Sunday, January 30, 2022

I Agree and Accept

 Graphical user interface, text, application, Word

Description automatically generated

How many times have you downloaded an app, a program, content, etc. and faced that interminable question, often accompanied by rolling legal language that must scrolled before you “accept” that mandate to consent to whatever restrictions, planted cookies or approval to commercial usage of your information, either anonymously or as sales leads to other vendors? How many times have you actually read that scrolled information or gone to the sites “privacy policy” to see what you are “accepting”? And if you reject, how many times has that site simply allowed you to continue? Never? How about those sites that allow you to customize your settings? Easy to use?

Privacy statutes are stricter in the European Union (such as the General Data Protection Regulation or GDPR), but here… we are trying. Like those numerous state statutes (led by California’s Consumer Privacy Act) and potential even federal legislation in that space. The Children’s Online Privacy Protection Act (COPPA) has rules when Websites address children’s vulnerability with strict regulation. But let’s face it, when you read those “privacy policies” or click “I accept” corporate consents for cookies, tracking and more, you are on the other side of phalanxes of well-trained lawyers – studied in legal verbiage and aware of what it takes to be “in compliance” with the law – and policy experts, regulators and folks who know a whole lot more about the space than you do. And those companies are trying to make money and grow their business.  

Simply put, do you trust the “I accept” box under the masterful watch of Mark Zuckerberg and the other mavens of social media as well as other purveyors of content and software. You against them! Let me summarize the utter failure of the entire US governmental structure, from the FCC, FTC, Bureau of Consumer Protection, Congress and each and every state regulatory and legislative body. Almost nobody really reads those legal disclosures and consents. Almost nobody really understands what they are agreeing to. And if consumers don’t accept, and the service/content/software is important, there’s not much they can do about it.

I’d like to propose a radical but meaningful system of government approved standardized consent forms, each with a clear summary of what you are giving up and what you can do if you object to the process. The joy in this approach is a tiered approach with an accurate and short description of the rights you are giving up. It would look a lot like the motion picture or television ratings systems. 

With the correct labels, we just might see some pretty onerous practices disappear. Online purveyors would simply have to display their rating code on every page of their online presence. A letter system, perhaps A through E applied against three categories, could be a start: One – Use of personal information/tracking for internal use only. Two – Use of personal information/tracking for internal or anonymous data collection use only. Three – Use of personal information/tracking may be made commercially available. Government agencies (e.g., Bureau of Consumer Protection) or an association like the film industry’s MPAA rating system might define the meaning of the A through E levels of exposure of personal information through standardization with simple summaries.

Consumers have to know that where materials are provided “free,” there is a cost. It can be in the ads carried on the app/site/content and provided to the consumer, the use of personal information as a commodity that can be bought and sold or a hybrid model. Should consumers be offered a “privacy” reasonable fee alternative as a legal mandate? For those charging a fee for their app/site/content, perhaps they should be banned from trading in personal information (other than an anonymous data collection function) absent a clear “opt-out” choice which does not impact the availability of the app/site/content to the consumer.

There are a few proposed efforts in Congress to deal with this tsunami of obvious failure. Such as: “The Terms of Service Labeling, Design and Readability (TLDR) Act directs the Federal Trade Commission (FTC) to issue rules requiring companies to include a ‘short-form’ terms of service summary on their website as well as a graphic data flow diagram explaining relevant terms. While the bipartisan bill, introduced by Congresswoman Lori Trahan (D-MA-3) and Senators Bill Cassidy (R-LA) and Ben Ray Luján (D-NM), is arguably aimed at tech companies, the law would apply to any entity that operates a website or an online service for commercial purposes (the TLDR Act does contain a ‘small business’ exemption, however)…

“With bipartisan support, it’s possible that the TLDR Act could benefit from the momentum we’re seeing on the Hill to rein in Big Tech, but it remains to be seen whether the act will have the votes to pass the House or the Senate. The TLDR Act is just one of several attempts aimed at improving the readability of terms of service, and whether or not this bill passes, it is a reminder that regulators remain focused on making online terms more accessible to consumers.” Robyn Mohr, Tanya Forsheit and Jessica Lee of the law firm of Loeb & Loeb, in the January 21st Lexology.com. Civil penalties and empowerment at the state enforcement level are part of this effort.

What is absolutely clear is that the privacy notices, the “I agree” non-choice, the lengthy legalese that virtually no one at a consumer level ever reads and the pervasive effort of app/site/content providers to find simple ways to “disclose” their often rather cavalier practices, pushed within the edge of envelopes of “what is legal,” are simply a sham, at best a corporate panacea with no genuine effort to be real. The practice does not remotely create true consumer choice or provide any meaningful accessible information of corporate intent. IT MUST STOP.

I’m Peter Dekom, and if you also believe that these de facto deceptive practices must stop, please write your representatives in Congress and tell them… and you may find bipartisan support for this necessary approach to privacy protection.


No comments: