Scribd's digital library provides access to an unlimited number of audiobooks, books, magazine articles, sheet music, and more. The policies for Scribd indicate that users of the service may be able to post comments, but are not clear how those comments may be used on the service. They also clearly indicate that information is shared with third parties for reasons ranging from operating the service to advertising, and that users should expect to see targeted ads from the service. Further, they indicate that the service employs reasonable security to protect user data, but do not provide any information about how the service will respond in the event of a data breach. Finally, the policies are clear that the service is not intended for children under 13 and that no information will be collected from children.
: Promoting responsible use
Evaluating safety takes into consideration best practices that protect a user's physical and emotional health. A higher score (up to 100) means the service provides more transparent and comprehensive responses related to safety.
The policies for Scribd do not disclose whether users can interact with one another on the service. They do mention that users may post comments to the service and provide some guidelines for conduct surrounding those comments, but they are not clear how those comments appear on the service and whether there is any user interactions with them. The guidelines for comments in the policies also make clear that the service relies on users to filter any personal information that may be posted in those comments, though they are not clear whether the comments would be publicly accessible.
: Protecting collected information
Evaluating privacy takes into consideration best practices that protect the disclosure of a user's personal information. A higher score (up to 100) means the service provides more transparent and comprehensive responses related to privacy.
The policies for Scribd appear to combine both the service provided to the public and company human resources practices. As such, the policies indicate that a variety of personal information may be collected through the service with some areas of the policy not clear whether certain types of data collection or use would be restricted to just human resources use or could also be for the service. The policies are also clear that the service shares personal information with third parties for purposes ranging from operating the service to providing targeted ads on third party sites. Further, the terms state that users may opt out of the use of personal information for targeted advertising, but also indicate that traditional ads may still be displayed to the user. Finally, the policies indicate that the service will not sell or rent the personal information of users, except as outlined in the policy.
: Protecting against unauthorized access
Evaluating security takes into consideration best practices that protect the integrity and confidentiality of a user's data. A higher score (up to 100) means the service provides more transparent and comprehensive responses related to security.
Scribd's policies are clear that the service employs reasonable security measures to protect users' information. They also indicate that the service enters into agreements with third parties to require they also employ similar security standards described in the policy. The policies, however, do not indicate whether the service utilizes any form of encryption to protect user data either in transit or at rest. Finally, the policies indicate that a data breach is possible, but do not indicate any of the measures in place to provide users notice in the event of a breach.
: Following statutory laws and regulations
Evaluating compliance takes into consideration best practices of companies that collect personal information from children or students and the legal obligations for the privacy and security of that information. A higher score (up to 100) means the service provides more transparent and comprehensive responses related to compliance.
The policies for Scribd clearly state that the service is not directed to, nor should be used by, children under 13 years of age. They also clearly state that should the service discover the information of a child under 13 has been collected, it will delete that child's information from the service. Further, the policies do not address use of the service in a school or district setting and do not provide any details on how the service could be deployed in a K-12 environment. Finally, the policies state users can request access or export their Personal Information, and ask that Scribd correct, amend, or delete a user's personal information where it is inaccurate.