Terms of Service Labeling, Design and Readability Act (TLDR)

The Terms of Service Labeling, Design and Readability Act (TLDR) requires companies doing business online to ensure their Terms of Service agreements (also sometimes called Terms and Conditions or Terms of Use) are transparent, accessible, and easily understood by website visitors.

In this article, we will go over who the TLDR applies to, what individuals and businesses must do to comply, and the penalties for non-compliance.

What is the Terms of Service Labeling, Design and Readability Act (TLDR)?

The TLDR is bipartisan and bicameral legislation that aims to make Terms of Service agreements more understandable, transparent and accessible for online consumers.

It was introduced on January 13, 2022 by Congresswoman Lori Trahan (D-MA-03), Senator Ben Ray Luján (D-NM), and Senator Bill Cassidy, M.D. (R-LA). If it gains enough support, it will become law.

It's currently in the U.S. Senate's Committee on Commerce, Science, and Transportation.

Who Must Comply With the TLDR?

If you operate a website or you have a commercial, for-profit business with an online presence and are physically located within the United States, a U.S. territory, the District of Columbia, or a federally recognized Indian Tribal region, you'll need to comply with the TLDR.

With that said, the TLDR exempts some small businesses "as defined in section 3 of the Small Business Act."

What Does the TLDR Require?

The TLDR has three main requirements:

1. You must post a short-form summary of your Terms of Service at the top of your Terms of Service agreement, and
2. You must post a "graphic data flow diagram"
3. You must display your full Terms of Service agreement in an interactive data format

Let's take a look at each of these requirements in turn, and the current status of what would be required to comply.

The Short-Form Terms of Service Summary Statement

Under the TLDR, online businesses will need to place a "summary statement" of their Terms of Service on their websites.

Let's take a look at the placement and content requirements for this summary statement.

Where to Place the Summary Statement on Your Website

Companies must place the summary statement on their website, at the top of their Terms of Service pages.

Short-Form Summary Statement Format and Contents

The summary statement must provide a brief synopsis of the full Terms of Service.

The short-form summary needs to be easy for average users to understand, and must be machine readable. The act offers some suggestions that it may include graphic icons, hyperlinks, tables and other means determined by the Commission to be helpful.

The summary statement must disclose the following information:

• The approximated time it would take to read the entire Terms of Service, plus its word count
• The categories of sensitive information your business processes
• All sensitive information your business requires to provide its services
• All sensitive information your business needs to provide additional features
• All sensitive information necessary for future development
• The legal liabilities of users and any rights they transfer to your business (e.g., mandatory arbitration, licensing, waiver of moral rights)
• Historical versions of your Terms of Service
• Change logs
• Whether your company provides users with deletion services along with directions for how they can delete their sensitive information or ensure that your company discontinues the use of that information, and
• A list of data breaches from the prior three years reported to consumers under existing Federal and State laws

What is Sensitive Information Under the TLDR?

Sensitive information under the TLDR includes all of the following:

• Health information
• Biometric information
• Precise geolocation information
• Social security number
• Information concerning race, color, religion, national origin, sex, age, or disability
• The content and parties to a communication
• Video and audio recordings captured through a consumer device
• Financial information, including bank account numbers, credit card numbers, debit card numbers, or insurance policy numbers
• Online browsing history in relation to the information described above

The Graphic Data Flow Diagram

In addition to a summary statement, your business must include a graphic data flow diagram. This must be placed directly after the short-form summary statement.

The act allows for 360 days from after the date the act may be enacted for guidelines to be published on what this diagram must contain.

As of writing, the only details available are that the diagram will need to display how a user's sensitive information is shared with corporate affiliates, subsidiaries, and third parties.

Your Terms of Service Must Be in an Interactive Data Format

While there are no further details yet, the TLDR states that businesses will need to tag "portions of the terms of services of the entity according to an interactive data format."

Interactive data format is an electronic data format in which pieces of information are identified using an interactive data standard, such as eXtensible Markup Language (XML).

Enforcement of the TLDR

All violations of the TLDR will be treated as breaches of the Federal Trade Commission Act regarding unfair or deceptive acts or practices.

All enforcement and penalties for violations of the TLDR will be treated by the same means, in the same manner, and with the corresponding jurisdiction, powers, and duties as though the Federal Trade Commission Act were actually a part of the TLDR.

Thus, any person who violates the TLDR, "shall be subject to the penalties ...provided in the Federal Trade Commission Act."

Enforcement by State Attorneys General

If state attorneys general believe at least 1,000 state residents have been threatened or adversely affected by someone who has violated the TLDR (such as a business's employee), they may bring a civil action for the benefit "of the residents of the State in a district court of the United States."

The attorney general may bring civil actions to enforce the law and obtain restitution, damage, or other compensation for the benefit of residents of the state.

Summary

The TLDR seeks to protect consumers by making Terms of Service agreements more transparent and understandable.

These agreements are often referred to as "Terms of Use" or "Terms and Conditions" agreements and outline how website visitors may use the website or application in question.

In recent years, these agreements have become increasingly long and complicated, making it difficult for consumers to understand their rights and obligations. This can have severe consequences for a website's visitors.

For example, some contracts require consumers to sign away their right to sue, while others include provisions that waive a company's obligation to notify consumers of updates to its Terms of Service. In addition, some Terms of Service agreements allow companies to collect personal data or share it with third parties.

The TLDR will require companies to provide a simple, concise, and user-friendly summary of some key content of the agreement, such as what data is used, as well as how it is collected and shared. The summary must be written in plain language so that consumers can make an informed choice about whether to agree to the terms.