Leonid Bershidsky, Columnist

Tech Is Getting EU Privacy Rules All Wrong

Users get legal verbiage and obfuscation instead of honesty and clarity.

April 25, 2018 at 1:14 PM UTC

Leonid Bershidsky, formerly Bloomberg Opinion’s Europe columnist, is a member of the Bloomberg News Automation Team. He recently published Russian translations of George Orwell’s “1984” and Franz Kafka’s “The Trial.”

Privacy policy still written to confuse.
Photographer: Bethany Clarke/Getty Images Europe

Provide news feedback or report an error

Site feedback:

Take our Survey

This article is for subscribers only.

Internet users throughout the European Union — and, in some cases, in the rest of the world as well — are starting to get gently pushed toward accepting various companies’ new service and privacy terms that comply with the EU’s General Data Protection Regulation, which is going into effect on May 25. Trying to deal with it has convinced me that the tech industry is still determined to get privacy wrong, and the GDPR as applied by them doesn’t prevent it.

The GDPR-related reminders are coming from stores, electronics manufacturers, social networks, even nonprofits. One needs to be intensely privacy-minded to go through the legal documents updated by Facebook, Twitter, Fitbit, Sonos, an e-commerce site you may have visited a few years ago or a local theater company and not get confused about which disclosures you saw in which statement. Though most firms have made an attempt to write the new terms in plain language, as the GDPR requires, these are still lengthy documents crafted for legal compliance first and understanding second.