Read the fine print: Terms of service, privacy policies and the power of knowledge

Android dudes
Android dudes (Image credit: Jerry Hildenbrand / Android Central)

When you buy a new phone or install a new app, reading the boring (and often difficult to comprehend) privacy policies and terms of use are the last thing you want to do. But it's also the most important part of the process.

We were having a discussion about visual voicemail in the Android Central Slack channel recently. With Marshmallow, Google introduced a visual voicemail framework for the dialer that anyone can use once a way for the mobile operator to tap into it is coded. The question was, "Why aren't carriers using it through the dialer instead of bundling their own voicemail client?" While we don't know the full answer, there was one really good reason put forth — because they want to be able to use their own terms when it comes to how your personal data is handled. Using Google solution and Google software would put much of the data collected under Google's privacy policy, not the carriers.

Several companies have access to your data and each handles it differently.

A lot of different companies have access to your personal information, and they each have their own terms of service and privacy policies. Google has its blanket privacy policy that covers all of its applications, whether they came with your phone or you downloaded them from Google Play. Let's be clear — it's invasive. Google keeps track of where you are, what you're looking at, what you're searching for and anything else they can every time you use your phone. But it makes things clear that it does not sell or share any of your information and it guarantees to keep the data secure and anonymous.

The company that built your phone also has its own privacy policy or policies. These cover the software that came on your phone as well as other code that might be pushed or downloaded from a brand-specific app store (like Samsung's Galaxy Apps store). These policies vary, but most clearly state that you agree it can collect as much data as possible for things like product research and customer profiling. There are also very specific mentions of how and why your data may be sold or shared.

If your phone comes from a carrier, which is how most of us in North America buy our phones, it too has a separate privacy policy for applications and the data collected. This is separate from government regulations about usage data while you are using the network, which now often says any service provider can collect and sell any data it likes while you are using its network services. Again, the way your data is protected, shared or sold will be covered in these policy agreements. This is especially important when dealing with pre-installed apps that may have full system-level permissions to collect and read all of your information.

Pre-installed software can have access to everything you do on your phone.

Finally, any application you install will have access to some of your data and should have a written privacy agreement. If you install an app that doesn't have one, you should assume the publisher is able to give your personal information away to whomever it likes. There is a section at the bottom of every application page in Google Play where a privacy policy can be linked.

One thing all these different documents have in common is that most people don't bother to read them. Part of the reason is how they are written, and when you need a lawyer to decipher how a company will treat your data before you can use your new phone the urge to just click "yes" is strong. Writing policies and agreements and terms of use are difficult because they are a binding legal agreement. If a company breaks the terms it can be held responsible by the courts and pay hefty fines and/or damages. It takes a lawyer to read some of them because it took a lawyer to write them.

Another thing to keep in mind is that every policy you agreed to is in effect at the same time. Google might not sell information about the times you visited Jamba Juice and paid with your phone, but that doesn't mean the company that made your phone or the company that you bought it from won't. All parties involved with access to your information get to do what you agreed they could do with it. Thankfully, this is less of an issue with apps you installed because they only have access to their own data. Although, sometimes the data these apps collect can be ridiculous.

You need a lawyer to understand a privacy policy because it needed a lawyer to create it.

So, what can you do if you're concerned about who can see what and the things they can do with it once collected? Unfortunately, the only answer is to read and understand the things you're agreeing to before you click Yes. Most policies from phone makers and carriers aren't horrible once you understand them.

The company that made your phone collects a lot of data about how you use it so they know how to make the next one even better. They may share information with other companies in the world of mobile hardware or software development, but they're not selling your phone number to IRS scammers. Network providers have lengthy agreements about services and documents about software, but again these are designed to see how you use them so they can be improved. It's are not out to get you, it just wants to make more money by offering things people just like you want.

We suggest you read before you agree to anything and if you don't understand something you should ask. A quick question via email or a call to a customer service number should be all that's required to answer any questions you have. Once you've agreed to it, there's not much you can do.

Jerry Hildenbrand
Senior Editor — Google Ecosystem

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.