• CFRED CUHK Law

Ethical Risks in Terms of Service and Privacy Policies of Mobile Apps

Bar Fargon Mizrahi - BIU Law Data Lab, Bar-Ilan University


-- Afternoon Keynote Paper, Machine Lawyering Conference 2021, Day Two -- Mobile app users tend to e-sign terms of service (ToS) and privacy policy agreements (PPA) daily, without reviewing them and without realizing that they are potentially legitimizing egregious violations of their rights. This practice is problematic because ToS and PPA include serious "ethical risks", that is, questionable elements that users would not reasonably expect to find in these agreements. While apps may give the users their services “for free,” the price can be high when apps constantly monitor users, build models that predict the users’ behavior, trade-in users’ information, manage targeted advertising, and more.

My recent Article, “Ethical Risks in Terms of Service and Privacy Policies of Mobile Apps” (attached below) introduces a novel conceptual framework and comprehensive typology for analyzing ethical risks in ToS and PPA of mobile apps. The proposed typology is the first to integrate ethical risks stemming from both ToS and PPA into a single coherent framework. The typology takes into account a variety of rights and addresses the level of rights violations and various practices. In addition, the Article examines the scope of protection against the identified ethical risks that is awarded by landmark laws in the area of digital privacy and consumer protection: The General Data Protection Regulation (GDPR), the Consumer Rights Directive of the European Union, the California Consumer Privacy Act (CCPA), and the California Privacy Rights Act (CPRA).


The typology, and the broad legal framework that it encompasses, can be effectively applied across a multitude of fields and for a variety of purposes. First and foremost, the typology is intended to improve the accessibility and comprehensibility of ethical risks in ToS and PPA and can, therefore, be used to educate users and help them make informed decisions regarding the apps they choose to use and the manner in which they use them. The findings of this research may also help mobile app providers draft more ethical ToS and PPA. Furthermore, the findings may prompt privacy protection and consumer protection regulators to broaden the scope of their regulation and enforcement activities and to reconsider the regulatory requirements in this domain (thus mitigating the identified ethical risks to users). Moreover, the typology will form a baseline for empirical studies that address user perceptions of ethical risks, as well as for studies that seek to analyze the contents of PPA and ToS. Specifically, it can serve as the basis for the work of computer scientists who develop automated tools to identify ethical risks in apps.


The Article includes four parts: Part I explains the terms ToS and PPA and raises the question of whether they are the right tools to protect user rights, in particular their right to autonomy. Part II reviews the concept of ethical risks in mobile apps and divides the different risks into three categories: (1) ethical risks arising from the content of ToS and PPA; (2) ethical risks that stem from users’ lack of informed decision-making regarding ToS and PPA; and (3) ethical risks external to ToS and PPA. Part III explores and explicates the first category of risks: presenting a typology of ethical risks arising from the content of ToS and PPA and how these risks violate user autonomy. Additionally, it examines how the four key laws in the area of digital privacy and consumer protection protect (or fail to protect) against the ethical risks identified in the typology. Part IV discusses the typology’s potential applications.


Fargon Mizrahi_Ethical Risks in Terms of
.
Download • 125KB



401 views0 comments

Recent Posts

See All

Regulating deepfake identity fraud

Margarita Vladimirova - Deakin University -- New digital tools appear constantly and their misuse can put in danger our finances, safety, freedom, sanity, relationships, dignity, and even life. One su

Schrems II and the future of cross-border data transfer

Choi Man Yiu - The Alexander von Humboldt Foundation; Hong Kiu Cheng - Independent journalist -- The issue of how human sovereignty and human rights are able to sync with cross-border data transfer is

Copyright © 2018 All Rights Reserved. Faculty of Law, The Chinese University of Hong Kong

The Chinese University of Hong Kong