Reevaluating Online Privacy Policies: A User-Centric Perspective

Richard Billion-Chapman CYB 250 LEAGAL AND HUMAN FACTORS 11/4/2023 2-3 Activity: Privacy Case Study

1 The author of the essay argues that privacy notices on websites are constructed without taking into account the perspectives of actual users, and that privacy regulations are authored by attorneys for the advantage of other attorneys. The author proceeds on to explain that online privacy legislation are deliberately crafted to be lengthy and difficult to follow, pointing out that even persons who specialize in the topic of privacy find them confusing. The vast majority of users approach privacy policies or user agreements in the context of their online exploits in this manner. According to Business Insider, "91% of people consent to legal terms and conditions of services without reading them." This actually helps the case that these privacy statements are only meant for legal professionals to read. Legislations such as the Health Information Portability and Accountability Act of 1996 (HIPAA), the Gramm-Leach-Bliley Act, and the Children's Online Privacy Protection Act (COPPA) are some of the laws that are discussed in the article. They use dozens of "sectoral" federal laws and countless state laws that purport to protect information privacy. This article cites two laws to support them. HIPAA, a 1996 federal legislation, is one of the laws they discuss. Medical data privacy and security are its major goals. HIPAA sets national rules for protecting protected health information. Healthcare providers, health plans, clearinghouses, and their business affiliates that handle PHI must follow these criteria. HIPAA gives patients control over their health information and requires healthcare providers to protect it. Patients can also access, correct, and know who accessed their medical records under the statute. HIPAA also requires secure electronic health information transmission and imposes fines and criminal charges for noncompliance. It also mentions the 1999 Gramm-Leach-Bliley Act (GLBA), which protects customers' financial data. Financial organizations like banks, credit unions, insurance companies, and securities firms must notify consumers of their information-

2 sharing practices under GLBA. Financial institutions must also let customers opt out of sharing nonpublic personal data with non-affiliated third parties. This implies individuals may control how these institutions share and use their financial information. The author came to the opinion that modern privacy policies that are made public are not built with readability, comprehension, or access in mind. This was the conclusion reached by the author. In addition, the author goes on to say that the design of certain privacy policies is intended to manipulate consumers into giving consent for businesses to share their personal information by creating lengthy policies with small fonts and minimal margins. In particular, the author suggests that the design of certain privacy policies is intended to manipulate consumers into giving consent for businesses to share their personal information. When I read the author's conclusion, I found that I agreed with the idea that more study should be done to find ways to make privacy policies and legal agreements more user-friendly and simpler to explain for a greater level of comprehension.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

3 References Cakebread, C. (2017, November 16). You’re not alone, no one reads terms of service agreements. Business Insider. https://www.businessinsider.com/deloitte-study-91-percent-agree- terms-of-service-without-reading-2017-11 Waldman, A. (2018). Privacy, notice, and design. Stanford Technology Law Review, 21(1), 74-127.

CYB_260 2-3 Activity Privacy Case Study_Richard_BillionChapman

Related Documents