The simplification of TOS, a positive effect of GDPR
A growing number of companies that will be affected by the EU’s General Data Protection Regulation (GDPR), which from May 25 will apply to anybody who offers products or services to its residents, are rewriting their terms of service (TOS) to make them easier to understand.
I have written at length about the opacity and length of most TOS: the box click to indicate we have read and understood them when opening an account or sign up for a service is the biggest lie on the internet. The idea that anybody is going to read and understand 56 pages of clauses written in legalese is patently absurd, and is also one of the issues that the GDPR aims to address: it specifically requires clear and simple language.
Needless to say, the companies responsible for these, longwinded, convoluted and complex documents are not acting on whim: when the internet began to be used to sell things, many saw the opportunity to take advantage of people’s naivety, with the assumption that ecommerce would be an extension of buying things in the real world: when we buy things in a store, we don’t sign any kind of TOS. But online, faced with companies found themselves subject to law suits and accusations of malpractice by their customers and decided to protect themselves. The language used in TOS is to avoid any misinterpretation.
Which is how we got here: when a US senator read out part of Facebook’s TOS to Mark Zuckerberg at his recent appearance before a Senate committee, noting that as a lawyer, he struggled with the language, the Facebook CEO replied that he didn’t think the average user of the social network would bother to read the text. The reality of life in the internet age is that we simply trust that TOS will be guided by common sense. But as two academics proved after asking their students to sign up to an invented social network, it’s possible to hide anything within a TOS, including the obligation for users to hand over their first child without condition to the company. The vast majority of click on the square indicating we have read and understood the agreement and get on with our lives, unaware of what we have signed up to.
The inconsistency between what we agree to and the inability to read or understand it has been highlighted on numerous occasions: unless clearly fraudulent, TOS are what validate a contract and lawyers can and will use them. In 2012, Frenchman Hugo Roy, currently at the Free Software Foundation Europe, created Terms of Service, Didn’t Read, a service with a browser plugin, which assesses TOS and tries to explain them or pressure apply pressure to the company responsible to simplify them.
Now, as more and more companies realize the problems the GDPR could create for them, it could be that they are forced to make an effort to turn their TOS into texts that mere mortals can read and understand. If so, it may even have been worth it. And if your company hasn’t gotten round to doing so, you’d better get going…
(En español, aquí)