Artificial intelligence reads privacy policies so you don’t have to
We can think of privacy policies as fortresses made out of thick bricks of gobbledygook: impenetrable, sprawling documents that do little beyond legally protect companies.
Nobody reads them. Or, to be more precise, 98% of people don’t read them, according to one study, which led to 98% of volunteers signing away their firstborns and agreeing to have all their personal data handed over to the National Security Agency (NSA), in exchange for signing up to a fictional new social networking site.
And here’s the thing: if you’re one of the ~everybody~ who doesn’t read privacy policies, don’t feel bad: it’s not your fault. Online privacy policies are so cumbersome that it would take the average person about 250 working hours – about 30 full working days – to actually read all the privacy policies of the websites they visit in a year, according to one analysis.
So how do we keep from signing away our unsuspecting tots? Machine learning to the rescue!
A new project launched earlier this month – an artificial intelligence (AI) tool called Polisis – suggests that visualizing the policies would make them easier to understand. The tool uses machine learning to analyze online privacy policies and then creates colorful flow charts that trace what types of information sites collect, what they intend to do with it, and whatever options users have about it.
Here’s what LinkedIn’s privacy policy looks like after Polisis sliced it up for the flowchart:
As you can see, you can point to one of the flowchart streams to drill down into details from the privacy policy:
I was particularly interested in seeing how the tool would present LinkedIn’s privacy policy, given the class action brought by people who were driven nuts by repeated emails that looked like they’d been sent by unwitting friends on LinkedIn but were actually sent by LinkedIn’s “we’re just going to keep nagging you about connecting” algorithms. What privacy policy allowed users’ contact lists to be used in this manner and for all that spam to crawl out of the petri dish?
That suit was settled in 2015. It would have been interesting to apply AI to the old privacy policy, but this is a sample of what you get out of the current LinkedIn privacy policy:
Polisis paints a pretty, easy to navigate chart of what parties receive the data a given site collects and what options users have about it. But the larger goal is to create an entirely new interface for privacy policies.
