Some companies notify customers when they update their terms of service agreements, and others choose to quietly make those changes. Well, it seems like the latter will no longer fly anymore as the Federal Trade Commission just warned companies that choose to quietly update their privacy policies that the practice is “deceptive” and “unfair” and risks violating the law, according to a new blog post from the commission’s website.
The FTC is specifically targeting companies that are developing artificial intelligence products, which can cause them to use their customer's data to train the technology, despite having privacy and security policies in place to protect data. The commission claims that companies opt to silently make these changes to avoid “backlash from users who are concerned about their privacy.”
Related: The government could soon be tackling a sneaky trend found in supermarkets
“It may be unfair or deceptive for a company to adopt more permissive data practices — for example, to start sharing consumers’ data with third parties or using that data for AI training— and to only inform consumers of this change through a surreptitious, retroactive amendment to its terms of service or privacy policy,” wrote the FTC in the post.
The commission also warned that similar moves may violate the FTC Act, which protects consumers against deceptive practices that affect commerce.
In July last year, Google quietly updated its privacy policy to explicitly say that it collects data to train “AI models,” before the update, it said “language models.” It also more clearly specified which products it was using the information for such as “Google Translate, Bard, and Cloud AI capabilities.” Before, it just said “Google Translate.”
Social media platform X also adjusted its privacy policy in September 2023 where it informed users of multiple changes, including using tweets from users on the platform to train AI models.
The recent blog post from the FTC hints that it may require companies in the future to be more forthcoming to consumers about the changes it makes to privacy policies or terms of service agreements.
When companies notify customers of changes to these policies and agreements, it is often through email, and the changes are sometimes summarized in simple language. Many companies also inform customers that if they want to know more about the changes, they can read the full text of the updated policy/agreement that's often linked in the email.
This can be an issue as many consumers don’t fully read policies and agreements as they can be lengthy and hard to understand. According to a 2019 survey from Pew Research Center, 1 in 5 American adults overall say they “always” or “often” read a company’s privacy policy before agreeing to it.
The survey also found that 22% of the respondents say they fully read privacy policies “all the way through” before agreeing to their terms and conditions. Also, 63% of the respondents in the survey say they understand “very little” or “nothing at all” about the laws and regulations that are in place to protect their data privacy.
Related: Veteran fund manager picks favorite stocks for 2024