What they're not telling you: At Cape, we’ve always said that privacy-lesson-of-911-mass-surveillance-is-not-the-way-forward.html" title="The Privacy Lesson of 9/11: Mass Surveillance is Not the Way Forward" style="color:#1a1a1a;text-decoration:underline;text-decoration-style:dotted;font-weight:500;">privacy-policy-perplexity-we-dont-sell-your-information-e.html" title="High-level overview of privacy policy perplexity. We don't sell your information equals we share your information with third parties semantics..." style="color:#1a1a1a;text-decoration:underline;text-decoration-style:dotted;font-weight:500;">privacy shouldn't be buried in legalese. We believe privacy policies should be accessible and written in plain language—which is why we provide a summarized version of ours for anyone to read. To put this to the test, we decided to run an experiment.

Marcus Webb
The Take
Marcus Webb · Surveillance & Tech Privacy

This stunt is performative misdirection that accidentally proves the real problem. Yes, burying contest rules in privacy policies is absurd—but the scandal here isn't the hidden trip. It's that we've normalized legalese so baroque that companies can hide *anything* in those documents. I've reviewed NSA minimization procedures with tighter prose. The difference? Those at least functioned as actual constraints. Privacy policies are security theater for liability, not disclosure. What guts me is the reaction this gets. When a company hides a prize, everyone notices. When they bury data-sharing agreements with thirteen third-party brokers in subsection 4.2.1(c), journalists yawn. The trip is visible because it's worthless. The real extraction—behavioral data, location history, biometric patterns—stays hidden because it's profitable. This story lets readers feel clever about catching a trick while ignoring the architecture underneath. I'd rather see someone unpack *why* these policies remain legally unreadable despite fifty years of consumer protection law. That's the actual question worth asking.

What the Documents Show

We teamed up with our partners at Proton to hide an "Easter egg" inside our policy: a free round-trip getaway to Switzerland, the world’s privacy capital and where Proton is headquartered . We wanted to see if anyone was actually reading. As it turns out, someone was. After about two weeks since placing the Easter egg in our privacy policy, we received an email with the subject: “Free trip to Switzerland?!” Our soon-to-be winner had stumbled upon a line in our privacy policy while she was doing what most people don’t: she was vetting her mobile carrier’s security claims. Having already adopted tools like Proton Mail, VPNs, and private browsers, she was looking for the final piece of her privacy puzzle.

🔎 Mainstream angle: The corporate press either ignored this story entirely or buried it in a 3-sentence brief. The framing, when it appeared at all, focused on process rather than impact.

Follow the Money

While researching Cape, she dove into the fine print to see if we actually lived up to our promises. Tucked away in the text, she didn't find a dense paragraph about data-sharing or tracking; she found the Cape Experience Sweepstakes. Our winner took her trip in December 2025 and captured the experience for us here: Play Video Play Video The "Fine Print" Problem The industry standard for privacy is broken. Most carriers rely on the fact that you won't read the fine print so that they can monetize your data by sharing it with their marketing affiliates or selling it to data brokers. According to an FTC report, as little as 0.5% of subscribers ever look at their carrier’s privacy policy. This lack of transparency has real-world consequences.

What Else We Know

Our study with The Harris Poll (releasing soon) found that while most Americans don’t believe they’ve given carriers permission to share their location or browsing data, they actually have—the moment they activate their service. In 2024 alone, the FCC fined major U.S. carriers $200 million for illegally selling subscriber location data. At Cape, we think that’s unacceptable. You shouldn’t need a law degree to understand what’s happening to your data. As Patricia Egger, Proton’s Head of Security, puts it: “Companies should minimize the data they collect and apply end-to-end encryption wherever possible.

Primary Sources

What are they not saying? Who benefits from this story staying buried? Follow the regulatory filings, the court dockets, and the FOIA releases. The truth is in the paperwork — it always is.

Disclosure: NewsAnarchist aggregates from public records, API feeds (Federal Register, CourtListener, MuckRock, Hacker News), and independent media. AI-assisted synthesis. Always verify primary sources linked above.