I've mentioned this before, I've never understood putting a ToS or privacy policy on a website.
Is it a legally binding document? They can change at any time and without notice. Who is to say what you just read, and apparently agreed to, didn't change in the few seconds it took you to post something.
How can you prove someone has read or not read it when something goes to court?
ToS of this comment: If you read this, you owe me 10 dollars.
Privacy Policies are mandatory in any Country. Europe and USA in primis. The main difference is between opt-in and opt-out, but it does not affect the need of a Privacy Policy :)
Google provides diffs of their privacy policies, so I imagine it would be possible to tell whether any given practice was in violation of their stated policy at the time of the infraction by looking at the policy's history.
Also, I don't think it matters whether someone has read the privacy policy when they try to take you to court. Oh, you didn't read that I plan to share your information? Guess whose problem that is.
A world without Privacy laws would be similar to the one described in 1984, by George Orwell. Privacy was born as reaction to dictatorships in Europe, we can't forget it.
About Privacy Policies, I think there is space to do much, making them finally readable, accessible to anyone.
I've noticed quite a few times on HN that people demand a new site/startup have a ToS - or they wont touch the service with a barge pole. That always struck me as a bit strange too. Particularly in the HN/startup community, I don't think having a ToS has ANY bearing on the integrity of the site or it's owner. It's a startup - chances are it'll be down next week anyway.
A privacy policy sets expectation which can be compared against. If they promise to not sell your data, then do, you can do something about it.
If you read this, you owe me 10 dollars.
So this is the email disclaimer argument. Email disclaimers are admittedly useless, but unless they stop being common-place, they will become accepted.
I wish it expanded on the first paragraph in the (new) second paragraph.
For example, we profile your browsing habits and what you're interested in, and sell that to advertisers who attempt to predict your interests in porn, our most lucrative information sharing market. Recent web browser updates have prevented us from directly querying your history, but our statistics indicate that you might be interested in child models.
i kind of expected this to be a more serious attempt at solving the current state of privacy policies being "hidden" behind overly long and complicated documents.
i think it's a brilliant idea to have a few standard privacy policies and/or terms of service documents where the service provider just fills in the blanks, a la GPL or BSD licenses.
seeing "our privacy policy is FPP" on a web service where FPP is a hypothetical document blessed by a reputable privacy advocacy group would certainly increase the appeal of that service amongst the ones who care.
What would you think about a revolution in the world of "Privacy Policy", spreading the usable approach of Creative Commons?
We are trying to do this all at http://www.iubenda.com
Let's discuss, I want feedback to change this world in better (I'm armed with Mockups :P)
yep, full of inaccuracies.
The phrase "We’re just suckers for guys with crew cuts carrying subpoenas" in the actual real-life privacy policies sounds like this
"We’re just suckers for guys with crew cuts carrying subpoenas, of for guys who look like or sound like or whose emails look like they have crew cuts and carry subpoenas, or for guys who were able to persuade us that they look like they have crew cuts and carry subpoenas"
Is it a legally binding document? They can change at any time and without notice. Who is to say what you just read, and apparently agreed to, didn't change in the few seconds it took you to post something.
How can you prove someone has read or not read it when something goes to court?
ToS of this comment: If you read this, you owe me 10 dollars.
Stupid, isn't it?