My father taught me many things. Some are quaintly outdated, while others have stood the test of time. In the first category are balancing a checkbook and reading a map. While it made sense back then, with online banking and GPS, no real need to do either of those these days. On the other hand, he also insisted I learn to back into parking places. I still get strange looks when I do it, but studies show that it decreases accidents when the first thing you do when you get into a car is to go forward, not backward. Thanks, Dad.
He also taught me to read what I was signing. Maybe not every word, but certainly you should at least skim a piece of paper that requires your signature. I'm no lawyer, and so can't profess I would understand all the fine print even if I did take the time to read it. But I generally do look down the page and see if the boilerplate looks like the usual boilerplate. And I'd wager I'm hardly alone: even the solicitors among you probably barely take the time to review every clause and sub-clause in the routine stuff we autograph daily.
Nowhere is this more evident than in the online world. Apps, software and even some websites require you to check off a box attesting that you agree to their privacy policy and Terms of Service (TOS) before they let you take it out for a spin. You'll find that box usually at the bottom of a multi-screen form that purports to establish your rights, privileges and the avenues of recourse you agree to in exchange for downloading music or booking a table. Be honest: like me, you check it and move on without ever looking at it.
There's good reason for that: you have a life to live. A 2008 study by Aleecia McDonald and Lorrie Faith Cranor of Carnegie Mellon University looked at privacy agreements for the most popular 75 websites, finding they ranged from 144 words up to 7,669 words, with the median being around 2,500. Using a standard pace of 250 words per minute, that means most privacy policies take about eight to ten minutes to read. They calculated that if you actually bothered to read all the ones you encountered on a daily basis, it would take you 250 working hours per year, or about 30 workdays just to get through your iTunes agreement and its ilk.
And so we click the box and move on. Most times, the result is benign. But there might be gold in them there words. In a sort of canary-in-a-coal-mine experiment, the developers of PC Pitstop Optimize tucked a clause into their TOS that offered cash to anyone who would respond to it. It took five months and more than 3,000 sales before a single person read it and reached out, for which he was sent a check for $1000.
Of course, it can go the other way as well. In a recent study, 543 undergraduate students were offered entrance to a fake Linked-In-like service. Called NameDrop (pretty good name for a fake!), they had to first agree to the service's terms by clicking the ubiquitous box. But contained in the TOS were two unusual clauses. The first said NameDrop may be required to share your data with the government including the NSA. The second said all users agree to give their "first-born child" to NameDrop, with an exclusive claim to that child through 2050.
In the end, the study said 74 percent of the participants skipped the TOS and privacy policy and signed on. Those who did read them spent around a minute skimming them, when they should have taken 20 or 30 minutes to digest it all. But perhaps strangest of all is that some of those who actually did read the whole thing, including those clauses, signed up anyway. Guess they don't like kids.
We can pretend to be outraged by all of this. We know that the agreements are meant less to protect us than the companies, as well as give them access to our data for marketing and sales purposes. But no one is compelling us to give away our rights and anonymity. And truth be told, most of us have accepted this deal with the devil, if only to be the first to know when that new Coach bag is released.
-END-
Marc Wollin of Bedford clicks and moves on. His column appears regularly in The Record-Review, The Scarsdale Inquirer and online at http://www.glancingaskance.blogspot.com/, as well as via Facebook, LinkedIn and Twitter.
He also taught me to read what I was signing. Maybe not every word, but certainly you should at least skim a piece of paper that requires your signature. I'm no lawyer, and so can't profess I would understand all the fine print even if I did take the time to read it. But I generally do look down the page and see if the boilerplate looks like the usual boilerplate. And I'd wager I'm hardly alone: even the solicitors among you probably barely take the time to review every clause and sub-clause in the routine stuff we autograph daily.
Nowhere is this more evident than in the online world. Apps, software and even some websites require you to check off a box attesting that you agree to their privacy policy and Terms of Service (TOS) before they let you take it out for a spin. You'll find that box usually at the bottom of a multi-screen form that purports to establish your rights, privileges and the avenues of recourse you agree to in exchange for downloading music or booking a table. Be honest: like me, you check it and move on without ever looking at it.
There's good reason for that: you have a life to live. A 2008 study by Aleecia McDonald and Lorrie Faith Cranor of Carnegie Mellon University looked at privacy agreements for the most popular 75 websites, finding they ranged from 144 words up to 7,669 words, with the median being around 2,500. Using a standard pace of 250 words per minute, that means most privacy policies take about eight to ten minutes to read. They calculated that if you actually bothered to read all the ones you encountered on a daily basis, it would take you 250 working hours per year, or about 30 workdays just to get through your iTunes agreement and its ilk.
And so we click the box and move on. Most times, the result is benign. But there might be gold in them there words. In a sort of canary-in-a-coal-mine experiment, the developers of PC Pitstop Optimize tucked a clause into their TOS that offered cash to anyone who would respond to it. It took five months and more than 3,000 sales before a single person read it and reached out, for which he was sent a check for $1000.
Of course, it can go the other way as well. In a recent study, 543 undergraduate students were offered entrance to a fake Linked-In-like service. Called NameDrop (pretty good name for a fake!), they had to first agree to the service's terms by clicking the ubiquitous box. But contained in the TOS were two unusual clauses. The first said NameDrop may be required to share your data with the government including the NSA. The second said all users agree to give their "first-born child" to NameDrop, with an exclusive claim to that child through 2050.
In the end, the study said 74 percent of the participants skipped the TOS and privacy policy and signed on. Those who did read them spent around a minute skimming them, when they should have taken 20 or 30 minutes to digest it all. But perhaps strangest of all is that some of those who actually did read the whole thing, including those clauses, signed up anyway. Guess they don't like kids.
We can pretend to be outraged by all of this. We know that the agreements are meant less to protect us than the companies, as well as give them access to our data for marketing and sales purposes. But no one is compelling us to give away our rights and anonymity. And truth be told, most of us have accepted this deal with the devil, if only to be the first to know when that new Coach bag is released.
-END-
Marc Wollin of Bedford clicks and moves on. His column appears regularly in The Record-Review, The Scarsdale Inquirer and online at http://www.glancingaskance.blogspot.com/, as well as via Facebook, LinkedIn and Twitter.