“Click here if you have read and agree to the Terms of Service.” How many times in your life — heck, how many times just this month, or this year — have you hovered over that little ticky box without bothering to click the TOS link first? Or scrolled straight to the bottom of a pop-up window with 17 pages of boring legalese in it, just to continue installation? If your answer is anything other than “all the times,” you are in a very, very small minority.
A new study from researchers at two universities has confirmed what most of us already anecdotally know: nobody’s actually reading the fine print, even if they should.
And how did the researchers find this, you may ask? By creating a fictitious social networking site that research participants signed up for. The privacy policy and terms of service for this fictitious site were modeled on existing documents on another social network (LinkedIn), and checked in at roughly 8000 and 4000 words respectively.
But this fake site’s policies included a few extra clauses that should have raised eyebrows. One had to do with data sharing, and specified that the site could share your information with the NSA “and other security agencies in the United States and abroad.” It also said that your data could be shared with any third parties, and as a result “could impact eligibility in… employment, financial service, univeristy, entrance, international travel, the criminal justice system, etc.”
The other said that participants agreed to sign over their firstborn, Rumpelstiltskin-style: “In addition to any monetary payment … all users of this site agree to immediately assign their first-born child” to the site, it read. “If the user does not yet have children, this agreement will be enforceable until the year 2050.”
The researchers then asked open-ended questions to the participants asking if they had any concerns with the policies and sign-up options.
543 research participants signed up for the site. Of those, 399 skipped all the fine print entirely and just signed up blindly. For the remaining 144, the average time spent “reading” the privacy policy was 73 seconds, and for the TOS, 51 seconds.
Even the best speed-readers are not going to get through — and understand — 8000 words of legalese in 73 seconds, and these participants were no exception. In the end, the researchers found that 98% of all participants completely missed the existence of the “gotcha” clauses. That means a total of 10-11 participants, at most, actually noticed.
Research participants were all undergrads, as is very common for university-based research. But this behavior is far from limited to young adults. A similar experiment in the UK in 2014 found the same results, with users unwittingly signing away their firstborn in exchange for access to a free WiFi hotspot. A UK-based retailer found the same in 2010 when their customers happily, and unwittingly, signed over their immortal souls.
Other studies have found that barely one in five internet users actually read the terms, and even they probably don’t usually stop to process the words.
So yes, we should all read a little more carefully before we proceed — because as long as they disclose it, a company can do pretty much anything they want with your account or personal information. Of course, it doesn’t help that the policies are usually long, dense, complicated, formatted badly, and full of legalese. There are some tools that help but when it comes to comprehensibility, we still have a long way to go.
[via Ars Technica]
by Kate Cox via Consumerist
No comments:
Post a Comment
Found it interesting comment