How closely do we really read privacy policies?

 

We’re all guilty of clicking the ‘accept’ button without reading the terms and conditions, but do we really know what we’re agreeing to when it comes to the privacy policies of our favourite websites and social media platforms?

 

We took a look at the privacy policies of some of the most popular websites in the world as well as some of the UK’s official government sites to find out how complicated they are and whether they are easy for users to understand.

 

The Wordiest Privacy Policies

 

There’s a lot to cover in a privacy policy, from detailing the information collected on the site to explaining links to third-party sites. Looking at 80 different websites, we found that some were particularly thorough. The average word count of all 80 policies is 5,130, but Indeed’s privacy policy takes the title of wordiest policy with 15,420 words.

1. Indeed – 95,042 characters, 15,420 words, 629 sentences
2. MyFitnessPal – 83,680 characters, 13,417 words, 684 sentences
3. Samsung – 72,239 characters, 11,241 words, 346 sentences
4. Daily Mail – 61,631 characters, 9,846 words, 506 sentences
5. Silver Singles – 59,118 characters, 9,246 words, 422 sentences
6. Weather.com – 58,830 characters, 9,219 words, 457 sentences
7. Etsy – 55,809 characters, 8,885 words, 381 sentences
8. eBay – 52,299 characters, 8,149 words, 358 sentences
9. Bumble – 45,261 characters, 7,441 words, 301 sentences
10. eharmony – 45,253 characters, 7,342 words, 401 sentences

 

The Shortest Privacy Policies

 

Other companies keep their privacy policies far briefer, with Barclays offering the shortest policy at just 345 words long. While the privacy policy page offers an overview of the policy, it also includes links to other pages where users can find more information about how data is used as well as the cookies policy.

1. Barclays – 2,152 characters, 345 words, 22 sentences
2. Craigslist – 5,551 characters, 890 words, 53 sentences
3. GOV.UK – 8,066 characters, 1,346 words, 142 sentences
4. NatWest – 9,984 characters, 1,649 words, 96 sentences
5. Imgur – 10,217 characters, 1,694 words, 83 sentences
6. IMDb – 17,082 characters, 2,623 words, 181 sentences
7. ESPN – 17,534 characters, 2,681 words, 112 sentences
8. NPR – 18,513 characters, 2,882 words, 151 sentences
9. BBC – 18,671 characters, 3,338 words, 257 sentences
10. ASOS – 19,576 characters, 3,504 words, 219 sentences

 

Privacy Policy Read Time

 

When we break it down into how long it would actually take to read these wordy privacy policies, we can see that some of these policies require a huge chunk of time just to read them, let alone understand them. If you want to sit down and read Indeed’s privacy policy, you’ll need to set aside just over an hour of your time.

1. Indeed – 1 hour 1 minute
2. MyFitnessPal – 53 minutes 40 seconds
3. Samsung – 44 minutes 57 seconds
4. Daily Mail – 39 minutes 23 seconds
5. Silver Singles – 36 minutes 59 seconds
6. Weather.com – 36 minutes 52 seconds
7. Etsy – 35 minutes 32 seconds
8. eBay – 32 minutes 35 seconds
9. Lloyds Bank – 31 minutes 28 seconds
10. Bumble – 29 minutes 45 seconds

 

Privacy Policy Sentence Breakdown

 

When writing important documents, the way we construct sentences really does matter. Longer sentences tend to make text more difficult to read and harder to understand, making it less accessible. As a general rule, 20-25 words is a good length for sentences, and some of these sites are really pushing the top end of that guideline with their privacy policies. Samsung, however, tops the list with an average sentence length of 32.5 words. At the other end of the scale is GOV.UK with just 9.5 words in the average sentence, making it far more accessible for users.

The longest sentences

 

1. Samsung – 32.5 words per sentence
2. Bumble – 24.7 words per sentence
3. Indeed – 24.5 words per sentence
4. Netflix – 24.4 words per sentence
5. Tumblr – 24.2 words per sentence
6. ESPN – 23.9 words per sentence
7. Forbes – 23.5 words per sentence
8. Etsy – 23.3 words per sentence
9. Instagram – 23.3 words per sentence
10. eBay – 22.8 words per sentence

 

The shortest sentences

 

1. GOV.UK – 9.5 words per sentence

2. Lloyds Bank – 12.3 words per sentence

3. New York Times – 12.8 words per sentence

4. Zoom – 12.9 words per sentence

5. BBC – 13 words per sentence

6. Wish – 13.6 words per sentence

7. Tripadvisor – 14.2 words per sentence

7. Tesco – 14.2 words per sentence

9. IMDb – 14.5 words per sentence

10. Target – 14.8 words per sentence

 

Privacy Policy Reading Ages

 

Each privacy policy has differences that make them more or less complicated to read. From using unusual words to long sentences, these differences can make policies difficult to read for some age groups, meaning that it is harder to understand what is being agreed to.

 

The Flesch reading score is a score given to text to assess how readable it is based on age and education level. A lower score indicates that the text is more complicated, whereas a higher score indicates that it is readable for those with lower reading ages.

The highest reading ages

 

1. ESPN – 30 Flesch reading score, 18+ reading age

2. CNN – 31 Flesch reading score, 18+ reading age

3. Netflix – 32 Flesch reading score, 18+ reading age

3. eBay – 32 Flesch reading score, 18+ reading age

5. Fox News – 36 Flesch reading score, 18+ reading age

5. Business Insider – 36 Flesch reading score, 18+ reading age

5. Fandom – 36 Flesch reading score, 18+ reading age

8. Etsy –  37 Flesch reading score, 18+ reading age

8. PayPal –  37 Flesch reading score, 18+ reading age

8. Silver Singles –  37 Flesch reading score, 18+ reading age

8. Amazon –  37 Flesch reading score, 18+ reading age

 

The lowest reading ages

 

1. BBC –  71 Flesch reading score, 12 reading age

2. ASOS – 66 Flesch reading score, 13 reading age

2. Lloyds Bank – 66 Flesch reading score, 13 reading age

4. GOV.UK –  59 Flesch reading score, 15 reading age

5. NatWest –  55 Flesch reading score, 15 reading age

5. Royal Mail – 55 Flesch reading score, 15 reading age

5. Tesco – 55 Flesch reading score, 15 reading age

8. NHS – 53 Flesch reading score, 15 reading age

8. Snapchat – 53 Flesch reading score, 15 reading age

10. New York Times – 52 Flesch reading score, 15 reading age

 

The Sites with the Worst Data Breaches

While the privacy policy is designed to help users understand what data they’re giving a website access to when it’s used, what happens when that data is breached and falls into the hands of hackers with nefarious motives?

 

Of the 80 sites we studied, 14 have had data breaches with a total of 1,442,064,223 accounts compromised. The biggest breach took place in August of 2019 and involved the accounts of nearly 20% of Facebook users. Compromised data included everything from phone numbers and email addresses to employer names and phone numbers.

 

1. Facebook – 509,458,528 compromised accounts
2. MySpace – 359,420,698 compromised accounts
3. LinkedIn – 164,611,595 compromised accounts
4. Adobe – 154,445,165 compromised accounts
5. MyFitnessPal – 143,606,147 compromised accounts
6. Tumblr – 65,469,298 compromised accounts
7. SHEIN – 39,086,762 compromised accounts
8. Snapchat – 4,609,615 compromised accounts
9. Imgur – 1,749,806 compromised accounts
10. Forbes – 1,057,819 compromised accounts

 

 

Methodology:

 

The 80 websites studied are taken from a compilation of lists of some of the most visited websites according to sources including Visual Capitalist, SEM Rush, The Telegraph, and Similar Web.

 

Finding the privacy policy page, we copied the text for these policies and ran them through Grammarly. This allowed us to find details such as the Flesch reading score and reading age, as well as compiling the word counts, sentence lengths and reading times.

 

Information about data breaches was taken from Have I Been Pwned’s list of sites with data breaches.