Twitter’s ‘simple’ privacy policy gains mixed reactions from users, experts

Micro-blogging platform Twitter’s attempt to simplify its privacy policy by using an interactive game, and easy-to-read text, has met with mixed reactions from privacy experts. Late on May 11, the company launched a web-based game called Data Dash, which intends to make it easier for users to understand its privacy policy.

It also reworked its policy to reduce “legalese” and claimed that the new policy will be easier for users to understand. Under the new text, Twitter breaks down various sections of the policy and claims that the language is more favourable for lay users.

The company may have set a standard too. On the one hand, some users on the platform seemed to show a better understanding of the policy, questioning Twitter on why certain data is being used, or seen. To be clear, the policy isn’t opt-in, and only informs users how data will be used, shared etc.

But on the other hand, users also noted that despite the platform’s claims, the policy is still difficult for them to understand. "Before you scroll … We’ve got an updated Terms of Service and new Privacy Policy — rewritten to help you understand how we collect, use, and share your information — both going into effect on June 10, 2022" Followed by a "Got it" button but I don't get it,” tweeted one user.

To be sure, simplification of privacy policies is expected to be a mandate in privacy laws around the world in future. The European General Data Protection Regulations (GDPR) requires companies to have an abridged version of their policies.

According to Prasanto K. Roy, a tech policy consultant, the format and language used by Twitter should “set a precedent and template” for other platforms to follow. He pointed out that the objective of these steps is to get across to regulators, especially in Europe, where such laws are stricter. “End user policies and licenses should be in a language that users can understand without a law degree,” he said.

There are those who disagree though. “Except for breaking up the policy into the question-and-answer format, I don’t really see a change here,” said a partner at a law firm who requested anonymity. He noted that the language used in the answer is still not something that regular user will understand.

“At the end of the day, a privacy policy document is supposed to be a disclaimer document. From the company’s point of view, it’s not supposed to be an easy-to-read document,” he pointed out.

In a February 2021 study that covered 10,000 respondents from India and Kenya, published by Busara Center and Ashoka University, researchers had noted that simplifying policies or taking consent at a granular level “doesn’t help” The study found that something that provides a snapshot view of the quality of privacy terms can be better for regular users’ understanding.

That said, he too agreed that the question answer format is at least better than long policy documents used by most other platforms today. N.S. Nappinai, Supreme Court Lawyer and Cyber Law Expert, also agrees that simpler privacy policies are welcome, more so from the point of view of transparency. “From a legal perspective also this adherence would be mandated given EU users and the protections extended to them under GDPR,” she added.