If you are like most people, when computer programs ask you to accept their latest privacy policy, you probably just hit “I accept these terms” and get on with using the software. But recent concern over who controls agriculture’s “big data” might have made you pause and think about whether you should just accept the terms provided–or decline and look for something else. As agribusinesses roll out their farm data collection and analysis programs, take some time to read the data privacy policy that will accompany the program. Here are some questions to ask as you do:
1. What information will be collected? Most privacy policies should explain what information will be collected for use by the technology provider. Keep in mind the data collected by the provider may be more than just the information you manually provide. The software might also be collecting how you access the program, when you access the program, and why you access the program. Therefore, the first question to always ask is what information is the provider collecting?
2. What control do I have over data that is collected? Once you know what information the provider is collecting, your next inquiry should be to determine what control the provider gives you in managing data generated by your farm. “Control” requires three things: The right to maintain, alter, and delete your data on your terms. Can you delete data that has been previously uploaded to the provider or, once uploaded, does the data become the property of the provider? A good privacy policy should explain that you have the right to cancel service and know that your data is deleted by the provider.
3. How will the provider use the information? This is the question in farm industry circles. Once a user provides farm data to a provider, what rights does the provider have in using that data for its own purpose? Similarly, does the provider have the right to share or sell that data with others? We all know that Google sells our search terms to advertisers. Will your provider similarly sell your data to vendors that might want to know, for example, that you are running low on glyphosate? The privacy policy should explain this.
4. Is the provider committed to notifying you of future changes? Finally, when reviewing a data privacy policy, determine whether the provider is offering to keep you informed of changes to its data privacy policies. Alternatively, the provider may tell you “these terms are subject to change at any time without notice.“ Make sure the provider agrees to notify you when changes in policy occur—because they will. The law and these issues are evolving, and data privacy policies will too.
Remember, by clicking “accept” you are agreeing to be bound by the technology provider’s privacy policy—which is a binding contract. Federal and state laws are mostly void of statutes protecting your farm data privacy, but by reading data privacy policies, you can make an informed decision.
Todd Janzen grew up on a Kansas farm and now practices law with Plews Shadley Racher & Braun LLP, which has offices in Indianapolis and South Bend. He also serves as General Counsel to the Indiana Dairy Producers and writes regularly about agricultural law topics on his blog: JanzenAgLaw.com. This article is provided for informational purposes only. Readers should consult legal counsel for advice applicable to specific circumstances. Todd is currently serving as chair of the American Bar Association’s (ABA’s) Agricultural Management Committee, which is part of the ABA’s Section of Environment, Energy, and Resources.
Submitted by: Todd J. Janzen, Plews Shadley Racher & Braun LLP
