Short answer: if Google can write a plain English privacy policy, so can you. Simplifying your policies is not dumbing them down. A plain English privacy policy builds customer trust, speeds up deals, satisfies the transparency expectations regulators like the FTC keep raising, and becomes something people actually read and follow. The hard part is not the law. The hard part is asking your lawyers to write like humans.
Why are your policies not written so your customers and employees can actually understand them? If Google, one of the largest and most sophisticated technology companies in the world, can simplify its policies (in this case its Privacy Policy), why can’t you? Years ago Google’s Associate General Counsel wrote about trimming and simplifying their privacy policies, aiming to make them easy to read, transparent, and short. Look at Google’s current Privacy Policy today: plain language, short sections, videos, examples. The big, sophisticated players have only leaned harder into this since.
Why Simple Policies Are Worth It.
This is not about aesthetics, and it is not about dumbing things down. A plain-English policy builds trust, clears legal and procurement review faster, and is one people actually read, which means they actually follow it. A privacy policy nobody understands does not protect you; it just sits there. There is a compliance angle too: the FTC treats your privacy policy as a set of promises, and under the FTC Act it can (and does) bring enforcement actions against companies that say one thing and do another. The FTC’s own privacy and security guidance for businesses is written in plain English, which tells you something about what the regulator values. State laws like the California Consumer Privacy Act (CCPA) push the same direction, requiring disclosures consumers can actually understand. And in a SaaS sale, where the customer is buying trust as much as software, a clear privacy and security posture is part of the product (the same reason a good trust site closes deals).
What You Can Simplify Today.
Start a list and keep going: your Privacy Policy, Customer Support Policy, licensing policies, HR policies, sales policies. Most of them were written once, in legalese, and never revisited. Each is a candidate. The bonus: policies, unlike signed contracts, are things you can update as your business changes, which is exactly why some material belongs in a policy rather than the agreement in the first place (see Contract or Policy?).
How to Actually Get There.
The key thing to remember is that it can be done, but you have to ask for it, maybe demand it, from your attorneys, because plain English does not come naturally to most lawyers. Push for bullet points, highlighting, short sentences, bold on the parts that matter, plain English throughout, icons, and a companion FAQ for the explaining. This is the same simplify-everything instinct that makes your contracts close faster (see Write Better EULAs and SaaS Agreements and Are You Selling Legal Simplicity or Complexity?).
Plain English Privacy Policy FAQs.
Does a plain English privacy policy still hold up legally? Yes. Nothing in U.S. privacy law requires legalese. What the FTC and state attorneys general care about is accuracy: your policy must match your actual data practices. Plain English makes that alignment easier to check, not harder.
What should a plain English privacy policy include? The same substance as the long version: what data you collect, why, who you share it with, how long you keep it, and what choices your users have. Short sections, descriptive headers, and examples. Cut the boilerplate that explains nothing.
How often should you update it? Whenever your data practices change, and on a regular review cycle (annually is a good default for a SaaS vendor). A policy you can read in five minutes is also a policy you can update in an afternoon.
Google does it. The big guys do it. There is no reason you cannot too. I hope this helps.
For the framework regulators expect SaaS and software vendors to bake into product design and to communicate through the privacy policy, see Privacy by Design: A Framework for SaaS and Software Vendors.
Resources:
- Write Better EULAs and SaaS Agreements
- Are You Selling Legal Simplicity or Complexity?
- Privacy by Design
Disclaimer:
This post is for informational and educational purposes only, and is not legal advice. You should hire an attorney if you need legal advice, which should be provided only after review of all relevant facts and applicable law.
Discover more from Aber Law Firm
Subscribe to get the latest posts sent to your email.