I've always worked on the assumption that if you use a website, you have to accept its privacy policy. The EU has extensive privacy policies that frankly are a pain for anyone setting up a business and I've always hated dealing with data requests and their stupid £2 fees.

Then I read this:

http://www.theatlantic.com/technology/archive/2012/03/reading-the-privacy-policies-you-encounter-in-a-year-would-take-76-work-days/253851/Money quote:

A few years ago, two researchers, both then at Carnegie Mellon, decided to calculate how much time it would take to actually read every privacy policy you should.

First, Lorrie Faith Cranor and Aleecia McDonald needed a solid estimate for the average length of a privacy policy. The median length of a privacy policy from the top 75 websites turned out to be 2,514 words. A standard reading rate in the academic literature is about 250 words a minute, so each and every privacy policy costs each person 10 minutes to read.

Next, they had to figure out how many websites, each of which has a different privacy policy, the average American visits. Surprisingly, there was no really good estimate, but working from several sources including their own monthly tallies and other survey research, they came up with a range of between 1,354 and 1,518 with their best estimate sitting at 1,462.

So, each and every Internet user, were they to read every privacy policy on every website they visit would spend 25 days out of the year just reading privacy policies! If it was your job to read privacy policies for 8 hours per day, it would take you 76 work days to complete the task. Nationalized, that’s 53.8 BILLION HOURS of time required to read privacy policies.

78 days - wtf !! I can't bear reading legalese for an hour and I am being sued all the time. 78 days for an average user is just crazy. And that assumes they understand what they consent to.

Maybe this is a case where the EU got it right after all. What do you guys think?