As part of our year-long project for RE: Studio, our first task was to hone in on a problem space within some broad categories. With “Technology & Society” as our overarching theme, our group landed on “Data & Privacy” as the initial area we will hone our problem statement within.
On my bus ride home, browsing Twitter and letting my brain digest the vastness of the topic, I stumbled upon a ridiculously cool new tool within the privacy space, and to be honest, I’m jealous I didn’t come up with this, but I am so glad that it exists.
What is it?
An AI tool that analyzes reads and analyzes privacy policies. Employing a natural language processing(NLP for short) tool, the website reads the privacy policy of a site, and then assesses it, calling out risks and their potential severity. The site also aggregates past scandals and ultimately assigns a letter and percentage grade.
Why is it Awesome?
Privacy policies are notoriously and very much intentionally written to be hard to read and decipher. Per Kevin Litman-Navarro’s We Read 150 Privacy Policies. They Were an Incomprehensible Disaster, Facebook’s privacy policy is more challenging to read than Stephen Hawking’s A Brief History of Time, Dostoyevsky’s War & Peace, and is topped only by Kant’s Critique of Pure Reason (which incidentally AirBnb’s privacy policy beats). To phrase this another way, you need to be at a reading level of a Doctor or Lawyer to begin to comprehend these documents.
In 2008 two Carnegie Mellon professors calculate that a reasonable reading of all the privacy policies that one encounters in a year would require 76 full workdays at the nation oppurtunity cost of $781 billion. These numbers are much higher today.
Shoshana Zuboff, The Age of Surveillance Capitalism, pg 50.
How does it work?
The core of guard relies upon NLP to efficient read and make sense of privacy policies. For those unfamiliar, “Natural Language Processing, usually shortened as NLP, is a branch of artificial intelligence that deals with the interaction between computers and humans using the natural language…The ultimate objective of NLP is to read, decipher, understand, and make sense of the human languages in a manner that is valuable.” –Dr. Michael J. Garbade Once decoded, the language it is analyzed for privacy risk factors and assigned a score. The AI is continually being trained by people, through an amusing game in which the user picks the ‘less bad’ of two statements. While this tool might not catch every potential privacy issue, it’s a whole lot more efficient than you or I trying to comprehend these documents.
Check out the game here:
Why does it matter?
Shoshanna Zuboff sums this up, better than I possibly, can in the early pages of The Age of Surveillance Capitalism, which is a must-read for anybody working with technology and digital products.
Zuboff says, “[l]egal experts call these ‘contracts of adhesion’ because they impose take-it-or-leave-it conditions on users that stick to them whether they like it or not…Scholars point out that these digital documents are excessively long and complex in par to discourage users from actually reading the terms, safe in the knowledge that most courts have upheld the legitimacy of click-wrap agreements despite the obvious lack of meaningful consent.” She continues, “[a]dding insult to injury, terms of service can be altered unilaterally by the firm at any time, without specific user knowledge or consent, and the terms typically implicate other companies…without stating or accepting responsibility for their terms of service. These ‘contracts’ impose an unwinnable infinite regress upon the user that law professor Nancy Kim describes as ‘sadistic.’ ”
Shoshana Zuboff, The Age of Surveillance Capitalism, pg 48-49.