Wouldn’t it be nice if companies were completely transparent in their privacy notices? Typically, privacy notices are filled with long clunky prose that manages to say hardly anything meaningful to consumers. These notices are written by lawyers who carefully craft every sentence so that they won’t pin down a company. The drafters of privacy notices do this because it is difficult to anticipate all the uses of personal data that might be fruitful in the future. Companies want to avoid making promises that are too limiting of how they might use personal data. This could tie their hands in the future, making them less nimble in the dynamic and fast-paced world of business in the digital age.
From a business standpoint, having greater room to use personal data in different ways is a great benefit. From a consumer standpoint, consumers are not adequately informed about how their data is being used.
Additionally, companies often have many different things going on with personal data, and there frequently isn’t a strong enough central command structure to oversee everything that’s happening. Companies aren’t evil in all of this, but the interests of companies and those of consumers are often not fully aligned.
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy and data security training. He also posts at his blog at LinkedIn, which has more than 1 million followers.
Professor Solove is the organizer, along with Paul Schwartz, of the annual Privacy + Security Forum events.