Lawmakers propose TLDR law for website terms of use • The Register

Almost no one bothers to read terms of service agreements on websites. So a group of U.S. lawmakers on Thursday proposed a bill requiring commercial websites and mobile apps to translate their legalese into summaries that can be more easily read by people and machines.

The bill, titled the Labeling, Design, and Legibility of Terms of Use (TLDR) Act [PDF]was introduced by Lori Trahan (D-MA-03), Sen. Bill Cassidy, (R-LA) and Sen. Ben Ray Luján (D-NM), making it technically a bipartisan effort – something rare to a time when the two major American political parties cannot agree on fundamental facts like who was legally elected president in 2020.

“For too long, blanket terms of service agreements have forced consumers to either ‘accept’ all of a company’s terms or completely lose access to a website or app,” the company said. Congresswoman Trahan, Member of the House Subcommittee on Consumer Protection and Commerce, in A declaration. “No negotiation, no alternative and no real choice.”

“To further tilt the decision in their favor, many companies design unnecessarily long and complicated contracts, knowing that users don’t have the bandwidth to read lengthy legal documents when they’re simply trying to message someone. be expensive or make a quick purchase.”

“The potential for abuse is obvious, and some malicious actors have chosen to exploit these agreements to extend their control over users’ personal data and protect themselves from liability.”

“Users shouldn’t have to wade through pages of legalese in a website’s terms of service to find out how their data will be used,” Senator Cassidy said in A declaration. “Requiring companies to provide an easy-to-understand summary of their terms should be mandatory and is long overdue.”

U.S. citizens and residents will continue to wade through — and be bound by — obtuse legal language when it comes to real estate transactions, employment contracts, nondisclosure agreements, loans, tax forms, medical forms, and other contracts. But at least if this bill becomes law, blatant terms of use like the “Herod’s Clause— whereby London Wi-Fi users in 2014 unwittingly signed their eldest child to F-Secure — won’t be a problem.

This is not a new problem

Terms of Use Agreements – similar but not identical to End User License Agreements — have long troubled advocacy groups. The Electronic Frontier Foundation, for example, called them Abuse Termsarguing that they let online service providers rewrite their legal relationship with customers, which should be governed by established laws.

The TLDR law, appropriately, comes with a summary [PDF] because even reading a nine-page bill can be a little too distracting with social media, app notifications, and all the people messing around on the internet that needs to be dealt with. It exempts “small businesses” under Section 3 of the Small Business Act (15 USC 632), which itself is not easily summarized. there is a table [PDF] which lists specific criteria of employees and/or income, if you are really interested.

For a business in the “Internet publishing and distribution and web search portals” sector to be exempt, it must have fewer than 1,000 employees. By the Treasury Department“If you sold computer programming services under NAICS code 541511, your average annual revenue over the past three years would have to be less than $21 million to qualify as a small business.”

So, assuming the bill becomes law, companies large enough to be covered will need to include concise terms of service summaries at the top of their terms of service pages.

These summaries must specify: the categories of data collected and whether this data is necessary for the service; whether this data can be deleted and, if so, how to do so; legal requirements, such as the use of arbitration for disputes; a change log; and a list of data breaches over the past three years.

Summaries “should be easy to understand, machine readable, and may include tables, graphical icons, hyperlinks, or other means determined by the [Federal Trade Commission,” the bill says.

And the full Terms of Service document must be displayed and marked up in an “interactive data format” such as XML, so contractual terms can be more easily analyzed.

The law does not require companies to identify all the third-parties that might receive user data, perhaps because summaries listing third-party data partners and tracking hosts in apps could get too long to read.

Though the median number of ad trackers per website and per app tends to be low – e.g. 7 and 10 [PDF] respectively – some websites, like news sites, have 40 or more tracers and some apps have more than 30. The App Privacy Disclosure imposed on Meta (Facebook) Messenger by Apple’s App Store Rules applies to pages if you click the link View details.

The TLDR Act does not replace strong federal privacy regulations, but it may help the United States move in this direction. ®

Sherry J. Basler