The Future Of "Read Before Signing"(And why you should pay attention)
We assume that a EULA / Privacy Policy makes a product or service legally compliant. But “compliant” means what, exactly??? Does it mean "Compliant with my views of privacy?” Yours? Your Grandma's? Your teenager's? How many of us know - really know - the details of "legal compliance requirements"?
What did I just sign?!?
Today’s musings (or rant, depending on your mood 🤷 😃) is about Privacy Policies, EULAs (End User License Agreement) and various other documents we are required to agree to (“check the box”) before we can use our various online platforms.
A quote from the article linked above:
Despite its role hosting the opinions of some the world’s most important political leaders, business executives and journalists, Twitter has been unable to build safeguards commensurate with the platform’s outsize societal influence. It has never generated the level of profit needed to do so, and its leadership never demonstrated the will.
Information like this needs to get out to wider audiences.
Over and over and over again.
Until MAYBE it gets read, thought about, and at least discussed by those who can do something about it: the end users.
Yep - that isn't a typo. The end users.
THAT'S US. You, me, Fred your neighbour, Wilson your postman...
Governments can pass laws - and CISO's can implement security programs - until the cows come home, but there will always be a better backdoor, shade of grey, or mile-long I-don’t-have-time-to-read-it EULA / Privacy Policy.
We check the boxes. So many boxes. So many programs and platforms are now a daily part of our lives, from "Please direct your questions to our Telegram Group" to "Let's meet on Zoom" or Microsoft Teams, or...
We check the boxes. We are tired, frustrated, and there is a rising number of us who - at times - don't even glance over a Privacy Policy before checking the box.
And that includes me. And likely you, too.
We assume that we know what is in that EULA or Privacy Agreement.
We assume that the content is similar to the hundred others we have signed. ✅
But do we really know what is in those “others”?
We assume that a EULA / Privacy Policy makes a product or service legally compliant. But “compliant” means what, exactly??? Does it mean "Compliant with my views of privacy?” Yours? Your Grandma's? Your teenager's?
How many of us know - really know - the details of "legal compliance requirements"?
When was the last time we reviewed the changes, updates, appendices, or "pending applications for government-approved changes" of every one of our legally binding EULAs and Privacy Agreements?
Let's back up a bit. When was the last time we actually read one of those 20+ page documents?
Not to mention keeping track of the enforcement and track record of these policies.
What can we do?
How can we make this digital world more manageable? In this world of email, document sharing, meetings, communication / collaboration platforms, and more - EULAs, Privacy Policies, NDAs, Disclaimers, et al. are legal requirements.
How can we:
- Read, understand the nuances, and somehow keep track of the details of what we are signing?
- Have transparency and confidence in the enforcement and implementation of the legal transgression of these policies?
- Have some level of autonomy over the platforms we are required to use by our schools, places of employment and more?
When we interact with a company - any company - as a client, we need to know, and have a right to know:
- How our information is stored, backed up, and protected
- Who has access
- What is in place for emergencies, such as security breaches.
The answer isn't simple.
More oversight? Oversight brings more regulation, politics, cost, loss of autonomy - and soon we can't see the forest for the trees. 🌳🌳🌳
The most effective way to start on the road to a solution is through people. You. Me. We are the clients, and in some cases the supplier as well. It's not a perfect, fast solution, but it's a start:
- Always start at the beginning with your tech - understand as much as is possible about who you are trusting with your information.
- Stay updated and educated about online security. Make sure you are tapped into a network of information and education that is understandable, relevant and always current.
- Keep things in perspective. Remember — this isn’t just about Twitter, or Uber, or any other platform that has made headlines recently. It’s about every single platform that we use, and every single time we check that box.
Final thoughts...
We CAN speak with our feet, our $, and our voices - but will we?
Is it even reasonable to think we can disconnect at will in today's digitally-integrated world? Gmail anyone? What about Google docs, Zoom, Dropbox, and Slack... just to name a few. These platforms, and many others, are useful and some are required by our place of work or education.
The questions we are asking are: How do we make sense of it all? How do we find a way to read, understand, and feel safe within the legal structure we are signing? And - where are our choices.
It’s a jungle out there 💻👩 🌳🦁. How do you work on taming the wild assortment of boxes with your ✅ ?
🎉 P.S. — Whatever your vision of work — whether it is office, home, hybrid… make sure your online life is as safe as possible. See how simple the basics of online security can be — check out the links below.
⭐️ Stay safe! ⭐️
Let’s keep the conversation going!
📣 Share this with your network or a friend!
✅ Leave a comment - Send a DM!
Let’s Keep Cyber Criminals Unemployed!
⭐️ Stay safe! ⭐️
