US ‘TLDR’ law would force websites to make their terms and conditions easier to read

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

American legislators are backing a bill that would force technology companies to make their terms of service agreements easier to read.

The bill, called the Terms-of-service Labeling, Design and Readability Act (TLDR), would require websites to provide a “summary statement” for the contracts.

This would condense legal terms into a more understandable format, as well as disclosing data breaches over the past three years, any sensitive data that might be collected, and how users could delete that data after signing up.

“For far too long, blanket terms of service agreements have forced consumers to either ‘agree’ to all of a company’s conditions or lose access to a website or app entirely,” representative Lori Trahan, one of the bill’s lead sponsors, said in a statement on Thursday, as reported by The Verge. “No negotiation, no alternative, and no real choice.”

Ms Trahan cited a study from 2012 that suggested it would take the average American 76 days to read all the service agreements for the services they used.

The act would apply to large websites such as Facebook and Twitter, but would exempt some small businesses. It would be enforced by the Federal Trade Comission and state attorneys general.

“Users should not have to comb through pages of legal jargon in a website’s terms of services to know how their data will be used,” said senator Bill Cassidy.

“Requiring companies to provide an easy-to-understand summary of their terms should be mandatory and is long overdue.”

The announcement comes after a series of stories where social media sites failed to inform users of data breaches and companies have gathered huge amounts of personal information without the knowledge of their customers.

Last year, Amazon was hit with a record-breaking fine by the European Union for a violation of its GDPR data protection rules – but users had no knowledge of why that was as the Luxembourg National Commission for Data Protection (CNPD), who imposed the fine, was “bound by professional secrecy” not to communicate about the case.