Deciphering Websites’ Privacy Policies

A new tool helps you cut through the gobbledygook and protect your data.

Norman Sadeh (pictured at left) is a professor of computer science at Carnegie Mellon University in Pittsburgh. Carnegie Mellon and Fordham Law recently launched (opens in new tab), a website that helps visitors review privacy policies. Read on for excerpts from our interview:

Most people don’t take the time to slog through the privacy policies for websites they visit. Should they? We live in a data-centric economy where nearly every tech­nology that we interact with collects data about us. Privacy policies are the key to understanding what information is being collected about you and how it is used. These issues will become increasingly important as the amount and sensitivity of the collected data continue to grow.

What are the major short­comings of these policies? It would take an average computer user more than 600 hours to read the policies for the websites he or she visits in a year. Many of the policies use dense, vague language that requires a high level of edu­cation to understand and gives companies flexibility to tweak their practices without revising the policy. Often, information about one topic—for ex­ample, how data is shared with other parties—is spread throughout the entire document, so you have to read all the text to answer one question.

Subscribe to Kiplinger’s Personal Finance

Be a smarter, better informed investor.

Save up to 74%

Sign up for Kiplinger’s Free E-Newsletters

Profit and prosper with the best of Kiplinger’s expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.

Profit and prosper with the best of Kiplinger’s expert advice - straight to your e-mail.

Sign up

How can people use Visitors can read paraphrased privacy policies or review annotated policies for about 200 sites so far, including Amazon and Google. Because different people tend to be concerned with different aspects of privacy policies, we use color coding so they can zero in on the topics that are most important to them, such as data security or how the site collects data.

How can consumers use the infor­mation they read in privacy policies? People can compare policies for different websites and choose to use sites with policies that best match their own concerns. For example, some sites offer choices or settings that allow users to opt in or out of certain practices, such as tracking your online activity or sharing information with third parties. Others state that they don’t handle “do not track” requests, which you can designate in some browser settings. If you’re shopping or booking a flight online, a competing site may have a policy that you find more agreeable.

Kaitlin Pitsker
Associate Editor, Kiplinger's Personal Finance
Pitsker joined Kiplinger in the summer of 2012. Previously, she interned at the Post-Standard newspaper in Syracuse, N.Y., and with Chronogram magazine in Kingston, N.Y. She holds a BS in magazine journalism from Syracuse University's S.I. Newhouse School of Public Communications.