April 26, 2012 at 11:12 AM ET
Google and Facebook privacy policies are more confusing and harder to understand than the small print coming from credit card companies and even government entities, according to a recent survey.
A global branding firm, Siegel+Gale, surveyed 403 users about "consumer perceptions and comprehension" of the two Internet giants' privacy policies.
"The findings reveal an immense lack of understanding among respondents," the firm said. "These privacy policies are tougher to understand than documents known for being complex — including credit card agreements and government notices."
A Google spokesperson said the company doesn't commend on "third-party reports."
We asked Facebook for comment about the findings, and will update this story when we hear back.
When it comes to the world's largest social network and and its privacy policies, a "major comprehension issue is requiring users to use an application programming interface (API) to understand how their information is used," the firm said. "Less than 40 percent of Facebook users understood how an API can be used to access and view public information."
Only 20 percent "could correctly identify how to block outside applications and websites from accessing their information on Facebook."
"Facebook sends users to their Graph API to see their public information, but you need to be a developer to understand it," says Siegel+Gale. "Not good enough. Explain it as you would to your grandmother."
As a result, 46 percent of those surveyed say they will "change their behavior after reading the policies for both Google and Facebook," and 75 percent plan to change their privacy settings on Facebook; 63 percent plan to be "more careful about using Google services in the future."
Half said they'll use Google less in the future; 35 percent said they'll use Facebook less.
Keeping track of it all is quite a chore — especially for consumers who are not well-versed in making their way through the labyrinth of legalese in such policies.
Siegel+Gale's suggestions about what Google and Facebook should do make sense: "Use simpler policies that inform and educate."
All privacy policies, the company says, not just Facebook's and Google's, must convey three types of information: What information is collected and how; how the information is stored and shared; and how a user can manage their privacy.
The firm is not the first to draw attention to this; the Federal Trade Commission, in a report last month aptly titled "Protecting Consumer Privacy in an Era of Rapid Change," said consumers need to have the "ability to make decisions about their data at a relevant time and context," and to "make information collection and use practices transparent." And if companies don't do it, the FTC wants Congress to make it so.
The Siegel+Gale survey "shows that there is an urgent demand among users to have greater access to succinct and transparent policy information," said Thomas Mueller, the firm's global director of customer experience. "People want to know how their personal information is being collected, stored and used."
This story was updated at 3:55 p.m. ET.