Privacy simplified

Facebook’s privacy policy is 6,946 words long. Google’s is a comparatively spartan 2,281 words. Read them lately? I didn’t think so.

Website privacy policies, like their terms of use agreements, are onerously long, bafflingly complex legal documents that hundreds of millions of people accept without ever reading. As social media sites accrue more and more of our personal information while always developing new ways to exploit our data, they are increasingly targeted by hackers and law enforcement. In short, those long privacy statements, which we never read and which get longer all the time, matter more and more.

That’s why a trio of Yale students have developed a free service for websites called Privacy Simplified. Answer a few questions about your site and PS will generate a series of icons you can display to clearly explain the most important aspects of your privacy policy. For example, here’s what Facebook’s would look like:

And here’s what it all means:

• The green exclamation mark means Facebook will let you know when it changes its Privacy Policy. As the New York Times illustrated a couple of years ago, Facebook changes this document frequently, so these notifications may arrive so frequently that you’ll trash them unread, like so many other emails Facebook sends. Still, nice to know.

• The person icon is you, the user. Green means you have access to your own data. Anything Facebook collects on you, you can see and get a copy of.
• Not all green is good. The green circle around the paper icon means Facebook is collecting and using more information on you than it requires in order to function. Why? See the next icon.
• Red around the arrows means that Facebook is promiscuous with your privacy. It’s selling or trading your deets with unknown others. This may be a bit too vague. I know that Facebook is trying to figure out some broad demographic info on me in order to target ads, and I’m okay with being placed in a “Canadian male, 25-38 silo” or whatnot for that purpose. But who else is getting my info, and does it identify me personally? Perhaps this icon is too simplified.
• The next icon is another bad kind of green: red around the lock would have meant that Facebook encrypts your data to stop hackers or anyone else from getting at it. They don’t.
• Finally, here’s a pretty serious one: red around the badge means that Facebook doesn’t protect your info from cops or other law enforcement agencies to the fullest extent possible. Any website has to hand over your info to authorities under certain circumstances, warrants being among them. But many websites reserve the right to voluntarily pass on your info to the fuzz if they feel like it. That’s how Facebook rolls.

These icons might need some fine-tuning, but they’re a fantastic starting-point. We desperately need a shorthand for privacy online. The only problem is that there’s no real reason for a website to use this code if it tells users anything negative or troubling about their business. Best to leave those needles in a 5000+ word haystack.

Jesse Brown is the host of TVO.org’s Search Engine podcast. He is on Twitter @jessebrown