In Plain English: TripAdvisor’s Privacy Policy and How ‘Anonymous’ Travel Reviews Get On Facebook


Popular consumer website TripAdvisor – with its honest, candid, and opinionated travel reviews — became the first travel company to hop aboard Facebook’s Instant Personalization train to Eroded Privacy-ville.

It’s not that Instant Personalization is bad, per se, but the problem is that users need to opt out, rather than opt in, to this feature.

Other websites that have signed up for Instant Personalization include Yelp (local retail reviews), Rotten Tomatoes (movie reviews), and Pandora (music reviews). Again, those sites require an opt-out mechanism, which certainly is not always readily apparent to the average user.

As the Wall Street Journal points out, “the idea that you actually have anything in common with (or even know) all your ‘friends’ on the site is questionable.”

The WSJ adds that “the ability to reach out to so many people at once can make the already fraught dynamics of asking friends for advice even stickier. What, for instance, happens when a contact follows up to ask what you thought of that recommendation you ignored—or worse, hated?”

This can be an infringement on people’s online privacy since it may not always be apparent that every review will become inextricably linked to users’ Facebook profiles.

In Plain English

For a site like TripAdvisor, which has been around for more than a decade and boasts an impressive 40 million visitors a month, it would appear to be a no-brainer to try and tap into Facebook’s 500-million users.

One of those visitors may even be you on occasion. But are you familiar with the site’s privacy policy?

Specifically, are you well-versed in how the information you share can be linked to your Facebook profile?

Under the “With whom we share your information” subhead, TripAdvisor explains that if you choose to create a TripAdvisor profile, certain information will be publicly viewable and identifiable via your screen name.

In addition, TripAdvisor may share your information with third-party vendors (i.e., marketing or customer service); business partners (i.e., promotions or services); referring websites (Trip Advisor says it “may share your registration information, such as your name, email address, mailing address, telephone number and travel preferences” with that referring site); companies within its corporate family (i.e., Expedia and others within the TripAdvisor Media Group); and finally, social media services (i.e., Facebook).

It’s under the Social Media Services bullet in the lengthy privacy policy that TripAdvisor notes users can “choose to access certain third-party social media websites and services through our site (such as Facebook). When you do so, you are sharing information with those sites, and the information you share will be governed by their privacy policies. You may also be able to modify your privacy settings with these third party social media web sites.”

Wait, modify your privacy settings? That’s fancy legal-speak for “hey, it’s up to you to opt out, but until then, consider yourself opted in.”

Need even more motivation to spend twenty minutes managing your privacy settings for both TripAdvisor and Facebook?

The TripAdvisor privacy policy goes on to say it may use your information in the following ways:

  • “In response to subpoenas, court orders, or other legal process; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases we reserve the right to raise or waive any legal objection or right available to us.
  • When we believe it is necessary to investigate, prevent, or take action regarding illegal or suspected illegal activities; to protect and defend the rights, property, or safety of TripAdvisor, our customers, or others; and in connection with our Terms of Service and other agreements.
  • In connection with a corporate transaction, such as a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy.”

Check out that second bullet. Those “suspected legal activities” with “customers or others” appears vague. It’s never clearly explained how that can be applied to your Facebook activities at all. In fact, TripAdvisor was perhaps advised to keep  it relatively vague since Instant Personalization is so new.

After all, it’s still the Wild West among online corporate privacy policies, so who knows how your online travel musings could be used against you in the real world.

Now that you better understand TripAdvisor’s privacy policy and its connection to Facebook, does it make you more or less likely to want to post a travel review after your next vacation? How many of you have turned off Instant Personalization altogether – or plan to take that step soon?

If you want to review another travel-related privacy policy, check out this past article about If you have specific questions for TripAdvisor, you can email them at

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Elaine Rigoli

Elaine Rigoli is PRIVATE WiFi's manager of digital content strategy.

2 Responses

  1. hack toa do gunny says:

    Hi there, You have performed a great job. I’ll certainly digg it and personally recommend to my friends. I’m sure they’ll be benefited from this site.

  1. March 19, 2012

    […] most Internet companies already have privacy policies, many are so dense and complicated that few of us can read or understand them. And even if we do, […]

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.