The 'TLDR Act' Forces Big Tech to Summarize Terms of Service and Show You Exactly Where Your Data Goes

If you’ve ever scrolled straight past a 10,000-word Terms of Service (TOS) agreement and clicked ‘I Agree’ just to use an app, this bill is for you. Officially named the Terms-of-service Labeling, Design, and Readability Act—or the TLDR Act—this legislation is a direct shot at making those massive, complex legal documents actually readable. It mandates that within 360 days of the law passing, the Federal Trade Commission (FTC) must create rules forcing large online companies to provide three key things: a short, easy-to-understand summary of their TOS; a visual diagram showing how your data flows; and an interactive, machine-readable version of the full agreement.

Finally, a Real-World TOS Summary

Think of this short summary as the nutrition label for your data. Right now, companies bury critical information on page 47 of a PDF. The TLDR Act requires this summary to be accessible to everyone, including those with disabilities, and it must sit right at the top of the TOS page. What must be in this summary is the real game-changer. Companies have to clearly list the categories of sensitive information they collect—everything from your health data and precise location to your browsing history across sites they don't even own. Crucially, they must separate the data they absolutely need to run the service from the data they just want for future development or extra features.

What Legal Fine Print Are You Signing Away?

Beyond data collection, the summary must shine a spotlight on your legal liabilities. Ever wonder if you’ve agreed to mandatory arbitration or given up your right to join a class-action lawsuit? The summary has to spell that out. It also needs to detail what control the company has over your content—for example, if they can sell or reuse content you upload. For the busy professional, this is critical: you’ll know exactly what legal risks you're taking on before you sign up, which is a massive win for consumer awareness. They even have to tell you the estimated reading time of the full TOS, which is a nice touch of digital honesty.

The Data Flow Diagram: Following the Money Trail

One of the most valuable provisions in the bill is the requirement for a graphic data flow diagram. This isn't just a list; it’s a visual map showing where your sensitive information goes after the company collects it. If they share your data with affiliates, subsidiaries, or third parties (like advertisers or data brokers), this diagram must show the path. For anyone worried about their data being sold or traded without their knowledge, this diagram pulls back the curtain. The FTC has 360 days to publish guidelines on exactly how these visual maps must look, ensuring they are standardized and clear across different platforms.

Enforcement That Has Teeth

For the companies that don't comply, the enforcement mechanism is straightforward and strong. Violating the new rules will be treated as an unfair or deceptive practice under the Federal Trade Commission Act, giving the FTC full jurisdiction to step in. But the enforcement doesn't stop in Washington. State Attorneys General (AGs) are also empowered to sue companies directly in federal court if they believe a violation is harming at least 1,000 residents in their state. This dual-enforcement structure ensures accountability: if the FTC is too slow or tied up, local AGs have the power to step in and demand compliance or seek relief for consumers. This means if a major company is playing fast and loose with the TOS in your state, your state’s top lawyer can actually do something about it.