Law in Books and Law in Action: The Readability of Privacy Policies and the GDPR

CONSUMER LAW & ECONOMICS, Klaus Mathis & Avishalom Tor eds., Springer (2021), pp. 179-204

29 Pages Posted: 6 Mar 2019 Last revised: 1 Nov 2021

See all articles by Samuel Becher

Samuel Becher

Victoria University of Wellington

Uri Benoliel

College of Law and Business - Ramat Gan Law School

Date Written: February 13, 2019

Abstract

Digital markets and the online environment allow individuals to enjoy free means of communications and relatively cheap services and goods in exchange for their data and privacy. As a result, firms hold unimaginable information on consumers. Privacy experts have been well aware of this reality for some years, and numerous discussions and debates have ensued.

More recently, online privacy issues are becoming a hot topic also in public talks, mass media, popular books and social media. This, in part, is due to manifold privacy-related scandals that have occurred in recent years. Given growing concerns, public awareness and large-scale privacy scandals, it is now also at the forefront of policy-making.

Notably, the most systematic legislative attempt to make more order in the chaotic world of privacy is the EU General Data Protection Regulation (GDPR). The primary objective of the GDPR is to level the playing field and give individuals more control over their personal data. Among other things, the GDPR aspires to force companies to be more transparent around data collection and usage.

Along these lines, the GDPR requires firms to clearly communicate privacy terms to end users by using "clear and plain language" in their privacy agreements. This, in turn, provides quite a unique opportunity to examine the readability of legal texts that are subject to a recently-enacted plain language rule. In this study we ask whether, half a year post-GDPR, firms offer users online privacy agreements that are written in a readable manner.

The study is organised as follows: Part I presents a quick overview of the GDPR, putting it in context and focusing on the concept of plain language. Part II then succinctly discusses empirical measures and tools designed to systematically examine text readability. Part III reviews prior empirical findings that shed some light on the language of privacy policies. Part IV, which constitutes the main contribution of our study, empirically examines the readability of privacy policies of 300 highly popular websites. The results indicate that in spite of the GDPR’s requirement, users often encounter privacy policies that are largely unreadable. Part V discusses some policy recommendations. Concluding remarks follow.

Keywords: online privacy, privacy policies, consumer protection, GDPR, readability, plain language

Suggested Citation

Becher, Shmuel I. and Benoliel, Uri, Law in Books and Law in Action: The Readability of Privacy Policies and the GDPR (February 13, 2019). CONSUMER LAW & ECONOMICS, Klaus Mathis & Avishalom Tor eds., Springer (2021), pp. 179-204, Available at SSRN: https://ssrn.com/abstract=3334095

Shmuel I. Becher (Contact Author)

Victoria University of Wellington ( email )

P.O. Box 600
Wellington, 6140
New Zealand

HOME PAGE: http://www.victoria.ac.nz/sacl/about/staff/samuel-becher

Uri Benoliel

College of Law and Business - Ramat Gan Law School ( email )

26 Ben-Gurion St.
Ramat Gan, 52275
Israel

Do you have negative results from your research you’d like to share?

Paper statistics

Downloads
646
Abstract Views
3,747
Rank
75,530
PlumX Metrics