I received communications about updated privacy policies and terms of service from Microsoft, Meta, and PayPal today (in that order, chronologically.) Was there a triggering event that caused them all to update at the same time?
The problem isn’t the tech — it’s coming up with a business model that pays for the system and upkeep. As much as people give lip service about privacy, they sure don’t throw money at lobbying efforts that protect their rights in those areas.
GitHubs privacy policy towards end users says they collect usage information and telemetry, among other data. So you host a project comparing ToS on GitHub and Microsoft collects information about anyone viewing the project, who referred them, their browser fingerprint and much more. This usage data might, depending on technical design, even enable them to collect fingerprints on features like opening the comment trees of specific contract clause.
The problem is that these documents aren't served from standardized or predictable URLs across every service provider or regulatory body. I work with a firm who charge heaps of money to provide large companies with publicly available documents. Why do they pay? Because finding the latest copy of 25 different legal docs is a pain in the ass because the entire internet is a broken mess of 404s, over a long enough timeline.
Yes, legal documents have copyright. This also means you can't take shortcuts by copying an existing privacy policy or ToS instead of writing your own unless you have their copyright holder's permission (which likely isn't even the person/company itself unless it was written by an in-house legal department). This also means you are likely violating copyright if you publish a contract you signed -- although you can of course summarize or rephrase it unless there is a valid NDA (most aren't).
So technically scraping and republishing old ToS'es would be a copyright violation. You might have a case for fair use but then it becomes difficult to monetize the service.
No, that's nonsense. I don't know if there's a special exemption in the US but contracts and policies can be and absolutely are under copyright. Individual clauses might not be but the contract in its entirety likely meets the threshold of originality required for it to not simply be considered a plain collection of facts.
The similarity between standard contracts does make it harder to demonstrate a copyright violation based on the text alone though.
So, you’re saying only one company in the history of the world can install garages, or every company that wants to install garages must pay that company or ensure that it’s contracts are distinctly different so they don’t get sued?
That’s not what your parent said and you jumped a lot of logical steps to get where you did.
No form of intellectual property applies to “in the history of the world” — all IPs expire their monopoly protections after a period of time.
And yes, contracts must be distinctly different from copyrighted contracts. [1] Just because computers and the internet allow copy-paste of content with no effort does not mean it is necessarily legal.
I’m not sure what “logical steps” I jumped. All you have to do is prove someone else is selling garages and they stole your copyright in a violation of derivative work. It’s absurd to think copyrights can be be applied to contracts. It’s a hill I’d be willing to die on if someone sued me for it.
I don't understand how you make the leap from "if copyright can apply to legal documents it can also apply to arbitrary physical objects". Doubling down on ignorance seems like a bad way to learn new things but you do you.
Contracts are text and text is subject to copyright. You seem to be confused about the difference between copyright, patents and trademarks though. That copyright applies to contracts does not mean it's possible for two different lawyers to end up writing almost identical contracts. It instead means it's very difficult to demonstrate copyright infringement based on the text alone. But if you simply copy a contract verbatim that you demonstrably had access to and can't demonstrate how you arrived at the exact same wording (e.g. if you're a layperson and have never written a contract before), it's probably an easy case for the copyright holder to win.
This will apparently blow your mind but in some jurisdictions outside the US such as the EU, mere collections of facts ("databases") are also protected by copyright: https://en.wikipedia.org/wiki/Database_right
Note that this does not mean you can't collect the same facts, it just means you can't harvest them from an existing collection and reproduce them the same way. So you couldn't just publish your own knock-off white pages phone book but you could publish a phone book as long as it is not sourced from an existing one. Please remember: this does not apply in US copyright law.
> I don't understand how you make the leap from "if copyright can apply to legal documents it can also apply to arbitrary physical objects".
You can replace "garage" with whatever you want. Basically, if I'm a contractor I can sue every other contractor for uncreative derivative works. If I'm installing garages, I can sue my competitors. If I'm selling software, I can sue my competitors. https://en.wikipedia.org/wiki/Derivative_work
Even if it doesn't succeed 100% of the time, there is a non-zero chance people will settle. There's a non-zero chance that I can prevent other people from creating businesses in my market by simply writing every potential variation of some common contract elements.
That's why this is absurd that contracts can be copyrighted. You can argue that you'd have to prove intent, but people do that every day with news stories and win (I have a reporter friend that has been sued multiple times for 'copying stories' that they themselves wrote -- they win most of the time. In one case, I was sitting right beside him on the train while he wrote the story from his interview notes. The 'plaintive' tends to create a verbatim story on the web and change the publish date to some date in the past, then 'proves' they wrote it first. They don't win, but they do cause stories to be 'redacted' until it can be proven one way or the other. By then though, the news is old news.)
Wait. So I can create a service with a popular SaaS's ToS, then submit a DCMA takedown to them and they have to remove their ToS from the internet? You can't be serious. (AFAIK, there's no laws for abusing it).
I don't know why you're arguing with me when I'm literally giving you sources backing up that what I'm saying is a mere statement of fact: contracts are inherently subject to copyright law like any other text, although the individual violation may be hard to demonstrate and cases difficult to win.
If I understand your example correctly, you would take an existing SaaS's ToS (i.e. copy their copyrighted work), publish it as your own (i.e. lie) and then file a DMCA takedown request (i.e. commit perjury) to force them to remove their ToS? Yes, you could do that. But since you likely can't demonstrate that you're the original copyright holder (e.g. trivially their SaaS pre-dates your service and they probably have internal documents like e-mails surrounding the drafting of the ToS whereas you don't unless you forge those as well) and sending a DMCA takedown request for works you don't actually own is literally a felony crime, I don't think that's a winning strategy.
To be clear: yes, there are laws against abusing DMCA takedown requests, precisely because otherwise anyone could just send them out for fun. Specifically DMCA takedown requests include a statement under penalty of perjury from the copyright holder that they hold the copyright. So this isn't a special DMCA law but just a boring old felony crime involved in fraudulently filing illegitimate legal claims.
If you're wondering why you've never heard of this it's probably because you're thinking of sites like YouTube which don't actually receive DMCA takedown requests normally but instead provide an arbitration system to allow content owners to avoid messy legal back-and-forths over the back of Google and instead be trusted based on who they are (i.e. smaller creators will be stuck in appeals limbo trying to talk to a human whereas large corporations will usually be trusted by default). This does not however apply to e.g. GitHub, which is why there is a public collection of DMCA takedown requests hosted by them: https://github.com/github/dmca
To speed up this conversation: if you can think of another example where your conclusion is "but this is dumb" then it's likely because your example is, not the legal situation you're looking at. Also "but this is dumb" is not a counter-argument to "this is what the law is like". The law does not care if you think it is dumb and saying it is dumb is not a good defense if you end up in court.
I think that one of the benefits of dvcs is that it's relatively easy to move to another provider or self host, and that everyone that cloned has a copy.
I see the creeping panopticon as being a bit like climate change.
Anyone with some knowledge of history can see what horrible things might happen if we build a comprehensive surveillance machine, but nothing terrible has happened yet. It’s hard to convince people to give up convenience to prevent a danger that hasn’t yet come and cannot be clearly seen.
With climate change it will take years of records for extreme weather being blown away. For this it might take a developed nation falling into hard core fascism and the digital dragnet being turned directly against its citizenry.
China is perhaps a case with its social credit system and camps, but it might not be extreme enough and may be too far away. It may have to happen here, or much worse. Americans in particular think “it can’t happen here” even though it almost has several times.
Hosting is not the problem that generates the need for a business.
The problem is having people available to do the work that is needed to keep the system useful and up-to-date, which includes writing code that will parse the ToS, maintaining it, and upgrading programming languages, packages ... and most probably lawyers.
So where those diffs are hosted is a tiny cost of what is needed to make it work.
All these require effort.
And effort can be paid with one of two things: time and money. And for someone to have time to work full-time on this, they need to have ... money to sustain themselves.
Thus this kind of project needs money => that either can be a grant, donation from a big entity, or business model. Donations from users are not working for long-term sustainability in most cases of good projects for society. Or at least I don't know a successful project like this.
My point wasn’t that it can’t be done without a business. It was that people came up with this idea over a decade ago and those projects peter out. Without a business model, there is no incentive for the work to continue to get done.
People are too eager to expect some other person to invest their own time and effort in an open source project without considering the consequences of such an expectation.
My point was there have already been open source / crowdsourced efforts and they typically fail — because the effort is high and there is little/no money because people don’t actually value the result. Solve the sustainable efforts problem and/or make the TOS publishing required to go to a standard service (like US public stocks have to publish forms to SEC.gov)
The fun thing with ToS is that you know every large company with a ToS (or EULA for that matter) has analytics and knows exactly how long you read that ToS (if you did at all), and is smart enough to know objectively if you read it or did not read it.
For a little while, (and I should resume this behavior) I would capture TOS and save them away to read at leisure.
Because what happens, especially with fiddly mobile apps, is that you're granted a single glimpse at the bona fide link to TOS/EULA, and never again will you find how you got there. (Sometimes the link fails right off the bat, giving you zero opportunity to read through the terms!)
So I would take advantage of that and save it, by any means necessary: screen scrape, copy-paste, print-as-PDF, take photo of screen with second device, whatever it took, because they could make it difficult!
But then I would usually end up with a copy of the contract that I could later call up and check on. So, your suggestion that analytics can determine my dwell time on the document when it's presented to me, that's not going to be indicative of how much time I really spent reading it after copying and saving it.
I've found that this is a good practice, and not for the reason you're thinking of. I've found that I'm extraordinarily bad at reading legal documents like this (including my lease, employment contract, benefits and insurance docs, you name it) because even if I think I understand, I didn't get it, and it's pointless anyway because negotiating the wording is not on the table.
But it's a good practice to save these, because of this: there are often instructions included about how to resolve disputes and claims against the company. These instructions usually follow a strict procedure and they have rules about what you can do. They also have contact info, and again, you will never ever find this contact info anywhere else ever again if you don't save the EULA at first opportunity. They will tell you what kind of arbitration or court proceedings are acceptable, they will tell you the complaints procedure from start to end, time frames, and what to expect at each point. This info is gold, and it's not going to be available when you come to have a dispute, and you're not even going to be aware of the procedure at that point, and so you will automatically be disqualified and lose any dispute because you didn't follow procedure. Have fun!
The good thing is that if you relinquish more personal data by accepting the changed ToS, it is not valid or legal in the EU, since the GDPR requires you to ask consent explicitly, unambiguously, and and in simple terms, and per use case (so, not buried in a ToS). Moreover, you should have the option to deny consent per use of personal data.
I wonder if they are serving different ToS in the EU (haven't received anything from Microsoft yet).
It's a requirement that contracts you enter into are provided to you in a way that you can store them on a durable medium. Maybe it's a good idea to make use of that and store your copy, if you want to know what changed
Right now Google is sending out emails about their new Gmail inactive account policy. A lot of people use my domain name as their email address for some reason. I've gotten 17 emails so far, the first one dated July 20th, the last one yesterday August 18th. Almost a MONTH, and all the destination email addresses are their own!
it may even be longer since they're all in my trash and it auto-deletes after a month.
I tried to read some of them to see what has changed. I really tried...
If any lawyers from the future are reading this: It was impossible for me to see what I was agreeing to. Furthermore, I was not given a chance to not agree with these (unknown) changes.
It is crazy how unreasonable the world of law is. Just some days ago, I installed some game (Assassins Creed I think?) and it had 3 agreements to read, each one a kilometer long (just a figure of speech). Really? To play a game? Of course nobody reads them and just press Accept.
These are most likely not legally binding in the UK as consumer contracts and notices as a whole have to be fair (transparent, in good faith and intelligible) to consumers under the Consumer Rights Act 2015.
Same in Germany. There was an interesting case against WhatsApp banning a user for using a third-party app, which WhatsApp argued was against the ToS but the court ruled that the user could not have expected this to result in account termination as using third-party clients was perfectly acceptable practice for similar apps and the user was not explicitly warned this would happen.
Basically you can't sneak gotchas into a ToS, you have to make sure users know they're violating a rule. Ironically this is unlike actual laws where ignorance is not an excuse even if the law is weird and unexpected.
Interesting case, I didn't know of that one. Thanks for posting!
> Ironically this is unlike actual laws where ignorance is not an excuse
I think it's similar to real laws.
Unacceptable rules: sneaking in terms such as that your firstborn child will belong to me is not enforceable: nobody could expect or would agree to that. In law, similarly, you can't just upend someone's life for a minor infraction, or indeed take a child in exchange for your use of an ordinary government service. If this were to pass, a court would strike it down based on human rights or constitution, so you'd have to change/disavow those also as a country.
Acceptable rules: sneaking in terms that are fair are enforceable. Your third party client ban is an example where the rule is acceptable, but the consequences deemed disproportionate and so a warning is in order before cutting one off. This is similar to many laws, for example mildly dangerous driving gets you a fine or few days/weeks of driving ban. It takes repeat offences to get banned outright. Failure to pay taxes doesn't result in them showing up to auction your TV off, but they send a nice letter first, even if they'll eventually show up with a writ and after you're been warned that this is the next step, because indeed, we don't expect everyone to know everything.
I'm not a lawyer and can't cite relevant cases or anything, but this is my impression of law as a lay person. It's rarely perfectly fair towards everyone in all situations, and I think we should pay even more heed to "but how was I supposed to know"s whenever a situation is legitimately complex and good intent was shown (to avoid that people avoid doing good things because they don't know what legal risk it puts them in, such as what good samaritan laws are aimed to avoid), but it does try to find balances between what people can reasonably know and follow, at least in northwestern Europe which I'm most familiar with.
> In law, similarly, you can't just upend someone's life for a minor infraction
Yeah, that's the theory. But what a judge will decide qualifies for "minor" may or may not align with what is sane or what most people believe, and this gets worse and worse if you go into higher courts with politically appointed judges.
On practice governments upend people lives all the time, even for presumed infractions that may not be there at all.
I kind of agree with that. I did say "It's rarely perfectly fair towards everyone in all situations", but I'd be curious to hear of examples where you think the judge ruled something goes so far that makes you say it doesn't "align with what is sane" and that such things happen all the time. Do you have any examples?
Edit: from a place like Germany as the person above was talking about, to be clear. If such things are trivial to find in the USA would not surprise me in the slightest
There is a lot to be learned in this regard from financial products online. Most of them have built in functionality to let users know what they are doing and the associated risk.
That’s because there have been countless similar games played for centuries and financial/ consumer protection regulations have forced them to.
Where they aren’t regulated the same way, it’s a minefield.
eg the CFD firms advertising on TV aren’t saying ’72% of our customers lose money ‘ because it’s nice or helpful.
I'm not sure if this is also present in EU law but in German law online services like web shops and in-app purchases require very specific wording for any button that has the user commit to a payment or purchase. The recommended wording (which you're allowed to deviate from but is not recommended unless you know what you're doing) in German is "Zahlungspflichtig bestellen", which means something like "Order with obligation to pay". The label "Kaufen" ("Purchase") was deemed insufficient.
Note that this also requires the user to be informed about what they will have to pay before they click the button. No bullshit surprise charges or hidden fees, mostly.
What I do is spot check, i.e. open an agreement, pick two or three spots at random, and do my best to read and understand those. My hope is if just 1000 people did that, they’d be able to collectively spot unexpected/unacceptable terms and make them public.
Sounds like building something simple that aids in tracking “coverage” of reviewing ToSs could be useful to increase that the odds of spotting something untoward?
Iirc there was (is?) a site which gives a rating to the various license agreements of popular services and the like, so maybe it’s a solved problem?
If it’s an app from a walled garden, you can leave a critical review. People can filter for those before they buy or download.
If it’s some other piece of software, you can go to a package repository such as the AUR [1] or Chocolatey [2], and leave a comment for the package even if it’s non-free.
If it’s a pure SaaS, there’s little you can do though, apart from tweeting, word-of-mouth, or Google reviews.
Then my assumption would be they would require an agreement in place prior to disclosing the actual ToS, you can't be in a situation where you breach the ToS prior to digesting them.
Part of me wishes there was a law that companies had to implement checks that their customers read and understood the agreement. Timers, making sure people had each line of text on the screen for a sufficient amount of time, and line by line video explainers. Just to expose the ridiculousness of it all.
This there seems to be more video only, nonskippable training that make sure you spend an hour watching. For now, running them in a vm in the background works.
This is another legal ass-covering thing, because “we give our employees 3 hours of safety training” will hold up better in court than “we give our employees 5 minutes of safety training” — the actual content of the course doesn’t matter, whether employees are acting safely or not doesn’t matter, the only thing that matters is how well the company can avoid liability.
Even for the ones with quizzes at the end and lots interactive elements throughout (not a video), oftentimes the most time-efficient strategy is to speed click through and just guess the quiz answers using common sense. Hasn't failed me yet.
I've seen timers on ToS screen. Of course, it just makes one wait a bit and take another sip of the drink before clicking OK without reading, because nobody can understand that shit anyway, time or no time.
In one "inside a video game" LitRPG the main character gains an achievement for being the first person to read the ToS to the end before clicking "accept".
Years ago the installer for some pirated game would display the game's EULA... only to show you 'Wow! Did you really read that in less than 10 seconds?!' pop-up after you click 'Agree'.
It does not matter what one personally does in this scenario. It matters what most people do. If most people accept unethical or dangerous contracts as normal, then (some) corporate behavior that is unethical or dangerous becomes allowed, or worse (normalized). So it matters instead whether you are pro or against that, and what political action you take to steer that in a more desirable direction. We all (arguably) have an obligation to help steer society in healthy directions whether we want to participate or not,.
Virtually every kind. The risk is low (if game companies routinely extracted player's kidneys using little noticed section in TOS as legal basis, we'd likely know it already) and the reward is significant.
That's like reading diffs instead of reading source code. If the code is clean and the change us simple, it's easy. If the code is dense and dirty and the change is complex, it's next to impossible to figure out what's up.
More or less you should assume that any consumer contract promises you exactly the minimum allowable within the framework of applicable laws. That is the intent.
Practically what this means is that it is useless to negotiate with big companies or really even read their terms (unless you have skills to spot errors) - the best one can do is support campaigns for expanded privacy laws, consumer rights etc.
That seems to summarize it and is my take as well except that you can negotiate with them to an extent as you can avoid that product and this can have an effect if you can also convince other people of doing so. Sure, usually people don’t care (or think they have no choice), but sometimes they do care enough to at least push alternatives as seen in the cases of twitter and reddit.
In common law jurisdictions it'd likely be the courts setting the limits, using judgement and precedent to set what is reasonable and what is not in the contract. If they put there that they get your car, and come to collect, you tell them to take a hike, they can sue and likely lose because a judge would say it's unreasonable, and they'll be on hook for court costs. In the borderline cases, may still be worth it for them, but pushing it too far is just losing money.
This “solution” is a non-starter. People like to imagine that we have a marketplace with degrees of freedom in all directions, but we don’t. We have to make choices, and often that just means choosing the least bad option.
To summarize the podcast episode, contracts used to be individually tailored, but businesses found that too onerous and just wrote boilerplate contracts for all customers to sign. Then they decided the signing part became too onerous for businesses so courts decided that using the product was enough to agree to terms. So now we’re at a point where not using the product is legitimately the only way not to agree to whatever terms the company decides.
I want a political cartoon: Panel #1 shows "The Free Market Ideal" with people bustling about, negotiating with the owners of wooden carts filled with produce and goods, lots of people and energy. Panel #2 show "The Free Market Reality" with a bunch of tired people waiting in line for one of two computer terminals, one of which is showing an error screen and it appears may have broken (the other is showing a ToS).
after all, you can argue/haggle/negotiate with a myriad of software developer firms (who are happy to build and operate a bespoke service for you). you can also do the same with many service providers, all you need is a big enough order and they are eager to give discounts. big enough check and you can pick and choose T&C too.
free market or not, market forces, mostly supply-and-demand and barriers to entry and costs lead to very few choices.
however, it's likely that the accumulation of software technology and decreasing costs will make a lot more features available in service form.
Because this is not a non-starter as suggested. I leave services because of their terms... I have rebuilt services because of their terms... You start what need to.
If this is your work account then switching is down to your employer and they probably have a legal dept to understand all ToS anyway. But any ToS change shouldn't affect you much because you shouldn't be using it for personal stuff.
I don't think the venn diagram of companies using outlook/office365 and companies with a well resourced legal department has as much overlap as one might hope
As the other comment hints: most companies don't have lawyers. And then they'd probably be specialized in another area. Only very large companies can afford to have legal staff looking at some random ToS change.
Are the terms for Microsoft business customers different to those for end users, with regards to privacy and tracking? Can my ssl232@mycompany.com email provided by Office365 get tracked around the internet just the same as ssl232@gmail.com?
It probably is tracked but you don't care unless you are using company provided accounts/infra to do personal stuff and then that's your actual problem
Yes? You can work decades in many careers without touching a Microsoft product.
Ut more importantly, you have no right to Microsoft products, and it regularly blows my mind when people try to argue otherwise.
Besides, if your beliefs are so incompatible with society that they exclude you from holding down a job, that belief becomes a pathology, not a conviction. Understanding how to operate successfully in society is a critical part of being an adult.
At least in my corporate experience, it's hard for IT to avoid the pull of Exchange + Outlook. And it's hard to work at a company when you refuse to use email.
Microsoft goes to great lengths to court primary education systems to instill themselves as the "taught software stack". You say no one has any right to Microsoft's products... Then does that not run into somewhat of a public contradiction when public education systems shove it down students throats?
In point of fact, it sounds like the publically taught option should be exclusively GPL or other FLOSS software offerings, because contrary to your assertion, every student does have an implicit right to those as a public good.
No, in no way at all is what you just described anything resembling a "contradiction". If you've used Google Docs or Libre Office for more than 5 seconds you'd know that.
If you want to nationalize Microsoft, petition your congressperson to do so.
Fast approaching. I used to be a fairly happy Microsoft....uh...person-slash-developer. It isn't worth the stress of trying to make their shit work these days. Their last chance with me was the Power Platform. Absolutely horrid POS. Then a story breaks that reveals epic security flaws in the same platform (and across Azure nonetheless). High amount of wtf moments. Stay away for mental health purposes...I'm serious.
It is spectacular how incompetent lawyers are providing service to the public that pays them eventually, they are only able to communicate to other lawyers, so why should we use their services at all? We can get into trouble without them the same easy being cluless either way.
I've tried reading unannotated C and C++ and it's really hard. The problem with reading code is you're anticipating all kinds of input that doesn't necessarily exist at the time of review, and the code communicates not with a person but a code interpreter that reads in a hyper-precise and idiosyncratic way.
Annotations don't work with legal code because there is a real risk the interpreter might use the escaped comments unexpectedly as production code(!). Imagine your C and C++ comments could generate production errors. You probably wouldn't use them much.
There's an argument for giving people a sheet of hypothetical inputs and projected code outputs when we're talking contracts. Biz gives you the 'code' and then in a separate sheet say: hypothetically, a shady backwater adtech company asks for your mother's maiden name; are we allowed to sell it without further consent? And then they give the code output: "Yes, we can do whatever we want." And they go through a list of these hypothetical.
The counterargument is such a sheet could be even more mind-numbing and unwieldy than the original code if not written in an entirely new spirit.
And FWIW, my personal view is that these 70-page contracts of adhesion are a travesty, an evolutionary step, and a weak fiction at this point. The industry does not have a right to force 3 months of mandatory bedtime reading for their userbase every few months, the whole thing is broken and we're all just waiting for courts to coalesce around a better model.
Lawyers are not paid to provide a service to the public, you got that mixed up. They’re writing code to protect the company that hired them. The language used by the law is not the common language because the latter is prone to bugs.
I think the spirt of the statement still works if you move the incompetence up when level so something along the lines of ~"It is spectacular how incompetent that the law allows confused/convoluted communication to act as protection to the company hired the lawyers to produce said communication."
It seems like society would be better off if the law were set up to where only when clear communication has happened that the lawyer would bring benefit to their employer.
It wouldn’t be much better if the language were plain and simple. “We can do what we want with your data and you can’t sue us under any circumstances resulting from your use of the service, and you disclaim all rights to the maximum extent permissible by your local consumer laws” wouldn’t be any better for you.
The problem is contracts of adhesion are inherently unconscionable, as are contracts that require signing away rights without consideration (above and beyond the use of the service). If you’re doing something with the data beyond providing the service (in a GDPR sense) then there needs to be an actual consideration to the customer for the resulting profit above and beyond the use of the service.
I agree there would still be problems, but it would be obvious what is going on and would allow services to compete on those terms. Right now there is no competition on those terms and no real reason to try since the general consumer assume that TOS and similar are pointless hard to read and probably powerless anyway so why bother.
Making companies put it in plain terms that they’re forcing you to abdicate any right they can make you abdicate doesn’t automatically make competition appear. The market doesn’t work like that.
People primarily buy on cost, they’ll buy whatever is $10 cheaper. And in a truly efficient market this would be passed along to the consumer and people would buy the one that’s cheaper with worse tos - just like people buy ad-loaded smart tvs instead of a premium one with no telemetry or smarts or a tos attached.
Regulation is the only thing that’s gonna get you there. Contracts of adhesion are not gonna go away on their own unless you outlaw them. The market isn’t efficient like that, even if it were the efficient scenario is likely there one favoring cheapness and contracts of adhesion over consumer friendly behavior, and the behavior is unconscionable anyway. Just outlaw it.
The libertarian take on regulation is wrong, there’s a reason the EU does its consumer regulation with regulations and not with labeling. And in this case it’s actually contract law that is being warped by anticompetitive participants so you’d really think even the libertarians would be on board. A contract without consideration is not a contract, literally. And “we’re not going to let you use the good/service that you already paid for” is not a consideration, it’s blackmail and strongarm robbery.
This is one thing I strongly wish that the EU political arm could throw all its weight as it did with GDPR: Create an insanely strong law like GDPR making businesses have simple non-lawyeresque Terms of Services.
We had to change our privacy policy at work this week.
Simple reason was the EU/US Privacy Shield program came back into effect (to comply with GDPR), but it required slight changes to privacy policies (renaming Privacy Shield to something slightly different).
Any company participating in privacy shield will need to update their privacy policy if they haven't already.
Project idea: a Gmail filter that automatically burns all this junk mail every time it rolls into my inbox. Nobody reads this stuff except journalists and lawyers, yet I cannot unsubscribe.
Switzerland's new data protection law comes into effect on September 1st. Not sure it would require everyone in the world to get a new ToS unless one ToS is for the whole world.
The common denominator in the communication copy seems to be related to accounts belonging to minors. Microsoft mentions "If you are a parent or guardian, you are responsible for your child’s or teenager’s use of Microsoft products and services, including purchases", Meta's highlights revolve around "Parent-managed accounts", and PayPal did not provide anything meaningful about changes in the email.
PayPal already has an “Updates” page for their legal agreements. It describes which agreement is updated when and when that change takes effect.
I also received the PayPal email notification, but when clicking through the link the only legal agreement change this month was a week ago and was related to how much of your user data is available to a user visiting your PayPal.me page. Highly unlikely this is a coordinated change with Meta and MSFT.
https://ec.europa.eu/commission/presscorner/detail/en/ip_23_...