Stanford CIS

User Agreements Are Betraying You

By Woodrow Hartzog on

The user agreement has become a potent symbol of our asymmetric relationship with technology firms. For most of us, it’s our first interaction with a given company. We sign up and are asked to read the dreaded user agreement — a process that we know signifies some complex and inconveniently detrimental implications of using the service, but one that we choose to ignore. Our privacy hangs in the balance, yet we skim to the end of those tedious terms and conditions just so we can share that photo, or send a group message, or update our operating system…

It’s not our fault. These agreements aren’t designed in a way that would allow us to properly consider the risks we’re taking. Tech companies have no incentive to change them. Lawmakers don’t seem to know what the alternatives are. But that doesn’t change the reality: User agreements are a legal and ethical trap, and they betray the trust of users from the very start.

The Accident of User Agreements

In the late 1990s, when lawmakers started looking for ways to protect people’s data, user agreements were a convenient place to start. Regulators were still handling the young internet market delicately and came to rely on a system of “notice and choice” to protect individuals’ privacy. The idea was that if users were given notice of a company’s data practices and chose to continue using the service, then they consented to those practices. In this way, lawmakers decided, the privacy of users was respected because the users were in control.

And here is where the modern approach to data protection began to fail.

Read the full piece at Medium.