I wonder how often do privacy policies change, for the average site, to merit investing in a dedicated library that renders them dynamically. Assuming that the default solution is a static page.
I think most apps don't update often enough. We've seen products with privacy/cookie policies that are 5+ years old and totally out of sync with the product itself.
We're building OpenPolicy not necessarily to reduce the risk companies have of litigation, but instead to be more transparent with users and to build trust.
In the next version we'll be releasing auto-instrumentation that tracks data/third parties to always keep things in sync.
Okay a couple of things here... The first is that not all contracts are equally legally binding. Terms of service would be among the least. The second is that a contract also cannot override the law... You can't break the law just because it's in a contract...
My problem is mostly that I lack the legal expertise to be able to a) write up a coherent policy with full coverage, and b) follow up on changing legislation, of which there has been quite a lot in recent years (at least in Europe).
The best option until now have been generators found online, which mostly seem to have pivoted to lead generators or demos for paid products now. Considering that in Germany, for example, any website affiliated with a company or pursuing any economic purpose is required to have both a proper imprint and privacy policy, this is something you have to care about. There are even lawyers writing specialised crawlers to find websites with linked Google Fonts but no privacy policy notice, and send automated litigation to the owners. This only became possible after a court decided (as shortsighted as stupidly) loading fonts from Google's servers constituted a privacy violation, given that visitors had no way to consent.
Following these changes and reacting in a timely way is a continuous effort, and a framework to automate this is very welcome IMHO.
Why would sending requests to Google's servers (complete with Referer headers) not be a privacy violation? It allows Google to track every page you visit that has Google Fonts, which is definitely a privacy concern.
We're building OpenPolicy not necessarily to reduce the risk companies have of litigation, but instead to be more transparent with users and to build trust.
In the next version we'll be releasing auto-instrumentation that tracks data/third parties to always keep things in sync.