You've probably heard of the butterfly effect - the idea that tiny actions can have a massive impact on complex systems. That is how I look at improving company privacy policies.
For twelve years, I have worked with countless startups helping them draft and edit their legal documents. With time I realized that these terms and policies could be written in a much simpler way, avoiding legal jargon and unintelligible sentences.
As the General Data Protection Regulation (GDPR) came in 2018, I saw that one of its clauses supported my observations. It said that organizations must provide people with a privacy notice written “in a concise, transparent, intelligible, and easily accessible form”. In addition, it stated that visualization should be used, where appropriate.
The last bit about visualizations particularly caught my attention. I spoke to my management at the time and suggested that we redesign and restructure our existing legal documents using bullet points and icons. My idea wasn’t met with enthusiasm since involving a designer meant extra time and funding.
But the thought was bugging me because I knew exactly what was wrong with online legal texts and what needed to be done to improve this situation. So, I decided to set up my own company for creating better structured, shorter, simpler, and visualized legal documents.
I believe that just by writing your company’s privacy policy in a clear and structured way, you can eventually influence how privacy policies are written and designed in huge organizations and mega businesses. And that, in turn, will start a wave of changes across the world. These are the three main reasons.
If people knew what they sign up for, I’m sure they would not put up with everything that companies are serving them. For example, you may not want to download a weather app that tracks your physical location wherever you go. Instead, you might choose to go for another weather forecast service or simply check the forecast online.
Right now, the majority of privacy policies are written in a way that 99% of the people don’t have time and interest to read. Sadly, many companies are using this situation to their benefit by obscuring slippery clauses in an ocean of unintelligible text. The fewer people notice ambiguous terms, the better, right?
For example, you might be aware that Instagram gathers data about your profile, actions online, details on who you follow, and other seemingly innocent information. But would you be OK if you knew that Instagram could read your messages and share them with their partners?
In fact, they are doing exactly that, but they tell you this in a mind-bending way:
We collect the content, communications and other information you provide when you use our Products, including when you sign up for an account, create or share content, and message or communicate with others. (..)
We provide information and content to vendors and service providers who support our business, such as by providing technical infrastructure services, analyzing how our Products are used, providing customer service, facilitating payments or conducting surveys.
I believe that if such information was stated openly and explicitly (e.g. We collect all the information you provide, create or share on our platform, including your direct messages with others), people would be much more cautious about what they say and do online, even in their private messages.
So, we’ve established that tech corporations feel invincible because thousands or maybe millions of users keep socializing on their platforms despite shady privacy policy clauses.
Imagine a situation where more and more small and medium-sized companies across the world start writing their policies in a concise, structured, and visually appealing way. Sooner than later, even mega-companies like Google and Facebook will have to join the trend and start speaking honestly to their users.
It’s not only about creating a better experience for the readers and clients. Clear and to-the-point terms and privacy policies can also save companies time and money for document revisions and translations. If the length of a legal text is reduced by 30-50% thanks to using plain language, structured lists, and icons, the translation costs will drop significantly as well. And you won’t need a legal team to make minor edits to your contracts and terms of service.
Furthermore, easily readable legal documents are no longer a nice-to-have. The GDPR made it a regulatory imperative to create privacy policies that are transparent and intelligible.
There are, of course, some good privacy policy examples out there, like BBC and Juro (see their privacy policy at the very bottom of the page). But to get the ball rolling, we need more and more businesses to join the trend of using transparent and plain language in their legal communication.
The past five years have seen a dramatic increase in teenage internet users, with 45% of teens saying they use the internet “almost constantly.” This figure has nearly doubled since 2015.
There is a plethora of social media and apps aimed exactly at teenagers, TikTok, Snapchat, and Instagram leading the parade. Now, look at TikTok’s Terms of Service. This document is 100 pages long and exceeds 28,000 words. That’s longer than many Master theses! How many of its teenage users (that make up 32.5%) do you think could and would read this hopeless chunk of legal text? Dividing it into sections for each region doesn’t help much, because each separate EULA looks like a whole legal catalog.
It looks like the company’s aim isn’t informing its users, but just the opposite - scaring them away from reading the terms. So, how can we expect our children to be digitally informed and protected? Let’s admit it - even us, the grownups, won’t have enough patience to dig through such a legal nightmare. And I’m telling you this as a lawyer.
On the bright side, some initiatives are beginning to tackle this problem. The UK has recently issued a Code of practice for online services called "Age-appropriate design" that is binding to all online service providers operating in the UK. The code provides guidelines for communicating with children of different ages, including suggestions for audio and video prompts.
I’m convinced that changing the way privacy policies are written and designed will make the world a better place. If more and more companies stop speaking “legalese” in their documents but use normal internet language instead, global corporations and even governments will in time be forced to improve their bureaucratic communication as well.
And there’s no downside to this because legal documents that use plain language, short sentences, and bullet points still say all the same things and have an equal legal force.
Start by giving your company’s Privacy Policy and Terms of Service a critical look. Take the longest paragraphs and try to restructure them using bullet points and shorter sentences. With time, consider hiring a designer to add visual elements to dilute the text or sign up for a tool to help you design clearer and better-looking legal documents.