Privacy Policy Readability on Social Media
This week, I read an interesting article about the privacy policy on Instagram. The rationale for choosing this article is very simple: my dissertation topic is related to visual cyberbullying, and I'm targeting on Instagram!
Ok, let's get started talking about this article. A lawyer, Jenny Afia, who has a high reputation on her expertise of privacy, argued that the “Terms and Conditions” of social media is too difficult for young people to read and understand. She was a member of the “Growing Up Digital” project. This project in convened by the Children’s Commissioner in the UK and aims to study youth’s information technology. She and her team members rewrote some privacy policies if Instagram then investigated teen’s experiences and perceptions of the current version and the rewritten version. Participants’ understanding was enhanced a lot after reading the rewritten version. One of them even mentioned that “I’m deleting Instagram because it’s weird.”
As social media is almost the second life for teens, and according to a recent report, the average age of signing up for a social media account is about 12. (Howard, 2018), it’s an urge to let kids learn how to protect themselves on social media, and understanding privacy terms seems a good starting point.
From registering an online account to participating, read and approve the “Privacy Term and Policy” (or another format of informed consent) is the first thing to do before providing personal information. However, will you really read through the content line by line? I don’t believe so. Take my research experience for example, most of my participants just signed the informed consent without carefully reading the content. As one of them mentioned: “I know you need to do this, but it’s really too long and boring for me.” So it’s totally understandable that teens are not reading the privacy policies when using social media.
You may doubt if the content of privacy policies is really too hard to understand, or young kids just too lazy to read. Let’s test it. Put the page URL of Privacy Policy of Instagram (https://help.instagram.com/402411646841720) to this readability test tool (https://www.online-utility.org/english/readability_test_and_improve.jsp). You can see the Flesch Reading Ease score is 38.05, which the reading level is difficult and equal to general academically oriented magazine level. (Source: https://greencomet.org/2012/09/05/flesch-reading-ease/). This evidence shows that Afia and her team’s concern was right.
There are many studies about the readability of privacy policies. For example, Singh, Sumeeth, & Miller’s study had 50 users to examine privacy policies from 10 most visited websites (e.g., YouTube, MySpace, Facebook). They found that the readability of privacy policies across the examined websites were challengeable for general people, and especially when displaying the policies on mobiles. But, does readability really matter? A study in German investigated 440 participants about their perceived readability of privacy policies and the impact on their trust of internet services platform (Amazon, eBay, Facebook, Twitter, and Yahoo). Ermakova, Baumann, Fabian, and Krasnova asked participants to 1) rate the trust level of the internet service platforms, 2) read a 250 words paragraph (in German) from privacy police of each platform and rate the readability (perceived readability), 3) state the trust level again, 4) fill in 15 words in another 250 words paragraph from the same privacy police (actual literacy), and 5) rate their privacy literacy level and privacy concern level (perceived literacy). The results show that perceived readability is positively associated with the trust level after reading the privacy policies across five platforms. And the actual literacy level has an influenced on the perceived readability. From this study, the authors suggested internet services company to make privacy policies more readable for users to increase users’ trust. In fact, another earlier study has already indicated that the online privacy notices in the industry have become longer and more difficult to understand since 2001, and Milne, Culnan, and Greene suggested industry to reform the privacy policies for general customers. However, readability seems still a challenge in the online environment.
Even if adults have issues reading privacy policies in general, it is doubtlessly that social media, where most people visit online, should consider making policies more understandable. However, from my point of view, improving readability is not enough. The policy writers should conduct user study and take social aspect into consideration. A study investigated 250 users from Russia and 250 from Taiwan on the relationship of online privacy policy, and users’ privacy concern and trust. Wu, Huang, Yen, & Popova found that privacy policies can influence users’ willingness to using a website and sharing personal information. Moreover, the cultural difference has the power to moderate the relationship of “secured accessed” indicated in privacy policies and users’ trust level of the website. Taiwanese participants tended to increase their trust when they were informed from privacy policies that their personal information was secured.
Besides considering users from different cultural backgrounds, difference across generations should also be taken into consideration. For teens, they may have different social norms from adults when using social media. For example, some may consider belongs is more important than privacy. As one participant in an ethnography research (Marwick & Boyd, 2014) mentioned that she shared Facebook passwords with her close friends so she thought they were tied together and could share everything. In this case, teens may not take the privacy police seriously if it is just simply stated like “Password should not be disclosed and shared with others.”
The last but not the least, Afia mentioned at the end of this article that “parents need to bear in mind children are children until they become adults — not until they pick up a smartphone. We need to treat them as children.”. My viewpoint is a bit different. We may easily fall in a myth that young kids care less about their privacy and the social media policy compare with adults. However, according to a study in 2010, Hoofnagle, King, Li, and Turow found that young kids had similar concerns with older adults about online privacy. Which means not only teens need to be educated about privacy when using social media, as well as adults, such as parents and teachers. So, make privacy policies more readable is necessary for users across generations. Maybe social media companies can consider having two versions of policies, one is for adults, and the other is for teens under college level.
Ok, let's get started talking about this article. A lawyer, Jenny Afia, who has a high reputation on her expertise of privacy, argued that the “Terms and Conditions” of social media is too difficult for young people to read and understand. She was a member of the “Growing Up Digital” project. This project in convened by the Children’s Commissioner in the UK and aims to study youth’s information technology. She and her team members rewrote some privacy policies if Instagram then investigated teen’s experiences and perceptions of the current version and the rewritten version. Participants’ understanding was enhanced a lot after reading the rewritten version. One of them even mentioned that “I’m deleting Instagram because it’s weird.”
As social media is almost the second life for teens, and according to a recent report, the average age of signing up for a social media account is about 12. (Howard, 2018), it’s an urge to let kids learn how to protect themselves on social media, and understanding privacy terms seems a good starting point.
From registering an online account to participating, read and approve the “Privacy Term and Policy” (or another format of informed consent) is the first thing to do before providing personal information. However, will you really read through the content line by line? I don’t believe so. Take my research experience for example, most of my participants just signed the informed consent without carefully reading the content. As one of them mentioned: “I know you need to do this, but it’s really too long and boring for me.” So it’s totally understandable that teens are not reading the privacy policies when using social media.
You may doubt if the content of privacy policies is really too hard to understand, or young kids just too lazy to read. Let’s test it. Put the page URL of Privacy Policy of Instagram (https://help.instagram.com/402411646841720) to this readability test tool (https://www.online-utility.org/english/readability_test_and_improve.jsp). You can see the Flesch Reading Ease score is 38.05, which the reading level is difficult and equal to general academically oriented magazine level. (Source: https://greencomet.org/2012/09/05/flesch-reading-ease/). This evidence shows that Afia and her team’s concern was right.
There are many studies about the readability of privacy policies. For example, Singh, Sumeeth, & Miller’s study had 50 users to examine privacy policies from 10 most visited websites (e.g., YouTube, MySpace, Facebook). They found that the readability of privacy policies across the examined websites were challengeable for general people, and especially when displaying the policies on mobiles. But, does readability really matter? A study in German investigated 440 participants about their perceived readability of privacy policies and the impact on their trust of internet services platform (Amazon, eBay, Facebook, Twitter, and Yahoo). Ermakova, Baumann, Fabian, and Krasnova asked participants to 1) rate the trust level of the internet service platforms, 2) read a 250 words paragraph (in German) from privacy police of each platform and rate the readability (perceived readability), 3) state the trust level again, 4) fill in 15 words in another 250 words paragraph from the same privacy police (actual literacy), and 5) rate their privacy literacy level and privacy concern level (perceived literacy). The results show that perceived readability is positively associated with the trust level after reading the privacy policies across five platforms. And the actual literacy level has an influenced on the perceived readability. From this study, the authors suggested internet services company to make privacy policies more readable for users to increase users’ trust. In fact, another earlier study has already indicated that the online privacy notices in the industry have become longer and more difficult to understand since 2001, and Milne, Culnan, and Greene suggested industry to reform the privacy policies for general customers. However, readability seems still a challenge in the online environment.
Even if adults have issues reading privacy policies in general, it is doubtlessly that social media, where most people visit online, should consider making policies more understandable. However, from my point of view, improving readability is not enough. The policy writers should conduct user study and take social aspect into consideration. A study investigated 250 users from Russia and 250 from Taiwan on the relationship of online privacy policy, and users’ privacy concern and trust. Wu, Huang, Yen, & Popova found that privacy policies can influence users’ willingness to using a website and sharing personal information. Moreover, the cultural difference has the power to moderate the relationship of “secured accessed” indicated in privacy policies and users’ trust level of the website. Taiwanese participants tended to increase their trust when they were informed from privacy policies that their personal information was secured.
Besides considering users from different cultural backgrounds, difference across generations should also be taken into consideration. For teens, they may have different social norms from adults when using social media. For example, some may consider belongs is more important than privacy. As one participant in an ethnography research (Marwick & Boyd, 2014) mentioned that she shared Facebook passwords with her close friends so she thought they were tied together and could share everything. In this case, teens may not take the privacy police seriously if it is just simply stated like “Password should not be disclosed and shared with others.”
The last but not the least, Afia mentioned at the end of this article that “parents need to bear in mind children are children until they become adults — not until they pick up a smartphone. We need to treat them as children.”. My viewpoint is a bit different. We may easily fall in a myth that young kids care less about their privacy and the social media policy compare with adults. However, according to a study in 2010, Hoofnagle, King, Li, and Turow found that young kids had similar concerns with older adults about online privacy. Which means not only teens need to be educated about privacy when using social media, as well as adults, such as parents and teachers. So, make privacy policies more readable is necessary for users across generations. Maybe social media companies can consider having two versions of policies, one is for adults, and the other is for teens under college level.
References
- Ermakova, T., Baumann, A., Fabian, B., & Krasnova, H. (2014). Privacy Policies and Users’ Trust: Does Readability Matter?. In Proceedings of Twentieth Americas Conference on Information Systems. 2014, August 7-9, Savannah, Georgia.
- Hoofnagle, C. J., King, J., Li, S., & Turow, J. (2010). How different are young adults from older adults when it comes to information privacy attitudes and policies?. Available at SSRN 1589864.
- Howard, J. (2018, June 22). What's the average age when kids get a social media account? CNN.
- Marwick, A. E., & Boyd, D. (2014). Networked privacy: How teenagers negotiate context in social media. New media & society, 16(7), 1051-1067.
- Milne, G. R., Culnan, M. J., & Greene, H. (2006). A longitudinal assessment of online privacy notice readability. Journal of Public Policy & Marketing, 25(2), 238-249.
- Singh, R. I., Sumeeth, M., & Miller, J. (2011). Evaluating the readability of privacy policies in mobile environments. International Journal of Mobile Human Computer Interaction (IJMHCI), 3(1), 55-78.
- Wang, A.B. (2017, January 8). A lawyer rewrote Instagram’s terms of use ‘in plain English’ so kids would know their privacy rights. The Washington Post.
- Wu, K. W., Huang, S. Y., Yen, D. C., & Popova, I. (2012). The effect of online privacy policy on consumer privacy concern and trust. Computers in human behavior, 28(3), 889-897.
Comments
Post a Comment