The basic law relating to online terms and conditions has been stable for some years now and should remain so. It certainly is not headed for a "reckoning."
When private parties transact business in a free society, the law of contracts steps in to provide rules enabling them to do so in a well-defined and orderly manner. Contract law has some fundamental principles that anchor it and, beyond those, has a vast number of intricacies that potentially can come into play in individual circumstances. Concerning fundamentals, for most executory contracts to be enforceable, you need to have mutual consent and some exchange of consideration. That is, a meeting of the minds on material terms and an exchange of value. When these elements exist, the law considers a contract to be binding and imposes legal consequences for any breach or failure to perform. In order to avoid chaos, it further stipulates that the core principle (meeting of the minds) is not based on purely subjective factors but on what a reasonable person would believe in the circumstances. This objective standard enables commercial transactions to proceed without endless second-guessing about what the parties might have desired or meant when they contracted in any given transaction. Because of this, while it can easily become messy in any given case, most contract situations can be legally evaluated with a fair degree of certainty and parties can plan their affairs and determine their rights accordingly.
The above describes what might be called a very high-level summary the central tenets of the common law of contracts in the Anglo-Saxon legal tradition. If someone reasonably can be said to have consented to a given transaction involving some exchange of value, legal rules applied to govern how that exchange took place and what would happen if some breached his or her agreement.
When it comes to terms and conditions in online commerce, the law generally applies this body of contract law but does so via what might be called the fiction of mutual consent between the contracting parties. It is well known that the vast majority of persons do not bother to read such terms and conditions when they click on the "Agree" button. Nonetheless, the terms and conditions are legally binding upon such persons. Why? Because it is assumed that the person read and understood them in clicking. And that assumption is what makes it a fiction. In effect, the law says, "we will pretend that the person read through the terms and knowingly agreed to them." Given that this legal fiction effectively substitutes for a true consent, the law can proceed along its merry way and treat this contract as it would any other, i.e., treat it as binding and enforceable upon the "contracting" party. In effect, to preserve orderly rules of contract in such transactions, the law effectively says that the terms and conditions are legally binding if they are such that a reasonable person who had taken the time to read through them would have understood them to have a certain meaning (that is, the "reasonable person" meaning that the law will enforce upon the person doing the clicking).
This fundamental approach to terms and conditions in online transactions has not changed one bit in some years and is under no risk of being changed. Because, without it, you could not practically have any semblance of legal orderliness in online transactions.
Moreover, while it is often said that dense legalese is undesirable in such situations, courts generally enforce such legalese without hesitation, even if a complaining consumer says until he is blue in the face that it could have been put in easier-to-understand plain English. There is no legal rule that requires contractual language to be put into plain English and there are some types of contracts where an attempt to express the legal requirements in that way would cause a loss of precision or lead to other problems. Whether something is expressed in plain English or not, then, typically does not affect its enforceability in online transactions.
Again, nothing pervasive is happening in the law affecting online transactions so as to require use of plain English to make terms and conditions enforceable.
None of this is to say that there are no protections in existing law when people try to use weasel language to defraud others or use language that is so imprecise as to mislead consumers or use language that is so ill-defined or vague as to leave important matters uncertain to the other contracting party. In all such cases, existing common law has remedies of varying kinds to say that such contracts are unenforceable or that some remedy applies in favor or an aggrieved or defrauded consumer. But, in practice, these are edge cases, the ones that wind up in dispute or in court. The vast bulk (99%+) of the commerce that occurs is covered by the general contract rules and proceeds in an orderly way because the rules are known and predictable.
Against this background of the common law contract rules, it is possible for persons to want to modify the existing rules on grounds that such rules are unfair to the consumer and or are not based on true consent by that consumer or for some other public policy ground.
This is where special public-policy-driven enactments come in to modify the standard contract rules. Legislatures can adopt special laws dictating outer bounds to how businesses can use the private data of consumers as such data may entrusted to them. In this area, perhaps, a form of "reckoning" may occur if it is determined that companies such as Facebook ought not to be able to sell or misuse private data to the detriment of their users. This is an important development and serious changes may be afoot affecting such special areas. But this does not affect the general principles by which online contracting occurs.
There could also be proposals mandating that plain English be used in terms and conditions or requiring this or that form of mandated disclosure to help ensure greater consumer understanding but all such proposals come with decided trade-offs that typically make them impractical. The reason for the fiction of legal consent in the current system is the supreme utility that comes from allowing millions of online transactions to occur every day without incident based on orderly rules known to all. You can change all that through legislative enactments saying that public policy requires a different system that is more fair to consumers. But at what price? That is why the current system is and remains solidly in place.
To underscore the importance of utility, I have been legally trained and have years of experience such that I could easily read through and comprehend the legalese that is found in most online terms and conditions. Yet, with rare exceptions, I am just like everybody else and will click "Accept" or "Agree" without reading anything and without a second thought. As a lawyer, I can't say that I am proud of this but I can say this is human nature. The issue is not primarily that legalese or plain English will make a difference in understandability. It is that we take the path of least resistance when not much is at stake and we don't want to be bothered. Try as we might, no law will solve that problem.
Its beyond even being a legal fiction in many situations. There is no option for most people when it comes to certain terms and conditions.
Take phones for instance. You cannot live in modern society without a phone. You will not be able to get a phone, without agreeing to one of these long terms and conditions. They come from landline providers, they come from cell phone providers, they come packaged in the box in the cell phone from prepaid phone sellers.
How is saying, you're cut off from society or you can agree to a contract designed in a way that you have no reasonable chance of actually understanding it, something we want for society?
For practical purposes, you can’t secure a dwelling without signing a long, complicated contract (be it a lease or a mortgage note). Yet dwelling is a necessity, even more so than a phone. And, in these contracts, so much more is on the line. According to your argument, you should not have to be bound by the terms of these agreements. You may indeed believe that, but I hope you can see how much of our society is based on the assumption that these agreements have force, and how far we are from moving to a state where they do not. You may wish it were otherwise, but there is essentially no chance of that change being enacted in the foreseeable future.
I know, we can't just throw out the concept of a contract with our current society and I don't think there would be a benefit in doing so. However mortgages are something that rarely have side effects surprise the signers. Terms of service seem to surprise the majority of individuals who agree to them, and as the poster above said, the idea that anyone agreeing to them understands what they agreed to is a fiction.
Why terms of service are having a different outcome is something that should be figured out and mitigated. We shouldn't just keep charging forward on something where the outcome is bad for the vast majority of individuals in society, just because we've always done it that way
I told the title company handling the closing of my first home, in 1982, that I wanted a copy of every document I'd be asked to sign 3 weeks before the closing date. They told me they had no process for doing that and they would look into it. From that day forward I never went into a real estate closing without a real estate lawyer.
Yes, I have several adjustable rate loans, and they do still surprised people, they just aren't on the level of surprise of nobody even reading it because it's too long and complicated to understand
I'm not sure I agree with the previous poster about phones, but I never signed a 50 page lease agreement. Typically they have been about three pages. Buying a house requires a bit more and a home loan requires a lot more, but it's only once you are taking a home loan out that you end up with a contract comparable to what internet companies come up with. Further, when you take out the home loan and make the purchase, there is a human being to walk you through the details. Also, I consider a house purchase to be significantly more serious than a pay-go phone.
I think there are some US states where housing rental/lease agreements are regulated to be shorter/simpler. I want to say our lease in Washington was only 3 or 4 pages. Whereas, I recall other places have been in the dozens of pages.
Of course, I'm one of the minority who reads every page of those...and everything singed when buying a house. Luckily, most title companies will supply copies ahead of time.
I read my mortgage note cover to cover, and also the Facebook T&C front to back. They both seem pretty easy to understand to me, tbh. The standard CA home purchase contract is the scariest of the three, because there are so many options that can cause huge swings in value and liability.
No matter how plain the language is, it cannot benefit someone who doesn’t read it. You may argue that the lack of plain language in T&C causes the lack of reading. But there’s a natural experiment here in the form of those same U.K. financial services terms you mentioned. Do you honestly believe that a large fraction of U.K. financial services consumers are informed about the terms of financial services they are consuming? I have no data here, but the concept beggars belief. Even if they are ten times as informed as American consumers of internet services, that would mean order 1% of consumers had read the terms, as opposed to 0.1% if people reading web T&Cs.
Even that strikes me as very unlikely, just examining my internal estimates how likely I’d be to read terms and conditions if they were in plain language. I don’t think the impenetrability of the language is the main barrier to reading T&Cs. The main barrier is that there is little on the line, and, moreover, I can already guess approximately what the T&Cs are going to say.
This is just a gut reaction. If you have some data to show that U.K. consumers are significantly more informed based on these plain language requirements, I’m happy to recant.
I think we're talking about slightly different things here. While many financial institutions (and others now) will provide a plain English explanation of the whole contract, I'm just talking about the key terms.
"Your house may be at risk if you do not keep up with repayments. Variable rates can go up and down." etc.
These sorts of things are required not just at point of agreement, but everywhere a financial product is marketed. They're short enough. Same thing as you'll see in where medical marketing is allowed.
So in that vein, before Facebook takes data about you, it should be explaining that they and their partners operate a marketing platform that is used to monitor and influence your political views. That they can use your photos of you and your children and others for their own marketing purposes. That licenses you grant them to your content are everlasting and irrevocable.
It's over-done (on purpose) but initialling each term like this should be a requirement for contracts that subvert your rights [to privacy, here] as is required elsewhere.
I don't have data on the efficacy of said warnings. The rules here have existed longer than I have. But it's not illogical to suggest that forcing somebody to actually engage with the text before they give up data will mean more will read it.
The main barrier is that the length of T&Cs is completely unreasonable relative to what is at stake. How can someone be expected to read through and understand something the length of a short novel just to post a few images online or something?
Was a time long, thoughtful, informed comments on this site garnered plaudits rather than gripes. Considering this is one of the only informed, reality-based comment in the entire thread, I think it’s best to engage with and appreciate it, rather than making easy jokes.
I’ve read your entire comment and still think that the GP is an appropriate joke. You gave a good overview, in clear language, trying to be as concise as possible. The result us still quite long, in fact I guess it is long enough that most commenters won’t read it in full, just like a typical T&C document.
Contracts are long for good reasons, but excessive contract length is a real problem.
The US is set up to be regulation-lite and litigation-heavy. As such, contracts tend to be rather encompassing, lest they be vulnerable to litigation.
You also seem to be missing that your parent and the GGP are not the same account. The original comment was written by grellas, a longtime HNer and valued contributor. I doubt grellas runs sockpuppets considering he had a YC connection at one point, IIRC.
The question is whether all the data that is collected from online consumers is actually required in order to fulfill the ever-growing number of online transactions. What data is needed to purchase a product or subscribe to a paid service? Perhaps name, billing address, payment details, etc. Any data collected above and beyond that minimum may be rightfully questioned and might reasonably be considered "optional".
Facebook's data policy has now increased from something like 2700 words to 4200 words.[1] Putting aside the question of whether this makes it more or less digestible by users, some are saying the new policy may make more clear what data Facebook is collecting. However the question remains: Why are they collecting it? This is perhaps the fundamental question and one that underlies the GDPR. With respect to each item of user data: Is it neccessary to collect it in order to provide the product or service.
Is there a minimum amount of data that must be collected? Is the amount of user data that Facebook is collecting above that minimum?
Facebook is clearly a business. It is selling a service. There are paying customers. However there is a question whether users are actually the "customers". Is the relationship between Facebook and users a commercial one?
How does one quantify the "price" that users pay. What are the users affirmative obligations under the agreement? What is the user's end of the bargain. An agreement to allow herself to be studied?
What is Facebook's end of the bargain? Does it have any affirmative obligations regarding service? What happens if Facebook fails to perform their end of the bargain? How is the value of the service quantified?
Does this arrangement at times seem tantamount to users agreeing to take part in an elaborate, ongoing "marketing survey", where their behaviour online will be recorded, observed and analysed? Does this make the user agreement different from a traditional commercial transaction?
Is the relationship between Facebook and advertisers more like a traditional commercial transaction? What data does Facebook collect about its customers, advertisers? Is it only the minimum needed to provide the service?
Is joining Facebook the modern equivalent of taking part in Nielson ratings, agreeing to have a monitoring device attached to ones television recording ones viewing habits.
1. When corporations "negotiate" with consumers, this is an abuse of the legal system. Contract law was conceived for situations where both parties have at least some amount of negotiating power. Handing a consumer some long contract written by a set of well-paid lawyers, and asking them to sign it or walk away from any benefit from a product, is not the kind of contract we want in our society. In the past, we've used group association - collective bargaining, class action lawsuits, etc. - to solve this problem of many consumers, each with almost no power, negotiating with a big corporation with all the power. Arbitration clauses, and non-competes, are often examples of abuse of this power imbalance.
This situation is the kind of thing government exists to do - solve problems for its citizens by working collectively. So perhaps regulation is also a remedy.
2. Informed consent, vs. terms-and-conditions consent. Click-through agreements with many pages, written by a legal team, in which the alternative for the consumer is to walk away, cannot be seen as informed consent by the consumer. When Facebook asks users to click "yes" for disclaiming privacy rights, that's not informed consent. We already have a definition of informed consent in scientific experiments, and it requires understanding every word of the consent and no penalties for saying no. (If a scientist offers subjects $10 for participating, the scientist must pay that $10 to anyone who declines the consent form.) Consent forms must evolve to match informed consent in science.
If as a society we deal with these two issues, we'll be in a much better place, and we'll be dealing with wealth concentration (into the hands of corporations), a key issue for our time.
When two companies negotiate a contract, typically what happens is this. One team of lawyers drafts the contract. They send it to the other lawyers. Both business teams consult their lawyers, and the lawyers update the contract with their desired changes. Then the first company comments on desired changes and they negotiate.
The result, after perhaps many rounds of negotiation, is often a far different contract than was originally proposed.
That is NOT what happens with consumer terms and conditions agreements, or cell phone contracts. There, the company's lawyers draft a contract that is as favorable to them as is legal. The consumer does not have the legal team or negotiating power to push back: their choices are to sign, or to walk.
These quite different contract processes are worth thinking about. Is this the way we, as a society, want contract law to be used?
What you're describing is just an adhesion contract, and it doesn't happen only with consumers. For instance, around here the supermarkets have a lot of bargaining power over their suppliers, and make use of rather lopsided adhesion contracts (e.g. the supermarket decides whether, how much, and for how long to discount the product and the supplier pays for the discount).
Sometimes I wish that severability clauses were not allowed in contracts of adhesion so that lawyers would be forced to only include terms that were actually enforceable or else have the entire contract become invalid. Obviously it wouldn't work very well if even a small mistake made in good faith could invalidate an entire contract, but the problem of companies hoodwinking customers with unenforceable terms has gotten out of hand.
> If a scientist offers subjects $10 for participating, the scientist must pay that $10 to anyone who declines the consent form.
Any resources I can learn more about this? An acquaintance of mine runs a research group at a university, designing and executing survey instruments for other groups. Periodically asks me to help her with leveraging Facebook Ads for participant recruitment when her traditional targeting means falls short (generally surveys that need participants less than ~35, but sometimes for other unique targeting requirements).
The ads usually advertise a gift card for qualifying and participating, and the only branch of the survey that includes the gift card portion is the one where participants both complete the survey and don't get routed out by the initial qualifier questions. The recruitment ad copy, the survey instruments, etc all have to go through IRB approval, so I assumed that process was all above board.
In fact, in Germany any Terms and Conditions which have not been presented to the customer before a purchase contract are completely unenforceable, not part of the contract. And in those he has been presented before the contract, any "surprising" clause is also automatically void, plus various other restrictions apply.
There is also a EU-wide regulation ensuring similar laws exist in all EU countries.
> it requires understanding every word of the consent and no penalties for saying no
That sounds noble. However, the actual practice of getting patients consent for medical trials is pretty much the same as a website ToS click-through [1].
[1] Source: it used to be my dayjob to sign patients on consent forms.
How many of the 51 titles of the United States Code am I, as a citizen, expected to have read and understood? Isn't Mr. Graham being a little hypocritical?
Even consent itself is something that's overly fetishized in our society. It's a sign that a group's common understanding of people's basic rights and responsibilities has fallen apart. So everything comes down to some idealized notion of "consent" which, in a well-functioning society, is necessary but not sufficient to determine whether an action is acceptable or not.
Do you think allowing programs to be specified in plain English is a good idea?
We have "legalese" for the same reason we have programming languages. Terms have specific, sometimes slightly different or more narrow meanings to promote better understanding of intent in languages meant to specify a set of rules.
Specifying laws in "plain English" makes about as much sense to me as programming in English. You'll quickly find that for all but the most trivial of things the ambiguity of the language works against you.
> We have "legalese" for the same reason we have programming languages.
The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.
"Legalese" is a programming language that allows unsafe pointers. It's compiler not only permits but encourages the use of preprocessor directives to redefine variables and operators. Everything is globally scoped. Nothing is protected. Everything can be overridden. Multiple inheritance is expected.
Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".
> The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.
Brief plain English would be about as bad. English with similar verbosity would be much worse. Obfuscating meaning in colloquial English is so trivial it happens on accident when communicating through text on a regular basis.
I'm not arguing that legalese is good, I'm just arguing that it's better than English, specifically because terms have been carved out over time to mean very specific things when used in a legal contract, and that provides for less ambiguity. It does require foreknowledge, but so does every sufficiently complex topic.
> "Legalese" is a programming language that allows unsafe pointers.
With regard to clarity, if legalese is C, English is dictating pseudocode to someone else who is translating to assembly on-the-fly.
> Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".
So let's make it better! But coming up with a more specific legal language will require even more training to understand than is currently required, and that's the opposite of making it easily understood by the average person.
My own comparison would be that Legalese is like Perl. It is familiar enough that most laypeople can look at it and get a good idea of what's going on, but it's definitely easy to write in a way that is nigh incomprehensible, either by accident on on purpose. In addition, the familiar appearance of the language hides some advanced conceptual differences that bite the unaware (context in Perl, specific meanings of common terms in legalese).
A new version of legalese might be more akin to Rust or Haskell. Very specific, very exact, but it requires much more up-front learning to understand exactly how everything works and what it means.
In other words, the learning curve would be steeper but the dividends paid for learning it would be greater.
Extending the source-code analogy, a lot of legalese needs more comments saying what the code is supposed to do, so that when a problem arises the legal system can actually debug it and better determine what raw code is is accidental or deliberately-misleading.
Unfortunately some of those comments are never made, or are separate READMEs and not systematically tracked alongside the code itself.
> Do you think allowing programs to be specified in plain English is a good idea?
The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.
That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.
> That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.
If you write software to control medical equipment in Brainfuck, it's potentially of consequence to a great many people. Same for autonomous driving routines.
Trying to make things clearer is a good cause. Expecting that everything can be made clear enough for the average person is a fool's errand.
Do we expect the circuit layouts of CPUs to be understandable by everyone? Because we are surely affected by those, in very many aspects of our lives.
Do we expect the full engineering and aeronautics behind an airplane to be understood by everyone? Everyone who flies puts their lives on the line based on those principles and the engineers getting it right.
Do we all expect to understand the numerous ways in which our bodies can get hurt, or interact with chemicals, or develop diseases? We trust doctors to figure out the complications there.
In each case, we've trusted domain experts to sort through the very complex topic and distill the knowledge into a useful form for us. In each case, we also generally know a core amount of the topic to help us navigate the everyday portions. CPUs work by providing a very low level core set of instructions that can be followed. Airplanes work through thrust, airflow and lift. Our bodies deteriorate over time, and if we put bad stuff in, they don't do as well, and some common diseases are known (cold, flu, etc).
The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.
Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.
> The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.
Using Brainfuck is an extreme example but you're taking it to its logical conclusion - off a cliff.
The difference is, the law affects and is applied to everyone. Contracts can and do affect the average person. However, only a domain expert has do deal in code.
We do not expect or require a normal person to read a 5,000 LOC piece of software, or risk giving up rights to participate in everyday society.
> Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.
I'm certain we can put together a reasonable "tl;dr" requirement for contracts targeted at the layman, e.g.
"""
- You may use this application (See: Section A)
- You will pay X per month (See: Section B)
- Late fees may apply (See: Section B, Sub-Section 2)
- We may collect user data (See: Section C)
- We may sell user data (See: Section D)
- We reserve the right to update the terms of the service (See: Section E, Sub-Section 1)
- We reserve the right to cancel service for any reason (See: Section E, Sub-Section 2)
"""
Make the tl;dr non-binding so long as a reasonable person, a typical legal standard, would understand the legalese to have the outcome.
One need not write a "literate contact," nor abandon all of our legal history, terms of art, etc. to improve things to make them more approachable for a normal user.
I have absolutely no problem with trying to make legal documents, contracts, TOS, etc more readable by providing additional information. I just think the idea of replacing what we have with something more like regularly spoken English would be problematic at best, because a lot of the problems we have with interpreting the law are because it's so close to an actual spoken language, and Human languages thrive on ambiguity.
> The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.
I've found that this is generally less true than I imagine it to be. A lot of law is not actually so difficult to understand. Legalese is still English, and Google is great for figuring out the odd meanings of certain terms of art.
Most of the exceptions I've come across (e.g., buying a house) are IMO actually intrinsically complex transactions. I could undestand, but it'd take so long. And the time taken would happen even if we only had the laws we needed and all those laws were written in plain english. In software terms, lots of essential complexity.
Going back to the article, the problem with Facebook's terms and conditions is definitely not understandability -- see https://www.facebook.com/policy.php. The average high schooler could understand. The problem is people caring enough to 1) find, 2) read, and 3) inconviencance themselves if they don't like the policies.
> Waving a 2-inch-thick printed version of the social network’s user agreement, Senator Lindsey Graham quoted a line from the first page, then intoned: “I’m a lawyer, and I have no idea what that means.”
1) Two inch thick I've read some pretty long books in my time but that takes the cake. Most people these days don't even have enough attention span to read a complete internet article. How do you expect them to plough through hundreds of pages of legalese?
2) “I’m a lawyer, and I have no idea what that means.” Do I even need to say any more?
* FB is doing their absolute best to make sure no "user" understands what they have agreed to
* writing the law in "plain english" is the stupidest thing I've ever heard of in my life. See the multi million dollar lawsuit this year about whether a missing Oxford comma changed wage rules for a class of truck drivers. Any attempt to write law in plain english introduces giant ambiguities [1].
Right here, clear as day: "We collect information from or about the computers, phones, or other devices where you install or access our Services, depending on the permissions you’ve granted"
Also notice that if they have that data, you explicitly gave permission to access phone/SMS data in the app install process; i.e., you granted those permissions.
> ...steal...
Again, that's the problem! Facebook didn't STEAL that data. They took it with your permission. And they were actually very clear in their policies about the fact that they could take pretty much anything you gave them device premissions to access.
This is NOT a "users can't understand legalese" issue. It's very clear from the above sentence in the data policy that Facebook has the right to record arbitrary shit off of your phone/computer.
This IS a "users don't care and don't have any data clawback rights" issue. Or perhaps a "users are too trusting" issue. But any high schooler could interpret the above sentence as meaning that Facebook does, technically, have the right to collect any information from your phone if you give device permissions.
The distinction is important because it determines appropriate solutions. The solution is NOT making ToS easier to read. The solution is stronger consumer data rights (aka a mechanism to clawback data after the fact) and better consumer education (aka be paranoid)
If you think that merely making ToS easier to read and understand will substantially change consumer behavior, you're in for lots of disappointment.
Care to propose a rephrasing that's more clear? If the average person can't understand the meaning of that sentence, the only real solution is to improve K-12 English teaching.
> and wasn't clear to virtually anyone who agreed to it
Virtually everyone who agreed to it never bothered to even try to read the policy in the first place. So, really, what difference does that make?
Again, the fundamental point is that chasing ToS clarity/readability/length is a losing battle. The majority of consumers don't care enough to read, no matter how simple you make things. Improving this metric won't make a difference. This issue is a red herring. Focus efforts elsewhere: consumer education and consumer rights.
I agree Lindsay Graham is a skilled orator and politician. But if he blew up the font size until those pages required two inches of 8x11 paper, he must have just terrible eyesight ;-)
Also, neither of those documents is terribly difficult to understand. Like... where, specifically, is Graham getting horribly confused?! Point to the concrete line in one of those two links that requires something beyond a high school education!
Now, I'm sure there's nuance I don't pick up on. But I definitely feel I can understand the ToS and privacy policy without consulting a lawyer.
I don't think some of the terms are fair. But that's a consumer rights issue, not a "legalese" issue.
More generally, on two occasions I've had to get in front of a real judge in a "real" courtroom and make an argument based upon some written piece of law I had to look up and interpret myself. In both cases, I was able to successfully convince a judge that I was on the right side of the law without the help of a lawyer. I'm certainly not saying that's always possible, but I do believe there is a lot of "learned helplessness" when it comes to digging through legeal code or contracts and reading legalese. It's a PITA sometimes, but in many many cases it doesn't require years of training.
I wonder if it would be possible to create an AI that, given a legalese text, could output comments for each fragment explaining and showing examples of what it means. Now that I think about it, wasn't genius.com doing something like that but using crowdsourcing instead?
Privacy policies actually use this as a rhetorical trick to confuse users. E.g., they'll say stuff like "we may collect any device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for any other business purposes. Examples of device information include: [insert list of benign things]"
Or, to put emphasis on the important things:
"we may (read: WILL) collect ANY device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for ANY other business purposes. Examples of device information include: [insert list of benign things you should totally ignore]"
But here's the problem with the "AI tell us all" approach. If you use ML to mine examples from existing policy texts, you'll end up showing the user all of the benign stuff that the companies put in to reassure users, because that's what the corpus contains. Therefore, your AI will emphasize exactly the wrong types of examples.
Also, notice that this isn't even a legalese thing. There are no legal terms of art or long-winding difficult grammatical constructions. It's just plain old good rhetoric. And it's hard/impossible to legislate away persuasion.
I always found the language in RFCs better than legalese. Just the fact that they specify up front what the words must, shall, required, etc mean makes it less ambiguous. I feel lawyers use the ambiguity of language to bend the law in the way they need at the moment.
Exactly. If the precision of the language of law was working we wouldn't need to fight over it in court. Our new tax code hadn't been read by anyone who passed it- and, as an accountant explained to me long ago- we won't know exactly what it means until we get to court.
Even if a reset is unsustainably simple, it's time for one.
Even if the law worked mechanically, we still need to argue it in court, since the law cannot encode the complexity of the real world anyway. It is perfectly reasonable for someone to break laws, so long as they have sufficient justification for doing so.
For instance, you won't be guilty of violating a law if you are coerced to do so, and the court still needs to evaluate what level of coercion you underwent, and that fundamentally requires human empathy.
The law is not meant to be employed mechanically. It's there to make society more efficient when handling the easy cases.
We use programming languages for tasks that do not require human judgement.
If using your product requires the detailed understanding of a standard EULA, my judgement is that I would not like to use your product without training. Think of all the details in those paragraphs that I might mess up!
But using these products does not require the detailed understanding of a standard EULA. It only requires you to click 'I Agree'. The EULA is not there to inform the user, it is there to ensure that your exploitation of them will not be punished when they find out.
The issue is that the law is something everyone must live by or face dire consequences. Given this, is it better to have programming for law that is specific but which only few can use (and normally to their advantage), or to have a more ambiguous medium that is accessible to the majority?
The ideal, a specific language everyone is proficient in, is best, but it isn't possible.
Our Plain English development system - unique interface, simple file manager, elegant text editor, hexadecimal dumper, native-code-generating compiler/linker, and wysiwyg page layout facility (for documentation) - 25,000 sentences, is hardly a trivial application. Yet we wrote it, conveniently and efficiently, entirely in Plain English. And the "ambiguity" of the language actually helped.
In Plain English you can, for example, say "Clear the screen" or "Erase the screen" or other similar phrases and still get the same result. So we could type our thoughts the way we happened to be thinking them at the moment, and didn't have to remember (or look up) the exact syntax of the routines we wanted to call.
The instruction manual is here:
www.osmosian.com/instructions.pdf
And the whole shebang (less than a megabyte!) is here:
www.osmosian.com/cal-4700.zip
Just download and unzip. No installation necessary. Exactly the same on any version of Windows from XP to 10.
Please address questions and comments directly to me:
But code allows for Plain English: Comments. And nobody writes code without clear comments right? Right? Dear god please tell me you people aren't doing that!?
Depends on what it is and how complex it is. Depends on how explicit the variables and functions can be named. Depends on whether the thing I want to express is a how or a why or a how to use. Depends on if it's a public API or an internal helper used in one place with an unambiguous name. Depends on whether the audience are first year CS students, 50 year old business majors, senior developers with years of experience, or all of the above.
Always do X, never do Y rules are rarely helpful.
Does the comment here really help with your understanding of the code? If you're just now being exposed to programming then it's not enough detail, if you've been programming for 20 years it's far too much noise.
// Assigns the value of the expression 4 + 5 to x
// where 4 and 5 are integer literals
// and + represents the mathematical process known as addition.
// This allows us to later refer to x by name, where it will be replaced by the value defined here.
x = 4 + 5;
Without getting too spicy here: What I was saying is that comments allow for people to provide "plain English" context to their code by giving a summary of what the code does, something that most contracts don't do. I was trying to point out that the example OP was using is a flawed comparison.
Code comments are typically written for whoever they're written for. I understand that"Plain English" might be a 2 sentence summary, a line by line review of each step, or a 3 letter reference to a common phrase, but it doesn't change that you have a tool available to you to provide summary context for potentially confusing or complicated pieces of logic.
I was also making the joke that if you're writing extremely complex pieces of code and not providing some kind of comment to accompany it in a setting in which that code, you're probably doing it wrong.
Some people should do some things some of the time, and other things never, but not always. Things can include writing comments for code. fixt
Legalese is not what you think it is, it contains perhaps even more ambiguity than plain English in many cases. As often as not legalese circles around the matter rather than addressing it directly and clearly.
> It makes no sense that we should be subject to a volume of law that we could never even read, let alone understand
Why does that not make sense? The law must cover everything from "dont kill certain species" to "don't commit this very specific type of fraud". Society is so advanced we need more laws. Of course Hamurabi's code was short because it didn't need to stop investment bankers committing fraud or voting laws to prevent racial bias or workers rights etc etc. Certainly there are improvements but you will never fit it all into one short book that a layperson could read.
The garbage part is not that there is a large volume of law, but that the law is made even larger implicitly through a system of historical precedent without being explicitly updated to reflect those changes.
As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.
>As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.
Another easy example in the opposite direction is how case law has substantially diluted the meaning of words like "infringe", "unreasonable" and "excessive" in amendments 2^1, 2^2 and 2^3.
I think you would be hard-pressed to find a layman who, when presented with the commerce clause, replied that he had inferred the Dormant Clause [0] or Civil Rights Act [1] from it.
Its also been interpreted by the courts to mean that you cannot grow crops you consume yourself, because you would have purchased the crops otherwise and are affecting interstate commerce.
Whether or not you agree with that interpretation, it would take some willful ignorance to say that the plain text reading of regulating interstate commerce means you can regulate all commerce because you might have bought something from someone otherwise
Wheat grown by a farmer for his own consumption, not bought or sold, not carried across state lines, can be regulated by Congress as it affects "commerce ...among the several States."
If you don't want to look it up but still want to understand it, the gist is that by growing your own wheat, you're not buying wheat from farmers, which lowers the price of wheat that may be grown by out-of-state farmers. By growing your own wheat, you're impacting inter-state commerce.
This is the sort of loophole that allows it to apply to everything. By going on a date with person A, you reduce their willingness to spend money on certain products associated with people who don't go on dates, and increase their willingness to spend money on certain products associated with going on dates. Therefore, the federal government can make laws about who you date, and dating becomes considered a commercial venture (so freedom of association wouldn't apply, same reason freedom of association doesn't allow people to bypass minimum wage laws).
This is stretching the law beyond any reasonable interpretation, done so by the same government who gains a lot of power by doing so.
If a started a business that picks peoples noses among multiple states, would Congress be able to regulate nose-picking by individuals on their own private property?
Laws are not meant to be an exhaustive blacklist. If they were we wouldn't need juries, judges and lawyers. Laws are rules of thumb that make it efficient enough to enforce a society's moral code to the point where it can be done at scale.
There will always be exceptions and details argue over and ultimately you need a critical mass of society to agree to abide by them to a great enough degree.
Expecting any reasonably non-homogeneous society to be able to agree on where to draw lines what constitutes bad behavior in anything other than the obvious cases ( murder, theft, etc) is naive. Expecting laws to cover the vast majority of bad behavior is naive. Expecting to be able to enforce that theoretical set of laws is naive. Expecting to enforce those theoretical laws without creating something akin to 1984 is just insane.
Yet GDPR is so vague that most companies I talk to about it have each taken very different things from it. "Except as required for security purposes" is a big exception.
It's not as big exception taking into account that the requirements are not about pieces of data that you can get and store, but about particular uses of this data.
If you previously had some private data in your core databases that you used for all kinds of things, finding an exception that allows you to store this data for security purposes doesn't allow you to continue business as usual - it won't permit you to use it for marketing purposes, for example, just as an exception that allows you to require and store some data that's needed to execute the service won't permit you to sell that data to third parties as was common practice earlier - for that you'll need to (try to, likely unsuccessfully) obtain the user's consent.
This perspective on the bible and Latin is not a good analogy. Most people could not read any language long ago, and priests in general serve several other purposes before reading/expounding upon the bible. From the standpoint of a believer, the bible was not expanded by human decision as laws are (canonical vs. apocryphal discussions aside). The bible was compiled in Latin by Jerome because it was the common ('vulgar') language of the people.
Of course, there's plenty to discuss and argue about in all of the above, but your comparison makes it seem like a done deal.
> Hammurabi's code of laws, was written in common language, and was brief enough every subject could understand them.
While laws being written in common language sounds like a good idea, common language is open to lots of ambiguity and loopholes. Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?
Funnily enough even the tightest drafted legalese is actually often subject to a range of ambiguity and loopholes. I feel it can be a quality inherent in certain language regardless of whether it's plain English or legalese, particularly if there is money at stake in injecting a degree of ambiguity into the language (which is what I'm paid to do!).
Overall, if done correctly there should be no issue with expressing the parties' intentions in plain English rather than using dense legalese. It's something I strive to do every day in my job for sure.
Of course I agree with your general point about laws being drafted to be precise and narrow, it's just that using legalese doesn't always secure this objective. Sometimes it's just clear that the draftsperson was having a bad day.
> Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?
But they aren't that either.
There will always be more diversity in real life than on paper. You can't predict everything that will ever happen.
The real problem is structural.
We have a set of laws and if they're overly broad and prohibit lots of things they shouldn't, nobody really notices because prosecutorial discretion is a thing. As long as prosecutors mostly don't charge honest people with the overly broad laws, nobody gets up in arms to fix them even though everyone is in violation.
On the other hand, if someone does something unpopular and there is no law against it -- or there is a law against it but there isn't a law specifically against it and Something Must Be Done -- then we get a new overly broad law.
Laws get added but never removed, and each one prohibits more than it should. Over a hundred years of this and you get Three Felonies A Day, the only reason everyone isn't in prison is prosecutorial discretion, and lawyering is an exercise in figuring out which parts of which laws you actually have to follow to avoid being prosecuted without ever admitting that that's what's happening.
As possible? Of course; nobody can be against that, but people will disagree about what’s possible.
I don’t think that means they should be more narrowly defined than they are now. That would mean a permanent weapons race between those finding and exploiting loopholes and the government, with those having access to the smartest lawyers (= the richest) staying ahead of the law.
For example, if “income” would be restricted to money received in exchange for services, companies would start paying in goods, for example by providing “free” housing, cars, etc. if the government includes such things in the
law, companies could start paying out in gold, rather than money. When that gets included, companies could sell special (extremely cheap, no voting rights, must sell when leaving the company) shares to personnel, and pay most of the salary in dividends. That list is endless. Companies could start operating under the flag of Liberia, claim that they don’t pay you for work done, but that they charge you for the use of their machines, and that you sell them the stuff you made with them, etc.
The society became much more complex since the Hammurabi's code. You argument is similar to people's who say that programs are over-engineered, and should be much simpler. There's some over-engineering but the main cause is that the world becomes more and more complex.
> Musk is correct in insisting that laws should expire
This is a terrible idea. Stability and gradual, generally understandable, evolution in response to real world conditions are positive attributes of the current precedent-based system that has grown out of the common law.
Why? What's so bad about forcing us to re-evaluate the reasons why given laws are on the books?
Plenty of laws are relevant only to a specific point in time, but they rarely, if ever, get repealed.
Take the US Chicken Tax. It was put in place in the 60s to deal with economic concerns with France and West Germany at the time (which no longer exists as such!). Why shouldn't it have been given an expiration date? Instead, it remains in perpetuity, with its provisions twisted every few years to suit the interests of auto industry lobbyists. This is perverse.
Some laws, like that one, should be enacted with an expiration date. Some laws even are - e.g. a lot of the post-9/11 surveillance state laws need periodic reauthorization. Plenty of other taxes are enacted as temporary, too, despite how routinely they're extended.
But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.
> But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.
I'm pretty sure that laws like that one would be renewed before expiration anyway -- and the current context would allow re-evaluation of penalty as well, which might be something useful to reconsider every couple of decades.
It would be an excuse for political and legislative brinkmanship on a schedule. They can always make changes to the details without a clock adding artificial urgency. It's clear it's the kind of law we want on the books, and to have a penalty on the books, indefinitely. Unlike, say, the chicken tax.
One question then, is whether laws are generally more like murder, or more like the chicken tax. I don't know, but I suspect there are more chicken-tax-like laws by a considerable margin.
It's a great idea until "no murder" gets held up by the minority party to win leverage on some other issue. There'd always be some critical law to play chicken with.
It's no surprise reading the comments here and elsewhere these days. The media helps build a furor amongst people, and people believe there is no other choice but to use the heavy hand of the government to solve their issues. Many times it's done without alternatives attempted first with the proponents criticizing those against a law as against its intentions. We see it with the Patriot Act, GDPR, etc.
And as global internet laws are written more and more by governments of citizens who implicitly trust them a lot (often just guessing at what can solve the problem instead of empirical evidence based on timid baby steps), their tentacles spread to the point where only those with resources can abide. Things happen in waves and I can only hope we'll come around to not adding laws and regulations all the time.
The power of corporations is at this point like a smaller government with some companies wielding more power than smaller nation states. We are currently in an upswing of corporations extracting more and more money out of people and trying to control them more and more. What are people supposed to do? Wait for companies to just change out of the goodness of their hearts? You cant even talk with your wallet anymore when many practices that are anti consumer, such as tracking every bit of data about you and selling it to anyone, are industry wide practices, couple with the fact that the larger corporations are inching closer and closer to the same level of monopoly power as the robber barons 100+ years ago.
Government overreach is bad, and the government is frequently a bad actor itself, but at least if they are trying to cancel out corporations power we end up with both groups hobbling themselves a bit
They're outlawed in some countries, notably in Europe.
EU rules presume pre-dispute arbitration clauses in consumer contracts are invalid. France and Sweden completely prohibit consumer arbitration in certain cases. Germany won't enforce a consumer arbitration clause unless it's in a separate, signed document or part of a fully-notarised contract.
As another example, Quebec has similar rules for consumer contract. They also forbid contracting for a different choice of law, and unless through a notarial act (in the civil law sense of notary rather than common law notaries public), also forbid stipulating a different domicile to avoid the jurisdiction of their local courts.
Just like with your European example, none of this applies to business-to-business contracts.
I was amused to read recently that, thanks to having an ancient Yahoo! mail account, I am now subject to binding arbitration when I have a disagreement with a Yahoo! spinoff called "Oath." Also, I cannot participate in a class action or jury trial. That should work out well for me the next time they leak all of their user data.
Yep I saw that too- and I still use them b/c of stuff I set up a decade ago. I'm just not sure it's in fact worth the trouble to change (they are Verizon now).
What I want is a standardized set of icons, which grant or deny specific things, that all websites can agree on, sort of like the ones available for software licensing, here:
You're in luck at least when it comes to privacy in the EU! The GDPR makes various references to the creation and use of standardised icons to give a meaningful overview of the intended data processing. I know, I know, another GDPR reference but I thought it was interesting to note that a piece of regulation is pushing implement precisely what you were talking about, albeit in the field of privacy.
We have standardized nutritional labels in the United States and I would like to see a similar standard for terms and conditions. Icons could be part of it but also leave room for text and listing of what common data (email, ip, name, etc.) the service will collect and how they will use it.
It would be much easier to extend and replace if someone could turn off the condition " You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License." [0]
I'm all for making these easier to read, but they shouldn't be line-item veto.
I agree you should not be able to change a software license but if Facebook had an icon for each thing they did like: [share with 3rd party] [sell your info] ...
Like many things, it depends. As long as one can demonstrate that the icon in question has a clear meaning to a "reasonable person" or "typical user", then use of the icon would likely hold up in court.
I totally agree. The terms and conditions, or some offering of them, should be available in the same way that quick start or full guides are - in a form that adds to the usability of the service. E.g. "when you upload a photo, ____ owns the photo, for _____ period, and may do a, b, c, and d with it"
The problem is that legal terminology doesn't always match conventional descriptions of what's happening.
Copyright is actually a perfect example of this. In order to send my photo over the Internet to other people who want to view it, you need much more than the legal right to display my picture. Sending a picture over the Internet involves copying, distributing, and sublicensing the image countless numbers of times. So any site with user-uploaded content will have something very close to (Imgur's for reference):
> With regard to any file or content you upload to the public portions of our site, you grant Imgur a non-exclusive, royalty-free, perpetual, irrevocable worldwide license (with sublicense and assignment rights) to use, to display online and in any present or future media, to create derivative works of, to allow downloads of, and/or distribute any such file or content.
There's no way the typical user will understand this, but that's not because it's obfuscated. The typical user just doesn't have the background to understand what all these rights are or why Imgur requires them. It would be severely misleading to write the literal meaning in layperson's terms:
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
But isn't it precisely what the legalese means? I mean, unless otherwise restrict by some law other than the copyright laws, Imgur can use those images for anything. The statement does not limits the use to "reasonable business activities". Why will it be severely misleading to write it that way?
It's precisely what the legalese means, and carries connotations which are absolutely nothing like what Imgur intends. They claim unlimited rights not because they don't want to be bothered to restrict them, but because the structure of the Internet makes it impossible to write a simple description of when copies will be made.
They could try going into detail:
> We can send copies of your image to anyone who, following standard Internet routing protocols, says that someone has requested to see the image and promises to forward the copy onwards to the original requester. Anyone we send the image to can also create copies themselves following this rule, and can temporarily store the copies as needed to make further copies.
But then neither the average Joe nor lawyers are going to be able to understand it.
> which are absolutely nothing like what Imgur intends
But how do we know this? If they intend something, they should write that down in the contract. I am having hard time imagining that their lawyers cannot draw a contract which waives only the copyright requirement for the purposes of image hosting and restricts the images from being used for other things. The principle of charitable interpretation tells me to believe what people/company write in their contract. In my opinion, the expansive definition in the contract is there to
a) Save their ass when they do something which does not seems kosher to the public.
b) Allows them to pivot to other use of the data which might have nothing related to their current business model.
c) It is cost effective to draw up the contract in this way, given the current legal system and its requirements.
Note that I am not saying that Imgur is doing something immoral or whatever. I am just saying that if they wrote down this
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
as the simplified legalese, that it is the current interpretation. I contend that the average Joe will have better understanding of the _current_ contract with the simplified statement. I also think that Imgur (and other services) will find money to draft a better contract if they were required to make a simplified language version.
Again, it'd definitely be possible to write a document more narrowly describing what they need a license to do. But that doesn't solve the problem. The updated version would be more readable for network engineers, less readable for lawyers, and still incomprehensible to the average person who just wants to upload a meme.
"Hi. When you upload an image to imgur, we need the legal right to distribute it to other people. We also process your image to look right on different devices, which requires the legal right to modify your image. We promise not to distribute or modify your image beyond what we do here at imgur.com, and won't sell it to other people"
I agree with you. Though I do think that this is not an unsolvable problem with the right incentives. As I noted, the people at company X might be the best people at heart, but the current legal system does not encourages drafting of a contract that precisely (and easily) describes the terms being agreed between the two parties. This is not even a unique feature of contract law, the same to true to various extend for all branches of the law.
My gut feeling (of which I have no proof) is that the current legal system is costing more money to the society than is necessary. For one thing, it is decreasing the trust in the legal system, since people now (correctly) assume that in many facets of modern life, they are agreeing to things they don't understand, that they are giving up more rights than they should, and that there is no reasonable solution to this problem yet.
Some complication in the law is necessary since the world is a complex creature, but I think that the common person (say at least half of the population) should have reasonable understanding of the legal language. One way to approach it is to have a requirement for simpler contract, but I don't know if it is _the_ way to deal with this problem. I am not a lawyer after all. All I know is that something is broken, and if not fixed, will lead to more problem down the line. A system like this where no-one trusts nobody is clearly not sustainable. It's just not a good way to organize as a society.
I'm sorry, I don't follow why the plain English version is severely misleading, or couldn't be supplemented to capture the full extent of Imgur legalese. Why do you think this is the case?
- I don't think legalese is the issue. Even if you wrote terms in plain English they would still be at a similar length if you wanted to capture the same content of the base terms, and people would still not read them. I don't think there is a high proportion of people who are put off by legalese but would read terms if they were in plain English
- the article has a GDPR bent. Certainly when it comes to uses of personal data, that should form a bigger part of the sign-up experience and be separated out from the main terms.
- when you are looking at general terms & conditions outside of privacy, European consumer law and I imagine most consumer law protects customers from unreasonable actions by corporations toward consumers. It allows the user to assume the company will behave reasonably towards the consumer, and is arguably the appropriate remedy to cure the issue of over-long terms & conditions.
- There is of course limited scope to this and there will be a range of transactions where you are not acting as a consumer and are expected to thoroughly understand the full implications of the transaction you enter into.
- the reckoning in the article is already one partially addressed by the above steps at least in the European Union around consumer law protections, and requirements on the data protection side to call out data uses in the sign-up process rather than bury them in the terms.
>”I don’t think the average person likely reads that whole document.”
This is my favorite quote in the whole article. Sums up the pompousness of the company quite nicely I think. This is one of the largest companies in the world. The quote could easily have been “we go to great lengths to make sure that’s the case,” or “that’s the point, grandpa.” At least it wouldn’t have come across as dishonest and cowardly that way.
OP is saying that it is actually the intent of the company that the end user does not read the ToS; it's an accusation that the quote demonstrates deceptive intent and therefore not honest in a way you haven't considered (in your response).
I assume Facebook has data showing how long each user stays on the T&C page before consenting or not.
I wouldn't be shy to conjecture that time elapsed before consenting is a very small fraction of the time it would take an average reader to get through, let alone comprehend the terms and conditions.
>Martin Garner, an analyst at technology consultancy CCS Insight, suggests companies walk readers through their policies step by step. That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.
Merging t&c with settings... I like this idea a lot. Privacy controls with the agreement right there. You and the website clear on exactly what the relationship is.
> That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.
Am I understanding this incorrectly or are you suggesting that we allow people to selectively opt-out of portions of a T&C document? Because good luck getting any legal department to buy into that whatsoever.
1. You agree to allow us to share your email address with 3rd parties (have useful targeted advertisements? y/n)
2. You agree to allow us to parse your messages internally (enable auto-reply suggestions in messages? y/n)
Something like that.
I mean I think there would still be "hard-coded" T&C, "standing order" type things you agree to just by using the app at all. Like, not uploading goreporn or something.
Of course company legal departments won't do that on their own initiative, however, they will help arrange that in a sane manner if the legislature forces them to do so.
The GDPR requirement is that companies will have to allow people to selectively opt-in to the portions of currently typical T&C documents which currently say that the user allows you to use their data for various purposes, or these portions will automatically be considered null and void.
This is already now implemented in a bunch of places - e.g. I got a mobile internet contract recently which involved being asked a bunch of questions about what private data uses I'd be okay with or not, and that resulted in customized/removed/added paragraphs in the agreement that I signed; but the other companies have still about a month until GDPR requires everyone here to do so or stop using people's data.
> If a typical user wouldn’t understand the [user agreement documents], the consent that companies rely on for their business activities would be legally invalid.
I’ve not had time to read the GDPR, so this is news to me.* Especially surprising, because it’s exactly what I want the law to say, and I’m not used to that.
I’d also like that principle to apply to the law as a whole, but I appreciate that’s as much wishful thinking as hoping to read and understand the full source-code of everything on my phone.
* fortunately not my problem, family matters replaced the day job.
I don't typically have my lawyer review the TOS of each website I sign up for, but I did have him review my mortgage. Everyone picks a different place to draw the line between careful understanding (or hiring out a review from someone with careful understanding), and just blindly signing on the dotted line.
For me that is somewhere between purchasing a tractor and purchasing a house. The point is the no sane person includes Netflix in the "needs careful review" category, but I sincerely recommend that everyone take their home purchases seriously.
A friend of a friend changed the “we will send you advertising” into “we will not send you advertising”, then when the bank sent them advertising anyway they demonstrated that the bank manager had signed the changed document and therefore the bank was in breach of the mortgage contract and technically they could keep the house without paying for it.
For whatever reason, they then said it would be fine if the bank never sent them more advertising rather than actually trying to get a free house.
For a slightly more reliable story, Argakov v Tinkoff seems fun. At least the first round, the reports I’ve seen are a bit dated and further escalation and retaliation may be less fun.
Pity there wasn't a free house but I shouldn't be surprised. Thank you for sharing both stories.
That Argakov one is particularly spooky with the viable death fear. From the first hit I could find: “Our lawyers don’t think [Agarkov] will get 24 million rubles, but four years in prison for fraud. Now it’s a matter of principle for @tcsbank,” Tinkov added. ( from https://www.rt.com/business/tinkoff-bank-agarkov-credit-299/ )(empasis mine)
Oh boy. When the fight become principled it's time to fire the client xxxxx refer the client out to someone else
I’d like mortgages etc. (and insurance) to be forced to use easy-to-understand language: It’s basically life changing if a financial instrument goes wrong.
How can PayPal rationalize closing accounts because users opened them years ago when they were too young? Is that really an issue for a 28 year old?
Contract or no, PayPal looks really bad here. One would think they would be looking for good will rather than this kind of press in such a competitive market.
Yeah, why wouldn't they just contact her and lock her account until she re-signs? That way they both win. She's clearly of legal age now and penalizing her so severely for something she did as a child is really unnecessary.
When my landlord discovered she didn't have a rental agreement on file for the garage space I was renting from her she didn't evict me, she left a note on my door.
Paypal is a lot like shady ad networks in that they let you accrue a balance while waiting for you to do something they can justify terminating you for. When that happens, they lock you out and keep your money.
Unlike your landlord, Paypal profits from eviction.
Because they have an ass-covering-oriented legal team who will say "the user was unable to legally agree to the terms" thefore we (PayPal) will be vulnerable if they were to do something fraudulent.
Likely they didn't do this because of concern that a person could update their agreement to the T&C, then do something fraudulent, then claim the updated agreement was coerced because the person's livelihood was somehow attached to the PayPal account.
Facebook's Privacy Policy, Terms, and Principles are actually written in very clear, plain language. I've read them. They're easy to understand.
I was frustrated by Senator Graham's remarks because he absolutely could understand them, if he bothered to read them. (He said that he didn't understand them.)
The problem though, isn't the Terms. It doesn't matter how plainly written they are. People won't read them.
What matters is designing your product with correct privacy affordances. Put yourself on the shoes of the user, and make sure your app isn't sharing information in a way that would be jarring or unexpected.
For example, Facebook made a mistake with its posting dialogue experience pre 2016. You could say that a post should only be shared "with friends" in a choice box next to your post. However, that post would also be shared with any apps your friend has installed. That's probably not what the posting user would have expected, so it's a poor experience.
If you have inadequate privacy affordances, you shouldn't just hide behind your terms. That's the point.
Edit: I don't understand why I'm being downvoted. If you disagree with something, please let me know. I'm designing our own privacy affordances in our app following the above thinking, after all...
This is a great idea but I don't think it goes far enough.
It means that 12 lay people can eventually, after some coaching, study, and debate, understand a contract. Or one lawyer, presumably.
The problem remains though, that one lay person needs to understand it without study or coaching, and without taking days to do so. Most of us have probably clicked through hundreds or even thousands of EULAs and other crap without having days to understand each one. Every app, every shrinkwrap, your toaster, and even the bloody nav on your car with its OK button: there's just too much.
The jury should get as much time to read the contract as the average user spends reading the contract and should not get the help of a lawyer. If the company doesn't collect data about how much time users spend reading the contract, then it should be presumed that they didn't read it at all and then only terms that the jury can guess would be in the contract without reading it should be valid.
> Waving a 2-inch-thick printed version of the social network’s user agreement, Senator Lindsey Graham quoted a line from the first page, then intoned: “I’m a lawyer, and I have no idea what that means.”
Anyone have a link to that document? Looking for the terms I'm supposed to agree to if I want to use Facebook as an ordinary user, I find this page, which purports to link to everything [1]. Looking at the "Statement of Rights and Responsibilities", the "Data Policy", and the "Community Standards", I don't see anything that would take 2 inches when printed. Those seem to be most of what would be necessary for an ordinary user to agree to.
There are several links to other terms and policies and such on the left, but those are mostly for things like developers, payment handling, and other things that that an ordinary user would not need to agree to.
Perhaps a more pertinent question is whether or not Lindsey Graham understands and expects every American citizen and resident to have read all 51 titles of the US Code and all of the Code of Federal Regulations which carry the force of statutory law by inclusion.
IMO, this is a question of consumer protection. It's ok to provide complicated contracts to corporations who can afford to hire lawyers, but it's not ok to do so with consumers. If we make a requirement that for consumer products, contract should be now longer than 1 page written in a language understandable by 10 year old, it will solve problem.
Even if EULAs were easily understood, they are still ultimatums: you either take it or leave it with no room for negotiation or repercussions for demanding far more than the product could reasonably ever be worth. There is no motivation to ever write these in good faith. There should be a general federal law to protect users and businesses from malice, privacy laws (similar to CAN-SPAM,) and a ban on all other end-user license nonsense.
The one I was more trying to make is that a product should not be simply marketed as "a platform for sharing pictures with your friends" if it is actually "a platform for sharing pictures with your friends in exchange for your participation in unspecified and ethically questionable social experiments."
The T&S can stay the same for all I care, I just think companies shouldn't be able to hide behind them when they dramatically oversimplify the nature of the product in the process of selling or promoting it.
There is one thing I'm curious about. Imagine Facebook's terms stated: "We will scrape any and all information we possibly can from you. We will use it in any and all ways we see fit. You agree to never sue us for anything whatsoever. We also have the right to do whatever we want to your account for any reason we want. We can also add or remove anything from these terms at any time and for any reason we like without telling you, and with immediate effect." That is probably a fairly reasonable cliff notes of their actual terms. Would this actually deter anybody from using their software?
In other words, are companies piling on the legalese to protect themselves or to deceive users? Maybe I'm overly cynical but I think even those terms would not really stop any meaningful number of people from signing up.
Why is obfuscating the intentions of a document in dense language most people can't properly understand a thing that's allowed to be upheld? They might as well write the damn things in Esperanto for all they're worth to most of the folks who click agree.
I can only think it must be analagous to why programs have a lot of features people don't understand or use. Git might be a case in point. Smart programmers think of every possible edge case and "what if" and try to cover all those things. The result is a confusing mess for people who just want to get the "happy path" work done.
Lawyers try to think of every interpretation and circumstance and try to be sure the agreement addresses those unambiguously. Ironically, the dense language that results is anything but unambiguous to the untrained reader.
Just like an underage person or drunk is unable to give consent, it should be illegal to coerce an average Joe untrained in the law to agree to a 50-page document filled with legalese, unless you pay for them to be advised by a lawyer.
When exactly did it enter the public consciousness that drunk people are unable to give consent? I feel if this is true, there are many drunken hookups that become questionable. I'm in my mid-30s, and I feel this concept wasn't really a thing in my clubbing days.
Obama's 2011 Title IX "Dear Colleague" letter was a big part of it, establishing the lowest standard of proof in claims of sexual assault on college campuses. Schools responded by saying, effectively, that if you have sex with someone who's had a drink, and that person later regrets it, regardless of what they might have told you at the time, you have no defense.
It's all ridiculous because universities have no competence in investigating or adjudicating such claims, but that's another topic.
So anyone who was in college in the past 10 years will have had drummed into their heads that there is no consent possible by an intoxicated person.
Well, it would if logic were the overarching guideline on these topics.
As it stands, the male is presumed guilty on college campuses when both parties are drunk and he must then meet a draconian burden of proof to extricate himself from the situation.
Your own ignorance of the law and unawareness of what constituted consent at the time does not reflect on the state of society at the time. It was always illegal and immoral to have sex with someone who was very drunk (at least, well before either of us was born). The line was and is not always clear, but there have always been clear cases (e.g. having sex with someone who has passed out or drugged is obviously illegal and immoral).
Similarly, legal contracts require a meeting of the minds, which requires that parties not be intoxicated. A quick search suggests such contracts are not void by default but are voidable.
I see a lot of people talking about Terms of Service being too long. This is a problem for governments as well: How many laws do you think apply to you right now? How long do you think it would take for you to understand exactly what you can and cannot legally do? Do you think the average police officer, or even federal agent, has a full understanding of those laws?
I hope that this is a problem that we can fix in the future.
Sure, we're covered by many laws, but also many rights--the right to fair trial, the right to legal representation, the right to petition the government, and so on. If a law is poorly or vaguely written, it can be challenged on those grounds--many laws are tossed as unenforceable.
But when you click on a user agreement, there's no negotiation or possibility of redress. Take it or leave it, and they just cut you off if they feel like it. The comparison to laws is nonsense.
The thing nobody seems to be talking about is 'why do we need all these complex Terms & Conditions anyway?'
If I buy a fridge I don't need to read and agree to reams of T's and C's before I can use it. The same with a toaster or an oven or a washing machine. If I buy a knife I don't have to agree to indemnify the manufacturer if I kill someone with it. What's so special about software?
I'm starting to think that there should be an agreed set of national (or maybe even international) software indemnifacations covering anything that is agreed to be considered a sensible exclusion.
Any software use could then be covered by the relevant law with no need to read a new set of terms for everything.
Any company trying to add their own terms on top of these could then be considered with much caution or suspicion.
Hopefully they would be written better than this was, but I hope I have got my point across.
As far as I'm aware those type of contracts do not hold up in court. (At least here in Ireland) Its well known by both parties that in 99% of cases the consumer will just click 'agree' without reading it in order to get access. So as far as the judge is concerned it doesnt exist.
I think the legalize issue is a bit exaggerated. Yes, many (too many) sites and companies have a lot of legalize in their terms...but there are also many that do not. Nevertheless, as far as I've seen people aren't any more likely to read the latter, or any more likely to understand them if they do read them.
I think there are two main factors that make people not read these things.
First, as Joel Spolsky noted in his writings on UI design, "In fact, users can’t read anything, and if they could, they wouldn’t want to" [1]. He does not mean, of course, that users literally cannot read. They just act like, at least when you are trying to get them to read something that they didn't actually ask to read.
Second, terms and conditions tend to be long, and because they want to be precise tend toward more complicated language and structure. That's going to lose a lot of people.
I mean, you could rewrite the same contract in plain english ("heads we win, tails you lose") and it wouldn't make it any less exploitative. The legalese is not the real issue there.
I've been thinking of writing my own Terms of Service for my cryptocurrency-related web startup -- with plain and clear language that the average person should be able to understand. Several people have advised me that this is a horrible idea and that I should enlist the help of a lawyer to write it instead.
Some things I want to protect myself against:
- People suing if they lose their private keys and are no longer able to make transactions
- People suing if they forget their passwords and can no longer access their email they signed up with to do a recovery.
- People suing if they lose their 2FA code and can no longer access their account
- People suing if a bug in my software causes them to lose access to their account or coins
- People suing if I decide to close down my service (I will give 90 days notice --- or maybe more, haven't decided yet) and did not deactivate their accounts.
Basically trying to protect myself for anything that is not fraud on my part.
Seems like most people here are pro-"short and sweet" ToS -- what do you think about writing it myself?
> People suing if a bug in my software causes them to lose access to their account or coins
Everything else sounds pretty reasonable, but this doesn’t. If you cause someone harm, you should expect that they will attempt to recover damages from you, regardless of what your T&C says. I cannot fathom why you think you should be protected against this eventuality. Buy insurance instead.
Regarding your question, notwithstanding the hand-wringing on this page, a given T&C clause tends to exist because someone has been sued over the matter being clarified. If the law specified each point, or if society were less litigious, these clauses would not be necessary. But this is not the case. I think you would be a fool to risk your company’s wellbeing to satisfy the whims of uninformed HN commenters. Almost all of them will blindly accept and be bound by your T&C regardless of their stated beliefs on this site, and, even if that were not the case, they are a tiny, unrepresentative slice of your market.
Fair enough. I guess this is why I should get a lawyer involved! I was assuming there was some distinction between accidental negligence and fraud as far as what could be protected against.
Is this a standard you would like to be subjected to from someone who is responsible for your money? For example, if your bank, through an accidental, non-fraudulent error, allowed a criminal to extract your account’s entire value as cash, do you think they ought to be able to defend themselves by saying they did not commit fraud?
why shouldn't the customer be able to recover damages from you if you had an accident, or were negligent? they were paying you to take care of this stuff for them. if they wanted the risk of accident and incompetence, they'd just do it themselves.
Does that draw any distinction between paying and non-paying customers then as far as their rights? I see tons of "you assume all risks" sorts of Terms of Service, but I have a feeling those are likely just there and don't do much.
You should never write a contract yourself unless you are a lawyer. There's a case law which usually involved, and if aren't careful, you might have big problems.
But it seems like getting a lawyer involved is exactly what leads to these complicated Terms of Service. I would have to find a lawyer who agreed to significantly dumb down the Terms of Service, which I would suspect they would be opposed to -- I mean they are writing these things like this for a reason, right?
They write the thing the way they are written because likely there was a case where simpler language lead to the company losing in court. There's also a principle Contra Proferentem, that intreprets all ambiguities in favor of the non drafting party, so the drafting party should be extra careful and write all this pesky legalese.
There is no reason why terms should not be written in plain English and indeed under European consumer protection laws, you should be writing the terms in plain English because it means the user has a better chance of understanding them, and (regardless of the first part) you have a better chance of enforcing them should the need arise.
Please be aware that not all lawyers are the same and you can find many who will be more than happy to write a set of terms that are in plain English, ambiguity-free and protect your company against any areas of concern that are legitimate for you to protect against.
We need something akin to the Uniform Commercial Code, which solved a similar problem with proliferation of contracts in the B2B realm. And I think there should be a strict limit on the amount of verbiage that a B2C contract can contain to remain enforceable, due to the highly asymmetrical nature of the relationship economically.
Why cannot we, as consumers, gang up and define a kind of universal and fair ‘reverse contract’ that defines rights and duties that a potential service provider needs to conform to? If they don’t, we just don’t use their service.
If I walk into a McDonald's, I wager that the social normality requirements and laws that permit my access there and permit the owner to legally throw me out is longer than the 50,000 words cited in the article. However, I fully understand enough of them that I'm able to transact the purchase of my hamburger and leave. All the rules there are in the owner's favor, and very few are in mine. I'm not trying to be reductionist, I understand the backlash, but there is no inherent right to use PayPal.
Startup Idea - An AI language translator for legal language to English. It could convert a 20+ page contract to a 1 page bullet list. Maybe this has already been done or does the language of law require quantum computing?
An interesting idea, but complicated by the fact that as often as not the terms expressed are affected by the domain and locale.
For example, for every employment contract that contains a non-compete in California, there is relevant California state law that means it's probably unenforceable. What do you show for that?
Additionally, new case law is being made all the time. Laws aren't static, they are added to, amended or removed through legislature and case law. To my understanding, the case law changes are also more about the specific circumstances of the case as well, so may apply narrowly or widely, depending on ruling. And may be appealed.
This is one of the many baffling details of the GDPR, a TOS should be understandable for average humans (plain english), but at the same time it has to pass the scrutiny of a court? That is just impossible.
Disclaimer: I hate complex / abusive T&C's, and I'm keen to see them abolished. But...
It seems to me like we as a public are blaming corporations for our failures. As adults we're responsible for what contracts we enter into, except in cases of coercion.
99% of us were stupid enough to state that we accepted terms that we didn't even read. Especially in cases where the product/service was purely optional (Netflix, Call of Duty, etc.), I don't see how this is anything but our fault. IMO, we have not been acting as competent, responsible adults.
Should we change our laws to make complex and/or abusive T&C's go away? Absolutely. But are corporate lawyers the only flawed agents here? IMO, no.
There supposedly exists an ideal human, one whom every demagogue on the internet imagines must exist anytime any of a number of subjects is talked about.
This ideal human:
- Reads every terms and conditions agreement, and understands it, for every service they intend to use -- online and in meatspace -- or chooses not to use that service;
- Never drives even a couple of miles an hour over the speed limit or commits any of a number of other minor traffic infractions for which 90% of drivers swear they are never guilty;
- Has taken the time to educate themselves about the various backup strategies available and has selected the correct one for their needs (and read the T&C for it);
- Is aware of every applicable law in their local municipality and follows it to the letter;
- Is always on time;
- Always follows the latest health guidelines for sleep, exercise, and diet, no matter how many times those things change;
- Has taken the time to understand password security and follows all of the current recommended best practices (and has read the T&C for all the software they use for it);
- Always keeps their system and application software exactly up-to-date (always ensuring there is a viable backup first, of course, and restoring that backup as a test, of course, before proceeding with the update);
- Monitors their credit score and carefully follows sound financial planning advice and all applicable tax laws;
- Has learned nearly everything there is to know about their particular vehicle so that they can't be taken advantage of by shady mechanics;
- Always uses whatever pronoun is appropriate for the individual they're addressing.
I have never met this person, but they must exist, because if they didn't, people would start behaving as though all of these expectations, altogether, are totally unreasonable.
I kind of wish this person didn't exist, so we could stop talking about them and instead start talking more honestly about some of the challenges our society faces.
This is much like the illusory rational economic actor, or the imaginary private property rights that libertarians insist must exist without a government with laws (and weapons) or [insert alternative that possesses weapons and you hope is benevolent]. All of these ideas share a common theme of seeking an easy intellectual shorthand, an oversimplification, and being unwilling to engage in the messy chaos of reality and humanity.
250 hours is a full man-month of time. Do you have a free month in your calendar to read contracts and do very little else? Nobody I know has that sort of free time. So calling people or their behaviors "failures" for not reading all contracts is an unfair, unrealistic expectation.
Access to Facebook, Spotify, or Netflix is not a human right. These are private services offered by private companies who are free to offer those services on any terms they choose. It’s fine and completely understandable that you may not have time or cannot understand the agreements under which they may choose to offer you access. Your remedy for that is to not use the services in question. Your remedy isn’t to lie to them and falsely certify that you have read and contemplated them.
Adhesion contracts are not limited to social media and entertainment sites, and I suspect you are picking those sites to belittle based on the frivolity those sites' categories.
Adhesion contracts appear in banking, medical, and insurance contracts and yes, when you sign up for Facebook or Netflix. Yes, you can choose different services. Please identify a banking, credit card, brokerage, doctor, and insurer that does not have lengthy contracts.
The point is that they don't have to have short contracts. If you choose to use their services, then you should review the agreements, or at least not complain when they exercise their rights under those agreements that you falsely claimed to read.
Bold words. Question: Off the top of your head, for what period of time may you make a claim or cause of action arising out of or related to use of Hacker News or its terms of use?
I'm just curious whether you've read and understood the terms of use for the site you're making these bold claims on.
Actually I have read them, back when I agreed to them many years ago. I don’t recall the specific detail you are asking off the top of my head, nor would that be a reasonable expectation of anyone. However, since I read and agreed to the terms and conditions, I know that a) such a document exists; b) that I can refer to it at anytime to answer such questions if I have them; and c) that I did not lie to Hacker News when I registered.
I think this is using an overly simplistic blame/responsibility model and if we don't want to have more problems on our hands, we really need to change it.
> 99% of us were stupid enough to state that we accepted terms that we didn't even read.
Well, here's the thing, if 99% of people do something, what's going on here? That's an extremely high rate. Surely if this was a normal choice, there would be a large dissent group? 20% at least? This doesn't sound like it was a real choice.
And consider how it plays out. If choosing the right way is a highly unusual action (1%), and you make this a personal responsibility thing, for any given T&C you cannot use the program. Both because they're too long to read and because you can't agree with them. No phone, no internet, no bank accounts, no entertainment. Since choosing this way already makes you highly unusual, this all just effectively cuts you off from society.
People cannot be individually responsible for mass behaviors. It doesn't really work. Mass behaviors are managed by memetics, which is a higher level force that only specific individuals, or groups of individuals, can actually manipulate.
So I disagree with you entirely. If anyone is responsible for the 99% T&C acceptance rate, it's pretty much never going to be individuals. If we do try to select a person or a group of people, it would be people who manage media and marketing, since memetics is their job.
I agree with your points about the incomprehensibility and onerous terms of such agreements. And in cases of coercion or semi-coercion (e.g., it can be hard to get a job without owning a cell phone), I can understand accepting the T&C's despite those problems.
That's why I'm limiting my argument to other situations such as Netflix and video games. For those situations, I'm arguing that adults should accept full responsibility for choosing to accept those horrible T&C's.
Humans are very flawed. If a person sends out thousands of bill looking letters (writing in fine print that its an offer), some will just pay without looking. Adware that infects machine and inject harmful code is being presented as free games, quiz, or antivirus and those get installed. Others will get called and accept unnecessary deals, with some elderly people pilling up multiple subscriptions. Those are just the grey legal areas, as then we have the world of direct lies, fraud and scams.
People are flawed or else 99% of the illegal activity in the world would not work. Competent and responsible adults can still be tricked, fooled or bamboozled. T&C are however useally about stuff that has a $40 price tag rather than $200k car, so there hasn't been much pressure to create laws to make it fair. There is also the aspect that when T&C get into the courts the legal system has been rather skeptical about the unbalanced terms and if it can ever been said that the consumer has had informed consent, so it usually sort it self out without political intervention.
The problem is the average adult doesn't get educated in the ways of contract law.
In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.
While everyone has the "freedom" to learn on their own time, it seems disingenuous to be able to legally bind people who honestly have no clue what they are agreeing to.
Also, from the tech perspective, UX demands that "onboarding" to a product be as minimally difficult as possible. Tech will ALWAYS give you the option to skip reading the EULA, and T&C because otherwise, most people would look at the terms being laid out and just say "Screw that noise."
You have a fundamental asymmetry which will be ruthlessly exploited.
If not by the legalese and banking on the user not understanding, then by the company just glossing over how skewed in their favor the terms are and rushing the user past the ugly bits to the custom designed addictive parts.
> In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.
There's essentially no barrier to entry to basic education in the field; there are classes on the basics in most undergraduate institutions (including community colleges)—corporations and contract law (plus elements of some other subfields) often under the banner of “business law”.
Availability of the class != assurance that every citizen has taken it and passed.
Furthermore, most tech companies don't even engage or give the opportunity to engage in the "negotiation" part of the contract forming process.A EULA or ToS document isn't a meeting of equals. It's a salesman rushing you down the hall telling you to sign, sign, SIGN!
In fact, if nothing else, technology has provided one of the finest examples of a cautionary tale with regards to a "delegatory" legal profession (a profession where legal literacy is contained to a specialized sub-population and where literacy of the full population in the intricacies of the legal system cannot be assumed). I'd be interested in seeing a chart of user accounts of major software platforms or providers at time of ToC/EULA change in order to run the numbers to prove it, but I have a hunch that due to arbitrary/periodic ToC/EULA changes, there is a possibility that the tech industry has generated more legal contracts that no user has bothered to read or understand than the entire legal profession has honestly brokered (I.e. ensured informed consent between both parties) in its entire recorded history.
Caveat emptor be damned. There is something fundamentally wrong with a system that could manage something like that.
Let's be real. You can't expect everyone to be fluent in legalese, just as you can't expect everyone to learn plumbing, masonry, electricity or carpentry just to pick the right contractor when remodeling your house.
> 99% of us were stupid enough to state that we accepted terms that we didn't even read.
It’s not stupid. It’s a smart, savvy practical decision. There’s not much reward for investing the time and effort to read and understand TOS which are not easy to parse. Plus we don’t have much choice. For the nontechnical user there simply isn’t an alternative service in most instances, much less one with a less onerous TOS.
B2C contracts are not contracts between equals, and it is as foolish to apply the same standards to businesses and consumers as it is to treat pedestrians like automobiles for purposes of traffic law. The reality is that businesses can afford lawyers to spend time on a contract they will use with a million consumers, but the consumers cannot afford lawyers for the hundreds of B2C contracts they are presented with in the ordinary course of life.
I would say accepting that we are flawed agents is pretty much the point.
If people are, in fact, acting stupid some of the time, prone to fall for certain persuasion tactics and subject to biases and common fallacies, then maybe a rule such as "as adults we're responsible for what contracts we enter into, except in cases of coercion" simply doesn't cut it.
PayPal is a company that just needs to go away. They screw people out of their money left and right. And for the cherry on top their ui is complete garbage
At a really high, generalized level (with contract law being a subset), I think the legal system (and in many ways society in general) has yet to really get a grasp on the concept of resource exhaustion attacks. We all know about DDOS as it applies to digital systems, but individual humans and the social systems we make also all have actual, hard limits on how much information we can possibly process, store, and communicate/move around. A lot of the foundations of law and debate date back to long before we entered the sharp part of our current information production J-curve, when it was much more possible for a single human to be more generalist and it was simultaneously simply more difficult and expensive to pump out hundreds or thousands of pages of contract and law. But those days are past, and at some point, to the extent we want (and we should want it) law to work for humans, there need to be actual principles around the fact that if something exceeds the time/memory/intelligence a human could reasonably apply to it then it shouldn't matter if "they could in theory". Let alone if they really couldn't, even in theory (not enough seconds left in their lives). Organizations may be able to act as superhumans here, able to subdivide work and specialize towards a single goal, but for regular actual humans resource cost should be a fundamental consideration of legal validity.
I'd like to see this improved for both sides of the equation though FWIW. I agree that as a user/consumer, the EULA/TOS situation is intolerable and that there's a lot of sketchy or outright bullshit stuff in many (maybe most) of them. But I do think some of the contents are also genuinely guarding against liability that frankly really just shouldn't exist by default either. If someone writes up some software or makes a service and just puts it out there on the open market with no promises, they shouldn't need any sort of contract at all saying they won't be liable if it's used for life-safety critical applications for example (EULAs/TOS are full of this, right up to "this is not for nuclear reactors you fucking idiot" clauses). The law should provide for minimal basic standards and simple money-back guarantees for lack of performance, but just as users shouldn't have to read a 50 page EULA that somewhere buried within tries to take lots of their rights and lay claim to as much of their information as possible and such, so should developers not have to worry about being sued because there was a bug unless they've actually affirmatively promised there wouldn't be a bug. Major liability should tie into things application promises and SLAs, which would be more generally negotiated between entities who can reasonably handle the increased information and legal complexity and think it all through.
I do really hope we see some standardization all the way around. It seems like there could be some real win/wins in this area, and that it's not necessarily that politicized either.
The really scary part is that any form of democracy itself rests on a similar assumption. Time, human attention, and learning capacity are all finite and no longer map well at all to an abstract, unbound ideal of civic responsibility or awareness. Other countries seem to interpret contract law differently as well. https://europa.eu/youreurope/citizens/consumers/unfair-treat...
The basic law relating to online terms and conditions has been stable for some years now and should remain so. It certainly is not headed for a "reckoning."
When private parties transact business in a free society, the law of contracts steps in to provide rules enabling them to do so in a well-defined and orderly manner. Contract law has some fundamental principles that anchor it and, beyond those, has a vast number of intricacies that potentially can come into play in individual circumstances. Concerning fundamentals, for most executory contracts to be enforceable, you need to have mutual consent and some exchange of consideration. That is, a meeting of the minds on material terms and an exchange of value. When these elements exist, the law considers a contract to be binding and imposes legal consequences for any breach or failure to perform. In order to avoid chaos, it further stipulates that the core principle (meeting of the minds) is not based on purely subjective factors but on what a reasonable person would believe in the circumstances. This objective standard enables commercial transactions to proceed without endless second-guessing about what the parties might have desired or meant when they contracted in any given transaction. Because of this, while it can easily become messy in any given case, most contract situations can be legally evaluated with a fair degree of certainty and parties can plan their affairs and determine their rights accordingly.
The above describes what might be called a very high-level summary the central tenets of the common law of contracts in the Anglo-Saxon legal tradition. If someone reasonably can be said to have consented to a given transaction involving some exchange of value, legal rules applied to govern how that exchange took place and what would happen if some breached his or her agreement.
When it comes to terms and conditions in online commerce, the law generally applies this body of contract law but does so via what might be called the fiction of mutual consent between the contracting parties. It is well known that the vast majority of persons do not bother to read such terms and conditions when they click on the "Agree" button. Nonetheless, the terms and conditions are legally binding upon such persons. Why? Because it is assumed that the person read and understood them in clicking. And that assumption is what makes it a fiction. In effect, the law says, "we will pretend that the person read through the terms and knowingly agreed to them." Given that this legal fiction effectively substitutes for a true consent, the law can proceed along its merry way and treat this contract as it would any other, i.e., treat it as binding and enforceable upon the "contracting" party. In effect, to preserve orderly rules of contract in such transactions, the law effectively says that the terms and conditions are legally binding if they are such that a reasonable person who had taken the time to read through them would have understood them to have a certain meaning (that is, the "reasonable person" meaning that the law will enforce upon the person doing the clicking).
This fundamental approach to terms and conditions in online transactions has not changed one bit in some years and is under no risk of being changed. Because, without it, you could not practically have any semblance of legal orderliness in online transactions.
Moreover, while it is often said that dense legalese is undesirable in such situations, courts generally enforce such legalese without hesitation, even if a complaining consumer says until he is blue in the face that it could have been put in easier-to-understand plain English. There is no legal rule that requires contractual language to be put into plain English and there are some types of contracts where an attempt to express the legal requirements in that way would cause a loss of precision or lead to other problems. Whether something is expressed in plain English or not, then, typically does not affect its enforceability in online transactions.
Again, nothing pervasive is happening in the law affecting online transactions so as to require use of plain English to make terms and conditions enforceable.
None of this is to say that there are no protections in existing law when people try to use weasel language to defraud others or use language that is so imprecise as to mislead consumers or use language that is so ill-defined or vague as to leave important matters uncertain to the other contracting party. In all such cases, existing common law has remedies of varying kinds to say that such contracts are unenforceable or that some remedy applies in favor or an aggrieved or defrauded consumer. But, in practice, these are edge cases, the ones that wind up in dispute or in court. The vast bulk (99%+) of the commerce that occurs is covered by the general contract rules and proceeds in an orderly way because the rules are known and predictable.
Against this background of the common law contract rules, it is possible for persons to want to modify the existing rules on grounds that such rules are unfair to the consumer and or are not based on true consent by that consumer or for some other public policy ground.
This is where special public-policy-driven enactments come in to modify the standard contract rules. Legislatures can adopt special laws dictating outer bounds to how businesses can use the private data of consumers as such data may entrusted to them. In this area, perhaps, a form of "reckoning" may occur if it is determined that companies such as Facebook ought not to be able to sell or misuse private data to the detriment of their users. This is an important development and serious changes may be afoot affecting such special areas. But this does not affect the general principles by which online contracting occurs.
There could also be proposals mandating that plain English be used in terms and conditions or requiring this or that form of mandated disclosure to help ensure greater consumer understanding but all such proposals come with decided trade-offs that typically make them impractical. The reason for the fiction of legal consent in the current system is the supreme utility that comes from allowing millions of online transactions to occur every day without incident based on orderly rules known to all. You can change all that through legislative enactments saying that public policy requires a different system that is more fair to consumers. But at what price? That is why the current system is and remains solidly in place.
To underscore the importance of utility, I have been legally trained and have years of experience such that I could easily read through and comprehend the legalese that is found in most online terms and conditions. Yet, with rare exceptions, I am just like everybody else and will click "Accept" or "Agree" without reading anything and without a second thought. As a lawyer, I can't say that I am proud of this but I can say this is human nature. The issue is not primarily that legalese or plain English will make a difference in understandability. It is that we take the path of least resistance when not much is at stake and we don't want to be bothered. Try as we might, no law will solve that problem.
Its beyond even being a legal fiction in many situations. There is no option for most people when it comes to certain terms and conditions.
Take phones for instance. You cannot live in modern society without a phone. You will not be able to get a phone, without agreeing to one of these long terms and conditions. They come from landline providers, they come from cell phone providers, they come packaged in the box in the cell phone from prepaid phone sellers.
How is saying, you're cut off from society or you can agree to a contract designed in a way that you have no reasonable chance of actually understanding it, something we want for society?
For practical purposes, you can’t secure a dwelling without signing a long, complicated contract (be it a lease or a mortgage note). Yet dwelling is a necessity, even more so than a phone. And, in these contracts, so much more is on the line. According to your argument, you should not have to be bound by the terms of these agreements. You may indeed believe that, but I hope you can see how much of our society is based on the assumption that these agreements have force, and how far we are from moving to a state where they do not. You may wish it were otherwise, but there is essentially no chance of that change being enacted in the foreseeable future.
I know, we can't just throw out the concept of a contract with our current society and I don't think there would be a benefit in doing so. However mortgages are something that rarely have side effects surprise the signers. Terms of service seem to surprise the majority of individuals who agree to them, and as the poster above said, the idea that anyone agreeing to them understands what they agreed to is a fiction.
Why terms of service are having a different outcome is something that should be figured out and mitigated. We shouldn't just keep charging forward on something where the outcome is bad for the vast majority of individuals in society, just because we've always done it that way
> However mortgages are something that rarely have side effects surprise the signers.
I really don’t agree with this. Are you aware of the existence of adjustable rate mortgages?
Not the OP, but yes I do, and I'd argue that is one of the parameters that most people learn about when they get a mortgage.
The trouble is, with an online service or a phone, we don't even know what the parameters are.
"EULA and T&C can change without notice to you."
This is, in a nutshell, the problem.
I told the title company handling the closing of my first home, in 1982, that I wanted a copy of every document I'd be asked to sign 3 weeks before the closing date. They told me they had no process for doing that and they would look into it. From that day forward I never went into a real estate closing without a real estate lawyer.
Yes, I have several adjustable rate loans, and they do still surprised people, they just aren't on the level of surprise of nobody even reading it because it's too long and complicated to understand
I'm not sure I agree with the previous poster about phones, but I never signed a 50 page lease agreement. Typically they have been about three pages. Buying a house requires a bit more and a home loan requires a lot more, but it's only once you are taking a home loan out that you end up with a contract comparable to what internet companies come up with. Further, when you take out the home loan and make the purchase, there is a human being to walk you through the details. Also, I consider a house purchase to be significantly more serious than a pay-go phone.
I think there are some US states where housing rental/lease agreements are regulated to be shorter/simpler. I want to say our lease in Washington was only 3 or 4 pages. Whereas, I recall other places have been in the dozens of pages.
Of course, I'm one of the minority who reads every page of those...and everything singed when buying a house. Luckily, most title companies will supply copies ahead of time.
My mortgage is easier to understand than any of my software licences.
Just sayin’
I read my mortgage note cover to cover, and also the Facebook T&C front to back. They both seem pretty easy to understand to me, tbh. The standard CA home purchase contract is the scariest of the three, because there are so many options that can cause huge swings in value and liability.
Plain English requirements for financial services (in the UK, not uncommon elsewhere) are a pretty decent example of why you're wrong.
In those scenarios, the bar is moved up a notch to informed consent. Parties must know exactly what they stand to lose.
A fair explanation of how your data could be leveraged against you should be a requirement because users don't understand this currently.
No matter how plain the language is, it cannot benefit someone who doesn’t read it. You may argue that the lack of plain language in T&C causes the lack of reading. But there’s a natural experiment here in the form of those same U.K. financial services terms you mentioned. Do you honestly believe that a large fraction of U.K. financial services consumers are informed about the terms of financial services they are consuming? I have no data here, but the concept beggars belief. Even if they are ten times as informed as American consumers of internet services, that would mean order 1% of consumers had read the terms, as opposed to 0.1% if people reading web T&Cs.
Even that strikes me as very unlikely, just examining my internal estimates how likely I’d be to read terms and conditions if they were in plain language. I don’t think the impenetrability of the language is the main barrier to reading T&Cs. The main barrier is that there is little on the line, and, moreover, I can already guess approximately what the T&Cs are going to say.
This is just a gut reaction. If you have some data to show that U.K. consumers are significantly more informed based on these plain language requirements, I’m happy to recant.
I think we're talking about slightly different things here. While many financial institutions (and others now) will provide a plain English explanation of the whole contract, I'm just talking about the key terms.
"Your house may be at risk if you do not keep up with repayments. Variable rates can go up and down." etc.
These sorts of things are required not just at point of agreement, but everywhere a financial product is marketed. They're short enough. Same thing as you'll see in where medical marketing is allowed.
So in that vein, before Facebook takes data about you, it should be explaining that they and their partners operate a marketing platform that is used to monitor and influence your political views. That they can use your photos of you and your children and others for their own marketing purposes. That licenses you grant them to your content are everlasting and irrevocable.
Somebody did a "joke" list of what Facebook's might look like https://signupforfacebook.org/
It's over-done (on purpose) but initialling each term like this should be a requirement for contracts that subvert your rights [to privacy, here] as is required elsewhere.
I don't have data on the efficacy of said warnings. The rules here have existed longer than I have. But it's not illogical to suggest that forcing somebody to actually engage with the text before they give up data will mean more will read it.
The main barrier is that the length of T&Cs is completely unreasonable relative to what is at stake. How can someone be expected to read through and understand something the length of a short novel just to post a few images online or something?
No offense, the length of your comment reads like a Terms of Service Contract.
Was a time long, thoughtful, informed comments on this site garnered plaudits rather than gripes. Considering this is one of the only informed, reality-based comment in the entire thread, I think it’s best to engage with and appreciate it, rather than making easy jokes.
I’ve read your entire comment and still think that the GP is an appropriate joke. You gave a good overview, in clear language, trying to be as concise as possible. The result us still quite long, in fact I guess it is long enough that most commenters won’t read it in full, just like a typical T&C document.
Contracts are long for good reasons, but excessive contract length is a real problem.
The US is set up to be regulation-lite and litigation-heavy. As such, contracts tend to be rather encompassing, lest they be vulnerable to litigation.
You also seem to be missing that your parent and the GGP are not the same account. The original comment was written by grellas, a longtime HNer and valued contributor. I doubt grellas runs sockpuppets considering he had a YC connection at one point, IIRC.
Presumably we can be assumed to have read it...
Grellas is indeed a lawyer.
We could tell you were a lawyer by the length and obtuseness of your comment alone.
That is a very rude thing to say.
The question is whether all the data that is collected from online consumers is actually required in order to fulfill the ever-growing number of online transactions. What data is needed to purchase a product or subscribe to a paid service? Perhaps name, billing address, payment details, etc. Any data collected above and beyond that minimum may be rightfully questioned and might reasonably be considered "optional".
Facebook's data policy has now increased from something like 2700 words to 4200 words.[1] Putting aside the question of whether this makes it more or less digestible by users, some are saying the new policy may make more clear what data Facebook is collecting. However the question remains: Why are they collecting it? This is perhaps the fundamental question and one that underlies the GDPR. With respect to each item of user data: Is it neccessary to collect it in order to provide the product or service.
Is there a minimum amount of data that must be collected? Is the amount of user data that Facebook is collecting above that minimum?
Facebook is clearly a business. It is selling a service. There are paying customers. However there is a question whether users are actually the "customers". Is the relationship between Facebook and users a commercial one?
How does one quantify the "price" that users pay. What are the users affirmative obligations under the agreement? What is the user's end of the bargain. An agreement to allow herself to be studied?
What is Facebook's end of the bargain? Does it have any affirmative obligations regarding service? What happens if Facebook fails to perform their end of the bargain? How is the value of the service quantified?
Does this arrangement at times seem tantamount to users agreeing to take part in an elaborate, ongoing "marketing survey", where their behaviour online will be recorded, observed and analysed? Does this make the user agreement different from a traditional commercial transaction?
Is the relationship between Facebook and advertisers more like a traditional commercial transaction? What data does Facebook collect about its customers, advertisers? Is it only the minimum needed to provide the service?
Is joining Facebook the modern equivalent of taking part in Nielson ratings, agreeing to have a monitoring device attached to ones television recording ones viewing habits.
1. https://gizmodo.com/weekend-long-reads-facebooks-new-data-po...
Yes. There are two separate issues here, I think.
1. When corporations "negotiate" with consumers, this is an abuse of the legal system. Contract law was conceived for situations where both parties have at least some amount of negotiating power. Handing a consumer some long contract written by a set of well-paid lawyers, and asking them to sign it or walk away from any benefit from a product, is not the kind of contract we want in our society. In the past, we've used group association - collective bargaining, class action lawsuits, etc. - to solve this problem of many consumers, each with almost no power, negotiating with a big corporation with all the power. Arbitration clauses, and non-competes, are often examples of abuse of this power imbalance. This situation is the kind of thing government exists to do - solve problems for its citizens by working collectively. So perhaps regulation is also a remedy.
2. Informed consent, vs. terms-and-conditions consent. Click-through agreements with many pages, written by a legal team, in which the alternative for the consumer is to walk away, cannot be seen as informed consent by the consumer. When Facebook asks users to click "yes" for disclaiming privacy rights, that's not informed consent. We already have a definition of informed consent in scientific experiments, and it requires understanding every word of the consent and no penalties for saying no. (If a scientist offers subjects $10 for participating, the scientist must pay that $10 to anyone who declines the consent form.) Consent forms must evolve to match informed consent in science.
If as a society we deal with these two issues, we'll be in a much better place, and we'll be dealing with wealth concentration (into the hands of corporations), a key issue for our time.
One other comment for non-lawyers here:
When two companies negotiate a contract, typically what happens is this. One team of lawyers drafts the contract. They send it to the other lawyers. Both business teams consult their lawyers, and the lawyers update the contract with their desired changes. Then the first company comments on desired changes and they negotiate.
The result, after perhaps many rounds of negotiation, is often a far different contract than was originally proposed.
That is NOT what happens with consumer terms and conditions agreements, or cell phone contracts. There, the company's lawyers draft a contract that is as favorable to them as is legal. The consumer does not have the legal team or negotiating power to push back: their choices are to sign, or to walk.
These quite different contract processes are worth thinking about. Is this the way we, as a society, want contract law to be used?
What you're describing is just an adhesion contract, and it doesn't happen only with consumers. For instance, around here the supermarkets have a lot of bargaining power over their suppliers, and make use of rather lopsided adhesion contracts (e.g. the supermarket decides whether, how much, and for how long to discount the product and the supplier pays for the discount).
> There, the company's lawyers draft a contract that is as favorable to them as is legal.
In fact, they will frequently put in clauses that are known to be invalid, hoping that customers simply cave in when shown the clause.
Sometimes I wish that severability clauses were not allowed in contracts of adhesion so that lawyers would be forced to only include terms that were actually enforceable or else have the entire contract become invalid. Obviously it wouldn't work very well if even a small mistake made in good faith could invalidate an entire contract, but the problem of companies hoodwinking customers with unenforceable terms has gotten out of hand.
> hoping
*knowing
Are you an attorney?
> If a scientist offers subjects $10 for participating, the scientist must pay that $10 to anyone who declines the consent form.
Any resources I can learn more about this? An acquaintance of mine runs a research group at a university, designing and executing survey instruments for other groups. Periodically asks me to help her with leveraging Facebook Ads for participant recruitment when her traditional targeting means falls short (generally surveys that need participants less than ~35, but sometimes for other unique targeting requirements).
The ads usually advertise a gift card for qualifying and participating, and the only branch of the survey that includes the gift card portion is the one where participants both complete the survey and don't get routed out by the initial qualifier questions. The recruitment ad copy, the survey instruments, etc all have to go through IRB approval, so I assumed that process was all above board.
In fact, in Germany any Terms and Conditions which have not been presented to the customer before a purchase contract are completely unenforceable, not part of the contract. And in those he has been presented before the contract, any "surprising" clause is also automatically void, plus various other restrictions apply.
There is also a EU-wide regulation ensuring similar laws exist in all EU countries.
> it requires understanding every word of the consent and no penalties for saying no
That sounds noble. However, the actual practice of getting patients consent for medical trials is pretty much the same as a website ToS click-through [1].
[1] Source: it used to be my dayjob to sign patients on consent forms.
How many of the 51 titles of the United States Code am I, as a citizen, expected to have read and understood? Isn't Mr. Graham being a little hypocritical?
Even consent itself is something that's overly fetishized in our society. It's a sign that a group's common understanding of people's basic rights and responsibilities has fallen apart. So everything comes down to some idealized notion of "consent" which, in a well-functioning society, is necessary but not sufficient to determine whether an action is acceptable or not.
Standard form contracts have long been given greater scrutiny by the legal system: https://en.wikipedia.org/wiki/Standard_form_contract
True of legalese in contracts, but also Law in general has multiplied like Gremlins.
Hammurabi's code of laws, was written in common language, and was brief enough every subject could understand them.
It makes no sense that we should be subject to a volume of law that we could never even read, let alone understand.
Musk is correct in insisting that laws should expire, and it should be easier to remove a law than add one. Minimum Viable Law.
Long ago lay people had no idea what the bible said because they could not read Latin. Well lawyers are the new priests, legalese is the new Latin.
Do you think allowing programs to be specified in plain English is a good idea?
We have "legalese" for the same reason we have programming languages. Terms have specific, sometimes slightly different or more narrow meanings to promote better understanding of intent in languages meant to specify a set of rules.
Specifying laws in "plain English" makes about as much sense to me as programming in English. You'll quickly find that for all but the most trivial of things the ambiguity of the language works against you.
> We have "legalese" for the same reason we have programming languages.
The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.
"Legalese" is a programming language that allows unsafe pointers. It's compiler not only permits but encourages the use of preprocessor directives to redefine variables and operators. Everything is globally scoped. Nothing is protected. Everything can be overridden. Multiple inheritance is expected.
Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".
> The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.
Brief plain English would be about as bad. English with similar verbosity would be much worse. Obfuscating meaning in colloquial English is so trivial it happens on accident when communicating through text on a regular basis.
I'm not arguing that legalese is good, I'm just arguing that it's better than English, specifically because terms have been carved out over time to mean very specific things when used in a legal contract, and that provides for less ambiguity. It does require foreknowledge, but so does every sufficiently complex topic.
> "Legalese" is a programming language that allows unsafe pointers.
With regard to clarity, if legalese is C, English is dictating pseudocode to someone else who is translating to assembly on-the-fly.
> Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".
So let's make it better! But coming up with a more specific legal language will require even more training to understand than is currently required, and that's the opposite of making it easily understood by the average person.
My own comparison would be that Legalese is like Perl. It is familiar enough that most laypeople can look at it and get a good idea of what's going on, but it's definitely easy to write in a way that is nigh incomprehensible, either by accident on on purpose. In addition, the familiar appearance of the language hides some advanced conceptual differences that bite the unaware (context in Perl, specific meanings of common terms in legalese).
A new version of legalese might be more akin to Rust or Haskell. Very specific, very exact, but it requires much more up-front learning to understand exactly how everything works and what it means.
In other words, the learning curve would be steeper but the dividends paid for learning it would be greater.
Extending the source-code analogy, a lot of legalese needs more comments saying what the code is supposed to do, so that when a problem arises the legal system can actually debug it and better determine what raw code is is accidental or deliberately-misleading.
Unfortunately some of those comments are never made, or are separate READMEs and not systematically tracked alongside the code itself.
That’s a very interesting idea. I feel like the next logical step after that would be unit tests.
I agree, "write-only" Perl is perfect analogy
> Do you think allowing programs to be specified in plain English is a good idea?
The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.
That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.
> That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.
If you write software to control medical equipment in Brainfuck, it's potentially of consequence to a great many people. Same for autonomous driving routines.
Trying to make things clearer is a good cause. Expecting that everything can be made clear enough for the average person is a fool's errand.
Do we expect the circuit layouts of CPUs to be understandable by everyone? Because we are surely affected by those, in very many aspects of our lives.
Do we expect the full engineering and aeronautics behind an airplane to be understood by everyone? Everyone who flies puts their lives on the line based on those principles and the engineers getting it right.
Do we all expect to understand the numerous ways in which our bodies can get hurt, or interact with chemicals, or develop diseases? We trust doctors to figure out the complications there.
In each case, we've trusted domain experts to sort through the very complex topic and distill the knowledge into a useful form for us. In each case, we also generally know a core amount of the topic to help us navigate the everyday portions. CPUs work by providing a very low level core set of instructions that can be followed. Airplanes work through thrust, airflow and lift. Our bodies deteriorate over time, and if we put bad stuff in, they don't do as well, and some common diseases are known (cold, flu, etc).
The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.
Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.
> The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.
Using Brainfuck is an extreme example but you're taking it to its logical conclusion - off a cliff.
The difference is, the law affects and is applied to everyone. Contracts can and do affect the average person. However, only a domain expert has do deal in code.
We do not expect or require a normal person to read a 5,000 LOC piece of software, or risk giving up rights to participate in everyday society.
> Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.
I'm certain we can put together a reasonable "tl;dr" requirement for contracts targeted at the layman, e.g.
"""
- You may use this application (See: Section A)
- You will pay X per month (See: Section B)
- Late fees may apply (See: Section B, Sub-Section 2)
- We may collect user data (See: Section C)
- We may sell user data (See: Section D)
- We reserve the right to update the terms of the service (See: Section E, Sub-Section 1)
- We reserve the right to cancel service for any reason (See: Section E, Sub-Section 2)
"""
Make the tl;dr non-binding so long as a reasonable person, a typical legal standard, would understand the legalese to have the outcome.
One need not write a "literate contact," nor abandon all of our legal history, terms of art, etc. to improve things to make them more approachable for a normal user.
I have absolutely no problem with trying to make legal documents, contracts, TOS, etc more readable by providing additional information. I just think the idea of replacing what we have with something more like regularly spoken English would be problematic at best, because a lot of the problems we have with interpreting the law are because it's so close to an actual spoken language, and Human languages thrive on ambiguity.
> The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.
I've found that this is generally less true than I imagine it to be. A lot of law is not actually so difficult to understand. Legalese is still English, and Google is great for figuring out the odd meanings of certain terms of art.
Most of the exceptions I've come across (e.g., buying a house) are IMO actually intrinsically complex transactions. I could undestand, but it'd take so long. And the time taken would happen even if we only had the laws we needed and all those laws were written in plain english. In software terms, lots of essential complexity.
Going back to the article, the problem with Facebook's terms and conditions is definitely not understandability -- see https://www.facebook.com/policy.php. The average high schooler could understand. The problem is people caring enough to 1) find, 2) read, and 3) inconviencance themselves if they don't like the policies.
I beg to differ.
> Waving a 2-inch-thick printed version of the social network’s user agreement, Senator Lindsey Graham quoted a line from the first page, then intoned: “I’m a lawyer, and I have no idea what that means.”
1) Two inch thick I've read some pretty long books in my time but that takes the cake. Most people these days don't even have enough attention span to read a complete internet article. How do you expect them to plough through hundreds of pages of legalese?
2) “I’m a lawyer, and I have no idea what that means.” Do I even need to say any more?
You can simultaneously believe that
* FB is doing their absolute best to make sure no "user" understands what they have agreed to
* writing the law in "plain english" is the stupidest thing I've ever heard of in my life. See the multi million dollar lawsuit this year about whether a missing Oxford comma changed wage rules for a class of truck drivers. Any attempt to write law in plain english introduces giant ambiguities [1].
[1] https://www.nytimes.com/2018/02/09/us/oxford-comma-maine.htm...
That law you cited was not written in "plain English." It was Maine's legal code. And it was ambiguous.
And plain english would have made that better?
Easily.
In the sense of introducing far far more ambiguity and making the law incomprehensible, yes.
You obviously didn't look at the law you are speaking about.
> FB is doing their absolute best to make sure no "user" understands what they have agreed to*
But before making this argument, one should go read FB's ToS and data policy. Here they are:
https://www.facebook.com/terms.php
https://www.facebook.com/policy.php
Where, precisely, is the bit where they steal data from my phone about sms and phone calls?
> Where, precisely...
Right here, clear as day: "We collect information from or about the computers, phones, or other devices where you install or access our Services, depending on the permissions you’ve granted"
Also notice that if they have that data, you explicitly gave permission to access phone/SMS data in the app install process; i.e., you granted those permissions.
> ...steal...
Again, that's the problem! Facebook didn't STEAL that data. They took it with your permission. And they were actually very clear in their policies about the fact that they could take pretty much anything you gave them device premissions to access.
This is NOT a "users can't understand legalese" issue. It's very clear from the above sentence in the data policy that Facebook has the right to record arbitrary shit off of your phone/computer.
This IS a "users don't care and don't have any data clawback rights" issue. Or perhaps a "users are too trusting" issue. But any high schooler could interpret the above sentence as meaning that Facebook does, technically, have the right to collect any information from your phone if you give device permissions.
The distinction is important because it determines appropriate solutions. The solution is NOT making ToS easier to read. The solution is stronger consumer data rights (aka a mechanism to clawback data after the fact) and better consumer education (aka be paranoid)
If you think that merely making ToS easier to read and understand will substantially change consumer behavior, you're in for lots of disappointment.
No, it's not clear at all, and wasn't clear to virtually anyone who agreed to it.
Care to propose a rephrasing that's more clear? If the average person can't understand the meaning of that sentence, the only real solution is to improve K-12 English teaching.
> and wasn't clear to virtually anyone who agreed to it
Virtually everyone who agreed to it never bothered to even try to read the policy in the first place. So, really, what difference does that make?
Again, the fundamental point is that chasing ToS clarity/readability/length is a losing battle. The majority of consumers don't care enough to read, no matter how simple you make things. Improving this metric won't make a difference. This issue is a red herring. Focus efforts elsewhere: consumer education and consumer rights.
Facebook terms of service: https://www.facebook.com/terms.php
Facebook data policy: https://www.facebook.com/policy.php
I agree Lindsay Graham is a skilled orator and politician. But if he blew up the font size until those pages required two inches of 8x11 paper, he must have just terrible eyesight ;-)
Also, neither of those documents is terribly difficult to understand. Like... where, specifically, is Graham getting horribly confused?! Point to the concrete line in one of those two links that requires something beyond a high school education!
Now, I'm sure there's nuance I don't pick up on. But I definitely feel I can understand the ToS and privacy policy without consulting a lawyer.
I don't think some of the terms are fair. But that's a consumer rights issue, not a "legalese" issue.
More generally, on two occasions I've had to get in front of a real judge in a "real" courtroom and make an argument based upon some written piece of law I had to look up and interpret myself. In both cases, I was able to successfully convince a judge that I was on the right side of the law without the help of a lawyer. I'm certainly not saying that's always possible, but I do believe there is a lot of "learned helplessness" when it comes to digging through legeal code or contracts and reading legalese. It's a PITA sometimes, but in many many cases it doesn't require years of training.
I wonder if it would be possible to create an AI that, given a legalese text, could output comments for each fragment explaining and showing examples of what it means. Now that I think about it, wasn't genius.com doing something like that but using crowdsourcing instead?
Privacy policies actually use this as a rhetorical trick to confuse users. E.g., they'll say stuff like "we may collect any device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for any other business purposes. Examples of device information include: [insert list of benign things]"
Or, to put emphasis on the important things:
"we may (read: WILL) collect ANY device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for ANY other business purposes. Examples of device information include: [insert list of benign things you should totally ignore]"
But here's the problem with the "AI tell us all" approach. If you use ML to mine examples from existing policy texts, you'll end up showing the user all of the benign stuff that the companies put in to reassure users, because that's what the corpus contains. Therefore, your AI will emphasize exactly the wrong types of examples.
Also, notice that this isn't even a legalese thing. There are no legal terms of art or long-winding difficult grammatical constructions. It's just plain old good rhetoric. And it's hard/impossible to legislate away persuasion.
I always found the language in RFCs better than legalese. Just the fact that they specify up front what the words must, shall, required, etc mean makes it less ambiguous. I feel lawyers use the ambiguity of language to bend the law in the way they need at the moment.
Exactly. If the precision of the language of law was working we wouldn't need to fight over it in court. Our new tax code hadn't been read by anyone who passed it- and, as an accountant explained to me long ago- we won't know exactly what it means until we get to court.
Even if a reset is unsustainably simple, it's time for one.
Even if the law worked mechanically, we still need to argue it in court, since the law cannot encode the complexity of the real world anyway. It is perfectly reasonable for someone to break laws, so long as they have sufficient justification for doing so.
For instance, you won't be guilty of violating a law if you are coerced to do so, and the court still needs to evaluate what level of coercion you underwent, and that fundamentally requires human empathy.
The law is not meant to be employed mechanically. It's there to make society more efficient when handling the easy cases.
Courts would be the debuggers/testers. And their findings would need to be integrated into the legal code as they happen.
The problem is when it gets complex it redefines what should be the easy cases.
We use programming languages for tasks that do not require human judgement.
If using your product requires the detailed understanding of a standard EULA, my judgement is that I would not like to use your product without training. Think of all the details in those paragraphs that I might mess up!
But using these products does not require the detailed understanding of a standard EULA. It only requires you to click 'I Agree'. The EULA is not there to inform the user, it is there to ensure that your exploitation of them will not be punished when they find out.
The issue is that the law is something everyone must live by or face dire consequences. Given this, is it better to have programming for law that is specific but which only few can use (and normally to their advantage), or to have a more ambiguous medium that is accessible to the majority?
The ideal, a specific language everyone is proficient in, is best, but it isn't possible.
Our Plain English development system - unique interface, simple file manager, elegant text editor, hexadecimal dumper, native-code-generating compiler/linker, and wysiwyg page layout facility (for documentation) - 25,000 sentences, is hardly a trivial application. Yet we wrote it, conveniently and efficiently, entirely in Plain English. And the "ambiguity" of the language actually helped.
In Plain English you can, for example, say "Clear the screen" or "Erase the screen" or other similar phrases and still get the same result. So we could type our thoughts the way we happened to be thinking them at the moment, and didn't have to remember (or look up) the exact syntax of the routines we wanted to call.
The instruction manual is here:
www.osmosian.com/instructions.pdf
And the whole shebang (less than a megabyte!) is here:
www.osmosian.com/cal-4700.zip
Just download and unzip. No installation necessary. Exactly the same on any version of Windows from XP to 10.
Please address questions and comments directly to me:
gerry.rzeppa@pobox.com
But code allows for Plain English: Comments. And nobody writes code without clear comments right? Right? Dear god please tell me you people aren't doing that!?
Depends on what it is and how complex it is. Depends on how explicit the variables and functions can be named. Depends on whether the thing I want to express is a how or a why or a how to use. Depends on if it's a public API or an internal helper used in one place with an unambiguous name. Depends on whether the audience are first year CS students, 50 year old business majors, senior developers with years of experience, or all of the above.
Always do X, never do Y rules are rarely helpful.
Does the comment here really help with your understanding of the code? If you're just now being exposed to programming then it's not enough detail, if you've been programming for 20 years it's far too much noise.
Without getting too spicy here: What I was saying is that comments allow for people to provide "plain English" context to their code by giving a summary of what the code does, something that most contracts don't do. I was trying to point out that the example OP was using is a flawed comparison.
Code comments are typically written for whoever they're written for. I understand that"Plain English" might be a 2 sentence summary, a line by line review of each step, or a 3 letter reference to a common phrase, but it doesn't change that you have a tool available to you to provide summary context for potentially confusing or complicated pieces of logic.
I was also making the joke that if you're writing extremely complex pieces of code and not providing some kind of comment to accompany it in a setting in which that code, you're probably doing it wrong.
Some people should do some things some of the time, and other things never, but not always. Things can include writing comments for code. fixt
Legalese is not what you think it is, it contains perhaps even more ambiguity than plain English in many cases. As often as not legalese circles around the matter rather than addressing it directly and clearly.
> It makes no sense that we should be subject to a volume of law that we could never even read, let alone understand
Why does that not make sense? The law must cover everything from "dont kill certain species" to "don't commit this very specific type of fraud". Society is so advanced we need more laws. Of course Hamurabi's code was short because it didn't need to stop investment bankers committing fraud or voting laws to prevent racial bias or workers rights etc etc. Certainly there are improvements but you will never fit it all into one short book that a layperson could read.
The garbage part is not that there is a large volume of law, but that the law is made even larger implicitly through a system of historical precedent without being explicitly updated to reflect those changes.
As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.
>As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.
Another easy example in the opposite direction is how case law has substantially diluted the meaning of words like "infringe", "unreasonable" and "excessive" in amendments 2^1, 2^2 and 2^3.
As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.
Any support for that statement?
I think you would be hard-pressed to find a layman who, when presented with the commerce clause, replied that he had inferred the Dormant Clause [0] or Civil Rights Act [1] from it.
[0] https://en.wikipedia.org/wiki/Dormant_Commerce_Clause [1] https://en.wikipedia.org/wiki/Civil_Rights_Act_of_1964 - "... principally its power to regulate interstate commerce"
I dunno. Seems pretty straightforward to me. Commerce among the states is Congress's domain, so state laws can't unduly interfere.
Its also been interpreted by the courts to mean that you cannot grow crops you consume yourself, because you would have purchased the crops otherwise and are affecting interstate commerce.
Whether or not you agree with that interpretation, it would take some willful ignorance to say that the plain text reading of regulating interstate commerce means you can regulate all commerce because you might have bought something from someone otherwise
Wheat grown by a farmer for his own consumption, not bought or sold, not carried across state lines, can be regulated by Congress as it affects "commerce ...among the several States."
See Wickard v. Filburn.
If you don't want to look it up but still want to understand it, the gist is that by growing your own wheat, you're not buying wheat from farmers, which lowers the price of wheat that may be grown by out-of-state farmers. By growing your own wheat, you're impacting inter-state commerce.
At least that's the logic of the court.
This is the sort of loophole that allows it to apply to everything. By going on a date with person A, you reduce their willingness to spend money on certain products associated with people who don't go on dates, and increase their willingness to spend money on certain products associated with going on dates. Therefore, the federal government can make laws about who you date, and dating becomes considered a commercial venture (so freedom of association wouldn't apply, same reason freedom of association doesn't allow people to bypass minimum wage laws).
This is stretching the law beyond any reasonable interpretation, done so by the same government who gains a lot of power by doing so.
Seems like a poor conclusion.
If a started a business that picks peoples noses among multiple states, would Congress be able to regulate nose-picking by individuals on their own private property?
Laws are not meant to be an exhaustive blacklist. If they were we wouldn't need juries, judges and lawyers. Laws are rules of thumb that make it efficient enough to enforce a society's moral code to the point where it can be done at scale.
There will always be exceptions and details argue over and ultimately you need a critical mass of society to agree to abide by them to a great enough degree.
Expecting any reasonably non-homogeneous society to be able to agree on where to draw lines what constitutes bad behavior in anything other than the obvious cases ( murder, theft, etc) is naive. Expecting laws to cover the vast majority of bad behavior is naive. Expecting to be able to enforce that theoretical set of laws is naive. Expecting to enforce those theoretical laws without creating something akin to 1984 is just insane.
> Certainly there are improvements but you will never fit it all into one short book that a layperson could read.
However, the law could still certainly be shortened and simplified. The GDPR is written in plain English.
Yet GDPR is so vague that most companies I talk to about it have each taken very different things from it. "Except as required for security purposes" is a big exception.
It's not as big exception taking into account that the requirements are not about pieces of data that you can get and store, but about particular uses of this data.
If you previously had some private data in your core databases that you used for all kinds of things, finding an exception that allows you to store this data for security purposes doesn't allow you to continue business as usual - it won't permit you to use it for marketing purposes, for example, just as an exception that allows you to require and store some data that's needed to execute the service won't permit you to sell that data to third parties as was common practice earlier - for that you'll need to (try to, likely unsuccessfully) obtain the user's consent.
Traditional legalese has plenty of ambiguities, they're just hidden behind obscure language.
Do you believe that the law is infallible?
This perspective on the bible and Latin is not a good analogy. Most people could not read any language long ago, and priests in general serve several other purposes before reading/expounding upon the bible. From the standpoint of a believer, the bible was not expanded by human decision as laws are (canonical vs. apocryphal discussions aside). The bible was compiled in Latin by Jerome because it was the common ('vulgar') language of the people.
Of course, there's plenty to discuss and argue about in all of the above, but your comparison makes it seem like a done deal.
> Hammurabi's code of laws, was written in common language, and was brief enough every subject could understand them.
While laws being written in common language sounds like a good idea, common language is open to lots of ambiguity and loopholes. Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?
Funnily enough even the tightest drafted legalese is actually often subject to a range of ambiguity and loopholes. I feel it can be a quality inherent in certain language regardless of whether it's plain English or legalese, particularly if there is money at stake in injecting a degree of ambiguity into the language (which is what I'm paid to do!).
Overall, if done correctly there should be no issue with expressing the parties' intentions in plain English rather than using dense legalese. It's something I strive to do every day in my job for sure.
Of course I agree with your general point about laws being drafted to be precise and narrow, it's just that using legalese doesn't always secure this objective. Sometimes it's just clear that the draftsperson was having a bad day.
I agree. Wittgenstein had much to say that is relavent here, although he is referenced far more than he is read (unfortunately).
> Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?
But they aren't that either.
There will always be more diversity in real life than on paper. You can't predict everything that will ever happen.
The real problem is structural.
We have a set of laws and if they're overly broad and prohibit lots of things they shouldn't, nobody really notices because prosecutorial discretion is a thing. As long as prosecutors mostly don't charge honest people with the overly broad laws, nobody gets up in arms to fix them even though everyone is in violation.
On the other hand, if someone does something unpopular and there is no law against it -- or there is a law against it but there isn't a law specifically against it and Something Must Be Done -- then we get a new overly broad law.
Laws get added but never removed, and each one prohibits more than it should. Over a hundred years of this and you get Three Felonies A Day, the only reason everyone isn't in prison is prosecutorial discretion, and lawyering is an exercise in figuring out which parts of which laws you actually have to follow to avoid being prosecuted without ever admitting that that's what's happening.
As possible? Of course; nobody can be against that, but people will disagree about what’s possible.
I don’t think that means they should be more narrowly defined than they are now. That would mean a permanent weapons race between those finding and exploiting loopholes and the government, with those having access to the smartest lawyers (= the richest) staying ahead of the law.
For example, if “income” would be restricted to money received in exchange for services, companies would start paying in goods, for example by providing “free” housing, cars, etc. if the government includes such things in the law, companies could start paying out in gold, rather than money. When that gets included, companies could sell special (extremely cheap, no voting rights, must sell when leaving the company) shares to personnel, and pay most of the salary in dividends. That list is endless. Companies could start operating under the flag of Liberia, claim that they don’t pay you for work done, but that they charge you for the use of their machines, and that you sell them the stuff you made with them, etc.
The society became much more complex since the Hammurabi's code. You argument is similar to people's who say that programs are over-engineered, and should be much simpler. There's some over-engineering but the main cause is that the world becomes more and more complex.
> Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?
But in practice, it's the opposite. Law is full of ambiguities and loopholes. That's why we hire lawyers-- to find ones that work in our favor.
> Musk is correct in insisting that laws should expire
This is a terrible idea. Stability and gradual, generally understandable, evolution in response to real world conditions are positive attributes of the current precedent-based system that has grown out of the common law.
Why? What's so bad about forcing us to re-evaluate the reasons why given laws are on the books?
Plenty of laws are relevant only to a specific point in time, but they rarely, if ever, get repealed.
Take the US Chicken Tax. It was put in place in the 60s to deal with economic concerns with France and West Germany at the time (which no longer exists as such!). Why shouldn't it have been given an expiration date? Instead, it remains in perpetuity, with its provisions twisted every few years to suit the interests of auto industry lobbyists. This is perverse.
Some laws, like that one, should be enacted with an expiration date. Some laws even are - e.g. a lot of the post-9/11 surveillance state laws need periodic reauthorization. Plenty of other taxes are enacted as temporary, too, despite how routinely they're extended.
But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.
> But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.
I'm pretty sure that laws like that one would be renewed before expiration anyway -- and the current context would allow re-evaluation of penalty as well, which might be something useful to reconsider every couple of decades.
But that renewal provides a hook for legislators to attach all kinds of distasteful things to it.
It would be an excuse for political and legislative brinkmanship on a schedule. They can always make changes to the details without a clock adding artificial urgency. It's clear it's the kind of law we want on the books, and to have a penalty on the books, indefinitely. Unlike, say, the chicken tax.
One question then, is whether laws are generally more like murder, or more like the chicken tax. I don't know, but I suspect there are more chicken-tax-like laws by a considerable margin.
The current default is accretion. There is no end to it. We will drown in laws.
I disagree. Of all ideas, I think this is his best one.
It's a great idea until "no murder" gets held up by the minority party to win leverage on some other issue. There'd always be some critical law to play chicken with.
> Law in general has multiplied
It's no surprise reading the comments here and elsewhere these days. The media helps build a furor amongst people, and people believe there is no other choice but to use the heavy hand of the government to solve their issues. Many times it's done without alternatives attempted first with the proponents criticizing those against a law as against its intentions. We see it with the Patriot Act, GDPR, etc.
And as global internet laws are written more and more by governments of citizens who implicitly trust them a lot (often just guessing at what can solve the problem instead of empirical evidence based on timid baby steps), their tentacles spread to the point where only those with resources can abide. Things happen in waves and I can only hope we'll come around to not adding laws and regulations all the time.
The power of corporations is at this point like a smaller government with some companies wielding more power than smaller nation states. We are currently in an upswing of corporations extracting more and more money out of people and trying to control them more and more. What are people supposed to do? Wait for companies to just change out of the goodness of their hearts? You cant even talk with your wallet anymore when many practices that are anti consumer, such as tracking every bit of data about you and selling it to anyone, are industry wide practices, couple with the fact that the larger corporations are inching closer and closer to the same level of monopoly power as the robber barons 100+ years ago.
Government overreach is bad, and the government is frequently a bad actor itself, but at least if they are trying to cancel out corporations power we end up with both groups hobbling themselves a bit
Hammurabi's code was simple, but did little to deal with edge cases.
One of the reasons that the body of law has grown as large as it has is because of said edge cases.
Rule of law is a really good thing in most societies.
This comment could be made about software and programmers and make exactly as much sense.
One thing I’d like to see outlawed is forced arbitration. Waiving someone’s right to a lawsuit is just wrong and only serves to benefit the company.
They're outlawed in some countries, notably in Europe.
EU rules presume pre-dispute arbitration clauses in consumer contracts are invalid. France and Sweden completely prohibit consumer arbitration in certain cases. Germany won't enforce a consumer arbitration clause unless it's in a separate, signed document or part of a fully-notarised contract.
Lots of information available at https://www.hausfeld.com/news-press/mandatory-arbitration-in....
As another example, Quebec has similar rules for consumer contract. They also forbid contracting for a different choice of law, and unless through a notarial act (in the civil law sense of notary rather than common law notaries public), also forbid stipulating a different domicile to avoid the jurisdiction of their local courts.
Just like with your European example, none of this applies to business-to-business contracts.
What's even more odd, is that in some cases the company gets to select the arbitration company (and repeat business is based on outcomes).
I was amused to read recently that, thanks to having an ancient Yahoo! mail account, I am now subject to binding arbitration when I have a disagreement with a Yahoo! spinoff called "Oath." Also, I cannot participate in a class action or jury trial. That should work out well for me the next time they leak all of their user data.
Yep I saw that too- and I still use them b/c of stuff I set up a decade ago. I'm just not sure it's in fact worth the trouble to change (they are Verizon now).
And contracts that forbid people from joining class actions.
What I want is a standardized set of icons, which grant or deny specific things, that all websites can agree on, sort of like the ones available for software licensing, here:
https://creativecommons.org/licenses/
It would be great if we could "standardize away" the whole T&C fiasco.
You're in luck at least when it comes to privacy in the EU! The GDPR makes various references to the creation and use of standardised icons to give a meaningful overview of the intended data processing. I know, I know, another GDPR reference but I thought it was interesting to note that a piece of regulation is pushing implement precisely what you were talking about, albeit in the field of privacy.
We have standardized nutritional labels in the United States and I would like to see a similar standard for terms and conditions. Icons could be part of it but also leave room for text and listing of what common data (email, ip, name, etc.) the service will collect and how they will use it.
This is a great idea
Icons are good. But would be even better if they were switches the user can turn off/on.
That sounds like a GPL loophole to me.
It would be much easier to extend and replace if someone could turn off the condition " You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License." [0]
I'm all for making these easier to read, but they shouldn't be line-item veto.
[0]http://www.gnu.org/licenses/gpl-2.0.html
I agree you should not be able to change a software license but if Facebook had an icon for each thing they did like: [share with 3rd party] [sell your info] ...
Would that hold up in court? An icon?
Like many things, it depends. As long as one can demonstrate that the icon in question has a clear meaning to a "reasonable person" or "typical user", then use of the icon would likely hold up in court.
> If a typical user wouldn’t understand the documents, the consent that companies rely on for their business activities would be legally invalid.
I like that standard, seems to comport to the "meeting of the minds" requirement for a valid legal agreement/contract.
I totally agree. The terms and conditions, or some offering of them, should be available in the same way that quick start or full guides are - in a form that adds to the usability of the service. E.g. "when you upload a photo, ____ owns the photo, for _____ period, and may do a, b, c, and d with it"
The problem is that legal terminology doesn't always match conventional descriptions of what's happening.
Copyright is actually a perfect example of this. In order to send my photo over the Internet to other people who want to view it, you need much more than the legal right to display my picture. Sending a picture over the Internet involves copying, distributing, and sublicensing the image countless numbers of times. So any site with user-uploaded content will have something very close to (Imgur's for reference):
> With regard to any file or content you upload to the public portions of our site, you grant Imgur a non-exclusive, royalty-free, perpetual, irrevocable worldwide license (with sublicense and assignment rights) to use, to display online and in any present or future media, to create derivative works of, to allow downloads of, and/or distribute any such file or content.
There's no way the typical user will understand this, but that's not because it's obfuscated. The typical user just doesn't have the background to understand what all these rights are or why Imgur requires them. It would be severely misleading to write the literal meaning in layperson's terms:
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
But isn't it precisely what the legalese means? I mean, unless otherwise restrict by some law other than the copyright laws, Imgur can use those images for anything. The statement does not limits the use to "reasonable business activities". Why will it be severely misleading to write it that way?
It's precisely what the legalese means, and carries connotations which are absolutely nothing like what Imgur intends. They claim unlimited rights not because they don't want to be bothered to restrict them, but because the structure of the Internet makes it impossible to write a simple description of when copies will be made.
They could try going into detail:
> We can send copies of your image to anyone who, following standard Internet routing protocols, says that someone has requested to see the image and promises to forward the copy onwards to the original requester. Anyone we send the image to can also create copies themselves following this rule, and can temporarily store the copies as needed to make further copies.
But then neither the average Joe nor lawyers are going to be able to understand it.
> which are absolutely nothing like what Imgur intends
But how do we know this? If they intend something, they should write that down in the contract. I am having hard time imagining that their lawyers cannot draw a contract which waives only the copyright requirement for the purposes of image hosting and restricts the images from being used for other things. The principle of charitable interpretation tells me to believe what people/company write in their contract. In my opinion, the expansive definition in the contract is there to
a) Save their ass when they do something which does not seems kosher to the public.
b) Allows them to pivot to other use of the data which might have nothing related to their current business model.
c) It is cost effective to draw up the contract in this way, given the current legal system and its requirements.
Note that I am not saying that Imgur is doing something immoral or whatever. I am just saying that if they wrote down this
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.
as the simplified legalese, that it is the current interpretation. I contend that the average Joe will have better understanding of the _current_ contract with the simplified statement. I also think that Imgur (and other services) will find money to draft a better contract if they were required to make a simplified language version.
Again, it'd definitely be possible to write a document more narrowly describing what they need a license to do. But that doesn't solve the problem. The updated version would be more readable for network engineers, less readable for lawyers, and still incomprehensible to the average person who just wants to upload a meme.
"Hi. When you upload an image to imgur, we need the legal right to distribute it to other people. We also process your image to look right on different devices, which requires the legal right to modify your image. We promise not to distribute or modify your image beyond what we do here at imgur.com, and won't sell it to other people"
Seems easy enough to write.
I agree with you. Though I do think that this is not an unsolvable problem with the right incentives. As I noted, the people at company X might be the best people at heart, but the current legal system does not encourages drafting of a contract that precisely (and easily) describes the terms being agreed between the two parties. This is not even a unique feature of contract law, the same to true to various extend for all branches of the law.
My gut feeling (of which I have no proof) is that the current legal system is costing more money to the society than is necessary. For one thing, it is decreasing the trust in the legal system, since people now (correctly) assume that in many facets of modern life, they are agreeing to things they don't understand, that they are giving up more rights than they should, and that there is no reasonable solution to this problem yet.
Some complication in the law is necessary since the world is a complex creature, but I think that the common person (say at least half of the population) should have reasonable understanding of the legal language. One way to approach it is to have a requirement for simpler contract, but I don't know if it is _the_ way to deal with this problem. I am not a lawyer after all. All I know is that something is broken, and if not fixed, will lead to more problem down the line. A system like this where no-one trusts nobody is clearly not sustainable. It's just not a good way to organize as a society.
>They claim unlimited rights not...
The reason doesn't matter if they are claiming those rights. So the given layman terms version is still true.
I'm sorry, I don't follow why the plain English version is severely misleading, or couldn't be supplemented to capture the full extent of Imgur legalese. Why do you think this is the case?
I would make a few points:
- I don't think legalese is the issue. Even if you wrote terms in plain English they would still be at a similar length if you wanted to capture the same content of the base terms, and people would still not read them. I don't think there is a high proportion of people who are put off by legalese but would read terms if they were in plain English
- the article has a GDPR bent. Certainly when it comes to uses of personal data, that should form a bigger part of the sign-up experience and be separated out from the main terms.
- when you are looking at general terms & conditions outside of privacy, European consumer law and I imagine most consumer law protects customers from unreasonable actions by corporations toward consumers. It allows the user to assume the company will behave reasonably towards the consumer, and is arguably the appropriate remedy to cure the issue of over-long terms & conditions.
- There is of course limited scope to this and there will be a range of transactions where you are not acting as a consumer and are expected to thoroughly understand the full implications of the transaction you enter into.
- the reckoning in the article is already one partially addressed by the above steps at least in the European Union around consumer law protections, and requirements on the data protection side to call out data uses in the sign-up process rather than bury them in the terms.
>”I don’t think the average person likely reads that whole document.”
This is my favorite quote in the whole article. Sums up the pompousness of the company quite nicely I think. This is one of the largest companies in the world. The quote could easily have been “we go to great lengths to make sure that’s the case,” or “that’s the point, grandpa.” At least it wouldn’t have come across as dishonest and cowardly that way.
That is actually quite honest. Do you read temrs for all services? Or do you read terms at least for most important services?
If you do, great. Many don't and just complain or are surprised when they learn what almost every service on the web does with his data.
OP is saying that it is actually the intent of the company that the end user does not read the ToS; it's an accusation that the quote demonstrates deceptive intent and therefore not honest in a way you haven't considered (in your response).
I assume Facebook has data showing how long each user stays on the T&C page before consenting or not.
I wouldn't be shy to conjecture that time elapsed before consenting is a very small fraction of the time it would take an average reader to get through, let alone comprehend the terms and conditions.
>Martin Garner, an analyst at technology consultancy CCS Insight, suggests companies walk readers through their policies step by step. That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.
Merging t&c with settings... I like this idea a lot. Privacy controls with the agreement right there. You and the website clear on exactly what the relationship is.
Gonna bring this up during checkin today.
> That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.
Am I understanding this incorrectly or are you suggesting that we allow people to selectively opt-out of portions of a T&C document? Because good luck getting any legal department to buy into that whatsoever.
More like, it would look like this:
1. You agree to allow us to share your email address with 3rd parties (have useful targeted advertisements? y/n)
2. You agree to allow us to parse your messages internally (enable auto-reply suggestions in messages? y/n)
Something like that.
I mean I think there would still be "hard-coded" T&C, "standing order" type things you agree to just by using the app at all. Like, not uploading goreporn or something.
Of course company legal departments won't do that on their own initiative, however, they will help arrange that in a sane manner if the legislature forces them to do so.
The GDPR requirement is that companies will have to allow people to selectively opt-in to the portions of currently typical T&C documents which currently say that the user allows you to use their data for various purposes, or these portions will automatically be considered null and void.
This is already now implemented in a bunch of places - e.g. I got a mobile internet contract recently which involved being asked a bunch of questions about what private data uses I'd be okay with or not, and that resulted in customized/removed/added paragraphs in the agreement that I signed; but the other companies have still about a month until GDPR requires everyone here to do so or stop using people's data.
> If a typical user wouldn’t understand the [user agreement documents], the consent that companies rely on for their business activities would be legally invalid.
I’ve not had time to read the GDPR, so this is news to me.* Especially surprising, because it’s exactly what I want the law to say, and I’m not used to that.
I’d also like that principle to apply to the law as a whole, but I appreciate that’s as much wishful thinking as hoping to read and understand the full source-code of everything on my phone.
* fortunately not my problem, family matters replaced the day job.
If agreement for a contract requires easily understood English, what does that mean for my mortgage?
I don't typically have my lawyer review the TOS of each website I sign up for, but I did have him review my mortgage. Everyone picks a different place to draw the line between careful understanding (or hiring out a review from someone with careful understanding), and just blindly signing on the dotted line.
For me that is somewhere between purchasing a tractor and purchasing a house. The point is the no sane person includes Netflix in the "needs careful review" category, but I sincerely recommend that everyone take their home purchases seriously.
Curious if you tried to change any of the boilerplate terms and if you did, how did it work out?
A friend of a friend changed the “we will send you advertising” into “we will not send you advertising”, then when the bank sent them advertising anyway they demonstrated that the bank manager had signed the changed document and therefore the bank was in breach of the mortgage contract and technically they could keep the house without paying for it.
For whatever reason, they then said it would be fine if the bank never sent them more advertising rather than actually trying to get a free house.
For a slightly more reliable story, Argakov v Tinkoff seems fun. At least the first round, the reports I’ve seen are a bit dated and further escalation and retaliation may be less fun.
Pity there wasn't a free house but I shouldn't be surprised. Thank you for sharing both stories.
That Argakov one is particularly spooky with the viable death fear. From the first hit I could find: “Our lawyers don’t think [Agarkov] will get 24 million rubles, but four years in prison for fraud. Now it’s a matter of principle for @tcsbank,” Tinkov added. ( from https://www.rt.com/business/tinkoff-bank-agarkov-credit-299/ )(empasis mine)
Oh boy. When the fight become principled it's time to fire the client xxxxx refer the client out to someone else
Legally, don’t know if GDPR applies to mortgages.
I’d like mortgages etc. (and insurance) to be forced to use easy-to-understand language: It’s basically life changing if a financial instrument goes wrong.
How can PayPal rationalize closing accounts because users opened them years ago when they were too young? Is that really an issue for a 28 year old?
Contract or no, PayPal looks really bad here. One would think they would be looking for good will rather than this kind of press in such a competitive market.
Yeah, why wouldn't they just contact her and lock her account until she re-signs? That way they both win. She's clearly of legal age now and penalizing her so severely for something she did as a child is really unnecessary.
When my landlord discovered she didn't have a rental agreement on file for the garage space I was renting from her she didn't evict me, she left a note on my door.
There are financial incentives.
Paypal is a lot like shady ad networks in that they let you accrue a balance while waiting for you to do something they can justify terminating you for. When that happens, they lock you out and keep your money.
Unlike your landlord, Paypal profits from eviction.
PayPal close user accounts on the slightest pretext. Often they keep the money.
Because they have an ass-covering-oriented legal team who will say "the user was unable to legally agree to the terms" thefore we (PayPal) will be vulnerable if they were to do something fraudulent.
Why not ask accepting terms NOW or else account will be blocked on m/d/y?
Likely they didn't do this because of concern that a person could update their agreement to the T&C, then do something fraudulent, then claim the updated agreement was coerced because the person's livelihood was somehow attached to the PayPal account.
Facebook's Privacy Policy, Terms, and Principles are actually written in very clear, plain language. I've read them. They're easy to understand.
I was frustrated by Senator Graham's remarks because he absolutely could understand them, if he bothered to read them. (He said that he didn't understand them.)
The problem though, isn't the Terms. It doesn't matter how plainly written they are. People won't read them.
What matters is designing your product with correct privacy affordances. Put yourself on the shoes of the user, and make sure your app isn't sharing information in a way that would be jarring or unexpected.
For example, Facebook made a mistake with its posting dialogue experience pre 2016. You could say that a post should only be shared "with friends" in a choice box next to your post. However, that post would also be shared with any apps your friend has installed. That's probably not what the posting user would have expected, so it's a poor experience.
If you have inadequate privacy affordances, you shouldn't just hide behind your terms. That's the point.
Edit: I don't understand why I'm being downvoted. If you disagree with something, please let me know. I'm designing our own privacy affordances in our app following the above thinking, after all...
Seems to me this is easily fixed.
If a jury of peers cannot understand the legal contract during an arbitration, rule in favor of the signor of the contract and against the writer.
You'll see that shit disappear with a quickness.
This is a great idea but I don't think it goes far enough.
It means that 12 lay people can eventually, after some coaching, study, and debate, understand a contract. Or one lawyer, presumably.
The problem remains though, that one lay person needs to understand it without study or coaching, and without taking days to do so. Most of us have probably clicked through hundreds or even thousands of EULAs and other crap without having days to understand each one. Every app, every shrinkwrap, your toaster, and even the bloody nav on your car with its OK button: there's just too much.
The jury should get as much time to read the contract as the average user spends reading the contract and should not get the help of a lawyer. If the company doesn't collect data about how much time users spend reading the contract, then it should be presumed that they didn't read it at all and then only terms that the jury can guess would be in the contract without reading it should be valid.
> Waving a 2-inch-thick printed version of the social network’s user agreement, Senator Lindsey Graham quoted a line from the first page, then intoned: “I’m a lawyer, and I have no idea what that means.”
Anyone have a link to that document? Looking for the terms I'm supposed to agree to if I want to use Facebook as an ordinary user, I find this page, which purports to link to everything [1]. Looking at the "Statement of Rights and Responsibilities", the "Data Policy", and the "Community Standards", I don't see anything that would take 2 inches when printed. Those seem to be most of what would be necessary for an ordinary user to agree to.
There are several links to other terms and policies and such on the left, but those are mostly for things like developers, payment handling, and other things that that an ordinary user would not need to agree to.
[1] https://www.facebook.com/policies
Perhaps a more pertinent question is whether or not Lindsey Graham understands and expects every American citizen and resident to have read all 51 titles of the US Code and all of the Code of Federal Regulations which carry the force of statutory law by inclusion.
IMO, this is a question of consumer protection. It's ok to provide complicated contracts to corporations who can afford to hire lawyers, but it's not ok to do so with consumers. If we make a requirement that for consumer products, contract should be now longer than 1 page written in a language understandable by 10 year old, it will solve problem.
Even if EULAs were easily understood, they are still ultimatums: you either take it or leave it with no room for negotiation or repercussions for demanding far more than the product could reasonably ever be worth. There is no motivation to ever write these in good faith. There should be a general federal law to protect users and businesses from malice, privacy laws (similar to CAN-SPAM,) and a ban on all other end-user license nonsense.
I like the elevator pitch approach.
If you can't explain your T&S in as many words as it takes to explain your product, one or the other needs to be revised.
It sounds good in theory, but in practice there're aspect which prevents it from being applicable. See here: https://news.ycombinator.com/reply?id=16886176&goto=threads%...
Yes, you have a valid point.
The one I was more trying to make is that a product should not be simply marketed as "a platform for sharing pictures with your friends" if it is actually "a platform for sharing pictures with your friends in exchange for your participation in unspecified and ethically questionable social experiments."
The T&S can stay the same for all I care, I just think companies shouldn't be able to hide behind them when they dramatically oversimplify the nature of the product in the process of selling or promoting it.
There is one thing I'm curious about. Imagine Facebook's terms stated: "We will scrape any and all information we possibly can from you. We will use it in any and all ways we see fit. You agree to never sue us for anything whatsoever. We also have the right to do whatever we want to your account for any reason we want. We can also add or remove anything from these terms at any time and for any reason we like without telling you, and with immediate effect." That is probably a fairly reasonable cliff notes of their actual terms. Would this actually deter anybody from using their software?
In other words, are companies piling on the legalese to protect themselves or to deceive users? Maybe I'm overly cynical but I think even those terms would not really stop any meaningful number of people from signing up.
Why is obfuscating the intentions of a document in dense language most people can't properly understand a thing that's allowed to be upheld? They might as well write the damn things in Esperanto for all they're worth to most of the folks who click agree.
I can only think it must be analagous to why programs have a lot of features people don't understand or use. Git might be a case in point. Smart programmers think of every possible edge case and "what if" and try to cover all those things. The result is a confusing mess for people who just want to get the "happy path" work done.
Lawyers try to think of every interpretation and circumstance and try to be sure the agreement addresses those unambiguously. Ironically, the dense language that results is anything but unambiguous to the untrained reader.
Mildly pedantic complaint: Esperanto is actually easier to learn than many other languages so the analogy doesn't work.
Just like an underage person or drunk is unable to give consent, it should be illegal to coerce an average Joe untrained in the law to agree to a 50-page document filled with legalese, unless you pay for them to be advised by a lawyer.
When exactly did it enter the public consciousness that drunk people are unable to give consent? I feel if this is true, there are many drunken hookups that become questionable. I'm in my mid-30s, and I feel this concept wasn't really a thing in my clubbing days.
Obama's 2011 Title IX "Dear Colleague" letter was a big part of it, establishing the lowest standard of proof in claims of sexual assault on college campuses. Schools responded by saying, effectively, that if you have sex with someone who's had a drink, and that person later regrets it, regardless of what they might have told you at the time, you have no defense.
It's all ridiculous because universities have no competence in investigating or adjudicating such claims, but that's another topic.
So anyone who was in college in the past 10 years will have had drummed into their heads that there is no consent possible by an intoxicated person.
> So anyone who was in college in the past 10 years will have had drummed into their heads that there is no consent possible by an intoxicated person.
Which creates all kinds of weird outcomes when both parties were equally drunk.
Well, it would if logic were the overarching guideline on these topics.
As it stands, the male is presumed guilty on college campuses when both parties are drunk and he must then meet a draconian burden of proof to extricate himself from the situation.
At least, that has been my experience.
Your own ignorance of the law and unawareness of what constituted consent at the time does not reflect on the state of society at the time. It was always illegal and immoral to have sex with someone who was very drunk (at least, well before either of us was born). The line was and is not always clear, but there have always been clear cases (e.g. having sex with someone who has passed out or drugged is obviously illegal and immoral).
Similarly, legal contracts require a meeting of the minds, which requires that parties not be intoxicated. A quick search suggests such contracts are not void by default but are voidable.
You've never heard "alcohol is the most common date rape drug?"
nope, or at least I didn't back in my drinking days. it was just normal for people to get wasted and hook up. does that not happen anymore?
I see a lot of people talking about Terms of Service being too long. This is a problem for governments as well: How many laws do you think apply to you right now? How long do you think it would take for you to understand exactly what you can and cannot legally do? Do you think the average police officer, or even federal agent, has a full understanding of those laws?
I hope that this is a problem that we can fix in the future.
Sure, we're covered by many laws, but also many rights--the right to fair trial, the right to legal representation, the right to petition the government, and so on. If a law is poorly or vaguely written, it can be challenged on those grounds--many laws are tossed as unenforceable.
But when you click on a user agreement, there's no negotiation or possibility of redress. Take it or leave it, and they just cut you off if they feel like it. The comparison to laws is nonsense.
The thing nobody seems to be talking about is 'why do we need all these complex Terms & Conditions anyway?'
If I buy a fridge I don't need to read and agree to reams of T's and C's before I can use it. The same with a toaster or an oven or a washing machine. If I buy a knife I don't have to agree to indemnify the manufacturer if I kill someone with it. What's so special about software?
I'm starting to think that there should be an agreed set of national (or maybe even international) software indemnifacations covering anything that is agreed to be considered a sensible exclusion.
Any software use could then be covered by the relevant law with no need to read a new set of terms for everything.
Any company trying to add their own terms on top of these could then be considered with much caution or suspicion.
Hopefully they would be written better than this was, but I hope I have got my point across.
Have you looked at user agreements, warrantees, and software licences that come with appliances lately?
Often not revealed until accessing via some interface, or being modified on software upgrades.
As far as I'm aware those type of contracts do not hold up in court. (At least here in Ireland) Its well known by both parties that in 99% of cases the consumer will just click 'agree' without reading it in order to get access. So as far as the judge is concerned it doesnt exist.
Zuckerberg admitted as much.
I think the legalize issue is a bit exaggerated. Yes, many (too many) sites and companies have a lot of legalize in their terms...but there are also many that do not. Nevertheless, as far as I've seen people aren't any more likely to read the latter, or any more likely to understand them if they do read them.
I think there are two main factors that make people not read these things.
First, as Joel Spolsky noted in his writings on UI design, "In fact, users can’t read anything, and if they could, they wouldn’t want to" [1]. He does not mean, of course, that users literally cannot read. They just act like, at least when you are trying to get them to read something that they didn't actually ask to read.
Second, terms and conditions tend to be long, and because they want to be precise tend toward more complicated language and structure. That's going to lose a lot of people.
[1] https://www.joelonsoftware.com/2000/04/26/designing-for-peop...
I mean, you could rewrite the same contract in plain english ("heads we win, tails you lose") and it wouldn't make it any less exploitative. The legalese is not the real issue there.
I've been thinking of writing my own Terms of Service for my cryptocurrency-related web startup -- with plain and clear language that the average person should be able to understand. Several people have advised me that this is a horrible idea and that I should enlist the help of a lawyer to write it instead.
Some things I want to protect myself against:
- People suing if they lose their private keys and are no longer able to make transactions
- People suing if they forget their passwords and can no longer access their email they signed up with to do a recovery.
- People suing if they lose their 2FA code and can no longer access their account
- People suing if a bug in my software causes them to lose access to their account or coins
- People suing if I decide to close down my service (I will give 90 days notice --- or maybe more, haven't decided yet) and did not deactivate their accounts.
Basically trying to protect myself for anything that is not fraud on my part.
Seems like most people here are pro-"short and sweet" ToS -- what do you think about writing it myself?
> People suing if a bug in my software causes them to lose access to their account or coins
Everything else sounds pretty reasonable, but this doesn’t. If you cause someone harm, you should expect that they will attempt to recover damages from you, regardless of what your T&C says. I cannot fathom why you think you should be protected against this eventuality. Buy insurance instead.
Regarding your question, notwithstanding the hand-wringing on this page, a given T&C clause tends to exist because someone has been sued over the matter being clarified. If the law specified each point, or if society were less litigious, these clauses would not be necessary. But this is not the case. I think you would be a fool to risk your company’s wellbeing to satisfy the whims of uninformed HN commenters. Almost all of them will blindly accept and be bound by your T&C regardless of their stated beliefs on this site, and, even if that were not the case, they are a tiny, unrepresentative slice of your market.
Fair enough. I guess this is why I should get a lawyer involved! I was assuming there was some distinction between accidental negligence and fraud as far as what could be protected against.
Is this a standard you would like to be subjected to from someone who is responsible for your money? For example, if your bank, through an accidental, non-fraudulent error, allowed a criminal to extract your account’s entire value as cash, do you think they ought to be able to defend themselves by saying they did not commit fraud?
why shouldn't the customer be able to recover damages from you if you had an accident, or were negligent? they were paying you to take care of this stuff for them. if they wanted the risk of accident and incompetence, they'd just do it themselves.
Does that draw any distinction between paying and non-paying customers then as far as their rights? I see tons of "you assume all risks" sorts of Terms of Service, but I have a feeling those are likely just there and don't do much.
You should never write a contract yourself unless you are a lawyer. There's a case law which usually involved, and if aren't careful, you might have big problems.
But it seems like getting a lawyer involved is exactly what leads to these complicated Terms of Service. I would have to find a lawyer who agreed to significantly dumb down the Terms of Service, which I would suspect they would be opposed to -- I mean they are writing these things like this for a reason, right?
They write the thing the way they are written because likely there was a case where simpler language lead to the company losing in court. There's also a principle Contra Proferentem, that intreprets all ambiguities in favor of the non drafting party, so the drafting party should be extra careful and write all this pesky legalese.
There is no reason why terms should not be written in plain English and indeed under European consumer protection laws, you should be writing the terms in plain English because it means the user has a better chance of understanding them, and (regardless of the first part) you have a better chance of enforcing them should the need arise.
Please be aware that not all lawyers are the same and you can find many who will be more than happy to write a set of terms that are in plain English, ambiguity-free and protect your company against any areas of concern that are legitimate for you to protect against.
We need something akin to the Uniform Commercial Code, which solved a similar problem with proliferation of contracts in the B2B realm. And I think there should be a strict limit on the amount of verbiage that a B2C contract can contain to remain enforceable, due to the highly asymmetrical nature of the relationship economically.
Why cannot we, as consumers, gang up and define a kind of universal and fair ‘reverse contract’ that defines rights and duties that a potential service provider needs to conform to? If they don’t, we just don’t use their service.
If I walk into a McDonald's, I wager that the social normality requirements and laws that permit my access there and permit the owner to legally throw me out is longer than the 50,000 words cited in the article. However, I fully understand enough of them that I'm able to transact the purchase of my hamburger and leave. All the rules there are in the owner's favor, and very few are in mine. I'm not trying to be reductionist, I understand the backlash, but there is no inherent right to use PayPal.
I don't remember having to read and sign a license the last time I bought a hamburger from McDonald's. Has that changed?
You legally entered someone else's property, which is governed by many laws.
Maybe of interest:
https://www.sec.gov/pdf/handbook.pdf
Lawyers who prepare submissions to the SEC in the US have long been advised to use "plain English".
Startup Idea - An AI language translator for legal language to English. It could convert a 20+ page contract to a 1 page bullet list. Maybe this has already been done or does the language of law require quantum computing?
An interesting idea, but complicated by the fact that as often as not the terms expressed are affected by the domain and locale.
For example, for every employment contract that contains a non-compete in California, there is relevant California state law that means it's probably unenforceable. What do you show for that?
Additionally, new case law is being made all the time. Laws aren't static, they are added to, amended or removed through legislature and case law. To my understanding, the case law changes are also more about the specific circumstances of the case as well, so may apply narrowly or widely, depending on ruling. And may be appealed.
This is one of the many baffling details of the GDPR, a TOS should be understandable for average humans (plain english), but at the same time it has to pass the scrutiny of a court? That is just impossible.
Disclaimer: I hate complex / abusive T&C's, and I'm keen to see them abolished. But...
It seems to me like we as a public are blaming corporations for our failures. As adults we're responsible for what contracts we enter into, except in cases of coercion.
99% of us were stupid enough to state that we accepted terms that we didn't even read. Especially in cases where the product/service was purely optional (Netflix, Call of Duty, etc.), I don't see how this is anything but our fault. IMO, we have not been acting as competent, responsible adults.
Should we change our laws to make complex and/or abusive T&C's go away? Absolutely. But are corporate lawyers the only flawed agents here? IMO, no.
There supposedly exists an ideal human, one whom every demagogue on the internet imagines must exist anytime any of a number of subjects is talked about.
This ideal human:
- Reads every terms and conditions agreement, and understands it, for every service they intend to use -- online and in meatspace -- or chooses not to use that service;
- Never drives even a couple of miles an hour over the speed limit or commits any of a number of other minor traffic infractions for which 90% of drivers swear they are never guilty;
- Has taken the time to educate themselves about the various backup strategies available and has selected the correct one for their needs (and read the T&C for it);
- Is aware of every applicable law in their local municipality and follows it to the letter;
- Is always on time;
- Always follows the latest health guidelines for sleep, exercise, and diet, no matter how many times those things change;
- Has taken the time to understand password security and follows all of the current recommended best practices (and has read the T&C for all the software they use for it);
- Always keeps their system and application software exactly up-to-date (always ensuring there is a viable backup first, of course, and restoring that backup as a test, of course, before proceeding with the update);
- Monitors their credit score and carefully follows sound financial planning advice and all applicable tax laws;
- Has learned nearly everything there is to know about their particular vehicle so that they can't be taken advantage of by shady mechanics;
- Always uses whatever pronoun is appropriate for the individual they're addressing.
I have never met this person, but they must exist, because if they didn't, people would start behaving as though all of these expectations, altogether, are totally unreasonable.
I kind of wish this person didn't exist, so we could stop talking about them and instead start talking more honestly about some of the challenges our society faces.
This is much like the illusory rational economic actor, or the imaginary private property rights that libertarians insist must exist without a government with laws (and weapons) or [insert alternative that possesses weapons and you hope is benevolent]. All of these ideas share a common theme of seeking an easy intellectual shorthand, an oversimplification, and being unwilling to engage in the messy chaos of reality and humanity.
250 hours: that is the number of hours required to actually read all the adhesion contracts the typical American is exposed to in a year.
https://www.theguardian.com/technology/2017/mar/03/terms-of-...
250 hours is a full man-month of time. Do you have a free month in your calendar to read contracts and do very little else? Nobody I know has that sort of free time. So calling people or their behaviors "failures" for not reading all contracts is an unfair, unrealistic expectation.
Access to Facebook, Spotify, or Netflix is not a human right. These are private services offered by private companies who are free to offer those services on any terms they choose. It’s fine and completely understandable that you may not have time or cannot understand the agreements under which they may choose to offer you access. Your remedy for that is to not use the services in question. Your remedy isn’t to lie to them and falsely certify that you have read and contemplated them.
Adhesion contracts are not limited to social media and entertainment sites, and I suspect you are picking those sites to belittle based on the frivolity those sites' categories.
Adhesion contracts appear in banking, medical, and insurance contracts and yes, when you sign up for Facebook or Netflix. Yes, you can choose different services. Please identify a banking, credit card, brokerage, doctor, and insurer that does not have lengthy contracts.
The point is that they don't have to have short contracts. If you choose to use their services, then you should review the agreements, or at least not complain when they exercise their rights under those agreements that you falsely claimed to read.
Bold words. Question: Off the top of your head, for what period of time may you make a claim or cause of action arising out of or related to use of Hacker News or its terms of use?
I'm just curious whether you've read and understood the terms of use for the site you're making these bold claims on.
Actually I have read them, back when I agreed to them many years ago. I don’t recall the specific detail you are asking off the top of my head, nor would that be a reasonable expectation of anyone. However, since I read and agreed to the terms and conditions, I know that a) such a document exists; b) that I can refer to it at anytime to answer such questions if I have them; and c) that I did not lie to Hacker News when I registered.
Can you make the same claim?
Don’t hate the human.
Even if all people started reading, fully understanding, and declining those contracts, they can be made longer so people stop reading them again.
I think this is using an overly simplistic blame/responsibility model and if we don't want to have more problems on our hands, we really need to change it.
> 99% of us were stupid enough to state that we accepted terms that we didn't even read.
Well, here's the thing, if 99% of people do something, what's going on here? That's an extremely high rate. Surely if this was a normal choice, there would be a large dissent group? 20% at least? This doesn't sound like it was a real choice.
And consider how it plays out. If choosing the right way is a highly unusual action (1%), and you make this a personal responsibility thing, for any given T&C you cannot use the program. Both because they're too long to read and because you can't agree with them. No phone, no internet, no bank accounts, no entertainment. Since choosing this way already makes you highly unusual, this all just effectively cuts you off from society.
People cannot be individually responsible for mass behaviors. It doesn't really work. Mass behaviors are managed by memetics, which is a higher level force that only specific individuals, or groups of individuals, can actually manipulate.
So I disagree with you entirely. If anyone is responsible for the 99% T&C acceptance rate, it's pretty much never going to be individuals. If we do try to select a person or a group of people, it would be people who manage media and marketing, since memetics is their job.
Thank you.
Is this a fallacy with a established name?
("nobody is doing it right but it's obviously must be their fault")
People do this with programming languages as well.
"haha everyone's making stupid mistakes using this language .. it can't be the language so we should blame the people"
> 99% of us were stupid enough to state that we accepted terms that we didn't even read.
I don't think that's fair. These things are written at a high reading level (worse than Beowulf: https://theconversation.com/googles-terms-and-conditions-are... ; https://www.creditcards.com/credit-card-news/unreadable-card... says credit cards require a reading level half the population lacks), with domain knowledge the vast majority of us lack. Reading them is pointless - even with a college education we don't have the information needed to detect many legal traps laid in these things.
They're also extremely lengthy, and generally "subject to change at any time without notice".
I agree with your points about the incomprehensibility and onerous terms of such agreements. And in cases of coercion or semi-coercion (e.g., it can be hard to get a job without owning a cell phone), I can understand accepting the T&C's despite those problems.
That's why I'm limiting my argument to other situations such as Netflix and video games. For those situations, I'm arguing that adults should accept full responsibility for choosing to accept those horrible T&C's.
Humans are very flawed. If a person sends out thousands of bill looking letters (writing in fine print that its an offer), some will just pay without looking. Adware that infects machine and inject harmful code is being presented as free games, quiz, or antivirus and those get installed. Others will get called and accept unnecessary deals, with some elderly people pilling up multiple subscriptions. Those are just the grey legal areas, as then we have the world of direct lies, fraud and scams.
People are flawed or else 99% of the illegal activity in the world would not work. Competent and responsible adults can still be tricked, fooled or bamboozled. T&C are however useally about stuff that has a $40 price tag rather than $200k car, so there hasn't been much pressure to create laws to make it fair. There is also the aspect that when T&C get into the courts the legal system has been rather skeptical about the unbalanced terms and if it can ever been said that the consumer has had informed consent, so it usually sort it self out without political intervention.
The problem is the average adult doesn't get educated in the ways of contract law.
In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.
While everyone has the "freedom" to learn on their own time, it seems disingenuous to be able to legally bind people who honestly have no clue what they are agreeing to.
Also, from the tech perspective, UX demands that "onboarding" to a product be as minimally difficult as possible. Tech will ALWAYS give you the option to skip reading the EULA, and T&C because otherwise, most people would look at the terms being laid out and just say "Screw that noise."
You have a fundamental asymmetry which will be ruthlessly exploited.
If not by the legalese and banking on the user not understanding, then by the company just glossing over how skewed in their favor the terms are and rushing the user past the ugly bits to the custom designed addictive parts.
> In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.
There's essentially no barrier to entry to basic education in the field; there are classes on the basics in most undergraduate institutions (including community colleges)—corporations and contract law (plus elements of some other subfields) often under the banner of “business law”.
Availability of the class != assurance that every citizen has taken it and passed.
Furthermore, most tech companies don't even engage or give the opportunity to engage in the "negotiation" part of the contract forming process.A EULA or ToS document isn't a meeting of equals. It's a salesman rushing you down the hall telling you to sign, sign, SIGN!
In fact, if nothing else, technology has provided one of the finest examples of a cautionary tale with regards to a "delegatory" legal profession (a profession where legal literacy is contained to a specialized sub-population and where literacy of the full population in the intricacies of the legal system cannot be assumed). I'd be interested in seeing a chart of user accounts of major software platforms or providers at time of ToC/EULA change in order to run the numbers to prove it, but I have a hunch that due to arbitrary/periodic ToC/EULA changes, there is a possibility that the tech industry has generated more legal contracts that no user has bothered to read or understand than the entire legal profession has honestly brokered (I.e. ensured informed consent between both parties) in its entire recorded history.
Caveat emptor be damned. There is something fundamentally wrong with a system that could manage something like that.
Let's be real. You can't expect everyone to be fluent in legalese, just as you can't expect everyone to learn plumbing, masonry, electricity or carpentry just to pick the right contractor when remodeling your house.
> 99% of us were stupid enough to state that we accepted terms that we didn't even read.
It’s not stupid. It’s a smart, savvy practical decision. There’s not much reward for investing the time and effort to read and understand TOS which are not easy to parse. Plus we don’t have much choice. For the nontechnical user there simply isn’t an alternative service in most instances, much less one with a less onerous TOS.
B2C contracts are not contracts between equals, and it is as foolish to apply the same standards to businesses and consumers as it is to treat pedestrians like automobiles for purposes of traffic law. The reality is that businesses can afford lawyers to spend time on a contract they will use with a million consumers, but the consumers cannot afford lawyers for the hundreds of B2C contracts they are presented with in the ordinary course of life.
I would say accepting that we are flawed agents is pretty much the point.
If people are, in fact, acting stupid some of the time, prone to fall for certain persuasion tactics and subject to biases and common fallacies, then maybe a rule such as "as adults we're responsible for what contracts we enter into, except in cases of coercion" simply doesn't cut it.
I'd just like to refer to this: http://www.plainenglish.co.uk/
PayPal is a company that just needs to go away. They screw people out of their money left and right. And for the cherry on top their ui is complete garbage
Hilarious. Bloomberg harp on about GDPR but their own cookie notice violates it by using assumed consent and tying consent to use.
Oh my god, can we have one article on this topic without this comment? The whole problem is that 99% of websites people visit come with trackers.
At a really high, generalized level (with contract law being a subset), I think the legal system (and in many ways society in general) has yet to really get a grasp on the concept of resource exhaustion attacks. We all know about DDOS as it applies to digital systems, but individual humans and the social systems we make also all have actual, hard limits on how much information we can possibly process, store, and communicate/move around. A lot of the foundations of law and debate date back to long before we entered the sharp part of our current information production J-curve, when it was much more possible for a single human to be more generalist and it was simultaneously simply more difficult and expensive to pump out hundreds or thousands of pages of contract and law. But those days are past, and at some point, to the extent we want (and we should want it) law to work for humans, there need to be actual principles around the fact that if something exceeds the time/memory/intelligence a human could reasonably apply to it then it shouldn't matter if "they could in theory". Let alone if they really couldn't, even in theory (not enough seconds left in their lives). Organizations may be able to act as superhumans here, able to subdivide work and specialize towards a single goal, but for regular actual humans resource cost should be a fundamental consideration of legal validity.
I'd like to see this improved for both sides of the equation though FWIW. I agree that as a user/consumer, the EULA/TOS situation is intolerable and that there's a lot of sketchy or outright bullshit stuff in many (maybe most) of them. But I do think some of the contents are also genuinely guarding against liability that frankly really just shouldn't exist by default either. If someone writes up some software or makes a service and just puts it out there on the open market with no promises, they shouldn't need any sort of contract at all saying they won't be liable if it's used for life-safety critical applications for example (EULAs/TOS are full of this, right up to "this is not for nuclear reactors you fucking idiot" clauses). The law should provide for minimal basic standards and simple money-back guarantees for lack of performance, but just as users shouldn't have to read a 50 page EULA that somewhere buried within tries to take lots of their rights and lay claim to as much of their information as possible and such, so should developers not have to worry about being sued because there was a bug unless they've actually affirmatively promised there wouldn't be a bug. Major liability should tie into things application promises and SLAs, which would be more generally negotiated between entities who can reasonably handle the increased information and legal complexity and think it all through.
I do really hope we see some standardization all the way around. It seems like there could be some real win/wins in this area, and that it's not necessarily that politicized either.
The really scary part is that any form of democracy itself rests on a similar assumption. Time, human attention, and learning capacity are all finite and no longer map well at all to an abstract, unbound ideal of civic responsibility or awareness. Other countries seem to interpret contract law differently as well. https://europa.eu/youreurope/citizens/consumers/unfair-treat...