Think You’re Being Spied On? It’s Because You Don’t Read the Terms and Conditions!

Braze, a specialist in multichannel marketing, assisted a client in utilizing geolocation to launch a campaign in Mexico City. By detecting an increase in traffic, they sent a special promotion encouraging people to order food directly from their cars. According to Toby Fox, an executive at the company, this strategy showcases the evolution of AI-driven marketing.

The Thin Line Between Personalization and Invasion

To offer personalized promotions without overstepping privacy boundaries, Fox mentioned that the companies they work with ask for user consent before gathering data and sending tailored campaigns.

However, this poses another challenge as most people overlook the terms and conditions of apps that outline data collection for commercial purposes. According to a report by security.org, only 9% of Americans actually read these terms and conditions, a figure that drops to 3% among individuals aged 18 to 34.

Furthermore, a 2020 study by Visual Capitalist showed that at an average reading pace of 240 words per minute, it would take nine minutes and 42 seconds to read Instagram’s terms, which is among the shortest. Others like Amazon take just over 14 minutes; Uber requires more than 23 minutes; TikTok more than 30 minutes, and Microsoft exceeds an hour.

These times can vary based on country-specific regulations. According to NordVPN, privacy policies in Mexico average 6,938 words, meaning it would take about 29 minutes to read them at a pace of 238 words per minute.

Websites like gob.mx and Mercado Libre have policies that can be read in less than 5 minutes. In contrast, Netflix and Zoom have policies requiring 36.49 and 29.99 minutes, respectively. Amazon Mexico, one of the country’s most popular platforms, has policies that take about 16.76 minutes to read, according to the virtual private network service.

Beyond the prolonged reading time, users face terms that are difficult to understand. Most of the Flesch Reading Ease Score (FRES) results evaluated by NordVPN fall into the ‘difficult’ reading level category, while many are only comprehensible to those with higher education.

“Given the significant time required to thoroughly read privacy policies, it’s no wonder many users choose to skip this crucial step in protecting their data on the internet,” noted the virtual private network.

Automation, AI, and predictive analytics enable brands to anticipate customer needs. A report by McKinsey & Company revealed that companies incorporating AI in their marketing operations report revenue increases of 5% to 15% compared to those that do not. Additionally, research by Epsilon indicates that 80% of consumers are more likely to make a purchase when brands offer personalized experiences.

Mercado Libre, which started implementing AI solutions in 2015 for user recommendations, fraud issues, and credit risk analysis, among other applications, gathers extensive user data including purchase history, viewed products, ratings and reviews, clicks, and searches on the platform. “From there, machine learning algorithms search for patterns and correlations among different products to present the best listings,” the company told Expansión.

According to the Fifth Privacy Report of Digital Service Users by IFT, digital services enabling e-commerce, such as Amazon, Mercado Libre, Shein, and Temu, include in their installation policies the collection of the following data:

• Personal account information
• Financial data
• Number of times the cursor hovers over a product
• Messages
• Purchases or sales
• Social networks
• Transaction history
• User-generated content (profile pictures, photos, videos, audio recordings, comments, questions, etc.)
• Customer service activity
• Address (geolocation)

In the case of Temu, there is even a clause that ensures the collection of information from third-party services, such as data providers, affiliate partners, public sources, and other linked services.

What Options Do Users Have?

In some cases, it’s possible to reject certain terms in contracts; however, in others, consumers are left with no choice as failing to accept the entire package means they cannot use the apps.

Fox notes that some of the companies they work with choose to ask for such permissions via WhatsApp, provided they have user consent to send messages.

“In each communication channel, it’s crucial to have a link indicating if you want to stop receiving emails, SMS, WhatsApp messages, as customers have that right. Our goal with brands is simply to help them send more personalized communications,” he added.

Mercado Libre explained that from their perspective, the risk of bombarding users is minimized “by working with our own models.” “Generally, irregularities in AI occur from the mass use of tools, open to 100% of users. By having our own models, we work to avoid any type of biases.

Some tips and shortcuts for quickly and effectively reviewing company terms and conditions and privacy policies, as recommended by NordVPN, include the following:

• Identify the collected data. This information is usually listed at the beginning of the website. If a site requests unnecessary data, it could be a warning sign.
• Look for red flags. Start by searching for keywords such as “sell”, “partners”, “affiliates”, and “third parties”, which indicate the possibility of your data being shared or sold to other companies. Pay attention to terms like “may” and “for example”, which could reveal dubious intentions regarding user data (such as the phrase “might analyze your content, for example, your emails”).
• Opt for reliable websites. Minimize risks by choosing verified pages and avoid those that seem suspicious or lack a clear privacy policy.