Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
The Internet Technology

The 'Terms and Conditions' Reckoning Is Coming (bloomberg.com) 129

Everyone from Uber to PayPal is facing a backlash against their impenetrable legalese. From a report: Personal finance forums online are brimming with complaints from hundreds of PayPal customers who say they've been suspended because they signed up before age 18. PayPal declined to comment on any specific cases, but says it's appropriate to close accounts created by underage people "to ensure our customers have full legal capacity to accept our user agreement." While that may seem "heavy-handed," says Sarah Kenshall, a technology attorney with law firm Burges Salmon, the company is within its rights because the users clicked to agree to the rules -- however difficult the language might be to understand.

Websites have long required users to plow through pages of dense legalese to use their services, knowing that few ever give the documents more than a cursory glance. In 2005 security-software provider PC Pitstop LLC promised a $1,000 prize to the first user to spot the offer deep in its terms and conditions; it took four months before the reward was claimed. The incomprehensibility of user agreements is poised to change as tech giants such as Uber Technologies and Facebook confront pushback for mishandling user information, and the European Union prepares to implement new privacy rules called the General Data Protection Regulation, or GDPR. The measure underscores "the requirement for clear and plain language when explaining consent," British Information Commissioner Elizabeth Denham wrote on her blog last year.

This discussion has been archived. No new comments can be posted.

The 'Terms and Conditions' Reckoning Is Coming

Comments Filter:
  • PayPal has always struck me as one of the more slimy online companies. Guess who was one of the founders?
    • Re: Slimy (Score:5, Insightful)

      by bill_mcgonigle ( 4333 ) * on Friday April 20, 2018 @02:51PM (#56472979) Homepage Journal

      Paypal wasn't slimy at its founding (were you around then?). After the Feds rekt its business model the interesting people left, leaving it run by the kind of people who implement really bad policies.

      • The hell it wasn't.
      • i havent had paypal since i last closed facebook before i closed the new attempt last month after a month and 400 people of crud nature giving me the impression that my every move was being watched, despite the fact that all my profiles, links and contact info was on there, the only people im still in touch with now are those i was in touch with before ... as paypal ... they simply ignored my mails, my calls, my everything and then i got some thing like "give us the exact date on which you opened your accou
        • i have to correct myself on that, same day evening i checked and it seems the few euros were back in there, no one simply had replied to the support ticket ... something like RTFM i suppose, which is far better than what i got from paypal since they never gave me access to my account, not the first time, but definitely the last there
  • by Anonymous Coward on Friday April 20, 2018 @02:47PM (#56472961)

    I just ask my 4 year old to do it.

  • there was a "Fuck your T&C but I'd like to use your service without them" button.

    • And by corollary: "if only we would have more than two users if they had to actually read and understand the ToS."

      • I understand them perfectly. It couldn't be more obvious:

        Everything you say and do can and will be used against you

        What is there not to understand? Why would anyone give them the benefit of the doubt?

        You won't stop the data flow. So, just make sure if flows symmetrically in all directions and make sure to punish the people who try to use it against you. If nobody has the advantage, it's all good.

    • by PPH ( 736903 )

      What do you do for a living? Are you willing to give it away for free?

      • What do you do for a living? Are you willing to give it away for free?

        Yeah, like paypal doesn't make any money on any transaction. /s

    • Yeah, I tried to say "fuck your paperwork, but I'd like to use your car without it" to the rental car company, and they refused too!

  • A crude measure of whether a piece of text is easy to read is something like the Flesch-Kinkaid reading ease metric which does simple measurements of average sentence length and average word length, assuming that longer words in longer sentences are more difficult to read. It kind-a-sort-a works.

    A better idea would be to require users to pass a reading test made from the EULA text itself. The two most accurate I know of are the Open Cloze test, where every 7th word is left blank and users have to write/type

    • reading test?? what about an BAR test?

      As some of the stuff in the EULA you need to be an lawyer to under stand what they are talking about.

      • by suutar ( 1860506 )

        I think the idea is that if your users have to understand the T&C to sign up, then you have to make your T&C understandable or you wind up with no signups. The problem of course is that if you control both the T&C and the test, then the test may not really be proof of understanding.

      • by jythie ( 914043 ) on Friday April 20, 2018 @03:16PM (#56473189)
        This is why the 'just read it' rhetoric doesn't quite work. EULAs are written for a very specific audience with specialized knowledge. Even if a layman understands the sentences themselves, they are not generally going to be able to put them into the proper context of the rest of the legal framework. They half depend on people not reading them, and half depend on the professional arrogance of people reading them and believing that since they are smart computery type people working in the one and only field that requires specialized knowledge, so they understand legal documents just as well as people who actually have that domain knowledge.
        • I recently took a look at the terms for Thinkific (an online education platform; I wanted to see if they claimed any ownership over the materials posted), and was pleasantly surprised by the "which means" sidebar breaking down the legalese. https://www.thinkific.com/resources/terms-of-service/ [thinkific.com]

          On the other hand, I wonder if slimy companies could word things in such a way as to gloss over slimy sections in the legalese.
        • by Anonymous Coward

          Actually most EULA's juts boil down to "You agree to use this at your own risk, will not sue us if you don't like something it does (especially if it's something some otehr user does/says) and we will ban you if you are more trouble than you are worth".

          It really isn't that complicated conceptually, and the origins are mostly in trying not to get sued because the end user does something like delete an important file using a command designed to delete files and then sue the people who wrote their file manager

      • reading test?? what about an BAR test?

        As some of the stuff in the EULA you need to be an lawyer to under stand what they are talking about.

        That reminds me of one of my favorite episodes of Boston Legal. The law firm is representing someone against a Credit Card company (similar impenetrable legalese in their contracts), and Jerry Espensen, the character who is supposedly a brilliant legal mind, but who also is incredibly awkward socially and also doesn't talk much due to his Aspberger's, suddenly pipes up and says:

        "I have JD and an MBA from Harvard and even *I* can't make heads nor tails of this deception and fraud!"

        https://www.springfieldspri [springfiel...ield.co.uk]

      • by sjames ( 1099 )

        The thing is, those EULAs are so bad I know practicing lawyers who have admitted to not reading or understanding them.

      • reading test?? what about an BAR test? As some of the stuff in the EULA you need to be an lawyer to under stand what they are talking about.

        If you need to truly understand the ToC then forget the BAR, you are truly FOOed to start with. Or simply replace it with: We might try to be nice at times, but in the end we'll just do what we want.

    • I'd say any contract that you can't prove >10% of your users actually understand, is null and void.

      All a sudden, you have TONS of easily-readable contracts and incentive for users to read them.

      It's like a kind of classism. Where the smartest lawyers (with insider legal knowledge) prey upon the average intelligence with no access to legal resources and experience. You know they don't understand it and you're absolutely going to benefit from it.

      It's even worse for things like Facebook, or your ISP. "Just d

      • by mikael ( 484 )

        It's like astro-physics, which seems to be have been written by a Wall Street legal team. Something like "pair production" where two gamma rays form an electron and positron seems harmless enough. But combine that with an extremely large star, and all that mass compresses the stellar core such that only gamma rays are formed, the positrons are annihilated, leading to a supernova.

  • suspended is better then in jail/prison form the CFAA law. As braking that TOS / EULA make you be an user without authorization

  • by UnknownSoldier ( 67820 ) on Friday April 20, 2018 @02:55PM (#56473015)

    South Park parodied this back in 2011

    I Agreed by Accident [cc.com]

    There is even an article about HumancentiPad [wikipedia.org]

  • Maybe we need to start creating boiler plate or set of common named terms & conditions? While there would still be the usual legal jargon, at least there is a community built around understanding what the contract is trying to achieve, since it is reused in other places. Think Creative Commons, GPL and MIT licenses for example.

    Maybe a checkbox system, where you specify what you want from the contract and then the legalese would be generated, but at least there would be a similar high level view to the u

  • So long as that arbitration clause remains valid. The rules and laws are set up to support the terms and conditions that the more powerful player requires, and the arbitrator almost always sides with the bigger, more powerful player.

    • by macraig ( 621737 )

      Hey, Stupid, had you actually been paying enough attention to know anything about the specific subject of PayPal and arbitration clauses, you'd know that PayPal was one of very very few companies that actually allowed people to OPT OUT of the arbitration clause when they introduced it.

      How do I know this? I was actually paying attention and opted out. Sorry you weren't paying attention, there's likely no do-overs for that.

    • Companies need MUCH less leeway to dictate rules in the first place. There should NEVER be mandatory arbitration allowed in the first place for any service rendered. One consumer is in an unacceptable situation when they need a service and every provider requires draconian rules that are non-negotiable. Congress and the states should set the rules for doing business and companies who want to do business should have to comply. If your business plan requires short circuiting the rights of every last one o

  • by cliffjumper222 ( 229876 ) on Friday April 20, 2018 @03:23PM (#56473251)

    I'm banned for life by Paypal. About a year ago they suspended my account, held onto all funds for 6 months and told me they'll never accept me as a customer ever again (they track SSN and CC numbers). I've no idea why because the customer support rep never said anything except that I should take my business elsewhere. I can only guess that they rate users / merchants by risk and are heavily culling any that blip above their line (which is pretty low). I sold software through a web site for $3.99 a pop and had a few customers claim their money back via Paypal (maybe 4 out of hundreds). Only one was ever valid, but there was absolutely no way to dispute a dispute with Paypal, so I just returned the money via the button they provided on the website. Now, Paypal can do what they like because they are a business, but I recommend no one ever use them for anything ever. If you are using them, go elsewhere and never rely on them to have your back.

    • by nehumanuscrede ( 624750 ) on Friday April 20, 2018 @03:58PM (#56473513)

      Don't feel bad, PayPal did the same thing to me, albeit for different reasons.

      Way back in the beginning, PayPal allowed you to create an account using nothing more than a Credit Card. So, I created an account. I never kept more than ~$50 or so in it as it was just for misc purchases I would make.

      One day, I get an email from PayPal informing me that evil Russian hackers had attempted to log into my account and, for my protection of course, they limited access. Fine. So I called them up and told them that since I rarely used the account, to just close it out and send me whatever funds were left within it.

      Were it so easy :|

      "Oh no", they said, "we can't allow you to close out the account until you provide us with the following information: "

      1) Phone number
      2) Bank account number to my checking account

      I argued that if " evil Russian Hackers " were trying to get into my account, why on Earth would I want to link this new information to it ? Just shut it down, close it out and be done with it.

      They told me no.

      So, I changed my password to some ungodly long phrase and let the account sit there, unused, for years.

      PayPal sent me hate mail ( which I ignored ) from time to time informing me that if I didn't comply with their demands that they would close the account out. ( Which is what I wanted in the first place )

      After a few years of this, they eventually did close it out and blacklisted me from using their services. ( Not that I lose a lot of sleep over that mind you. If a website only uses PayPal as their payment processor, I go find the item I want elsewhere. Simple as that. If it doesn't exist elsewhere, I just don't buy it. )

      So, the way I see it is this:

      Until PayPal gets regulated like the banking entity it's pretending to be, I wouldn't trust them for anything because they have shown time and time again that they are about as shady as they come.

      • by AmiMoJo ( 196126 ) <mojo@world3.nBLUEet minus berry> on Friday April 20, 2018 @04:29PM (#56473765) Homepage Journal

        Same thing happened to me. Can't close the account unless i supply information I'm not willing to give them.

        When they updated their terms and conditions it said if you don't accept them close your account. Obviously I can't, but I also don't agree to the new terms... Their support rep was useless.

        So now they have my data illegally. Next month when the GDPR comes in I'm demanding they delete it, and when they refuse I'll claim some compensation.

      • by PPH ( 736903 )

        I never kept more than ~$50 or so in it

        I guess I don't understand this part. I don't keep money in my PayPal account. Never have. It is linked to a credit card, through which they can transfer charges. But I assume that funds remain 'in' PayPal for only a matter of seconds. Money going the other way (which I don't do) would require a linked bank account. Into which PayPal would immediately deposit funds due me.

        PayPal is not a bank. And were they to act as one (by holding onto funds on someone's behalf) that would open up a whole can of legal an

  • Limit it to one Eula per entire product line and limit it to 6000 characters. If anyone complains, limit it to 3000.
  • The measure underscores "the requirement for clear and plain language when explaining consent,"

    Won't help. You could put a copy of Game of Thrones novels in those end-user license agreements and people still would not read them. No one reads that stuff. It's not going to matter if it's comprehensible to the layman or not.

    Obviously, we need something entirely different to fill this void. It's obviously a problem, but how do you re-train the enitre population to start reading that stuff? Tall order there. Good luck!

  • I suppose you could do like some of the game copy protections of old used to do.

    "Please enter the 4th word on the 6th paragraph to agree."

    Probably still won't help.

  • I understand that all softwares have their purpose and the owner want to control how users are interfacing with it to limit the potential for abuse, but having a multi-pages terms and condition agreement document is something that realistically no one will read. Maybe there could be some way of summarizing the terms and condition in a format that is easier to understand at a glance? I'm pretty some parts are common, so maybe establish a kind of symbology to quickly inform the user what they are allowed to
  • So the GDPR forces companies to do what the Plain English Campaign [plainenglish.co.uk] has been trying to do for a long time now. That's nice.

  • Can't be done (Score:5, Insightful)

    by Solandri ( 704621 ) on Friday April 20, 2018 @05:03PM (#56473993)

    "the requirement for clear and plain language"

    That's just the problem. Those two requirements are mutually exclusive. You can have language that's clear (i.e. explains exactly and precisely what you're consenting to), or you can have language that's plain (simple to read and understand). Except for a few broad, general cases, you can't have both.

    e.g. Consider the EULA terms for a photo sharing service. Your photos are protected by your copyright, but the service needs to be able to keep a copy.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos."

    But wait, it's not enough just to keep a copy of the photo. For the photo to be shared, another copy needs to be produced on the visitor's computer.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos, and to make and distribute additional copies for the purposes of providing the service."

    But wait, the service right now is a photo sharing service. What if they decide to change in the future into something more? So you can't just call it 'service', you have to define exactly what that service is.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos, and to make and distribute additional copies for the purposes of providing the service of distributing photos to other users whom User has given permission to view."

    But wait, what if one of those other users decides to keep a copy of said photo? The service doesn't want to be sued for such actions since that's out of its control.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos, and to make and distribute additional copies for the purposes of providing the service of distributing photos to other users whom User has given permission to view. User understands that copies made to provide the service will be on devices outside of Service's control, and Service cannot guarantee such copies will not be retained or further distributed against User's wishes. User indemnifies Service against responsibility for copyright violations by other users, and will not sue Service for the actions of other users."

    But wait, what if some of those users are employed by the service? That creates a loophole where the service could hire third parties to sell and distribute unauthorized copies, free from fear of being sued for copyright infringement.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos, and to make and distribute additional copies for the purposes of providing the service of distributing photos to other users whom User has given permission to view. User understands that copies made to provide the service will be on devices outside of Service's control, and Service cannot guarantee such copies will not be retained or further distributed against User's wishes. User indemnifies Service against responsibility for copyright violations by other users, and will not sue Service for the actions of other users, except in the case of users who are employees or agents of Service."

    But wait, the service needs to keep backups of these photos in case they suffer a storage device failure. Such backups are prudent but not necessary to provide the service. And the clause you've just added makes the admin making the backups liable for copyright violation.

    "User (copyright holder) grants Service a license to keep a copy of copyrighted photos, and to make and distribute additional copies for the purposes of providing the service of distributing photos to other users whom User has given permission to view. User understands that copies made to provide the service will be on devices outside of Service's control, and Service cannot guarantee such copies wil

    • This is because of the eternal legal arms race. We pay lawyers good money to find loopholes in contracts. We then pay lawyers good money to write contracts without loopholes. Lather, rinse, repeat.

    • by sjames ( 1099 )

      So they could easily cut out 90% of a typical EULA? That's a good start.

      Of course, a fair bit of that is already implied in law. If you give someone a copy, you have implicitly permitted them to have it. If you put it on a site whose whole reason to be is sharing pictures, you have implicitly agreed that they may present it to others. People are responsible for their own actions, so another user that misuses the picture is responsible for that.

      There's no need to re-construct the entire body of law from firs

    • by Calydor ( 739835 )

      It is entirely possible to have clear and plain language.

      You have the EULA as it looks now, which is CLEAR - at least in the legal sense. And then you add after each section a "Layman's version" which isn't legally clear, but summarizes what the section means, eg. "If you sign up before you're of legal age and we find out, we're going to ban you."

  • User agreements, terms and conditions and even staff contracts are all utter bullshit. Contracts are supposed to be negotiated by the 2 sides, none of these are negotiated in any meaningful way, they are dictated by big companies who have the upper hand and accepted by users who really have no choice in the matter because the services offered are unique or they don't have the option financially to say no.

  • I think a lot of the contracts that we agree to aren't really necessary. Do you really need all these special things from me, instead of me just handing over the money?

    The terms should be simple. Just to be clear, I don't mean simple terms as in written to be understandable by laymen. I mean the actual give-and-take --- deviations from a normal sale -- shouldn't involve much. I can buy a loaf of bread (here's the money, gimme the bread) without a contract. Same for books (at least if they're paper rather ht

    • by sjames ( 1099 )

      Beyond being fair use, since the entire point of software is to run it on a computer, by selling it to you, they are implicitly permitting you to use it in the customary manner.

  • the company is within its rights because the users clicked to agree to the rules

    So their justification for booting out users who legally cannot be held to agree to the T&C's is that they agreed to the T&C's.

    That said, if they are refunding any money the users have in their accounts, this isn't really worth a story. If they are seizing funds from minors on the basis that they are in violation of the agreement, then that would be extra scummy.

  • Maybe there's a market here. Users can pay to have each contract analyzed. Your friendly cloud service will summarize the contract for you, compare it with other contracts in the same industry, and point out how your contract varies from the norm. Etc.

A bug in the code is worth two in the documentation.

Working...