, at 9:57 AM, Mary Hodder <
" target="_blank">
> wrote: What's interesting about this is that it would be fairly easy to get around, if it passes. So.. a site or app does a 100 word, easy to read Privacy Policy. Then they do a TOU and Data Policy.. for the rest of what usually goes in those things. It's silly to write a law this way.. and I think would also violate free speech rights... I could see requiring a simple text summarizing a privacy policy in 100 words, but I just don't see this going anywhere useful, even if it does pass. Which I doubt it will. On Feb 10, 2013, at 11:51 AM, Sean Bohan wrote: Awesome share - Thanks! From a business context, Pharma companies and their agencies focus on a 7-8th grade reading level for all communications meant to be read/experienced by patients. On Sun, Feb 10, 2013 at 12:24 PM, J Clark <
" target="_blank">
> wrote: FYI, FWIW. In California, I was told a few years ago by a Criminal Prosecutor & Law School Professor, an average jury pool has an 8th grade education. Elsewhere in the US, it's closer to a 7th grade equivalent, which isn't saying much these days. Begin forwarded message: From: "PFIR \(People For Internet Responsibility\) Announcement List" <
" target="_blank">
> Date: February 9, 2013 7:33:50 PM PST Subject: [ PFIR ] Proposed California law requires site privacy polices not to exceed 8th grade language and 100 words Reply-To: "PFIR \(People For Internet Responsibility\) Announcement List" <
" target="_blank">
>
-- ------------------------------------------------ Email:
" target="_blank">
Skype: seanbohan AngelList: http://angel.co/sean-bohan LinkedIn: http://www.linkedin.com/in/seanbohan No virus found in this message. |
Archive powered by MHonArc 2.6.19.