We Know You Don’t Read the Fine Print

  • by Noah Ramirez, JD / CIPP
  • posted on October 3, 2019
  • 3 min read
We Know You Don’t Read the Fine Print

Privacy policies, terms of service (TOS), cookie consent, and the bombardment of legalese when signing up or using various apps and websites can be desensitizing. When going through the actions of creating an account, checking radio buttons and completing CAPTCHAs, how often does anyone actually stop and read the fine print? If the news cycle is any indication, not often.

The average person has between 60 to 90 apps on their phone. With more than 258 billion apps expected to be downloaded by 2022, it’s an insurmountable task to keep up with new policies or changes to existing ones. So what risks are you exposing yourself to by not reading the fine print?

Recently, The Wall Street Journal reported that at least 11 popular apps, totaling tens of millions of downloads, have been sharing sensitive data entered by users. In a similar vein, the L.A. Times is making headlines for suing IBM for illegally and deceptively mining users’ private data via its Weather Channel app. The app combed users’ personal geolocation data for advertising and other commercial purposes.

Try Osano Free!

Digital interactions are a given but breach of trust and privacy infractions don’t have to be accepted at face value. Until transparency and protocols around user data evolve, companies using applications and websites (which basically means everyone) need a solution that enables insight into the use — and health — of data. The bottom line? We need more transparency.

The Case for Continuous Monitoring

Nine out of every ten adults in the U.S. uses the internet on a daily basis. Out of this number, a reported 73 percent harbor growing concerns about data privacy. Furthermore, privacy and compliance regulations are changing rapidly amid rampant fears and confusion. The EU’s General Data Protection Regulation (GDPR) has been in effect for just over a year, and the California Consumer Privacy Act (CCPA) is set to start in January of 2020. China recently released its standards, and India and Canada are currently drafting new data privacy policies.

What this means on a global scale is that digital interactions are becoming increasingly complex. The software-as-a-service (SaaS) market, backed by the public cloud, is expected to grow to $98.9 billion by 2020. As more companies run on SaaS offerings, there is a growing need to monitor vendors’ health including TOS policy updates, compliance adherence, litigation cases and data practices on an ongoing basis.

Curious about privacy? Find out how Osano automates compliance & saves you time! Learn more

Below Radar, but Not For Long

Right now, many data dependencies including third-party data sharing fly below the radar. That is, at any given point in time, information about who your vendors vend with isn’t forcibly transparent. Who you share your customer information with, and consequently who those vendors share their information along a growing ecosystem of apps and integrations, can have significant repercussions. Remember the Cambridge Analytics scandal? That whole scenario was made possible by an API loophole at Facebook whereby a researcher was able to harvest Facebook data from individuals and friends of individuals who participated in an online quiz.

Emerging technologies can empower digital users, whether private individuals or B2B users, to keep tabs on who they are giving their information to or doing business with (and consequently with whom those businesses are doing business).

Transparency for Greater Good

Until transparency is a mandate, your company needs a plan in place to examine and dissect vendors’ policies to monitor how applications and websites gather or use data and with whom they share it. Understanding regulatory changes and sustaining vigilance around legal engagements are tasks that are moving from reactive to proactive practices as the digital landscape becomes more crowded.

Vendor exploration, policy and litigation monitoring are three buckets of increasing importance for not only responsible business practices but for safeguarding your bottom line. The take-away: we know you don’t read the fine print, so we are here to do it for you.

Noah Ramirez, JD / CIPP

About The Author · Noah Ramirez, JD / CIPP

Noah is an Osano staff attorney focusing on data privacy best practices, legislative monitoring, and policy monitoring. When he's not writing about or researching data privacy Noah enjoys rock climbing and yoga.