This study, conducted in 2016, analyses how four major internet-related data processing companies – Google, Facebook, Amazon, and Apple – frame privacy in their privacy policies, and how their framing of privacy is related to their particular business models. Using a security engineering approach for analysing privacy policies, the analysis is not limited to just explicit definitions and framings, but will also reveal aspects of how the companies view the privacy problem which are expressed only implicitly in the privacy policies. The analysis shows how these companies want to be seen with respect to their role as data processors – as threats to their users’ privacy, as mediators, as ‘innocent bystanders’, or even as privacy protectors –, and how these self-defined images reflect their business models.
