They Read Them So You Don’t Have To – The World’s Worst Social Media Privacy Policies

They Read Them So You Don’t Have To – The World’s Worst Social Media Privacy Policies

Back in 2010, on April Fool’s Day, game supplier GameStation updated its terms and conditions to require all customers to surrender their immortal soul. Of the 7,500 people placing orders that day, none noticed.

The prank highlighted the fact that users rarely read the small print. And these days, with companies keen to gather as much data on their users as they can, privacy policies often represent a bastion of incomprehensibility that can disguise serious issues.

ADVERTISEMENT

Dutch VPN website VPNoverview has analyzed the privacy policies of some of the world’s biggest social media websites, ranking each on the basis of reading level, difficulty, sentence length, the number of syllables per word and overall readability score.

And, it says, Facebook’s privacy policy – bad to begin with – became substantially worse when it rebranded as Meta last summer.

“With a whopping 12,000 words and a read time of 87 minutes, Meta’s new privacy policy jumped from tenth place to first, ahead of Instagram, due to the readability score of 5.92,” says the firm.

It requires the reading level of a college graduate, with an average 42 words per sentence, and takes an hour and a half to read. Meanwhile, it’s collecting location, content and payment information.

ADVERTISEMENT

Instagram’s privacy policy was also one of the hardest to read, taking just as long as Facebook’s to get through. “How does Instagram expect a 13-year-old to understand the terms?” questions the firm.

Advertisement

It also states that it shares its data with third parties – including search history, location, contacts and financial information – and may hand it over to government agencies, law enforcement or other parties where ‘reasonably necessary’.

And TikTok, the third worst offender, requires a reading level of a college graduate – making it harder to discover that the company is collecting location data and the content of direct messages.

ADVERTISEMENT

Of websites in general, says VPNoverview, more than six in ten are virtually unreadable, in that most require at least a college-graduate reading level while the average adult reading level in the US is just 14.

The worst offender was Disney, whose policy, while short, had a ‘very difficult’ readability score, with some sentences as long as 48 words, and taking an average of 20 minutes to read.

Suspicious terms to look out for include the collection or sharing of ‘certain data’ – which could mean practically anything. Mentioning the possibility of changing their privacy policy at any time, without notice, is also suspicious, as is failing to guarantee that information can be deleted.

Meanwhile, references to government access to user data should also ring alarm bells, as should referencing data transfer to other third parties.

“Most privacy policies are very vaguely worded, making it hard to determine what will happen to your data, says VPNoverview. “Vague wording could also save a company from legal prosecution if data is leaked.”

ADVERTISEMENT
Advertisement

Leave a Reply

Your email address will not be published. Required fields are marked *