Everyone cares about privacy. But few of us actually read privacy policies. Why? Because most companies create dense, overly complex and incredibly long statements.
This isn’t new; Mark Zuckerberg has been apologizing for privacy issues for years. Facebook’s privacy policy takes about 18 minutes to read. It’s no wonder we’ve been trained not to bother, but we should.
The purpose of a privacy policy is to tell you how and with whom your personal and private data will be shared. Because almost all data is shared beyond the actual website or company with which you’re doing business, at the heart of the privacy problem is that we often have little idea of what these policies are actually telling us. Consumers can do better, but companies don’t make it easy.
Sign up for Kiplinger’s Free E-Newsletters
Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.
Profit and prosper with the best of expert advice - straight to your e-mail.
Many times, unless we click “I agree,” we can’t gain access to a website or to content or even to our checking accounts. Far too often we click “agree” without having any idea what we’re agreeing to.
To make that point, a few years ago the British company GameStation inserted the following statement into its privacy policy:
By placing an order via this Web site on the first day of the fourth month of the year 2010 Anno Domini, you agree to grant Us a non-transferable option to claim, for now and forever more, your immortal soul. Should We wish to exercise this option, you agree to surrender your immortal soul, and any claim you may have on it, within 5 (five) working days of receiving written notification from gamesation.co.uk or one of its duly authorised minions.
By the end of the day, more than 7,000 people had agreed to give up their souls. Either people didn’t read the agreement, or they didn’t care who had authority over their souls. Of course, this occurred on April Fool’s Day, but the point was made.
In May 2018, things changed — somewhat. That was when the European Union’s General Data Protection Regulation (GDPR) went into effect. This regulation requires that companies doing business in the EU or with employees in the EU must create a privacy policy that customers can understand. This new regulation had somewhat of an effect on U.S. policies, but there is still much in the policies consumers do not understand, and we don’t read them. But feel free to complain to companies if we have difficulty understanding their privacy policies. They need to know that they’ve not “hit the mark.”
How can we do better? Here are three actions consumers can take to better protect their privacy.
1. Guard your privacy like nobody’s business
First, understand that privacy policies will identify two types of information they can collect: public personal information and nonpublic personal information.
Public personal information is information that can be easily discovered, including names, addresses, employment and email addresses.
Nonpublic personal information in the financial sector is information specific to a consumer that identifies that person’s financial data and is gathered during a transaction with a customer. For example, Social Security numbers, income, credit score and data the internet collects because you visited your bank’s website (i.e., cookies).
Second, do business with companies that take seriously that customers need to understand what happens with their data. For example, Ticketmaster has a policy that we all can understand. I’m a plain language expert, and I couldn’t have written it better — or more plainly — myself.
However, even as clear as this example is, whenever you see the mention of “third parties” that could include almost anyone or any company. So always check to see who those third parties are, if listed. Ticketmaster is very specific about who gets your data. If you don’t want that data shared, buy tickets elsewhere.
Third, protect your data. Limit how much data we’re willing to share. For example, be very careful about how and with whom you share your Social Security number and be cautious about the information you give on your social media accounts. For example, only give out your credit card information to a credible site. Also several scammers imitate large companies like American Express to get you to open a link that gives them access to your account. I always check the email address when I’m suspicious. It’s still very hard to hide the actual address an email comes from.
2. Share data only with companies you trust and limit what you’re willing to share
The Federal Trade Commission recommends that you:
- Know who you share information with.
- Store and dispose of your personal information securely, especially your Social Security number.
- Ask questions before deciding to share your personal information.
- Maintain appropriate security on your computers and other electronic devices.
Additionally, some browsers give us the option to not share our data by including “Do Not Track.” In as many circumstances as possible, use DNT to tell a company not to track your data. Although they don’t have to do what you ask, they do have to tell you whether they’re complying with your request. For help adjusting your own browser settings to use DNT, the Future of Privacy Forum has an online privacy tool to walk you through the process.
3. Know and use helpful online resources
In addition to the Future of Privacy Forum’s privacy tool mentioned above, which keeps browsers from sharing your information, there are other online resources to check out. These two sites offer clear, helpful information on privacy policies:
Finally, whenever possible, at least read the part of a privacy policy that tells you how they share data. Then you’ll have to make a decision, but at least you’ll make an informed one.
-
What to Expect From Bitcoin and Other Cryptocurrencies in 2025With help from Donald Trump, the cryptocurrency industry is expanding rapidly. Here's what to expect from bitcoin in 2025.
-
What's the Key to a Happy Retirement for a Couple?Retired couples spend lots of time together. Without the distractions of work and raising kids, miscommunication can cause trouble. Here's a way to avoid that.
-
What's the Key to a Happy Retirement for a Couple?
Retired couples spend lots of time together. Without the distractions of work and raising kids, miscommunication can cause trouble. Here's a way to avoid that.
-
Investing for Charitable Giving: Discipline Reaps RewardsConsider doing nothing when markets get volatile, rather than shifting your charitable investing strategy in the moment.
-
Feel Free to Disagree, But Here's How to Bridge DifferencesRather than remaining at odds with those who disagree with you or simply shutting them down, here's how to lower the temperature.
-
Top 10 Myths About 1031 Exchanges, DebunkedAre you confused about 1031 exchanges? This brief guide busts the top myths about real estate's favorite tax-deferral strategy.
-
Take Charge of Retirement Spending With This Simple StrategyTo make sure you're in control of retirement spending, rather than the other way around, allocate funds to just three purposes: income, protection and legacy.
-
How Much Money Is Enough to Be Happy? Can You Have Too Much?The relationship between money and happiness is complicated, but the experts agree on these three eye-opening fundamentals.
-
Five Year-End Strategies You Can't Afford to MissInstead of making New Year's resolutions, consider making some money moves that could help save you big bucks on your taxes.
-
Buying an Insurance Policy: Three Ways to Do ItYou can buy an insurance policy through an insurance agent or broker or on the internet. Which way works best for you?
