About the study
NordVPN studied the privacy policies of the 20 most popular websites in 19 countries, including Malaysia, Singapore, Taiwan, Hong Kong, Japan, and South Korea. We examined how long it takes to read these privacy policies and how complicated they are.
Our goal is to raise awareness about privacy policies by sharing our findings and to help internet users read them without spending an unreasonable amount of time or missing the parts that indicate malicious use of their personal information.
What do the Malaysian results show?
Reading all the privacy policies of the top 20 most visited Malaysian websites would take nearly eight hours. Likewise, reading the privacy policies of the 96 websites a person typically visits in a month would take close to a workweek — 38 hours. If you spent the same amount of time working locally at a minimum-wage job, you would earn approximately 66 USD.
Here is how long it would take to read the privacy policies of the websites people visit a month and how much you could earn in that time in different countries:
Which privacy policies were the most complicated and which were the most reader-friendly?
Overview of the global insights
The study revealed some interesting differences between countries and their respective privacy policies:
- The longest in almost all countries were Facebook and/or Instagram privacy policies.
- Germany had the longest policies, while South Korea had the shortest ones. Our research shows that reading all 96 websites internet users visit in a month in these countries would take 70 hours (Germany) and 31 (South Korea) respectively.
- Generally, readability was very poor. Most FRES scores were in the “difficult” (college-level) reading level bracket, while many were only readable by graduates.
- Overall, in the Netherlands the privacy policies were the most readable, including some translations.
- UK policies were the most readable in Anglophone countries by FRES and Coleman-Liau measures.
Here is how long it would take to read the privacy policies of the top 20 websites in different countries:
- See what data the website collects. The data the website collects from its users is usually covered in the beginning of most privacy policies, so read it carefully. If a website requires data that does not seem relevant to their services, treat it as a warning sign.
- Check for “red flag” keywords. Try searching the policy document for keywords like “sell” and “sold,” indicating that your data may be sold to third parties. Also look for words like “partners,” “affiliates,” and “third parties” with whom your data might be shared or sold to. Lastly, look for words “may” and “for example,” because they might give away the website’s malicious intent regarding its users’ data (as in “might analyze your content, for example, your emails”).
We examined the privacy policies of 20 sites from 19 countries. These policies were either in English or machine-translated into English where English was not the original language. By calculating the number of words in a policy, we estimated how long it would take to read it. Then we evaluated the understandability of each policy using the FRES and Coleman-Liau readability tests.
Want to read more like this?
Get the latest news and tips from NordVPN.