Startup idea: Do we value our laundry more than our privacy?

Coming from a law background this makes me, and I imagine many lawyers, nervous. Terms of Service agreements may be wordy and hard to understand, but they're also substantive--everything in them has meaning. Good lawyers should craft them to be as concise (and readable to lay people) as humanely possible, and there's no reason to believe that the lawyers that draft ToS agreements, particularly for highly profitable businesses, have done anything but that.<p>Even if you have a normal ToS and then try to abbreviate it, you have a host of issues: which one would control? You could explicitly say, "the normal ToS controls in the case of a conflict between the ToS and an abbreviated version," but, if people, don't read the normal ToS because there is an abbreviated version, is it really conscionable to say that the normal ToS would control? If the abbreviated controls, there have to be many caveats: like "We own everything you upload... unless you didn't own it to begin with, in which case, we don't own it, and you guarantee to us that you have the right to use it, and you give us the right to use it," or "There are no warranties, except if this statement itself is unenforceable (which is true in some states), in which case we disclaim all warranties to the extent applicable by law, and in the event this is unconscionable or found unenforceable, the rest of this agreement is still enforceable" etc etc. Once you're in that land, you've obviously lost the point of abbreviating it.

Mozilla introduced "Privacy Icons" (<a href="https://wiki.mozilla.org/Privacy_Icons" rel="nofollow">https://wiki.mozilla.org/Privacy_Icons</a>) a few months ago, which seems to have the same goals.<p>The main problem I see is that if these icons are just opt in, why would a company use them if it wasn't respecting a user's privacy? It would be similar to a website having a badge that proudly says "Invalid XHTML".<p>P3P (<a href="http://en.wikipedia.org/wiki/P3P" rel="nofollow">http://en.wikipedia.org/wiki/P3P</a>) tries to address a similar problem but in a machine-readable way.

A few months ago, we put together <a href="http://www.privacyparrot.com" rel="nofollow">http://www.privacyparrot.com</a> which uses machine learning to try to classify what's in a privacy policy. (right now just trying to determine if a site sells your data or not). I am unfortunately confident that there isn't a viable business model in selling people online privacy for free services.

Sounds a bit like the android permissions model applied to the web. I wouldn't mind it, but I doubt many people would pay attention to these more than they would the permissions they ignore when they add apps to their phones, or when they add a new Facebook app.

At a risk at repeatedly beating the same dead horse: outside the US privacy valued highly as a civil right, and is heavily protected by law. The same countries also typically have strong consumer protection. Warning labels alone are meaningless there.

Inconvenient reality alert:<p>I can promise you that many companies in the wild actively violate their own TOS, knowingly or unknowingly. I can promise you that you will never find out about all of those cases, even after there's a data breach.

I really like this idea. I would add info about how long certain data is retained.

Update: olefoo pointed out in the Pinterest thread that this has been tried apparently. Updated post to reflect.

It's a great idea, but how is it a startup idea? Not every good project is necessarily a business.

Have you seen <a href="http://safeshepherd.com/" rel="nofollow">http://safeshepherd.com/</a> ?

I thoroughly expected this post to advocate free laundry with the caveat that we receive underwear-related advertisements.

I hope that readers or anyone wanting to pursue this idea disregard the last sentence, or at least the "confirmed site logo" bit. How on earth could these things be confirmed by a third party and what information would a "confirmed site" badget convey? Sounds even flimsier than the "secured by &#60;random antivirus&#62;" or "secure SSL guaranteed" nonsense.<p>Given the legal concerns and the skew that attempting profitability would have, I'd rather just see this adopted by projects voluntarily. But even then, if it becomes mainstream to expect a "privacy ticker", there's still nothing to keep companies from selectively disclosing or straight up lying.