[rickmb]

In what bizarro world do consumers trust companies that steal their private data without permission?

Companies I trust don't break the law and violate my privacy. Contract, especially unwritten "social" contracts don't override the law.

[moadeel]

Theoretically speaking, in every conceivable world, would the users not trust the companies who steal their data. However, practically speaking, users trust the companies who "steal" their data so long as that data is not publicized/leaked. In fact, I would argue as much that most users know that there is information being collected of them that they are not aware of, and they have accepted it because they haven't seen huge negative consequences in their personal life or in the media that make them worried of the collection of their information.

In my opinion, it would have to take a data breach of the likes of katrina, tsunami 2004 and BP oil spill all within a few weeks for users to get hammered with the point that they should be more concerned about what is happening with their data.

Having said that, there will always be a small group who would be up in arms about the simple act of stealing whether a negative consequence follows or not. And kudos to them for they are doing a service to us all by keeping an eye on these companies.

The point that I am trying to get across is that the history of the web along with the time consuming nature of reading huge agreements has led to users entering into social contracts of trust with these companies. They could care less about how much you try to alert them. Companies can continue to take one action after another to alert the users of all that the things company will do and the user will merely see that has an obstacle to get to the app and therefore will simply accept/agree robotically and move on. Why?

Users behave in herd mentality, respond to only the most imminent of threats or fear of extremely dire potential consequences. If they see everyone else doing something they will do it too, even if that means you get them to agree to very stiff contracts. They will simply accept it as a way of life and move on.

When creating privacy policies, companies play this balancing act. What to constantly alert a user about, how many of them will actually care, we as a company know that all their data will be protected and not used criminally anyway?

Whatever path, facebook, twitter and others do with our data is irrelevant to most users so long as most of their trusted circles are doing it too. It just isn't a big issue for them as they maneuver around other pressing issues in their lives. Kudos to those few who have made it a big issue and have kept these companies at their toes. Their effort is worth commending and appreciating, and not mocking as has been done by others.