Are Online Privacy Policies Readable?

This paper examines the question of are on-line privacy policies understandable to the users of the Internet? This examination is undertaken by collecting privacy policies from the most popular sites on the Internet, and analyzing their readability using a number of readability measures. The study finds that the results are consistent regardless of the readability measure utilized. The authors also compare their findings with the results from previous studies. The authors conclude that, on average, privacy policies are becoming more readable. However, these policies are still beyond the capability of a large section of Internet users, and roughly 20% of the policies require an educational level approaching a post-graduate degree to support comprehension.

[1]  R. Flesch The Art of Readable Writing , 1974 .

[2]  Mary J. Culnan,et al.  Strategies for reducing online privacy risks: Why consumers read (or don't read) online privacy notices , 2004 .

[3]  A. Meyer The Health Insurance Portability and Accountability Act. , 1997, Tennessee medicine : journal of the Tennessee Medical Association.

[4]  Alan R. Peslak Internet Privacy Policies: A Review and Survey of the Fortune 50 , 2005, Inf. Resour. Manag. J..

[5]  John R. Bormuth,et al.  READABILITY--A NEW APPROACH. , 1966 .

[6]  Michelle Carey,et al.  Developing Quality Technical Information: A Handbook for Writers and Editors , 2004 .

[7]  Marita Schifalacqua The power of fractals. , 2002, Patient care management.

[8]  George R. Klare,et al.  The measurement of readability , 1963 .

[9]  Jack Gilliland,et al.  The concept of readability , 1968 .

[10]  J. Miller,et al.  Evaluating the Readability of Privacy Policies in Mobile Environments , 2011, Int. J. Mob. Hum. Comput. Interact..

[11]  Scott Dick,et al.  A Survey and Analysis of the P3P Protocol's Agents, Adoption, Maintenance, and Future , 2007, IEEE Transactions on Dependable and Secure Computing.

[12]  Annie I. Antón,et al.  Financial privacy policies and the need for standardization , 2004, IEEE Security & Privacy Magazine.

[13]  William P. Stevens,et al.  Measuring the Readability of Business Writing: The Cloze Procedure Versus Readability Formulas , 1992 .

[14]  Scott Dick,et al.  A large-scale empirical study of P3P privacy policies: Stated actions vs. legal obligations , 2009, TWEB.

[15]  E. R. Paul The Beginning Years , 1993 .

[16]  Colin Potts,et al.  Privacy practices of Internet users: Self-reports versus observed behavior , 2005, Int. J. Hum. Comput. Stud..

[17]  Colin Potts,et al.  Privacy policies as decision-making tools: an evaluation of online privacy notices , 2004, CHI.

[18]  Mary J. Culnan,et al.  Using the Content of Online Privacy Notices to Inform Public Policy: A Longitudinal Analysis of the 1998-2001 U.S. Web Surveys , 2002, Inf. Soc..

[19]  G. Harry McLaughlin,et al.  SMOG Grading - A New Readability Formula. , 1969 .

[20]  Clare-Marie Karat,et al.  Usable security and privacy: a case study of developing privacy management tools , 2005, SOUPS '05.

[21]  E. B. Coleman,et al.  Cloze Scores of Nominalizations and Their Grammatical Transformations Using Active Verbs , 1963 .

[22]  J. Powell,et al.  Empirical studies assessing the quality of health information for consumers on the world wide web: a systematic review. , 2002, JAMA.

[23]  Wilson L. Taylor,et al.  “Cloze Procedure”: A New Tool for Measuring Readability , 1953 .