By Evan Levy
Oct 29, 2010
More Articles by Evan
Last week a story was published recounting Supreme Court Chief Justice John Roberts’ comments regarding his blatant disregard of online EULA’s and other “fine print,” such as literature with his medications. He admits that the system has created this broken and prohibitive, jargon based literature, and also reveals that he has yet to find a solution that would benefit the end users. After all, that’s who the agreement is for right? The end user.
As a fellow end-user I have found this useless, agree-clicking ritual to be ironic. Here, in theory, is a company’s attempt to explain to the users of its product, (i.e. the people giving them their money/personal information/anything else requested) what it intends to do with said money or information, and what it expects the users to do with its products. This gives me pause for many reasons. The first of which, is that now, a company has the ability to tell people what they can and can’t do with their products. When did this happen? I always thought that I could do anything I wanted with a product as long as it was legal. So the question becomes, does this EULA serve as a reissuing of law? If I buy a lawn mower, cut some grass, and then decide to turn it into a racing vehicle, can I get in trouble because I didn’t read the 100 page manual of legalese that came with it that says somewhere deep in the sea of agreement, “do not use this specific assembly of parts to attain speeds relatively greater than similar assemblies around it?”
What’s also somewhat hilarious is the “disagree” option that is given. The problem is, disagreement means no product. So a company can make a product, set-up a user agreement that may or may not be favorable for the user, but force them into compliance because there is no alternative. Awesome.
Example: Facebook. People started using Facebook because it was an effective way to keep in touch with people they were close to, and find people they hadn’t met with similar interests. Before one can set-up a profile on Facebook, they must agree to an EULA. If you disagree, you don’t get to use Facebook, and don’t get to be in the social space with most other people you know. However this EULA, judging from Facebook’s repeated lapses in user privacy, really doesn’t mean anything. Unless, of course, you do something Facebook doesn’t like, then you’re in for a world of hurt. On the flip-side of this, what happens to all the users whose data has been given to other parties without their permission and explicitly in violation of the EULA? Currently the most you can expect, if you’re lucky, is that Facebook will issue a statement that will sound something like “Uh, sorry brah. Your privacy is like, really important to us and stuff, and we just took the most excellent hit to our servers, but we won’t do it again. Seriously. Our bad.”
This is not good enough for me. What happens when actual sensitive data is leaked, stolen, or otherwise obtained by people with malicious intent? Or if advertisers are handed a list of very personal details that the users really don’t want them to have? The damage to the end-user could be immense, life shattering even. If Facebook were to reset its privacy settings after changing a user agreement, and data you thought was protected becomes open to people you don’t want to see it, what then? If you lose a job offer because your potential employer saw a picture that you thought was in a digital sock drawer instead of your portfolio, do you have any recourse?
It seems to me that with great power comes great responsibility. We, as end users, need a way to hold these companies accountable for their missteps. They certainly hold us irrevocably accountable if and when we were to cross their paths. We also need a mechanism to be able to challenge a EULA. If it’s not to our liking, there should be a way for us to actually disagree with a license agreement.
Unfortunately, I know as much about the solution to this problem as John Roberts knows about his medications. Maybe one day, I’ll be able to work something out. Meanwhile, if anyone has any ideas, I would love to discuss them with you. All I can suggest for now is to assume that all data, no matter where you put it, no matter what your privacy settings are, is public on the internet. To me, this feels like common sense, but I know there are many people out there that think otherwise. Until we can hold the companies collecting our data accountable for breaking the end user license agreement, there’s only one way to protect yourself; filter the content you publish.