37 posts categorized "Terms of Service"

Smells like court

I think Dropbox is awesome and wish that company every success (don't sell us users out!).

But there is a tradition on this blog of watching Dropbox's missteps with attempts to update its terms of service.

CaptureThis time it's a phrasing thing, which I take to be indicative of a low-grade, possibly tech industry-shared, fashionable disdain for the court system.

The phrasing I'm calling out is in a Dropbox email to users explaining why the company's terms of service are being changed to default to arbitration, rather than adjudication in courts, to resolve disputes:

"We’re adding an arbitration section to our updated Terms of Service. Arbitration is a quick and efficient way to resolve disputes, and it provides an alternative to things like state or federal courts where the process could take months or even years. If you don’t want to agree to arbitration, you can easily opt out via an online form, within 30-days of these Terms becoming effective. This form, and other details, are available on our blog."

"Things like courts." Pesky, bothersome, unattractive things like taxpayer-funded, independent tribunals to adjudicate prosecutions, commercial disputes, family matters. Slow, inefficient, deliberate. Many of the same drawbacks as representative democracy itself!

And jurors!

Heaven forbid that users of popular apps should sit in and pass judgment on what terms of service Silicon Valley imposes!

Google's "shared endorsements"

The NYTimes Bits Blog this morning alerted me to a NYTimes story by reporters Claire Cain Miller and Vindu Goel about Google's announcement this morning that it will change its terms of service to permit Google to take user endorsements and place them in advertising that Google sells and publishes.

As far as I can tell, there is no provision about sharing advertising revenue with the Google users who supply the endorsements.

ReaganI ran a redline of the new ToS (Google says it will be effective November 11, 2013) against the current ToS, and have posted that redline here.

Other changes in the new Google ToS are modest: there is a public service announcement about detaching from your phone while driving; there is an admonition to protect your password; and some singular nouns are made plural in boilerplate disclaimers.

The change to expressly provide that user endorsements may be used in ads, that is a big change. Though the change is implemented in a single paragraph:

"If you have a Google Account, we may display your Profile name, Profile photo, and actions you take on Google or on third-party applications connected to your Google Account (such as +1’s, reviews you write and comments you post) in our Services, including displaying in ads and other commercial contexts. We will respect the choices you make to limit sharing or visibility settings in your Google Account. For example, you can choose your settings so your name and photo do not appear in an ad."

The NYTimes story states that "Google had previously shown so-called Plus 1s, votes of approval similar to Facebook likes, in ads across Google sites and its ad network." I don't see express permission for Google to do so in the current ToS; perhaps I missed it, or perhaps there is another set of terms that overlays the ToS and is specific to Google+.

The current ToS has a restriction on Google, a restriction that is retained in the new ToS announced today, expressed as follows: "The rights you grant in this license are for the limited purpose of operating, promoting, and improving our Services, and to develop new ones."

How do you reconcile such a limitation with either the current +1 program or the new Facebook-like ad program? Maybe it's the verb "promote," or maybe Google is taking the position that there is no personality right or user content inherent in endorsements?

A lot of things are converging at the same time. Dave Eggers' new novel teases that Facebook, Google and Twitter are all of a feather and will merge. So far I am reading a fundamental respect for user content in at least the prospectus summary section of the Twitter S-1, so, I'd place that service as above the move that Google is making here. Google is at least permitting users to opt out of the use of endorsements in ads. Facebook appears committed to obscuring the distinction between organic and paid content.

I'm gonna make you a EULA you can't refuse

Getting near the end of the new Lanier book, Who Owns the Future.

Not sure I am going to have much more to post about the book than I've posted to date. The themes have been there throughout and there hasn't been an arc to the argument (my "thought collage" description remains apt).

But I have to share, by quoting, some text from Lanier about EULAs. This from page 314: 

"The online space feels a little creepier, a little less under individual control, every time a user is asked to acquiesce to a bunch of fine print no one reads. The reason no one reads the fine print is that even if you do take the time, there will soon be a new revision, and you'd have to make reading the stupid EULAs a full-time job. . . .

"The reason people click 'yes' is not that they understand what they're doing, but that it is the only viable option other than boycotting a company in general, which is getting harder to do. It's yet another example of the way digital modernity resembles soft blackmail."

Circling back on Dropbox

Because a couple of years ago we unpacked, in a post here and in a follow-up post, the details in that devil of an iteration of legal terms of service from Dropbox - a version that had users worrying that the company would mine their uploaded files for nefarious corporate purpose - I thought we should circle back and formally acknowledge that Dropbox has (again) received high marks from a famous, progressive privacy watchdog, the EFF.

Here's a link to a new, 2013 iteration of the EFF report, "Who Has Your Back: Which companies help protect your data from government?"

Dropbox gets five stars out of a possible six. Only Twitter and Sonic.net score better.

Dropbox icon(True, I'm comparing an apple and orange here. The ToS flap was over how Dropbox might monetize user content. The EFF report is about actions and policies Dropbox takes and follows with respect to government demands or requests for user content. Not the same thing.)

And here's a personal endorsement.

I get a lot of mileage out of Dropbox. It's a terrific service, and so far they haven't asked a thing of me, not even to expose myself to ads. So far, when I've hit my storage limit, I take that as an occasion to cull folders and big files I no longer need.

Thanks to Ken Priore for a tweet that gave the heads up.

Smells Like History

Earlier this week on the Proskauer Rose law firm's Privacy Law Blog, Chandi Abeygunawardana wrote about recent action the FTC has taken in connection with an advertising network engaged in "browser history sniffing."

History sniffing?

Abeygunawardana explains the practice and its uses this way:

"History sniffing involves running Javascript code on a Web page to determine whether a user’s browser displays links to specific domains as unvisited or visited. Using this information, [an advertising network] can determine whether the user has been to specific web pages or not in the past, and from that, glean their interests."

What did the ad network do with the results of its sniffing? According to the FTC complaint, the ad network, Epic, used the information for targeting in some pretty sensitive categories:

"Based upon its knowledge of which domains a consumer had visited, Epic assigned the consumer an interest segment. Epic’s interest segments included sensitive categories such as 'incontinence,' 'Arthritis,' 'Memory Improvement,' and 'Pregnancy-Fertility Getting Pregnant.' Epic used this history-sniffing data for behavioral targeting purposes."

But Epic wasn't sanctioned for the practice of history sniffing or effectively outing a person's private affairs. No, the FTC would appear to be okay  with ad networks trolling your browser to see where else you've been lately. (Okay, or else lacking in substantive authority to regulate the practice.)

History textbookInstead, the ad network's offense in this case was in making false representations in its published privacy policy.

In other words, had the ad network simply 'fessed up and disclosed, in the written privacy policy, that it was engaged in history sniffing, there would have been no complaint and no proposed consent order.

This seems to be the theme of FTC complaints and consent decrees: no issues with nefarious behaviors, but instead a focus on whether a company's practice is at variance with the company's own written terms of service or privacy policies.

It's as if the FTC thinks people read terms of service and privacy policies!

Posts on similar FTC actions:

Photo: Chris Chan / Flickr.

Zappos terms of use still "browsewrap"

I already know of two good articles about how a court recently found Zappos' terms of use legally deficient - one is a blog post by Eric Goldman, the other a mailer from the Wilson Sonsini firm - so I'm not going to analyze the issues here.

But I did find myself wondering whether Zappos had changed its terms of use in the five weeks or so since the court decision came down.

Rahm Emmanuel thumbing his noseI looked last night, and the answer is: Zappos does not appear to have made any changes lately to its terms of service.

The Zappos terms of service are materially the same today as they were on a copy I found placed in May 2011 by the Wayback Machine.

I thought that was odd, because, from reading Goldman's and WSG&R's analysis, I'd gathered that Zappos' assertion that it could change the terms at any time - without notice - was fatally flawed.

But then I thought, maybe Zappos deliberately left the terms as they were, knowing it might cure the defect by a change in the shopping or ordering process. The browsewrap language - "ACCESSING, BROWSING OR OTHERWISE USING THE SITE INDICATES YOUR AGREEMENT TO ALL THE TERMS AND CONDITIONS IN THIS AGREEMENT, SO PLEASE READ THIS AGREEMENT CAREFULLY BEFORE PROCEEDING" - might still be in the terms, but if a link to the terms and an "I accept" button were placed so as to interrupt the flow somewhere, anywhere, before finally placing an order, well, that process roadblock would turn the ostensible browsewrap (likely not enforceable) into a clickwrap (likley enforceable).

Wouldn't you know it, I registerd with the site (that was easy; I could import my Amazon profile) and ordered something, and nowhere along the way was I presented a link to the terms of use, let alone an "accept" button.

It seems to me that Zappos' terms are just as open to challenge by new users today as they were before.

A simple protocol I'd like to see: let users throttle updates

Here's a simple protocol I'd like to see platform and application developers follow, every time they push a major new release: give users a 30 day option to revert to the prior release.

It's not fair to expect any company to support every last legacy version that may be one or another person's particular favorite. I'm not proposing that. Under the proposed protocal, users could only revert to the immediately prior release.

Tram throttle

Call it giving users a "throttle" on the pace of updates.

Consider what a publisher might learn! Use of the throttle would effectively crowdsource a comparative usability analysis. Reviled "improvements" could be stripped from the product roadmap.

Foisting unwanted features on users is not one of those problems that can be solved by disclosure. Did Twitter let people know that one of its updates would introduce advertising into your mobile Twitter client? I don't think so. (I was looking for it.)

All those poor Apple map users.

Well, barring industry adoption of the user update throttle, I guess the simple lesson is: do not go gentle into update hype!

Photo: Leonard John Matthews / Flickr ("Photographed at the Powerhouse Museum, Sydney").

Related Posts with Thumbnails