The Facebook / Cambridge Analytica news has brought quite a bit of the unrealized or unspoken of the tech world into national consciousness. Collectively (and individually in some cases), we’ve been talking about data, privacy, and what we’re willing to give up for our beloved free services.
But it strikes us that there’s an element that’s been with us all along which could have saved us from ourselves — a functional piece of each and every app and service that we use that should have been a talisman, but was instead a nuisance at best or an impediment at worst.
We’re of course referring to the Terms and Conditions.
Ts and Cs (or ToS for “Terms of Service” on some platforms) are what we’re typically greeted with when we sign up for new apps, platforms and services. Before you can dive in and share your photos from last night’s party, your political opinion on the hypocritical politician of your choice, or message someone, you need to make your way through the legalese of the 20-thumb scroll to find the “I Accept” button that you press, having read none of the Terms.
And is it any surprise that you haven’t read them? With some of them <cough>PayPal</cough> being longer than Hamlet, who has time to read them in their entirety? This is how some Londoners were tricked into signing over their firstborn children. With this kind of easy slip-up, simplification is needed.
The real function of these dense, jargon-filled policies and agreements — which most of us universally ignore — isn’t for companies to inform users of our rights, but to establish legal grounds for collecting and sharing our information. That’s it. Plain and simple. It’s a way to ensure that business models stand because we’re too lazy or stupid to read and understand the terms.
But now, thanks in part to the advent of GDPR, meant to return control of personal data to the individual by ensuring companies follow a new set of data protection compliance rules, companies are scaling back and simplifying their terms of service. Why? Because users’ consent would be legally invalid if they don’t understand the agreement they’re signing. But you might ask: if they can simplify to adhere to regulations, why couldn’t they have simplified for the sake of customers in the first place? To which we’d answer: see the above paragraph.
Facebook is no exception, and the company initially said that it would adhere to GDPR standards around the world – not only in Europe. However, the company quickly changed its position to mean only in Europe, meaning that the other 1.5 billion Facebook users around the world would be governed by the looser US standards.
US regulators have an opportunity to step up and create the same level of data protection for Americans that have been created in Europe. Certainly, multinational companies will need to create a single standard that complies with GDPR. Facebook should step up and meet this need before regulation is required.
Then again, seeing that a number of elderly members of Congress recently had difficulty in understanding basic Internet and social media terms and functions, perhaps we should ask them to spend time reading the Terms and Conditions of their own jobs.