University researchers conducted a study of 543 participants (communication majors studying privacy, big data and surveillance issues) to measure the frequency and depth of online terms review and comprehension. The research was motivated by a desire to point out the fallacy of a privacy regulatory regime that relies exclusively on the notice-and-consent model.
The study authors used modified versions of LinkedIn's terms and policies. They asked the students to sign up to a fictitious social network, similar to LinkedIn, that the university, the students were told, had contracted with. The terms required the user to consent to over-the-top terms, including the disclosure of data to the NSA and to "third parties [building] data products designed to assess eligibility", which, the terms state, "could impact … employment, financial service (bank loans, insurance, etc.), university entrance, international travel, and the criminal justice system."
The terms even obligated the user to turn over the user's first born child to the site owner.
In the words of the study authors:
Transparency is a great place to start, as is notice and choice; however, all are terrible places to finish. They leave digital citizens with nothing more than an empty promise of protection, an impractical opportunity for data privacy self-management, and … too much homework.