We work with data and research digital rights issues, and we were curious whether most popular websites respect your privacy as much as they claim to. So we gathered up and analyzed the 145,641 words that make up the privacy policies of the 50 most popular American websites. (Collectively, they amount to a text that’s about as long as The Grapes of Wrath.) What we found was that these policies tell you very little about the data these websites have on you. And that’s the point.
Today’s privacy policies don’t tell consumers the whole story for two main reasons. First, websites have adopted a kind of precautionary legalese to inoculate themselves against lawsuits and fines. The vaguer and more elastic their language, the more risk reduced. Second, over the past ten years, a new industry of “data brokerage” has arisen to help sites learn more about the people like you and me on the other side of the screen. These firms cross-reference and synthesize data to create richly detailed profiles that can include purchasing habits, political affiliations, sexual orientation, religious beliefs, and medical history. Gathering and analyzing that data is big business, and it creates a strong financial incentive for the firms that collect it to make it as difficult as possible for you to opt out of their net.