Cory Doctorow on Shrinkwrap Licenses

An anonymous reader writes "Web privacy advocate Cory Doctorow is on about shrinkwrap licenses, in his latest essay. They've always been onerous. Now, Doctorow says the new EULA in Vista and even the MySpace user agreement could put users at risk of being sued. He closes with: 'By reading this article, you agree, to release me from all obligations and waivers arising from any and all [everything].'"

Reading the what?

[by Anonymous Coward]

By reading this article, you agree, to release me from all obligations and waivers arising from any and all [everything].'

This shouldn't be an issue here.

Do we have fair-use rights to EULAS?

[Mateo_LeFou (859634)]

Kinda off-topic, but I was wondering. Given that a EULA contains a huge amount of intellectual property, and that the lawyers who drafted it thus have the right to permt/allow/deny every instance of its use, is it legal to quote from EULAs?

Shouldn't there be something you have to click through before reading a EULSA.. something that says basically "you cannot view/use/think about this EULA except under the terms define below... "

Most EULAs are boilerplate

[Infonaut (96956)]

Given that a EULA contains a huge amount of intellectual property...

Actually most EULAs consist of the same language used in other EULAs. In that sense they are full of what in copyright is referred to as "scenes a faire," or components that are common to a particular type of work. For example, a movie about the Middle Ages might show some poor wretch gnawing on a piece of stale bread. This is so common that that particular scene in itself has no special creativity.

EULAs have at best a thin layer of creativity in the selection of certain stock phrases in order to compose a whole. In that sense they are probably akin to literary compilations, which have a very thin layer of copyright over the selection and presentation of the collected works. In the case of EULAs, I think it would be difficult to say that "You agree to indemnify and hold harmless..." and other stock phrases are anything more than scenes a faire.

I was talking with a rather high-powered copyright lawyer about this a few months ago, and he agreed with my assessment. There doesn't see to be any real pertient caselaw on this, so all opinions are equal until someone finds reason to bring suit for copying of EULA terms. I can't really see why any company would bother with it though. The language of a EULA is not something worth protecting, because in itself it does not produce revenue.

Re:

[cpt kangarooski (3773)]

There are some elements in a creative work that can be handled in a variety of ways. There are others that can be handled pretty much only one way.

Well, you're kind of confusing the scènes à faire doctrine with the merger doctrine there.

Copyright protects expressions of ideas, but not the underlying ideas themselves. For example, the idea of star-crossed lovers is uncopyrightable, but its particular expression in Romeo and Juliet (ignoring things like when and by whom it was written) would be copy

Re:Do we have fair-use rights to EULAS?

[nomadic (141991)]

we are allowed to quote things to make our point.

Re:

[ultranova (717540)]

As much as it's meant as a joke it's actually a pretty cool idea since it's so similar to the original license most arguments regarding the validity of one apply equally to both.

Except the most important: MS, Sony or whatever have vastly more money than you. Therefore they can win any court case against you simply by dragging the case on long enough that you'll go banckrupt, can't defend yourself anymore, lose by default, and spend the rest of your life in poverty and debt. That's why you have to treat

Not legally binding anyways ...

[jopet (538074)]

In many countries shrinkwrap licenses or license agreements that you can only agree to after actually buying the product, or that are "implicitly agreed upon" are not legally binding and are contrary to public policy. None of the things included in those "contracts" are legally binding and that includes the exclusion of warranties etc., even if written in all upper case.

Re:Not legally binding anyways ...

[by Anonymous Coward]

Not to mention that with a click-through license, there is no way of knowing who agreed to the "contract". I could get my underage kid to agree to the licensing terms, and he will not be legally obligated to abide by them because he is not allowed to enter into a contract at his age. And I can use the computer afterward without having agreed to any terms at all.

Re:Not legally binding anyways ...

[by Anonymous Coward]

Here's the news: EULAs are bullshit. They always have been (except in a few benighted countries)... they were always meant to muddy the legal waters rather than enforce their ridiculous conditions.

Microsoft's dream has always been to enforce EULA restrictions by *technical *means. This means no need to deal with legal matters... want to change things, or enforce patently bullshit restrictions, then they just change them. This is why they started the TCPA, subsequently the TCG (Trusted Computing Group), and spent time designing their dream hardware along with the likes of IBM, Sun, HP etc etc: they call it Trusted Computing, and the hardware is a "TPM"... which will now be installed in every PC (and is already in the Apple Mac). The hardware gives Microsoft (and Apple) the ability to actually enforce the EULA by technical mans... read your EULA, read the specs, and criticisms [cam.ac.uk], and be afraid.

Clickwraps and shrinkwraps are binding in US

[Infonaut (96956)]

In the United States, both forms of license agreement are binding. However, they must be presented in such a way that the mythical "reasonable person" would find them before using the product or service being licensed. For example, you can't place the shrinkwrap license on page 52 of the user manual for that new Dell. It has to be obvious, easily-spotted, and not buried in the box. With clickwraps, the Specht v. Netscape [wikipedia.org] case established that they must be presented in a fashion such that it is clear and obvious that there is a license involved. You as the end user can elect not to read it, but you have been presented the opportunity to read it, so the law assumes that you have.

However, contract law in the United States still provides that bizarre terms in a licensing agreement will be held invalid. That does not mean that the entire contract is invalid, just that the offending sections would be. For example, if I buy a new iPod and the license agreement states that the first $10k I make next year will be sent to Apple in order to fund their 2007 New Years Eve party, such a term would be found by a court to be outside the boundaries of a license relating to an iPod purchase.

None of this means that EULAs aren't a pain in the ass. They are a pain to deal with, even for lawyers. I worked on one a while back, and I can see why they become so complicated. Corporate lawyers want to protect themselves from users who see juicy targets in successful companies. For example, EULAs relating to Internet services always have sections dealing with reliability of service. Companies have to expressly say that they are not guaranteeing 100% uptime, or someone will come out of the woodwork and sue them, saying they had a reasonable expectation of 100% uptime because the company marketed itself as a very reliable provider. Companies put in a lot of redundant language because they are trying to make it abundantly clear as to what they are not agreeing to and not guaranteeing. That way they they can defend themselves in court by saying that anyone who had even glanced over the EULA would understand that the company went out of its way to inform the user.

Unfortunately the effect is a complicated, hard to read document. Contract lawyers are slowly starting to change their approach. I've seen a few EULAs that use far less language, in an attempt to make the contract more intellible. Their argument in court would then be that although they didn't put in redundant language, their language was brief and clear enough that it was more likely to be read. I personally think this is a smarter, more common-sense way to go.

Re:

[cpt kangarooski (3773)]

Well, there are two conflicting schools of thought. One is the ProCD line of cases, where the EULA is part of the overall sales transaction that included going to the store and buying the box; so long as you can reject the terms and return the software, if you agree to the terms, they're valid, since they don't come after the sale, they're just a delayed part of it. The other is from Kloeck v. Gateway, IIRC, which says that the sales transaction doesn't include the EULA, and thus while they could arguably b

Re:

[henni16 (586412)]

Ask Microsoft Germany why pre-built PCs don't have "normal" Windows CDs anymore, but only recovery CDs/partitions and the hologram-license-thingee bolted to the case in a way that it is (supposed to be) destroyed if the buyer wants to remove it.
No, not really because of piracy.

AFAIK:
Because EULA restrictions like prohibiting the resale of the pre-installed software (or the transfer to another PC, e.g. if you wanted to sell or keep using the no longer needed Windows of the PC that you tossed out) were ruled

This *is* something to be worried about

[Lloyd_Bryant (73136)]

Many of the posters in this topic seem to have adopted the "that'll never happen" mentality. After all, there's no real chance of a corporation *successfully* suing people over these outrageous EULAs, is there?

I would like to remind those posters of the methodology used by the RIAA - threaten, harass, sue, and in the unlikely case that the victim actually puts up a fight, drop the case and run away.

Consider how many people, in the face of a mere *threat* to sue from the RIAA, have rolled over and paid the amount that the RIAA was demanding? Perhaps these people are cowards. More likely, they simply calculated that paying up would be much cheaper than hiring an attorney and fighting it out.

A EULA troll could exploit the same methods.

And the only thing that could put a stop to it would be a firm ruling by the courts that EULAs are in fact non-enforceable. A ruling which the trolls would avoid like the plague by using the cut-and-run tactic whenever faced with somebody who appears inclined to fight.

After reading TFA, I sat back and attempting to count just how many of those EULAs I had clicked through without bothering to read (after all, everyone *knows* that they are non-enforceable, don't they?). I can't be sure, but the number is most certainly at least three digits.

I suspect that most *present* EULAs simply don't contain anything that could be used for this purpose. That doesn't mean that *future* EULAs won't include them *deliberately*.

How long before Wiki has an entry titled "EULA bomb"?

Re:

[Wesley Felter (138342)]

You're behind the times; the BSA already uses these tactics. In particular, I've heard of BSA member companies convincing customers to buy redundant site licenses because it's cheaper than tracking individual licenses in case of an audit.

Cory's closing quote - Original and Link

[giafly (926567)]

READ CAREFULLY. By [accepting this material|accepting this payment|accepting this business-card|viewing this t-shirt|reading this sticker] you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

Put this at the bottom of your emails; print it on your stationery...

The Small Print Project [netzoo.net] via Boing Boing [boingboing.net]

If you can't beat them, join them

[internewt (640704)]

After I closed my paypal account, I had some spam from a market research company about paypal. I did not do their research, but emailed back with a rant (if it keeps an employee busy for even a few minutes, then I've managed to successfully waste some company money). Of course, I formatted the email like a n00b (i.e. the reply above the quoted text), but I made up a disclaimer below the text (hoping they would miss it):

Disclaimer. Acceptance by the recipient's mail server to this message is acceptance of these terms by the recipient, as is any reply (including any "auto-response" or similar). Each and every further communication to/cc/bcc any [My Domain] address will be charged an administrative fee of £1000 (one thousand pounds sterling) by the email administration. Any terms on the ends of your emails are invalidated and over ruled by these terms. Attachment or inclusion of any type of "disclaimer" is acceptance of this policy, and this disclaimer is final (i.e. cannot be overridden or invalidated by any past or future disclaimers). [My Domain] decision is final over any matter, and you may not sue or take any legal action over future or past communications/contact.

I never got any reply, but if I did I might have posted them some kind of invoice. It'd be a win/win situation - either I get a grand or a court rules that email disclaimers or EULAs aren't legally binding (OK, maybe I'm being a little optimistic).

Re:Are they actually binding?

[by Anonymous Coward]

The whole point of the EULA is to ensure that there are so many conditionals that you'll be snagged by at least one or two unpalatable in any given jurisdiction. It doesn't matter if 95% or more of the EULA is outright illegal in your state or country; there'll still be enough leftover to have you by the short 'n' curlies.

Except for all the country...

[aepervius (535155)]

... where, if part of the contrat is illegal, then the whole contract is made null. In other word for all those country, making statement for example to make user sign up their basic right, or even consumer-protection right, is illegal, would simply nullify the EULA. So... The left over won't do shit in such case.

Re:Except for all the country...

[GodInHell (258915)]

... where, if part of the contrat is illegal, then the whole contract is made null. In other word for all those country, making statement for example to make user sign up their basic right, or even consumer-protection right, is illegal, would simply nullify the EULA. So... The left over won't do shit in such case.

That's an intresting (wrong) interpretation.

Actually courts will usually do what they can to save a contract within interpretation - and will nullfy portions of the contract that cannot be enforced. But no, writing a contract so that it includes clauses which are unenforceable (ie giving up your basic human rights) does not void (the correct term) the contract.

An illegal contract - one that is a contract to commit a crime (ie Rob that bank and I'll help you sell the gold for a 50/50 cut of all proceeds) is - yes - null and void in all states I don't think there are any EULAs out there in the main stream that include contract for crime though - so points for getting one legal principle correct, losses for applying it to the wrong case.

-GiH
(No, not a lawyer, just a law student).

Re:

[tdelaney (458893)]

Maybe you should have noticed the *title* of the post you were replying to. Bad grammar, but understandable nonetheless ...

"Except for all the country..." -> except for all the countries (i.e. not US) that have laws that hold that if any part of the contract (or EULA) is unenforceable, the entire contract is unenforceable.

We all know that that's not the case in the US - we have morons blaring it every time this topic comes up. But there *are* countries (fewer and fewer as time goes by unfortunately) wher

Re:Microsoft suing users?

[Chmcginn (201645)]

I know, I know, RTFA is so passe... but the point the guy was making was not that Microsoft was going to do this. The point was that some company is going to go bankrupt, and their obligations & contracts will get bought by somebody with the mentality of a patent troll. And that's when people will start getting sued. And if he/she/it's successful, it will encourage others to do the same.

Re:

[DarkOx (621550)]

It's kinda of the reverse of the old line about STDs.

"remember you are having sex with everyone they have ever been with"

In this case its

"remember you are trusting every future owner of the ip"

Re:Microsoft suing users?

[MaggieL (10193)]

I can't imagine Microsoft suing a customer over some small print in the EULA. That's just dumb.

Then why is it there?

I hope you don't agree to a lot of contracts relying on a belief that they won't be enforced because "it's just dumb".

This latest corporate fad for retaining a claim to sue while offering a soothing "pledge" not to under vague, unenforceable conditions is lame in the extreme.

Re:

[MaggieL (10193)]

Dogdude says: You haven't spent much time working with lawyers, have you? It's just a CYA.

localman says:The general motivation is to protect the company from lawsuits...So by having these EULAs they can prevent frivolous lawsuits. Fair or not, that's the motivation.

The reason to have a clause in an EULA, or to have an EULA at all, is to intimidate the customer into abandioning rights they might otherwise exercise or otherwise cooerce their behavior. For example, the doctrine of first sale, or as localman

Re:

[tomhudson (43916)]

The BSA is concerned with issues of copyright infringement, not EULA violations.

Those copyright infringements are EULA violations, last I heard ... that's why the BSA does audits on the # of copies, etc. but nowadays insists that you need more than just sales receipts and/or original media and keys.

http://blawg.bsadefense.com/ [bsadefense.com]

A New Definition of Software Piracy

What is software piracy? Like many politically charged phrases, the definition of software piracy is influenced by your financial interests an