New U.S. ‘TLDR’ Bill Would Require Simplified Versions of Service and Privacy Agreements ⇥ theverge.com

Makena Kelly, the Verge:

The Terms-of-service Labeling, Design and Readability Act – or TLDR for short – would require websites to provide a “summary statement” for users before they opt in to a terms of service agreement. The statement would summarize the legal jargon into something more easily understood by the average user, along with disclosing any recent data breaches (from the three years) and the types of sensitive data the site may collect. The summary would also explain “whether a consumer can delete their data, and if so, provide instructions on how.”

Cute name. It seems like a generally good thing to provide users with a more digestible version of the painful legal contracts we are expected to read and understand before agreeing to use, well, just about anything.

For the past couple of years, the Verge has tried to help readers see how many terms and conditions are required of devices by including an “Agree to Continue” section in its reviews:

Every smart device now requires you to agree to a series of terms and conditions before you can use it — contracts that no one actually reads. It’s impossible for us to read and analyze every single one of these agreements. But we started counting exactly how many times you have to hit “agree” to use devices when we review them since these are agreements most people don’t read and definitely can’t negotiate.

That is all fine and wonderful. But I am not really sure what meaningful changes will be accomplished by these ideas given what many of us already know about our lack of privacy online. Google, for example, already has a simplified privacy policy. I appreciate the effort, but do most users actually read it? Even if someone does, can they understand the long-term implications of allowing Google to amass a record of your online interactions? Can they change settings before Google begins collecting usage information?

People already have a sense of how much is collected; what they lack is control. Very few people are going to behave differently because they read more privacy policies. It would be a different story if there were restrictions covering the collection and retention of user information and users were allowed to change settings before using a company’s products.