I think the business sector needs to have a look at the way consent is done in the medical field, where huge terms and conditions with nasty stuff hidden away isn't ok.
The concept in medicine is that consent for treatment is done in a simple way that encompasses things that are commonly an issue (but often a minor inconvenience), things that are rarely an issue but are disastrous, and things that might specifically be an extra-big issue for the patient (i.e. damage to fingertip sensation for a typist, or something like that).
This gives the responsibility of getting the salient issues communicated to the person requesting consent - forcing it to be phrased in an understandable way. I see some companies are doing a summary of the terms and conditions (seen it with Virgin and Google), which is welcome, as long as they are including what is common and important in that summary and not hiding things in the T&Cs.
I'm not sure what "understandable way" you are talking about -- as a patient anyway. Every time I've been or taken a family member to see a doctor, I have to sign a multi-page consent agreement (which I read about as closely as the Terms of Use on a website). What's the point? Am I not going to sign it? No, I'm there because I need care. I don't read it, and neither does anyone else I've asked about it.
Does the doctor's admin indicate the general gist of the document and have you initial any important sections? This seems to be common now in the UK - I think because having people sign a document isn't valid unless they are aware of the content in at least general terms (I'm pretty sure this was tested in court).
Assumed consent of an ignorant party is effectively no consent at all.
I imagine that's exactly what the business sector doesn't want to do.
I remember when Google and Microsoft changed their privacy policies 2-3 years ago to become much more generic and "unified" - as in they could now use your data however they found fit from across all of their services and products. Great piece of PR that "unified" trick, though, so props to the PR team, I suppose.
The tech media mostly treated it with a shrug even when there was something that sounded quite suspicious in there, and had a tone of "yeah, but that's probably just used for X, and it's unlikely Google/Microsoft will use it for other nefarious purposes. It's just for legal reasons, you see."
No, those provisions weren't put in there "just for legal reasons" and they were put in there on purpose because they were meant to be used. Also, if they put it in there "for legal reasons" it's also because they intend to use it and need the legal cover. It's weird how the media took out exactly the wrong message from it back then.
It also bares repeating, because the media didn't cover it much back then, and it was quite a sneaky thing for Google to do - Google changed its privacy policy to no longer keep your data "anonymized." Many people even on HN like to defend the companies' data collection "because they anonymize it", which in itself has always been a joke, as studies have proven, but they no longer even do that:
And to be fair, Facebook was one of the first companies 10 years ago already that offered their terms in standard legalise as well as translated into common people speak!
They have done great things in that regard by pushing the whole industry forward
The concept in medicine is that consent for treatment is done in a simple way that encompasses things that are commonly an issue (but often a minor inconvenience), things that are rarely an issue but are disastrous, and things that might specifically be an extra-big issue for the patient (i.e. damage to fingertip sensation for a typist, or something like that).
This gives the responsibility of getting the salient issues communicated to the person requesting consent - forcing it to be phrased in an understandable way. I see some companies are doing a summary of the terms and conditions (seen it with Virgin and Google), which is welcome, as long as they are including what is common and important in that summary and not hiding things in the T&Cs.