Websites Collect Data About Users, But Policies Are Unclear About Important Practices
We analyzed the privacy policies of the top 50 most visited websites and found that they collect a significant amount of information about users, such as contact, demographic, and clickstream data. However, the majority were unclear about the length of retention once the data is collected, or the amount of access and control users have over all the different types of data collected about them. Additionally, very few of them made clear statements about the fate of user data in the event of a merger or bankruptcy, or if they enhance the data by purchasing information about users from outside sources to build more detailed profiles.
Policies Contain Conflicting Statements About Sharing
A majority of the top 50 websites stated that they do not share users' personal information with third parties, yet most of them do allow third party tracking and share users' data with affiliates. The average consumer might assume an affiliate or tracker to be a third party, as they have no relationship with them, but given the actual usage of these terms in privacy policies, that assumption would be mistaken.
Responses From the Companies