While things like "We are committed to being transparent and open" don't necessarily mean much on their own, I disagree that they don't hold water at all. A privacy policy is *a company's promise to its users*, and any statement in a privacy policy is a promise...a *legal* promise (in other words, it's a unilateral contract). So when a company says, in a privacy policy, "We are committed to being transparent and open," that's actually a promise it's making, and it can find itself in trouble if it comes out, later, that its actions have not been transparent and open.
This has been made very clear in the recent *FTC v. Wyndham Hotels* decision, where Wyndham's privacy policy promised that it cared a lot about its guests' privacy, and used "industry standard practices" to secure personal information, and made all reasonable efforts to protect privacy, etc etc. But they had unpatched systems, systems with default admin passwords, and all kinds of terrible security practices, so over the course of two years they were hacked three times (but still left their systems unpatched). The FTC went after them for unfair and deceptive business practices, saying, look, if you've *promised* that you use industry standard practices to protect personal information, and you're clearly not using industry standard practices or taking reasonable efforts to protect your systems from intrusion, then your promise is deceptive. You can't just lie. I know this is a bit of a tangent to go into on this forum over something minor like the promise to be transparent and open, but I think it's worth considering that as we look at terms of service and privacy policies, we're looking at *promises*. Enforceable promises. Sometimes they're promises the user is making to the company, but sometimes they're promises the company is making to the user. They're not just puffery. Puffery goes elsewhere. Hannah On Tuesday, May 20, 2014 7:38:28 AM UTC-7, Hugo Roy wrote: > > ↪ 2014-05-19 lun. 14:34, Alex Martin <[email protected] <javascript:>>: > > http://www.mozilla.org/en-US/privacy/ > > > > QUOTE: We are committed to being transparent and open. > > VERDICT: I think that's good. > > I think that such commitments don’t hold much water. > > > -- tosdr.org | twitter.com/tosdr | github.com/tosdr --- You received this message because you are subscribed to the Google Groups "Terms of Service; Didn't Read" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/tosdr. For more options, visit https://groups.google.com/d/optout.
