Almost no one bothers to read terms of service agreements on websites. So a group of U.S. lawmakers on Thursday proposed a bill requiring commercial websites and mobile apps to translate their legalese into summaries that can be more easily read by people and machines.
“For too long, blanket terms of service agreements have forced consumers to either ‘accept’ all of a company’s terms or completely lose access to a website or app,” the company said. Rep. Trahan, a member of the House Subcommittee on Consumer Protection and Commerce, in a statement. “No negotiation, no alternative and no real choice.”
“To further tilt the decision in their favor, many companies design unnecessarily long and complicated contracts, knowing that users don’t have the bandwidth to read lengthy legal documents when they’re simply trying to message someone. be expensive or make a quick purchase.”
“The potential for abuse is obvious, and some malicious actors have chosen to exploit these agreements to extend their control over users’ personal data and protect themselves from liability.”
“Users shouldn’t have to wade through pages of legalese in a website’s terms of service to find out how their data will be used,” Senator Cassidy said in a statement. “Requiring companies to provide an easy-to-understand summary of their terms should be mandatory and is long overdue.”
U.S. citizens and residents will continue to wade through — and be bound by — obtuse legal language when it comes to real estate transactions, employment contracts, nondisclosure agreements, loans, tax forms, medical forms, and other contracts. But at least if this bill becomes law, blatant terms of service like the “Herod Clause” – by which London Wi-Fi users in 2014 unwittingly gave their eldest to F-Secure – will not be a problem.
This is not a new problem
The TLDR law, appropriately, comes with a summary [PDF] because even reading a nine-page bill can be a little too distracting with social media, app notifications, and all the people messing around on the internet that needs to be dealt with. It exempts “small businesses” under Section 3 of the Small Business Act (15 USC 632), which itself is not easily summarized. there is a table [PDF] which lists specific criteria of employees and/or income, if you are really interested.
For a business in the “Internet publishing and distribution and web search portals” sector to be exempt, it must have fewer than 1,000 employees. According to the Treasury Department, “if you sold computer programming services under NAICS code 541511, your average annual revenue over the past three years would have to be less than $21 million to qualify as a small business.”
So, assuming the bill becomes law, companies large enough to be covered will need to include concise terms of service summaries above their terms of service pages.
Our bipartisan, bicameral legislation is empowering consumers by requiring online businesses to make their terms of service contracts more accessible, transparent and understandable (like this! ⬇️). pic.twitter.com/uejb7zcoxN
— Congresswoman Lori Trahan (@RepLoriTrahan) January 13, 2022
These summaries must specify: the categories of data collected and whether this data is necessary for the service; whether this data can be deleted and, if so, how to do so; legal requirements, such as the use of arbitration for disputes; a change log; and a list of data breaches over the past three years.
Summaries “should be easy to understand, machine readable, and may include tables, graphic icons, hyperlinks, or other means as determined by the [Federal Trade Commission,” the bill says.
And the full Terms of Service document must be displayed and marked up in an “interactive data format” such as XML, so contractual terms can be more easily analyzed.
The law does not require companies to identify all the third-parties that might receive user data, perhaps because summaries listing third-party data partners and tracking hosts in apps could get too long to read.
Though the median number of ad trackers per website and per app tends to be low – e.g. 7 and 10 [PDF] respectively – some websites, like news sites, have 40 or more trackers and some apps have more than 30. App Privacy Disclosure imposed on Meta (Facebook) Messenger by App Store Rules d ‘Apple applies to pages if you click the View Details link.
The TLDR Act does not replace strong federal privacy regulations, but it may help the United States move in that direction. ®