Microsoft's Consent-or-Die Patent

theodp writes "Maybe you shouldn't get too attached to those new Windows Live services. On Tuesday, the USPTO granted Microsoft a patent for privacy policy change notification, which describes how to threaten users with the loss of their accounts and access to web sites and services should they refuse to consent to changes in a privacy policy. This includes the case where a user might object to allowing personal information, collected earlier with a promise of confidentiality, to be shared in the future with third parties. Also described is a 'Never Notify Me' option so you won't have to 'worry' over privacy policy changes."

What is this, anyway?

...they're trying to outdo Google by embracing a "Don't be Good" motto?

Re:What is this, anyway?

You raise a good point - the point could be to prevent this from becoming a common practice.

It does, however, raise two interesting points:

1) The current ridiculousness of the patent system. The patent system is intended to stimulate innovation by protecting useful ideas. If you're right, this is an attempt to stop a certain kind of behavior by a large company. Isn't that what the legislature is for?

2) If you're going to trust your data to a third party by keeping it online only, make SURE you have the right to retrieve it without entering into further agreements.

Re:What is this, anyway?

I've got one mod point left. And instead of using it, I'm posting here to let you know that I'd use it on you had I not decided to post to this topic.

But, in the end, you weren't compelling enough.

I was looking for more substance, something that I could use around the water-cooler later this morning. I wanted something that would just hit me at my very core and tell me that, "Yes, all of America is summed up in that very statement, and FlyByPC has his finger on the very pulse of the nation."

Instead, I feel like the prom date, who gets up to the front porch at the end of the evening and gets a handshake and a "I had a nice time."

Am I asking too much?

Re:What is this, anyway?

I don't like the word evil; it polarises the mind into thinking there is a 'side' of Evil

There is. To deny that is to embrace relativism, which precludes any possibility of weighing one's actions according to a moral standard.

I agree with you that rich is not evil. Wealth is amoral, neither being rich nor being poor makes one good or evil. That doesn't mean there's no evil.

And the award...

And the award for most dramatic Slashdot headline goes to...

Unenforceable in many states

Canada and EU have privacy laws. So would this be an illegal patent?

Re:Unenforceable in many states

The EU does not allow software patents, so this would be an illegal patent. There is no equivalent to the Berne Convention for patents, however, so the question is moot. That said, there is nothing stopping you from patenting an illegal activity, but since you can't make use of it then it's basically just a way of paying the government some money. You could, for example, patent a method for increasing the yield of opium plants, but you would not be able to do anything with this in the USA unless you spent a lot of money on lobbying.

(IANALTINLA)

You won't die.

Unless your pacemaker is hooked up to a Microsoft Website, loss of access to a web-site or even an e-mail account probably won't kill you.

Re:You won't die.

If your pacemaker is hooked up to a microsoft website, you're probably already dead.

Re:You won't die.

"Your pacemaker couldn't be verified by Windows Genuine Advantage. Please contact your Microsoft representative to acquire a legal licence. Pacing has been disabled."

Good

They have patented an unethical behaviour. Does that mean it will be harder for other people to do what the patent describes? Please?

Re:Good

They have patented an unethical behaviour. Does that mean it will be harder for other people to do what the patent describes? Please?

      No, it just means they will sue your pants off if you are more unethical than they are.

Re:Good

They have patented an unethical behaviour. Does that mean it will be harder for other people to do what the patent describes? Please?

No, it just means they will sue your pants off if you are more unethical than they are.

If you are more unethical than they are, your pants are probably already off.

Me? Personally, I've caved, again and again.

Remember how Amazon once had a very nice, simple, policy, something like "we never share any of your information with third parties." And then one fine day, they changed it to something "we'll share any information we have about you with third parties, but only with third parties that we think are really good and have something of real value to offer you."

I hate myself for it, but I've kept using Amazon because, well, darn it, they're convenient and inexpensive and efficient.

Dave Barry once commented that he now has to drive ten miles to buy anything, because he realized that over the years there wasn't a single business within ten miles of which he hadn't said at one time or another "I'll never patronize them again."

Re:Me? Personally, I've caved, again and again.

On the rare occasions that I need to mail order rather than use the local bike shop, I love Speedgoat's privacy policy: http://www.speedgoat.com/aboutus-privacy.asp [speedgoat.com]

Our Plain-English Privacy Policy
If you think you receive a lot of junk mail, you should see how much crap an on-line business gets every day! We're people here at Speedgoat, not a corporation, and we hate spam as much as you do (probably more), so we keep any and all correspondence you have with us to ourselves. Why is this so important? We live in a sneaky world filled with sleazy marketing techniques that count on complacency and a lack of knowledge. Ever wonder why you're receiving all that junk mail? Unfortunately, a number of businesses are in the habit of selling off your personal information. Even the friendly neighborhood grocery store is profiling you with each bleep of the product scanner.

Rather than hire an attorney to draft a 20 page privacy policy, we'll just keep it simple. Speedgoat Bicycles does not, and will not make any customer information available to any outside companies, organizations or individuals, period. We do not, and will not, sell customer information, and we will not reveal specific custom bicycle pricing. As on-line shoppers ourselves, we value your trust in us, and we respect your privacy.

Pretty refreshing to see that a smaller business 'gets it'.

A digital heart plug

Reminds me of the heart plug in the movie Dune.
"Don't be angry. Everyone gets one here."
One twist by a Microsoft cubical creep and all your data drains out.

Damn that's evil!

4. The method of claim 3, further comprising denying use of the selected information by the application until consent to the change is granted in response to the user interface.

5. The method of claim 3, further comprising denying use of the selected information by the application if consent to the change is denied in response to the user interface.

Damn that's evil! Really, what quicker way to drive away users - program your application to piss them off and then stop working.

New Definition for a Process?

In order to be a participant of this nonsense, you quite literally have to buy into it. When I view my stack, it is completely devoid of Microsoft. Kubuntu(Gutsy), and all those solutions found in Adept, along with Design Patterns. Move over Dr.DOS, QEMM, and STACK; Kindly make some room for Microsoft.

Think of the adults!

OMGWTFBBQ iNnoCenT CusTomeRz ar3 bEinG sCrew3d over by eV1l cOrp0rAtionz!!11 THiNk oF t3h c0nsUmErs!!

Sigh...

1. If you don't like the service or the TOS that comes with it, don't use it.
2. If you are worried that a service you previously liked would change it TOS and make your data inaccessible should you refuse it, keep backup of the data.
3. If you are afraid of being led to a new TOS through vendor lock-in, take preventive measures to ensure a smooth rollover to another provided should something go wrong.
4. If you are worried a TOS may have something you are not willing to accept, actually take time to read it before clicking "Next". If you don't understand something, there are a lot of places online where you can discuss a TOS and get a legal-to-human translation of it, especially TOSs of big corporations.
5. If you don't follow any of the above points, only blame yourself when you get screwed over.

As much as companies want to, they can't (legally) FORCE you to allow them to use your data for anything if you didn't accept the TOS. Especially now that courts upheld the law that companies must obtain consent before continuing to provide service with a modified TOS. Companies can mislead you, try to mask the truth, entice you with BS offers, sweet-talk you, downplay the entire thing, block you from using their services (or even access to your data)... But they can't FORCE you to play by their rules.

As a consumer, you have the ultimate power to affect corporate decisions - either use their service or don't. Those who whine about how bad/unethical a particular service is, but keep using it, are hypocrites, not to mention stupid, and fully deserve whatever consequences they get from being sheep.

For the rest of us, there is a good amount of viable alternatives to be able to drop one provider for the favor of another at (almost) a moment's notice, but iff the basic rules above are being followed. If not, then, as I said, blame nobody but yourself when you have "no choice" but to be the company's data slave.

And can we, FFS, stop protecting the "innocent consumers" who get screwed over by evil corporations due to their stupidity? Seriously, this is worse than the "think of the children" mentality - at least you could argue that children are too young to think for themselves - but adults should really know better. Let people get what they deserve.

As opposed to...?

"...granted Microsoft a patent for privacy policy change notification, which describes how to threaten users with the loss of their accounts and access to web sites and services should they refuse to consent to changes in a privacy policy."

As opposed to...? How it is now, that if you disagree with a site's current or new privacy policy you shouldn't, y'know, use them? Say for example GMail changes their privacy policy, and tells its users that it's going to start divulging the contents of your all your email to 'select marketing partners' for 'market research' purposes. I can't tell them "You know what, I don't care what the rest of your users do, but I'm going to stick with the original privacy policy, kay?" I either, as the submitter puts it, consent or die.

Be glad that in the figure they indicate they'd let you delete your account in that case.

PS - I'd seriously dig a Windows theme that looked like that.

Seriously, I think the poster missed the point...

This is a patent application that was approved, much to my dismay, for policies to notify users using previously submitted information about changes in policies including allowing users to request that they not be notified about policy changes.

I don't see the bold new invention here worthy of a patent.

Are they claiming to have invented a "Whatever" button? Or is it a patent on using previously supplied information to contact a user?

As for the "threaten" aspect, it's not a threat - if a site changes it's policies and a user doesn't agree, why shouldn't they cancel the user?

Shame on the Patent Office for approving this silly patent, and good luck to MS to try and derive money from it!

A patent?

Geesh. Things are really getting out of hand at the patent office.

This should be someting for contract attorneys/court, not the patent office.

Court case?

Wasn't there a federal court case recently that specifically said policies like this were illegal?

I don't remember all the details, but from what I do remember it mandated that parties must be informed of any changes to contracts/agreements. You couldn't have a clause like "we don't need to notify you of changes to this agreement". So, if that is the case, doesn't it kill the entire purpose of this patent?

BTW - I really think things like this should not be patentable. This is not an invention.

Good thing...

Good thing they've patented this technology. Now nobody else can use it.

cancelling's harder than getting blood from turnip

No joke. Prepare to take that free albeit useless domain name microsoft gave you with their windows live basic that you signed them over as the registrant in the obscure eula...you know the one that if you want to put your own graphics on the page header you have to pay 30$/month? The one you can't write your own anchored hypertext references or embed stuff...

Riight, so prepare as part of cancelling to furnish your domain email address, whatever name and phone number you signed up with, your credit card number, and more...all in an email that's being sent overseas to hopefully cancel your account. if it works they'll email you back to your cancelled account. If not, they'll use the information to let habib urr..."rick" buy a new dell.

Thanks microsoft. Your live service and the fact it takes about 20 faqs and disabling popups to find the link to cancel is craaaap.

=)

Would it be legal?

Supposing I make a TShirt that says, "By looking at this T-Shirt you agree not to sleep with me. However I am free to change the terms of the contract, and agree that you don't have to notified of any change I make to this policy." and then ... you can imagine the rest.

Your Honor, I plead not guilty to the charges, as it was consensual. As per my consent notification system (defense exhibit A, the T-Shirt) and my consent management system, it is very clear that I have implied consent of the plaintiff.

Cool! A Minnie Driver/Anne Hathaway love scene.

I'm willing to bet "agree to all future changes without notifying me" won't hold up in court.

I'm a bit puzzled though how you can patent notifying someone that, if you don't agree to a legal change, you lose your service, is somehow something novel?

Isn't just computerizing a long-existing, non-computer process not patentable in and of itself?

Patenting User Interface

What worries me about this patent is not what it is trying to do, but the patent office actually let someone patent something that is fairly obvious and trivial. I mean, I think seen plenty of website that implements something similar, for someone to say no to these privacy rules and then eject you from the website. What is the innovation that is being presented here? Or am I being dumb and missed something?

Sounds like the patent system is just rewarding someone who can afford to find a creative lawyer, and phrase the patent application to sounds "technical".

Yeah?

Well, since they aren't getting one bit of real information from me, and I save my mail and stuff locally, should I care?

FUD

It's like any other site, MS or not, with a TOS. Agree to it, or they simply can't deal with you from a legal liability standpoint. Now they may be jerks about it, but that's the internet for you.

Honestly, people... I know this site caters to those with a heavy Linux slant, but the double standard is ridiculous. Happily modifying your OS and tweaking program source to make it work on your PCs, but god forbid you should have to agree to a website's rules to enjoy its services...

Windows Undead

Windows Live never worked for me anyway. The times where I thought it might be useful it faltered.

As for "Never Notify Me" window, I would like that for all programs/serivices.

KNEEL BEFORE BILL!

If you refuse to kneel, you shall perish by the hand of Ursula or Non. I must warn you, very few individuals survive Ursula "attacks". As for Non, well he may have been to prison but he still doesn't swing that way. So he'll swing you into the upper atmosphere instead.

I think I'm missing something

On Tuesday, the USPTO granted Microsoft a patent for privacy policy change notification, which describes how to threaten users with the loss of their accounts and access to web sites and services should they refuse to consent to changes in a privacy policy.

Most of the sites I've ever visited (and bothered to read their privacy policy) tell me that they have the right to change the policy at any time, it is up to me to keep abreast of their changes and by continuing to use the site I accept any revisions they've made to their policy.

In short, I have no idea what or when they change something and could find myself a year down the line using a service which is selling my data to anyone who comes knocking.

Based on that, isn't this slightly better in the fact you'll know when those onerous changes come?

I have prior art!

I was taking my ball and going home when nobody wanted to play by my rules when MS was still in a motel room in Texas!

OMG!

The text of the patent says that Figure 7D (linked in the story post) is just part of an embodiment of the patent. Shutting off access to the account is just a policy; it's not what is being patented here.

That said, I have two real problems with the patent. One is that there seems to be a lot of prior art here; the other is that everything discussed in the patent is pretty obvious stuff. A patent like this should never have been granted.

Sleaze

The sleaze never stops ...

Re:Well, if you don't like the privacy policy...

This method may work for those who are 'in the know', but imagine the millions of sheeple that have come to rely on it since it's the homepage of their fancy new Vista machine. I'm willing to bet this will only be argued about within the tech community, but the common man is just going to accept and comply - never knowing what they gave up.

Re:Well, if you don't like the privacy policy...

It is a "big deal" because software as a service is a "big deal." People are starting to rely on web apps; imagine if I could stop you from using a desktop app at a moment's notice because of a privacy policy change.

Re:Well, if you don't like the privacy policy...

Perhaps these people should think twice before relying on a service that they have no control over whatsoever.

Perhaps some other people should point out these concerns to those people, who probably have enough going on in their lives to not contemplate their legal status with regard to their computer applications.

Perhaps these other people could have a website that aggregates stories pointing out such examples of corporate buggery, and that provides a forum for folks to discuss them. Perhaps they could get enough exposure to occasionally penetrate the online public's consciousness.

Re:Well, if you don't like the privacy policy...

I have to agree, Its a well known problem with all 'live services' or in my case data licences, you have an account on a 'by day' use, At least they are ensuring that users must agree to the policy change, rather than letting it pass them by. Is this some way related to that google stuff I read a few weeks back?

Re:Well, if you don't like the privacy policy...

M$'s method was always to steal an idea, add their own incompatible extensions, monopolise the service by killing any competitor, then bleed the customers and create these unacceptable EULA's.
Now it turns out, they patented their evil ways too.
At which point you want to say no to their methods?

Re:Well, if you don't like the privacy policy...

Nobody objects to "informed consent" here. What people don't like is having the contract changed while it is being exercised. They are not talking about just a website. They are talking about a service which is used after agreeing to a certain contract. This practice is at the very least deceptive since a contract is a promise of a future performance. If the contract is changed while it is being exercised, the other party could suffer. You can change services, yes. But using a certain service may require commitment of resources. Changing the service would mean losing those committed resources.

Re:Well, if you don't like the privacy policy...

Hypothetical: You are storing some mildly critical data on an MS server, and were to forgetful to back it up locally.
MS changes their privacy policy so that you would allow them to use your likeness/username/_stored_content_ in their new SPAM campaign.
You must select _Yes_ to log back in (use the service) to retrieve your hostage data (which if you logged in would no longer be confidential).