About this weblog
Here we'll explore the nexus of legal rulings, Capitol Hill
policy-making, technical standards development, and technological
innovation that creates -- and will recreate -- the networked world as we
know it. Among the topics we'll touch on: intellectual property
conflicts, technical architecture and innovation, the evolution of
copyright, private vs. public interests in Net policy-making, lobbying
and the law, and more.
Disclaimer: the opinions expressed in this weblog are those of the authors and not of their respective institutions.
What Does "Copyfight" Mean?
Copyfight, the Solo Years: April 2002-March 2004
1. Milly on October 17, 2005 8:13 AM writes...
This has now been BoingBoinged, I see. I hope someone there (i.e. with that widespread circulation amongst ordinary users) will flag the dangers of a false sense of security.
I ran its own EULA (presented, btw, in a "small windows that require lots of scrolling", without any means to print or copy'n'paste the text elsewhere - just like the bad guys do), thru' The EULAlyzer, and it illustrates my point.
Its practical purpose, and more-or-less-stated intent, is that people need only read the bits flagged as "potentially interesting". Which is fine provided it *always* flags the "potentially interesting" bits, but dangerous if it doesn't, because many people might be even less inclined to read the whole thing, and therefore miss the bad bits, than without the tool. Especially when it's popularity extends beyond people like the readers here, who are interested/horrified in/by such things.
To illustrate, then: these seem to me to be by far the most "potentially interesting" parts of it's own EULA :-
,------------ [quote]
The SOFTWARE PACKAGE includes a function which enables you, at your sole option, to submit text to our EULA Research Center. If you choose to submit text to the EULA Research Center through the SOFTWARE PACKAGE, you are not required to, and you should not, submit any personal, confidential or any other sensitive information. Javacool Software LLC shall not be responsible or liable for any such information submitted to it and we will not be responsible or liable for protecting the privacy or security of any information submitted to us, although we may attempt to purge such information, at our sole discretion, if and when discovered.
All information you elect to submit to us is at your own risk. ANY COMMUNICATION OF MATERIAL YOU TRANSMIT TO US THROUGH THE SOFTWARE PACKAGE INCLUDING ANY DATA, QUESTIONS, COMMENTS, SUGGESTIONS OR THE LIKE IS, AND WILL BE TREATED AS, NON-CONFIDENTIAL AND NON-PROPRIETARY. We may use anything you transmit or post for any purpose, including, but not limited to, reproduction, disclosure, transmission, publication, broadcast and posting. Furthermore, we reserve the right to use any ideas, concepts, know-how, or techniques contained in any communication you send through the SOFTWARE PACKAGE for any purpose whatsoever, including, but not limited to, developing, manufacturing, and marketing products using such information without incurring any obligation whatsoever to you, and by sending such communication, you waive all your rights thereto. You are responsible in full for the content and accuracy of all information that you send to us and for ensuring that the rights of third parties are not prejudiced.
'-------- [end quote]
Look at that lot! Reference to transmission of personally identifiable/sensitive information; privacy/security/retention of same; treatment of any/all information as non-confidential; use of such information in any way they like, including republishing and *marketing*; waiver of all rights.
Wow. Now of course *we* know it's all above board, mostly in the negative, and indeed a necessary safeguard for them to be able to offer such a facility. But it sure is "potentially interesting". If KaZaA or some other scumbags were saying that, we'd want it flagged for closer scrutiny, right?
But EULAlyzer doesn't flag *any* of that lot.
I changed the text to make it even 'worse', as below [changes *highlighted* here for clarity], and re-scanned it :-
,------------ [quote]
The SOFTWARE PACKAGE includes a function which enables you, at *our* sole option, to submit text to our EULA Research Center. If *we* choose to submit text to the EULA Research Center through the SOFTWARE PACKAGE, you *are required* to, and you *should*, submit personal, confidential or any other sensitive information. Javacool Software LLC shall not be responsible or liable for any such information submitted to it and we will not be responsible or liable for protecting the privacy or security of any information submitted to us, and we *will not attempt to purge such information when discovered*.
All information you elect to submit to us is at your own risk. ANY COMMUNICATION OF MATERIAL YOU TRANSMIT TO US THROUGH THE SOFTWARE PACKAGE INCLUDING ANY DATA, QUESTIONS, COMMENTS, SUGGESTIONS OR THE LIKE IS, AND WILL BE TREATED AS, NON-CONFIDENTIAL AND NON-PROPRIETARY. We may use anything you transmit or post, *including personal, confidential or any other sensitive information*, for any purpose, including, but not limited to, reproduction, disclosure, transmission, publication, broadcast and posting.
'-------- [end quote]
EULAlyzer *still* doesn't flag anything. If a bad actor included the above text, then an EULAlyzer user (who didn't then go on to read the whole EULA regardless) would get a false sense of security/privacy, would they not?
Perhaps it will improve over time, and as feedback is received. And probably it will do more good than bad, in aggregate.
But still, shouldn't we have significant misgivings about the concept? Or at least not simply link to the thing without critical comment, as if it's a panacea?
Milly
Permalink to Comment