Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Businesses Privacy Technology

Consumers' Privacy Concerns Not Backed By Their Actions (betanews.com) 194

Ian Barker, writing for BetaNews: A large majority of people say they are concerned about their online privacy, but this is not reflected in their actions according to a new study. The survey from Blue Fountain Media reveals that 90 percent of respondents are very concerned about their internet privacy and 48 percent wish 'more was being done about it.' Yet despite this 60 percent of those polled happily download apps without reading terms and conditions, and close to 20 percent still download apps even when they have read the terms and don't like them. A third of those polled say they would delete an app that tracks their whereabouts, but 50 percent say whether they would do so depends how much they like the app. Interestingly less than 10 percent believe an app that tracks their location is actually useful to them.
This discussion has been archived. No new comments can be posted.

Consumers' Privacy Concerns Not Backed By Their Actions

Comments Filter:
  • D'oh (Score:5, Insightful)

    by NettiWelho ( 1147351 ) on Thursday May 31, 2018 @11:56AM (#56706222)

    Yet despite this 60 percent of those polled happily download apps without reading terms and conditions,

    Yeah I can't afford to hire a lawyer for 5-9 hours every time I install an app

    • Re:D'oh (Score:5, Insightful)

      by dgatwood ( 11270 ) on Thursday May 31, 2018 @12:16PM (#56706364) Homepage Journal

      Even without a lawyer, the cost of maintaining your privacy is too high these days. Suppose it takes you an hour to read all of the various privacy policies for Facebook in several different places. That's over 2 billion hours spent, just for one app, both when you install it and, potentially, every time they update the privacy policy. That would translate to an economic cost (if you assume U.S. minimum wage) of about $15.5 billion worldwide. Multiply that times the average number of apps that people install plus the average number of websites that people use.

      Then, on top of that cost, you have to assume that the least reputable businesses won't actually follow their privacy policy, or will deliberately carve out exceptions that don't sound bad until you see how they use them. If you assume that everyone is behaving ethically, then privacy policies aren't needed, and if you assume that everyone is behaving unethically, then privacy policies do no good.

      It doesn't take much effort, then, to understand why the only way to fix this is through laws that require a certain minimum set of privacy rights for every app and website that does business in your country. It's the only way to make it practical to protect your privacy in any meaningful way. That way, as soon as one person notices something wrong, they can get the state to assert their legal rights on behalf of everyone, and companies don't have the ability to carve out exceptions that look reasonable while actually violating your basic rights.

      • Then, on top of that cost, you have to assume that the least reputable businesses won't actually follow their privacy policy, or will deliberately carve out exceptions that don't sound bad until you see how they use them. If you assume that everyone is behaving ethically, then privacy policies aren't needed, and if you assume that everyone is behaving unethically, then privacy policies do no good.

        This. One big reason I gave up on FB is I realized that properly managing my ever changing privacy options would not matter at all. It was inevitable that the most crooked app/integration used by my least wise friend would scoop up everything about me and sell it to evil people for lucre. I did not anticipate that "my least wise friend" would be FB itself, but that is an unimportant detail. FB's recent 'eff up is just the breach we know about.

      • Comment removed based on user account deletion
        • by dgatwood ( 11270 )

          I'm not convinced GDPR was sufficiently well thought out, nor sufficiently clearly worded. But we need something.

    • Yeah I can't afford to hire a lawyer for 5-9 hours every time I install an app

      I propose an app that captures the terms and conditions for an app you wish to install, and sends it to an AI server that does the 5-9 hours of lawyering for you at processor speed. It would then come back with a go/no go decision on installing the app.

    • Reading the "terms and conditions" isn't really about protecting privacy. When customers demand privacy, what they are saying is don't sell my data. Having terms and conditions that say "by the way, we will sell your data to Russia" does not satisfy the customer's demands and does not protect privacy.

      It doesn't matter how easy or hard the terms are to read, what the customers want is to not share data.

    • skimming terms and conditions looking for basic get out of jail privacy clauses like "you agree that we can share/sell your information to every scumbag company we wish" or "everything you say and do here you agree is our property and as such you give up all rights to said information". your view that those 30 seconds of effort is too much is classic example of why they get away with this so easy. you don't need to understand it all to identify obvious privacy problems.
    • by Evtim ( 1022085 )

      “Along with the standard computer warranty agreement which said that if the machine 1) didn't work, 2) didn't do what the expensive advertisements said, 3) electrocuted the immediate neighborhood, 4) and in fact failed entirely to be inside the expensive box when you opened it, this was expressly, absolutely, implicitly and in no event the fault or responsibility of the manufacturer, that the purchaser should consider himself lucky to be allowed to give his money to the manufacturer, and that any atte

  • by CrimsonAvenger ( 580665 ) on Thursday May 31, 2018 @12:00PM (#56706258)

    and 48 percent wish 'more was being done about it.'

    Which can be loosely translated as "I hear people are concerned about this, so I guess *I* should be concerned about this, but it's not really worth my time or trouble to bother ACTUALLY doing something about"....

    • by Actually, I do RTFA ( 1058596 ) on Thursday May 31, 2018 @12:11PM (#56706316)

      Yeah, it's almost like my life is finite and reading legalese isn't what I want to do with it. I want it outsourced to a third party. You know, like making sure my hot dog won't kill me. What's that called... government regulators.

      • I completely agree, but the problem with that is the total lack of competence in the government, coupled by a complete interest in satisfying corporate interests.
      • Re: (Score:2, Insightful)

        Yeah, it's almost like my life is finite and reading legalese isn't what I want to do with it. I want it outsourced to a third party. You know, like making sure my hot dog won't kill me. What's that called... government regulators.

        So, you don't trust your fellow man, but you DO trust "government regulators", who are, by and large, your fellow man?

        "I'm from the government, I'm here to help"....

        • by Actually, I do RTFA ( 1058596 ) on Thursday May 31, 2018 @12:42PM (#56706510)

          I don't trust people to act against their self-interest. The regulators at least don't have a direct profit motive.

          "I'm from the government, I'm here to help"

          I never understood this complaint. I mean, the government seems pretty helpful to me. Certainly, the times I hear about government help, usually the problem is that there is not enough (See, Puerto Rico.) Do you have examples of widespread problems?

          • Conservative estimates put the death toll from democide - governments killing their own people - in the 20th century at around 200 million people. This includes both intentional acts of murder and genocide, was well as acts of gross incompetence, but doesn't include war - which has resulted in many millions more dead. This isn't just those evil nazis and commies either, the western 'good guy' governments we all know and love have contributed plenty to this death toll.

            A specific example of government inco
            • A specific example of government incompetence literally killing people is the FDA and the AIDS epidemic of the 80s and 90s.

              Which was recognized as a problem shortly thereafter and people were allowed to try experimental medicine when they had fatal diseases. (The recent "Right To Try" bill is a modification to the program.) That is to say, mistakes were made. It certainly seems outweighed by the existence of vaccines and high-quality medicine, for instance, that were enabled by the FDA.

              I guess we all fo

            • A specific example of government incompetence literally killing people is the FDA and the AIDS epidemic of the 80s and 90s. The government 'helping' patient safety resulted in the early deaths of many thousands of patients by denying them access to life saving drugs that were yet to be approved.

              By comparison, how many lives have the government saved by stopping companies from selling ineffective or flat out toxic medications?

              Look, the only thing governments have consistently done well is kill and destroy.

              L

          • I never understood this complaint. I mean, the government seems pretty helpful to me.

            This was big around the time of Ronald Reagan. Reagan got his start in politics around the McCarthy era, when the government was trying to 'help' by rooting out communist spies. In hindsight, a lot of innocent people were harmed, and not many spies were caught. It was a clear incident of government causing harm, and it remained in the minds of a lot of people. Hoover's FBI is not something we want to repeat, even when there are a few spies.

            More generally, the people in government (like everyone else) act

        • by Jason Levine ( 196982 ) on Thursday May 31, 2018 @01:03PM (#56706662) Homepage

          The government is (at least in theory) accountable to the people. If the people don't like the actions of members of the government, those government officials can lose their jobs. Companies aren't accountable to people in general - only to those who pay them money. If your information is being sold by company A to companies B, C, D, and E, then you're not their customer - you're their product. They won't care if you don't like your information being sold because you have no say in what they do and likely don't have the legal muscle to stop them. (Especially if they're a big company like Equifax.) However, the government can stop them.

          This isn't to say that government regulations are always the solution. Just that they are a useful tool to give people power over companies that wouldn't otherwise be beholden to anyone.

        • Comment removed based on user account deletion
      • Yeah, it's almost like my life is finite and reading legalese isn't what I want to do with it.

        I got a better argument: It's not like reading the legalese will change anything. You can see that clearly, when a company actually promises not to fuck you over in the terms and conditions it actually makes the news, so what's the point of reading the terms if you already know what's in them and have no power to optionally accept some of them?

        • It's not like reading the legalese will change anything.

          In addition, I already know what's in the privacy policy: they can use my data every way they want. If you followed the strict letter of Facebook's privacy policy, they could apply for a credit card in my name to "facilitate payments." Fortunately it's unlikely any court would accept that.

      • And even if I had the time to spend reading all of that legalese, I might not understand it all or the implications of it. Some privacy policies (as well as Terms & Conditions and EULAs) are written in such a way that you'd need a legal degree to understand them. It doesn't help if you spend hours reading a privacy policy before agreeing to it if the company can slip some verbiage in there that is complicated legalese for "we can do whatever we want to do with your information."

    • but it's not really worth my time or trouble to bother ACTUALLY doing something about

      And what can a person do about it? Every site hoovers up your data. You can't buy a TV or a fridge without the Terms and Conditions giving the company the right to name your first born.

      A consumer by themselves can do nothing. Not reading the terms and conditions are also a stupid indication of an action vs a concern. I will wager there are proper tinfoil hat types here who only use RMS approved computers and raged when Firefox optionally gave the ability to recommend tiles, ... who don't read the terms and

  • by nnull ( 1148259 ) on Thursday May 31, 2018 @12:04PM (#56706276)

    Yeah, because that's what I do every time I install an application. I hire a lawyer and we read through the terms and conditions (That was copy and pasted from another application) together at $400 an hour.

    How about not doing this crap in the first place and we wouldn't have to worry about it? The absurdity this has gotten to. Blame the consumer!

    • by DogDude ( 805747 )
      ... and who is holding a gun to your head requiring you to install these applications? Do you need emergency assistance?
      • ... and who is holding a gun to your head requiring you to install these applications? Do you need emergency assistance?

        But calling for help nowadays requires an app!

      • by Jason Levine ( 196982 ) on Thursday May 31, 2018 @01:05PM (#56706676) Homepage

        Terms and conditions are everywhere - not just in applications. Do you have a cell phone? You've agreed to your carrier's terms and conditions. Did you go to the movies? You've agreed to their terms and conditions. Did you attend a concert or sporting event? More terms and conditions. In fact, the terms and conditions for these likely make the ones for a phone app seem like plain, easily understood English.

        So people can't avoid terms and conditions unless they stay in their house all day and never venture outside.

        • by Merk42 ( 1906718 )

          ... unless they stay in their house all day and never venture outside.

          The Slashdot lifestyle!

      • Comment removed based on user account deletion
  • In other news (Score:5, Insightful)

    by Rosco P. Coltrane ( 209368 ) on Thursday May 31, 2018 @12:04PM (#56706278)

    People are concerned about corruption in politics, yet keep electing the same sumbitches.

    • Ironically this is the same consumer attack as in the summary. Reading terms and conditions doesn't help your privacy, not when every company out there sucks up all your data without even a clue on what they will do with it yet.

      Likewise what are you going to do next election? Select 1:
      a) Vote Red
      b) Vote Blue
      c) Not Vote
      d) Go through the motions of voting only to realise that in your system if you didn't pick a or b your vote will ultimately be treated like c.

      Which one of those will help not elect the same su

      • Re:In other news (Score:4, Interesting)

        by PPH ( 736903 ) on Thursday May 31, 2018 @01:02PM (#56706658)

        Which one of those will help not elect the same sumbitches?

        We just did that. The Dems put up their candidate. Because it's her turn (needs of the party over those of the voters). The GOP tried the same thing, but got an outsider. In part as a FUCK YOU to the good ol' boy system. And look who got elected. Not because he was the best choice. But because enough of the voters didn't want more of the same shit.

        • We just did that.

          I guess you could say that. I mean sure he's not the same one, he's an even bigger one. But at least it's a change...?

      • e) Participate in the local elections and platform conventions where "red" and "blue" get defined.

        In a two-party system (driven by one-person-one-vote), you pick one party and then shape it to look like what you want it to look like. Spinning up a third party is too much effort. Taking over a party has been done many times in American history.
        • e) Participate in the local elections and platform conventions where "red" and "blue" get defined.

          In a two-party system (driven by one-person-one-vote), you pick one party and then shape it to look like what you want it to look like. Spinning up a third party is too much effort. Taking over a party has been done many times in American history.

          Ahhh good citizen, keep pretending like you can affect the outcome.

          • I have. My efforts to promote candidates have changed the outcome of multiple local elections for people who went on to higher office.
            • And the end result? A government determined by rich and powerful players where clout and political capital alone determines who runs for the highest office and the resulting choice often coming down to two different coloured turds.

              • No. The problem is how few people get involved in the grass roots. You *let* the rich and powerful players have control by ceding it to them. It's hard work owning a government "of the people". People would rather delegate that work, and they often do. THAT is what results in the system we have today. And those two different colored turds are *very* different. Difference between toxic waste and fertilizer.
                • No. The problem is how few people get involved in the grass roots.

                  Nope, blaming human nature is not the answer to any problem. The problem here is a system that relies on a phenomenal effort from the grass roots (getting people to change their behaviour) all the while stacking the odds against it ever achieving something (2 party FPTP voting system). It won't change without changing the underlying system, but America would freak out if someone even proposed that (or more likely, people of one colour would freak out if it happens to be proposed by people of another colour)

    • People are concerned about corruption in politics, yet keep electing the same sumbitches.

      I'm only concerned about corruption in the other party. When there's corruption in my party, it's either rooted out or [EXCUSE].

    • don't underestimate the power of gerrymandering, voter suppression and our corrupt system (e.g. the Senate & the Electoral college, both systems designed to limit Democracy).

      If there's a chink in the armor it's the primaries. The best bet is to get pro-worker progressives in by showing up at the Democratic primary. And yes, that means joining the Democratic party if you have to. Take it over from within and take it back from the corporatists. Use the structure they built to fix things.
  • Buried in there was this nugget, paraphrased: Any pix you upload to FlightAware become their property.

    I wonder how many planespotters using flightaware are aware of that.

    I'll be *damned* if I ever upload anything to that "service." I'll gladly use it, but I will not contribute to it, not with those terms.

    Read the shit, people. Don't be sheeple.

    • Hell, I tried to understand if it was possible to upload a video to YouTube without granting a license to broadcast it on TV to their partners. I have no idea.

    • by GuB-42 ( 2483988 )

      That's totally illegal in France, I don't know about the situation in the US where the copyright laws are different.

      In France, you own your work, and nothing can be done to change that. And it applies even if you are working for a company as an employee. The only thing that can be done is to sign away your rights (you are still the owner but someone else gets to make money), or license it. It also means it is impossible to put your own work in the public domain.

      In the case of FlightAware, I simply cannot co

    • They can say any picture you upload is theirs, but what gives them that right to claim it? A click-to-install button shouldn't automatically reassign copyright.

  • FTFS

    ...60 percent of those polled happily download apps without reading terms and conditions...

    Why would you waste the time to do that? First, the odds of those T&C ever affecting you is about .0001%. Second, who knows what those long winded T&C even MEAN. Third, who even knows what would be legally enforceable by law anyways. I have way better ways to spend my time.

    Oh, and those T&C needed to be ruled unenforceable by courts anyways. Seriously, if somewhere in there it says, "By using crappyapp 42, you are agreeing to pay us $100k", are courts REALLY going to make you fork over

    • I think the largest problem is, say you DID read the T&C of five competing apps and you WERE able to understand it. They're likely to force you to make completely similar privacy sacrifices. So the real choice for the consumer is to not enjoy in the convenience of mobile apps at all and pretend it is 1990. No one has any interest in mandating a minimum requirement for privacy, which means the high dollars that come from evading policy are going to win out every time. To make matters worse, America h
  • I have. I do it on regular basis. But they are long, dense legalese. It takes skill (a good grasp of English) and time, a lot of time, to read those. What I do not is that I know roughly what an EULA looks like and I scan paragraph headers and see if I see something I don't expect with CRTL-F. You can be privacy minded, and despair that EULA are too long and unreadable. My fucking work contract with NDA and privavcy signing was shorter and more understandable than all EULA I read up to now. Real contract
  • Or maybe... (Score:5, Insightful)

    by Travelsonic ( 870859 ) on Thursday May 31, 2018 @12:16PM (#56706362) Journal
    We shouldn't act like people are idiots for not reading something incredibly lengthy, wordy, and worded in such a way where they would not understand it, and instead point the finger, at least partially, at the people who insist on keeping these wordy EULAs without providing something that explains it in plain English?
    • We shouldn't act like people are idiots for not reading something incredibly lengthy, wordy

      No, not necessarily for that reason.

    • by Kjella ( 173770 )

      We shouldn't act like people are idiots for not reading something incredibly lengthy, wordy, and worded in such a way where they would not understand it, and instead point the finger, at least partially, at the people who insist on keeping these wordy EULAs without providing something that explains it in plain English?

      Because the EULA is to law what source code is to computers, if you try putting it through a "plain English" translator you either turn one page into ten as you need to turn it COBOL-like and quasi-paste in "Introduction to programming" throughout or you lose a lot of detail. And it's okay that I make a high-level summary, but the testing and approval must be at the code level because that's what actually runs. Same way the actual contract is legalese because that's the agreement in law, you can make a summ

  • by cascadingstylesheet ( 140919 ) on Thursday May 31, 2018 @12:25PM (#56706420) Journal
    Also, not all gym memberships are fully utilized.
  • by PopeRatzo ( 965947 ) on Thursday May 31, 2018 @12:41PM (#56706506) Journal

    Consumers' Privacy Concerns Not Backed By Their Actions

    That's like saying, "Patriots' Concerns About The Constitution, The Rule of Law, Limited Government, and Ethical Leadership Not Backed By Their Voting Records".

    • by serutan ( 259622 )

      That's true... people's voting habits are no more rational than their buying habits, probably because politicians are sold using the same techniques that sell hamburgers and deodorant. The goal of political campaigns, like other ad campaigns, isn't to help people make choices that reflect their free will or their best interests, it's to convince them that they're doing that, whether it's true or not. Voting doesn't reflect people's concerns or desires, it reflects the effectiveness of campaigning.

  • by thegarbz ( 1787294 ) on Thursday May 31, 2018 @12:43PM (#56706514)

    What kind of a stupid proxy is "Not reading terms and conditions" to "not caring about privacy"? How does reading 1000 words of legal junk help? It's not like there's a lot of active choice in the market for not having your data sucked up by some firm for reasons hither to unprofitable. You can barely buy a fridge without the TOS signing off your first born to some foreign Korean CEO.

    If anything people concerned about the privacy are the ones who don't read TOS because they know what's in them and they know doing so is a waste of time.

  • by petes_PoV ( 912422 ) on Thursday May 31, 2018 @12:45PM (#56706526)

    90 percent of respondents are very concerned about their internet privacy and 48 percent wish 'more was being done about it.'

    Which means they want someone else to do something about it.

    I expect an even greater polarisation occurs with being overweight: 100% of people are concerned about it ... but what proportion are willing to do something themselves to fix it?

    But anyone who relies on the output from a survey is either naive, negligent or is just using it to further their own desires.

  • by rsilvergun ( 571051 ) on Thursday May 31, 2018 @12:47PM (#56706536)
    I'm worried about healthcare, wages, retirement when I either can't work or nobody'll hire me. I'm worried about school for my kids, especially college.

    Surveillance is just a symptom of oppression. The root cause is always money. If you want to render it moot the solution is to make sure everybody (and I mean _everybody_, even lazy people and the ones you don't like) has access to food, shelter, healthcare, education & transportation (the latter being required to effectively access the former).

    Until we end the rat race we're going to be vulnerable. You're not free as long as somebody controls access to the things you need to live.
  • by fluffernutter ( 1411889 ) on Thursday May 31, 2018 @12:50PM (#56706556)
    This whole article basically found out that ignorance doesn't equal compliance. You can't blame people for being ignorant if you haven't tried to educate them. Who goes out of their way to educate in the current state of things?
  • by Voyager529 ( 1363959 ) <voyager529@yahoo. c o m> on Thursday May 31, 2018 @12:52PM (#56706568)

    Correlating whether or not one reads a EULA is not an effective metric.

    Take an app which allows texting from a web browser. Both will need to have a clause like "we collect your text messages and contacts", because that's genuinely necessary for the service to be performed. However, if it's followed up with "we don't sell to third parties" isn't helpful - it still allows them to give the data away, or sell access to the data, or give the data to a shell company who then does the selling. Even if none of these happen, such a clause allows for the first party firm to do their own data mining and sell the results in aggregate. Then, if they do any of the above, and *those* companies get hacked, you can be certain that even if the app developer doesn't have an arbitration clause, it would be almost impossible to take legal action against the other company.

    Location data is equally messy. The company with the most location data is Google itself, and unless you root, you're not stopping them from getting it with creepy accuracy even if the GPS is off. From there, apps requiring it are equally troubling. The EULA is a binary "use it or not". Most people would understandably let a navigation app use the GPS location in order to provide directions, but while Apple only allows apps to pull location data while an app is running, Android will happily let apps run a resident location scraper in the background without providing meaningful feedback to the end user.

    Finally, the real metric of whether people are willing to do something about their privacy starts small - paid apps with no-data-mining guarantees, and free apps where users pay with privacy. See what wins. ...but nobody wants to do that.

    • This is where the new EU rules are interesting. Now in the EU (and even American companies with EU users), checking 'you may collect my data' they have to specify what the data is being used for, and the default is that the data will only be used for the app. If data is sent to a third party, then there must be clear wording to the affect of "We will send data to X for the purpose of Y".
  • For an immediate proof of that, just look at what people get elected to office in democracies. (Yes, the "leaders" in non-democracies are even worse, but that is besides the point.) As a consequence, most people do not even understand simple things, like practical privacy and that is why their actions and their desires diverge. That does not make their desires any less valid.

  • The reality of human nature appears not to support the theory that our choices will generally reflect what we want, or what we think we want. For the advertising industry this finding is a great big DUHHH!!! It wouldn't be a multi-billion dollar industry if convincing people to act against their own interests didn't work. But for the rest of us this seems to be a startling revelation.

    When we discuss and argue about how to handle behavior-driven problems like rampant obesity, consumer debt, diabetes, and soc

    • It's called "Personal responsibility"

      If you're so easily swayed by images and sound bytes that it's unrealistic for you to make your own damn decisions, or act in your own self interests, then maybe turn off the screens and decompress for a while.

      When you give up your personal responsibility, you are a prisoner to those responsible for you.

      If all it takes is marketing tricks to separate you from your own self interest, then the problem is your weak will.

      Will is like a muscle. The more you use it, the strong

  • They can't consent just by clicking.

    It has to be an active consent with clear terms and clear choices and have a method allowing EU citizens to opt out.

    Same technically is true of Canadian consumers. You can't infer active consent without active informed consent.

  • I realize they are talking about the majority of phone users, but if you are using a rooted phone and most of the tech oriented Roms, you can have your cake and eat it too. Lock down each app and security item granularly. Fuck what the app author wants. Fuck what the phone manufacturer wants. Its my phone and I'll be in control of my own security. Nothing pisses me off more than the scam that Google and device makers try to pull over on the public by not giving the owner of the device root. Heck most of the

  • For me, things like privacy online feel like a prisoners dilemma.
    If everybody works together and refuses services like that, it's best for everybody. But there are people who don't care, and then get the benefit of said services despite the invisible privacy issues.
    And then the cascade starts, more and more people will want to accept since they also want to reap the benefit etc...

    For me it doesn't indicate that the people don't care or want to do anything about it, but that it's practically impossible as a

Business is a good game -- lots of competition and minimum of rules. You keep score with money. -- Nolan Bushnell, founder of Atari

Working...