Make Sure Your Policies Are Your Policies

Boilerplate language in privacy policies can indicate a lack of attention to detail.

January 15, 2016
Bill Fitzgerald Director, Privacy Initiative
Director, Privacy Initiative

CATEGORIES Privacy Evaluation Initiative

Examples like this abound, but here's one: A search for the exact phrase "resources we make available on our Site. Users may visit our Site anonymously" returns over 15,000 hits.

You can do this yourself by going to the policy on any site and selecting a random phrase. I recommend selecting the second half of one sentence and the beginning of the next, to include about 10–15 words total. If you find a typo or a misspelled word, use that word on the off chance that the mistake has been faithfully plagiarized. If you are searching using Google, be sure to enclose the phrase in quotation marks to only get results using the exact string.

This is a simple, fast test to do on any site you think about using. It takes all of about 30 seconds. While plagiarized terms don't necessarily mean that there are issues with the site, it does indicate that the people behind the site have cut corners and taken shortcuts around privacy issues. Given that many breaches occur due to human error and that problems we can observe often indicate issues that are hidden from view, plagiarized terms should at least give us pause.

If you are a vendor, do this test on your own terms. Pull 10 excerpts at random and see what comes up. If you discover that, for whatever reason, your terms have been plagiarized and you don't know why, you can then begin to fix the issue.

Image credit: Screamenteagle, released under a CC0 license

Share your thoughts: