In Ticking all the boxes, The Economist writes about an interesting legal theory underpinning a rash of cases in New Jersey:
The suits seek to exploit the Truth-in-Consumer Contract, Warranty and Notice Act, enacted in New Jersey 35 years ago. This was intended to prevent companies that do business in the state from using contracts, notices or signs to limit consumer rights protected by law.These suits:
generally include allegations that online terms violate consumers’ rights to seek damages as protected by New Jersey law and fail to explain which provisions cover New Jersey. ... plaintiffs need not show injury or loss in order to sue but merely prove violation of the TCCWNA.The risks to companies are significant:
the TCCWNA entitles each successful plaintiff to at least $100 in damages, plus fees to lawyers and so on. If a website has millions of visitors, the costs to a company could be staggering.But they are balanced by longer-term risks to consumers:
A growing number of firms, emboldened by favourable Supreme Court rulings, have adopted clauses that limit class-action suits. Consumers are instead restricted to resolving disputes individually, in arbitration. The TCCWNA cases may inspire more firms to add such caveats. That might limit frivolous suits. But consumers with grave complaints would be unable to sue, either. In the end lawsuits over restrictive contracts may make them more restrictive still.An example of this trend is Pokemon Go:
to play Pokemon Go, you have to accede to a binding arbitration clause, surrendering your right to sue and promising only to seek redress for any harms that the company visits upon you in a system of secretive, one-sided shadow courts paid for by corporations where class actions are not permitted and the house always wins. ... Pokemon joins a small but growing movement of online services that strip their customers of their legal rights as a condition of sale, including Google Fiber and AirbnbIt could be worse, in this case you can send an email:
within 30 days of creating your account, and include in the body "a clear declaration that you are opting out of the arbitration clause in the Pokémon Go terms of service."In The Biggest Lie on the Internet: Ignoring the Privacy Policies and Terms of Service Policies of Social Networking Services, Jonathan Obar and Anne Oeldorf-Hirsch report on:
an empirical investigation of privacy policy (PP) and terms of service (TOS) policy reading behavior. An experimental survey (N=543) assessed the extent to which individuals ignore PP and TOS when joining a fictitious social networking site, NameDrop. Results reveal 74% skipped PP, selecting ‘quick join.’ For readers, average PP reading time was 73 seconds, and average TOS reading time was 51 seconds. Based on average adult reading speed (250-280 words per minute), PP should have taken 30 minutes to read, TOS 16 minutes.Among the clauses that almost all experimental subjects missed were ones requiring:
data sharing with the NSA and employers, and .. providing a first-born child as paymentThe thing is, consumers are probably being rational in ignoring the mandatory arbitration and the terms of service. Even with a class action, the terms of service are so stacked against the consumer that a win is highly unlikely, and if it happens the most the consumer can expect is a mountain of paperwork asking for proofs that they almost certainly don't possess, in order to stake a claim to the crumbs left over after the class action lawyers get paid.
A social network that started suing its members for the kinds of things everyone does would be out of business very quickly, so the details of the terms are pretty irrelevant compared to the social norms of the network. The privacy terms are perhaps more important, but if you care about privacy the last thing you should be doing is using a social network.
6 comments:
Roxane Gay's The Blog That Disappeared uses Google's termination of Dennis Cooper's account, and with it his blog and e-mail history, to show how helpless typical terms of service make customers:
"What is far more disturbing than the transgressive work of Dennis Cooper is the cold reality of technological progress. The idea of a cloud benevolently storing our personal information, our work, our photos, our music, so much of our lives, is also really nice, but as users, we have no control over the cloud.
We surrender that control each time we write a blog post or log in to an email account or upload an image."
And the reason lies in the terms of service:
"When we use their services, we trust that companies like Google will preserve some of the most personal things we have to share. They trust that we will not read the fine print.
The Google Terms of Service state: “You can stop using our Services at any time, although we’ll be sorry to see you go. Google may also stop providing Services to you, or add or create new limits to our Services at any time. We believe that you own your data and preserving your access to such data is important. If we discontinue a Service, where reasonably possible, we will give you reasonable advance notice and a chance to get information out of that Service.”
Except that they didn't:
"He has hired a lawyer and made complaints, and many of his readers and fans have tried to support his efforts. There is a petition circulating, urging Google to restore his work. Pen America, an organization that promotes free expression, has weighed in, saying that Mr. Cooper deserves a substantive response from Google.
Thus far, these efforts have been in vain. Google has not responded beyond saying there was a violation of the Terms of Service agreement. It has neither identified the specific violation nor indicated why it also deleted Mr. Cooper’s email account. It has not provided Mr. Cooper with the ability to download his personal information so he might rebuild his blog and email account elsewhere."
There's really nothing Mr. Cooper can do. He agreed to the Terms of Service, and by doing so gave up essentially all his rights.
Alerted by this, Roxane Gay did the right thing:
"I downloaded my archives using the company’s takeout service"
Go ye and do likewise.
See also here.
The Second Circuit overturned Judge Rakoff's decision, ruling that Uber's sign-up process adequately indicated acceptance of Uber's terms of service, despite that fact that almost none of their customers can possibly have understood what they were:
"Rakoff had previously allowed a class action suit against Uber Technologies Inc. and its former CEO Travis Kalanick to proceed after a user claimed third-party drivers were illegally fixing prices.
Rakoff dismissed the technology company's move to compel arbitration based on its terms and services agreement that the lead plaintiff, Spencer Meyer, had agreed to use the app. The notice was not reasonably conspicuous and Meyer did not unambiguously agree to the terms when he registered, the district court found."
But:
"The panel disagreed. Uber's app design, they said, made it clear that proceeding to use the app meant agreeing to terms and conditions based on California state law. The terms of service were made clear and though it required the clicking of a hyperlink to review them, the panel found that the use of clear language that creating an account with Uber meant agreeing to the terms was sufficient."
Note that these arguments do not apply to the no-click-through case.
See also The Register's Kieran McCarthy on the Uber appeal.
Glyn Moody at Techdirt reports on the EU Parliament's approval of the ePrivacy directive (my emphasis):
"It will also regulate any service provided to end-users in the EU, no matter where the company offering it may be based. There are strict new rules on tracking services -- including, but not limited to, cookies. Consent to tracking "must be freely given and unambiguous" -- it cannot be assumed by default or hidden away on a Web page that no one ever reads. Cookie walls, which only grant access to a site if the visitor agrees to be tracked online, will be forbidden under the new ePrivacy rules."
As one might expect, the ad industry's reaction is apoplectic:
"The European Parliament's text on the ePrivacy Regulation would essentially expropriate advertising-funded businesses by banning them from restricting or refusing access to users who do not agree to the data collection underpinning data-driven advertising," warned Townsend Feehan, CEO of IAB Europe."
"Good news out of the Ninth Circuit: the federal court of appeals heeded EFF’s advice and rejected an attempt by Oracle to hold a company criminally liable for accessing Oracle’s website in a manner it didn’t like. The court ruled back in 2012 that merely violating a website’s terms of use is not a crime under the federal computer crime statute, the Computer Fraud and Abuse Act. But some companies, like Oracle, turned to state computer crime statutes—in this case, California and Nevada—to enforce their computer use preferences." writes Jamie Williams on the EFF's Deeplinks blog.
Post a Comment