Have you read the user agreement carefully?

When you chat with your friends, the news app’s pop-ups are about the topic you just discussed. When you browse a short video, you receive a series of similar video pushes. When you add a tent to your shopping cart, countless tents flood your screen. These are the scenarios we experience in our lives. There is no doubt that platforms are collecting information about people, assuming their preferences and peeking into their lives. This blog describes how the platform collects information about its users, why users consent to this form, and the consequences for users when the platform obtains the data.

Crafty platform and privacy burnout

Linkedin states at the top of the User Agreement that it has the same legal force as a contract. By clicking on “Join Now,” “Join Linkedin,” “Register,” or the like, the user agrees to be bound by the Linkedin User Agreement | LinkedIn (2019). Xiaohongshu has been one of the fastest-growing Chinese social media platforms in recent years. When the app is downloaded, it will prompt the user about the user agreement and privacy policy. The user must click the agree button at the bottom of the agreement to begin using the platform services.

But how many users read the privacy policy entirely is worth pondering. Many users accept the privacy policy in a confused manner under the power of privacy burnout, unsure of how their privacy will be protected or violated.

Designer Dima Yarovinsky visualised the “Terms of Service” for all major social media platforms (including Facebook, Instagram, Snapchat, and Tinder) in his “I Agree” project. The “Terms of Service” length for all leading platforms is made available to the public in a visual format, with the time required to read each TOS indicated at the bottom of the rolls (Taggart, 2018). The longest of them, the 161-page Instagram terms, would take Yarovinsky an estimated 86 minutes to read through, according to his estimations (Taggart, 2018).

In order to make users skip these terms, the clause makers have done even more tricks—— For example, using more complex and unintelligible language as opposed to clear and concise language (Lazarus, 2021). They are trying to make reading hard (Lazarus, 2021). This is a problem because it undermines basic concepts of contracts and informed consent（LePan, 2020）. 

The length of user agreements and the poor design of privacy policies have contributed to user privacy burnout and the fact that no one is interested in terms that can take more than an hour to read, which is the platform’s crafty trick (Lazarus, 2021). The platform adds the right to collect users’ privacy into the terms of service and “forces” users to agree (if they do not agree, they can not use the platform’s services); however, users will not read the entire agreement, so the platform obtains the right with little work. It is a form of hegemony, and users, as the inferior party in power, must submit to it because the inconvenience of refusing to use Instagram, Twitter, and Facebook is intolerable (Flew, 2021).

The user agreement for the platform also contains hegemonic elements. LinkedIn asserts within its User Agreement | LinkedIn (2019): “We reserve the right to modify this Agreement, our Privacy Policy, and our Cookie Policy at any time. If you object to any alterations, you may terminate your account. By continuing to use our Service after we post or send notice of changes to the Terms, you consent to the updated Terms as the date the changes become effective”.

Facebook is a prominent example of a platform whose properties have changed substantially since its inception in 2005 – from a private space to a public forum (Opsahl, 2018). In 2009, Facebook changed its privacy policy to make information about everyone open to the public. Anyone with Internet access is able to view and utilise the personal information of Facebook users, which may even be indexed by other organisations (Opsahl, 2018). External search engines may index the information without privacy restrictions after exporting from Facebook. Overnight, all of the photos and information users once posted to Facebook that they thought were private and intimate were made public. The worst part is that users could not refuse this change unless they stopped using Facebook because Facebook claims in its Terms of Service (2019) that it can change the terms anytime.

According to Mazzurco (2021), the law does not give consumers the right to determine privacy policies and safeguard their privacy. Instead, it provides platforms with authority to decide unilaterally, which relies on platform notification and self-regulation. The terms of service grant the platform substantial authority, which is written to protect their business interests rather than the user’s privacy (Suzor & Nicolas P, 2019, p. 17).

Cookie and filter bubble

When we click “I agree” on the user agreement, we officially start our life on the platform. Through the authority granted to it by the User Agreement, the platform is trying to have an insidious influence on us.

Social media platforms strive to be impartial, despite the fact that they are not neutral in terms of both content review rules and privacy protection rules for users(Suzor & Nicolas P, 2019). Platforms want to be perceived as merely providing the technology for people to communicate and share ideas and content. There are two main reasons for this. First, platforms are concerned that excessive intervention will cause users to resist and ultimately lead users to abandon the platform, resulting in user loss. Second, the platforms desired to portray themselves as neutral intermediaries, merely carriers of content and facilitators of conversations, in an effort to avoid liability for user behaviour. The platform wants to engage in the mechanism of content review invisibly. But do platforms achieve invisibility in users’ online lives?

Users are astonished by how well the platform understands their preferences. The platform is empowered to recognise users’ preferences as soon as they use it. A cookie is a text file placed on a user’s computer to automatically collect information when the user visits a website (Privacy Policy, 2018). Some platforms, such as Collabwith (2018), claim they do not use cookies for advertising purposes. Google’s privacy terms list the potential collected data: user searches, videos viewed, user interactions, voice and audio information, purchase activity, and browsing history, among others, covering almost all traces that users can leave on the Internet (Google, 2022). With the cookie, the platform can quickly grasp the user’s preferences and make pop-ups more accurate, thereby attracting the user’s attention and increasing user retention.

The platform generates revenue via the sale of advertisements (Suzor & Nicolas P, 2019). As we spend more time on the screen, it attracts more investment from affluent advertisers, generating more income and creating a strong incentive for platforms to manipulate the content we see. Suppose they can push content that is precisely tailored to our preferences. In that case, we will be more attracted to the media, keep a long time, and potentially engage in more interactions (Suzor & Nicolas P, 2019, pp. 173–206).

Clearly, the platform benefits from collecting information through cookies and  promoting content through algorithms. However, from the user’s perspective, what do we gain from this?

Idealistically, we would spend more time online and receive more information based on big data promoting personalised content. But in reality, according to Pariser （2011）, as the digital material presented to us becomes personalised, we run the risk of being isolated from other information (that does not match our preferences or is contrary to our beliefs) (Pariser, 2011).

The algorithm selection application’s primary purpose and feature is the “personalization of procedures and outputs” (Just & Latzer, 2016). Cookies (which record things like a user’s search history, page visits, and how long they spend on each page), combined with algorithms, determine the content we see online, with less relevant material being hidden away (Pariser, 2011).

Security of privacy

Leakage and illegal use of private data are constant concerns of the Internet and digital media in the digital age (Flew, 2021, p.102). The right to privacy is an inherent human right (Flew, 2021, p.102). Anyone should be able to deny others access to their privacy to protect their personal safety and control their personal space (Flew, 2021, p.103). Privacy breaches normally have negative repercussions.

There was a lot of backlashes to a recent news item in which a Chinese actress claimed in a video that her husband had received pornographic text messages numerous times during her pregnancy (National Business Daily, 2023). The text messages read, “Wife breastfeeding, pregnancy inconvenience. Come and find……”. Since she had a pregnancy checkup and registered her personal information in the hospital, her husband began to receive yellow messages of harassment. She was sure that her information had been disclosed (National Business Daily, 2023).

The private data we hand over to prominent companies and governments is unsafe. According to the cybersecurity firm UpGuard, Microsoft software exposed the personal information of millions of people to the public Internet for months due to misconfigured settings (Fung, 2021). The data was collected from dozens of significant corporations, governments, and other entities (Fung, 2021). The disclosed data included the confidential information of employees of well-known companies such as American Airlines, the vaccination and monitoring tests of the Maryland State Health Department and the like (Fung, 2021).

In addition to accidental information breaches, more information is intentionally leaked for financial gain. In the minds of privacy traffickers, personal information is not merely a string of numbers but a fortune. Hacking is one of the most prevalent cybercrimes. Some hackers profit by stealing personal information to blackmail platforms and individuals (Dennis, 2023). In addition, there are countless instances of using personal information for illegal and criminal activities. Some have even formed specialised industries, such as real estate companies leaking user information to renovation companies on purpose so that people who buy new houses are constantly bombarded with phone calls from renovation companies. Indeed, our privacy is at tremendous peril in the data era.

Challenges-Governance Issues

Decisions made by social media companies have a profound effect on how we see the world and connect with others because of the widespread use of their services in our lives (Suzor & Nicolas P, 2019). Mainstream digital platforms are under pressure to win the public’s and government’s trust due to their enormous importance and a large amount of network traffic they draw (Flew, 2018). For example, in 2019, Facebook leaked personal information. This scandal has prompted many users to be concerned about their privacy and personal information, causing a significant crisis of trust for Facebook. CNN even issued a news alert as information was leaked about how to protect ourselves (Duffy, 2021).

The pressure on digital platforms also stems from the balance of power, with the right to privacy always competing with other rights (such as the right to freedom of expression and the right to know), and digital platforms are in a difficult period of harmonising the various powers (Flew, 2021). At this stage, it is difficult to abandon the platform’s present business model, which requires users to provide personal information in exchange for access to free services (Flew, 2018).

According to Flew (2018), which examines the present situation in terms of governance, recommendations for the regulation of digital platforms should place more emphasis on the regulatory power of the state, on formal and legal codes, and on scientific management using a multi-stakeholder model because mere self-regulation by platforms does not meet the requirements of governance. This is because digital platforms are intimately connected to significant public interest.

Last but not least, from the perspective of user advice, privacy cannot be protected by waiting for the conscience of the information collector. Instead, it is up to you to take the initiative and change your mode of operation from “watch” to “act”. In order to secure our digital rights through the force of law and society, we should carefully evaluate the issues in user agreements and terms of service, say “no” to non-essential images, contacts, and microphone permissions, balance security and convenience, and seek legal support when necessary.

Reference

Dennis, M. (n.d.). Cybercrime – Spam, steganography, and e-mail hacking. Encyclopedia Britannica. https://www.britannica.com/topic/cybercrime/Spam-steganography-and-e-mail-hacking

Duffy, C. (2021, April 6). So you’re one of 533 million in the Facebook leak. What now? | CNN Business. CNN. https://edition.cnn.com/2021/04/06/tech/facebook-data-leaked-what-to-do/index.html

Flew, Terry (2018) Platforms on trial. InterMedia, 46(2), pp. 24-29.

Flew, T. (2021). Regulating Platforms. (pp. 101–103). Polity Press.

Fung, B. (2021, August 24). Data leak exposes tens of millions of private records from corporations and government agencies. CNN. https://edition.cnn.com/2021/08/24/tech/data-leak-microsoft-upguard/index.html

Google. (2022). Privacy Policy – Privacy & Terms – Google. Google.com; Privacy & Terms – Google. https://policies.google.com/privacy?hl=en-US

Just, N., & Latzer, M. (2016). Governance by algorithms: reality construction by algorithmic selection on the Internet. Media, Culture & Society, 39(2), 238–258. https://doi.org/10.1177/0163443716643157

Lazarus, D. (2021, August 24). Column: Want to read a tech company’s user agreements? Got 90 minutes to spare? Los Angeles Times. https://www.latimes.com/business/story/2021-08-24/column-consumer-contracts

LePan, N. (2020, April 18). Visualizing the Length of the Fine Print, for 14 Popular Apps. Visual Capitalist. https://www.visualcapitalist.com/terms-of-service-visualizing-the-length-of-internet-agreements/

Mazzurco, S. (2021, April 5). Democratizing Platform Privacy. Papers.ssrn.com. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3687332

Meta Privacy Policy – How Meta collects and uses user data. (n.d.). En-Gb.facebook.com. Retrieved April 15, 2023, from https://en-gb.facebook.com/privacy/policy

National Business Daily. (2023, April 13). The actress reveals her husband received repeated porn-related text messages after her pregnancy, “so shameless”! News.sina.com.cn. https://news.sina.com.cn/s/2023-04-13/doc-imyqcyey7121067.shtml#/

Opsahl, K. (2018, April 18). Facebook’s Eroding Privacy Policy: A Timeline. Electronic Frontier Foundation. https://www.eff.org/deeplinks/2010/04/facebook-timeline

Pariser, E. (2011). The filter bubble: what the Internet is hiding from you. Viking.

Privacy Policy. (2018, May 10). Collabwith. https://collabwith.com/privacy-policy/

Suzor, & Nicolas P. (2019). Lawless: The Secret Rules That Govern Our Digital Lives (pp. 173–206). Cambridge University Press.

Taggart, E. (2018, May 23). Artist Visualizes the Lengthy “Terms of Service” Agreements of Popular Social Media Apps. My Modern Met. https://mymodernmet.com/social-media-policy-infographics-dima-yarovinsky/

Terms of Service. (2019). Facebook. https://en-gb.facebook.com/legal/terms

User Agreement | LinkedIn. (2019). Linkedin.com; LinkedIn. https://www.linkedin.com/legal/user-agreement