- Researchers analyzed 57 companies' policies, revealing most companies need significant improvements in user privacy.
- Apple led in data protection policies, while companies like Facebook, Netflix, and Tesla showed weaknesses.
- 85% of companies analyzed need Terms of Service improvements, with social media platforms criticized for poor data protection.
- Terms of Service and Privacy Policies often favor companies, leaving users with limited control over data.
- Mozilla and ProtonMail prioritized user privacy, while many tech giants failed to protect user data effectively.
WP Analyzed all important points in ToS and PP like ethical data use, service providers’ obligations, data protection, payment terms and legal safeguards to make users understand their rights, privacy and creative output on digital platforms.
Companies Selected for Analysis
WP analyzed 57 companies to understand their ToS and PP in three categories. These categories were Protection of Children’s Data, Privacy and Data Protection and Secure Payment Information System. The findings by WP revealed that Apple was the only company who had positive ratings in all three categories while companies like 23andme, Facebook, Tesla and Netflix were rated to improve their policies in all three categories. Companies like Upwork, HP, Spotify and John Deree showed neutral ratings.The analysis of 57 companies showed that 85% of the companies need to improve their ToS and PP, with social media platforms being suspected of not safeguarding user data as they are full of personal and intimate data that users share there. 57 companies in ten sectors were analyzed: Artificial Intelligence (5), Cybersecurity (5), Cloud Computing (3), Social Media (7), Online Services (12), E-Commerce (7), Fintech (4), Autonomous Vehicles (6), Blockchain & Cryptocurrency (5) and Other Industries (3).
Analysis of ToS Elements that Affect User Control and Privacy
Most of the ToS and PP documents are complex and have points that favor the companies. Once you agree to ToS and PP of a company, you are agreeing to them protecting your privacy and theirs, including your personal data, information and personal transactions. Most of the ToS and PP documents include the following categories: Content Ownership Rights, Limitation of Liability, Privacy and Data Protection, Dispute Resolution and Mandatory Arbitration, Secure Payment Information System and Protection of Children’s Data.WP categories companies as red (vague policies), yellow (only some details) and green (user-friendly and clear cut policies) to better understand how much risks they pose on users.
1- Content Ownership Rights
This included how companies define the ownership of content created and shared by users, and how companies approach the ethical use of content including AI content. Interestingly, no company that was analyzed fell into the green category, while companies in the red and yellow category were almost equal.30 out of 57 companies (53%) were claiming broad licensing and ownership over user content, with users having minimal control over their content. Google, Disney, Netflix, Tesla, Xiaomi, Instagram, HP and Spotify were included in red companies.
27 out of 57 (47%) companies were making users retain content ownership with limited claims to licensing and users having control of their content. OpenAI, Bianance, Meta, Canva, Adobe, Shopify, TikTok and X were included in the yellow category. Only some companies like AWS, Microsoft Azure and Nvidia had guidelines related to AI.
2- Limitation of Liability
To understand what companies' stance would be in terms of loss, the ToS about limitations of liabilities comes in handy. 79% of the companies (45 out of 57) were in the red category and had no warranties and minimal protection. IBM, Kraken, Amazon and Tesla were among those 79% companies. 10 companies were in the yellow category and included PayPal, GM, Reddit and Binance. These companies have capped liabilities and protection only in some specific cases. Only 2 companies (TEMU and Apple) were in the green category, providing clear disclaimers and fair and balanced liability agreements.3- Privacy and Data Protection
It is also important to understand how companies protect data and privacy of users, and what is the role of third-parties. 80% of the companies that were analyzed were either in the red category or yellow category. 40% of the companies had data retention practices, while 26% were sharing data with third parties. 40% of the companies had some details on retention policies but lacked specifics, while 72% of the companies were sharing data with third parties with some transparency and user control. 20% of the companies were in green in terms of data retention which means they had clear and specific data retention policies, while 2% of the companies were clear cut about sharing necessary data to providers. Apple was the only company that was clear cut about its data sharing policies and how it only shares limited and necessary data to third-party providers.4- Dispute Resolution and Mandatory Attribution
In case of data theft, cybersecurity issues and data misuse, companies have to provide users’ rights in legal discourses in disputes. 2 companies (Nvidia and Revolut) had mandatory attribution and no opt out, which got them into the red category. 63% or 36 companies were in the yellow category and had action waiver but with user friendly options. Amazon, PayPal, Canva and Reddit were included in the yellow category. Companies in the green category included DeepMind, Facebook, Payoneer, Xiaomi and Apple, and gave users more control over their legal rights.5- Secure Payment Information System
WP also assessed how different companies are safeguarding users’ payment information so they can be safe from fraud and financial theft. 35 out of 57 companies (61%) fell into the red category as they provided weak security measures to users. Most of them were relying on third parties for payment and had no mentions of security measures. OpenAI, IBM, Reddit, Xiaomi, Tesla, PayPal, Netflix, Instagram, Facebook and TEMU were included in the red category.5 out of 57 (9%) of the companies were in the yellow category, meaning they had security measures but there was a lack of detail. Most of them were also relying on third-parties. Those companies included Nvidia, GM, Adobe, Meta and Alibaba. 17 out of 57 companies (30%) were in the green category and had industry standard practices with encryption, secure storage and restricted access. Apple, Amazon, Shopify, X, Shein, Canva, Fiverr, Upwork and Spotify were included in this category.
6- Protection of Children’s Data
There is a lot of misuse of children’s privacy and data so companies need to come up with their privacy policies too. A major 93% (53 out of 57) companies were in the red category, meaning they provide little to no privacy rights to children. Only 2 companies (Disney DTC LLC and Google Deepmind) provided partial protection to children, while 2 companies (Nvidia and Apple) provided clear cut privacy protection to children.Companies with Major Control Over User Data and Privacy
According to the analysis, companies like Facebook, Google, Amazon, 23andme, TikTok and Tesla were major red flags in terms of control over user data and privacy. They extensively collect user data and share it with third parties. They also have very complex ToS and PP which makes users legally limited and unaware of their rights.Companies with Minimal Control Over User Data and Privacy
The companies with strong commitment to user privacy were Mozilla, ProtonMail and Signal. Mozilla and NextCloud had emphasized on user control, while ProtonMail and NextCloud also had user ownership of data. NordVPN had a no-log policy for its users. Apple provided app tracking transparency to users.Companies with the most clear and user-friendly ToS and PP were Mozilla and ProtonMail. Instagram and Dropbox also showed quirky and humorous language on their privacy agreements.
Take a look at the infographics below for more insights:
Conclusion
This study highlights the importance of Terms of Services and Privacy Policy of top platforms so that users can make sense of their privacy and data protection. As most of the companies mentioned here were in red and yellow categories, which shows how many companies are prioritizing their business and themselves over their users.Read next:
• Are Your Favorite Apps Secretly Spying on You Through Dangerous Permissions?
• Are Modern-Day Smart TVs Safe? The Answer In This New Study Might Shock You
• Social Media Users Urged to Guard Against AI-Generated Fake Media
by Arooj Ahmed via Digital Information World
No comments:
Post a Comment