internet-privacy-feature-image

What You Need To Know About Privacy Policies

Most of you would be well aware of the increasing intrusion of online tracking and that selling users’ data has become more and more lucrative. It’s why more and more users are becoming more and more privacy-conscious. But how can we trust that claims of enhanced privacy are honest when there have been numerous instances of these companies/services betraying users’ trust?

Prime examples are when the popular site ratings browser extension Web Of Trust (WOT) was caught out harvesting users’ browsing histories and selling them to third parties. And, more recently, when it was discovered that DuckDuckGo, the search engine that bills itself as the “the internet privacy company” with claims of zero tracking, made an exception for its business partner Microsoft to allow advertising trackers.

Privacy Policies Explained

Privacy Policies are akin to EULAs in that the average user cannot be bothered reading them. These documents are generally long-winded and full of legalese so I certainly cannot blame those who tend to ignore them. However, if you really want to get down to the nitty-gritty of just how private a service is, you need to read the privacy policy.

Now, in some countries, privacy policies are legally binding but certainly not in all, and this distinction makes a world of difference. In countries where privacy policies are legally binding, the terms and conditions can be relied upon to be truthful and accurate. That’s because legislation ensures that any company caught publishing false claims or in violation of its terms and conditions faces dire consequences, potentially resulting in criminal charges and a class action suit costing that company millions of dollars.

On the other hand, in countries where privacy policies are not legally binding, the consequences of publishing misleading information or a violation of terms are far less severe. The worst that can happen is bad publicity and a hit to that company’s reputation. That said, I believe that, in most cases, those companies would value their reputation over and above any potential income earned from violating the terms of their privacy policy. However, as history has taught us, it can and does happen.

It’s almost impossible to be 100% certain that a company’s privacy policy can be trusted 100%. However, taking the time to read through a privacy policy is, at the very least, a good guide as to how that company rates and treats its users’ privacy. And, if the company is based in a country where privacy policies are legally binding, you can pretty much accept that it can be trusted.

One thing you should never do is rely solely on a company’s “claims” of privacy. You’ve all seen those claims; “we value your privacy“, “we are the most private“, “we don’t log any data“, etc., etc. Those sorts of claims are not worth the paper they are written on. Read the privacy policy!

Legally Binding Privacy Policies

Obviously, I have neither the time nor resources to research the legal standing of privacy policies in every country but I have ascertained the following:

  • U.S.A – Not Legally Binding: online privacy in the U.S. is not heavily legislated and, as such, privacy policies are not generally legally binding and, in many states, not even mandatory
  • U.K. & Europe – Legally Binding: privacy legislation in the UK and Europe is among the most stringent in the world
  • Australia – Legally Binding: online privacy in Australia is heavily regulated
  • Canada – Legally Binding: online privacy in Canada is governed by the Personal Information Protection and Electronic Data Act (PIPEDA)

To clarify one aspect of privacy legislation, it is my understanding that if a company, no matter where it is based, conducts business in a foreign country then it is bound by the privacy legislation applicable in that country. If, on the other hand, a company has many foreign users but does not conduct business in the foreign country, then the privacy laws of the country where the company is based are applicable. A typical example would be when a company in (say) the U.S. has users in (say) Australia but does not conduct business in Australia, then U.S. privacy laws are applicable.

NOTE: “Conducting business” means maintaining offices and staff within that country.

BOTTOM LINE:

Do not trust claims made as part of the blurb on web pages. Make sure to read through the privacy policy and… stay safe out there.

4 thoughts on “What You Need To Know About Privacy Policies”

    1. DuckDuckGo may be removing Microsoft’s ad trackers with it’s default 3rd-Party Tracker Loading Protection.

      Exactly Brad. According to that article; a new agreement between DuckDuckGo and Microsoft will mean no more exceptions for Microsoft ad trackers.

Comments are closed.

Exit mobile version

WHY NOT SUBSCRIBE TO OUR NEWSLETTER?

Get great content like this delivered to your inbox!

It's free, convenient, and delivered right to your inbox! We do not spam and we will not share your address. Period!