Requiring notice is an extraordinarily popular way to regulate. In online privacy, for instance, giving notice about their practices is among the only affirmative obligations websites face. The strategy is also one of the most heavily criticized. Not only does no one read privacy policies, skeptics rightly point out, but many believe that their mere existence guarantees certain base level protections that may or may not exist.
Should we give up on notice? My recent draft paper argues: maybe not. We should explore two possibilities, at any rate, before we do. The first is that regulators may sometimes select the wrong form of notice for the job. Today most website “terms” say that the company “may disclose data pursuant to lawful requests.” That does very little to further user understanding or action. But maybe it could work to: Read more about Against Notice Skepticsm In Privacy (And Elsewhere)