Nineteenth International Conference on New Directions in the Humanities

Abstract

This study introduces a novel conceptual framework and comprehensive typology for analyzing ethical risks in terms of service (ToS) and privacy policy agreements (PPA) of mobile apps. The proposed typology is the first to integrate ethical risks stemming from both ToS and PPA into a single coherent framework. Furthermore, the typology addresses the identified risks in terms of both the rights violated and the concrete business and legal practices that create them. Based on this thorough analysis, the paper argues that the legal mechanisms of ToS and PPA do not achieve their purpose. ToS and PPA often legalize ethical risks by obtaining users’ consent to terms that they may not fully understand. As such, rather than protecting users, ToS and PPA frequently perpetuate users’ vulnerabilities and subject them to rights-infringing measures. In addition, the study examines the scope of protection against the identified ethical risks that is awarded by landmark laws in the area of digital privacy and consumer protection: The General Data Protection Regulation (GDPR), the Consumer Rights Directive of the European Union, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). The paper concludes with a discussion of its practical implications, which can have far-reaching consequences for privacy protection and consumer protection regulation. These implications include guidance for developing new regulatory and decision-support tools; improving consumer understanding of ethical risks; and assisting mobile app providers in drafting ethical user agreements.