Privacy Legislation vs. Google’s Homepage

Google stands accused of violating the California Online Privacy Protection Act of 2003, which requires Web sites and online services to “conspicuously post” their privacy policies.

It’s obvious to some that this requires Google to have a link on its homepage to its privacy policy, but the law says that online service providers can use “any other reasonably accessible means of making the privacy policy available for consumers of the online service.” In the case of Google, one might consider … a search?

But I think this little episode has a deeper lesson. It reveals the thoroughgoing incapacity of lawmakers and advocates to be social engineers. Linking to privacy policies on home pages was an experiment that failed long ago. People don’t read them. People who are interested in reading them can find them so long as they’re placed sensibly somewhere on a Web site.

In their voluntary transactions, if people want privacy, they’re gonna seek it (and, though it’s tough, often get it); if they’re indifferent, they’re not. Mandated privacy notices – especially the placement of them – are a sideshow.