Original URL: https://www.theregister.com/2012/12/04/feature_tech_licences_are_daft/

Adobe demands 7,000 years a day from humankind

It's all in the EULA fine print

By Bob Dormon

Posted in Software, 4th December 2012 08:00 GMT

Feature I'm not a very good liar, I haven't got the memory for it, which is why it always pricks my conscience whenever I tick the yes box to the prompt "I have read and understood…" when installing software. I am, of course, fibbing. I never read a word. In fact, even though we all tick yes to these agreements every day, unless you're a legal bod, I doubt you could find anyone you know who could quote a single line from any of them.

Since the beginning of the year, I've been collecting licence agreements for all the software I've installed. The idea was to see just how many words I was being asked to read. It seemed like a good idea at the time, but as the pile for me to read grew, so, in inverse proportion, did my will to live. I could lie at this point and say I read them all, but instead, I opted for a few well-worn favourites.

Blind faith

Adobe Flash anyone? In recent years, the company has claimed it had eight million downloads a day and, before we get on to the maths, have you ever followed that link that took you a second to ignore as you ticked the "I have read and agree…" box?

Adobe Flash installer

You read it, right?

Follow the click and you'll be on your way to 3500-word licence agreement that appears in about 50 languages that you’ll have to scroll through to find your native tongue. I don't know about you, but ten minutes or so later, I could certainly tick yes to having read it. But had I understood it? You know what? I think these companies don't mind if we lie at this point. And that irks me somewhat. Why don't they just have a box that says, “Whatever, dude” or “I have read and understood… You're kidding, right?”

Yet the tickbox convenience provided serves to reinforce the user attitude that, I'll never read or understand any of this… can we just get on with it now?

So eight million people a day lie to Adobe. Or put it another way, 8 million honest people who all took at least ten minutes to read this licence agreement and, oh lordy, understood it, would, in terms of total time, eat up over 1,522 years in just one day. If we put that into man-hours: an 8hr day, 240 working days in a year, that becomes 6944 years in a day. Turn that into a 50-year working life and that's 138 lifetimes a day… How about a year of Adobe Flash downloads with the licence agreement being read each time… that's 50,694 working lifetimes per annum… Equivalent to populations of Macclesfield or Staines.

And if we go back to how many years of reading a ten-minute licence agreement takes for this quantity of users, we’re on to over 2.5 million years. Wind the clock back that far and we’re in a time when mammoths roamed a globe dominated by glaciers. Given Adobe's claims to these download volumes, reading that licence agreement demands quite a lot time from mankind.

Now if I can return to the soapbox for a moment, the issue is really one of collusion. A software vendor doesn't imagine for a moment that anyone will read its Ts&Cs. And, obligingly, we never do. Yet we blindly click “I agree and understand…” every day. It just seems wrong. And it's not so much the deliberate ignorance we choose in the name of expediency, but why do they bother?

OK, so there are legal caveats to be flagged up, but if we ignore them, how can this be said to work to inform us of our responsibilities? There must be a more succinct approach that doesn't turn every Flash, iTunes, or Firefox user into a habitual liar.

BBC iPlayer notification

Done in a flash... sort of

I was rather taken with the BBC’s desktop iPlayer message of just a one-line warning about security issues. It seemed so simple and user friendly, and then moments later the Adobe Air instal box appeared and the pain started all over again. Interestingly, the iPlayer desktop app has its own terms of use link on the main UI page, the installation doesn’t insist that you read them. Perhaps the assumption is you’ll use the product responsibly and if you have any doubts, just click.

It’s perfectly reasonable approach and no doubt amounts to more of a contractual obligation than someone buying a gun at Wal-Mart is asked to agree to. I’ve never bought a gun nor a new car, but if you had thrust into your hand a 3000-word agreement to abide by before you stepped into a brand new Mercedes, acknowledging that...

In no event will the company, its suppliers, or certification authorities be liable to you for any damages, claims or costs whatsoever including any consequential, indirect, incidental damages, or any lost profits or lost savings, even if a company representative has been advised of the possibility of such loss, damages, or claims. Blah, blah, blah...

...it might rather spoil that purchase feelgood factor. That’s why it’s so convenient to have those software ‘read it’ tickboxes. Also, car drivers do have insurance for any unpleasantness. Maybe if computer users had insurance too, we could skip those licence agreements? On second thoughts, scrap that – have you read the small print on your car insurance lately? Another factor is you will most likely own the car or the gun, rather than have them on licence.

I have to say I find Apple’s take on things rather interesting. The Mac OS X Mountain Lion software updater, declares use of the update is subject to the original SLA and rather than bore you with it, you can just move on and click instal. There is a link shown too, but it rather abandons the ‘read it first’ approach. You might find the SLA appearing when you run the updated app, but it seems a bit late in the day. The new iTunes 11 does this and then invites you to agree to share info with Apple, which involves yet another layer of seemingly innocuous text to ponder.

iTunes 11 sharing info

Peeling the onion with iTunes 11: 'Learn More' on sharing goes to this page where there's another link for the Privacy Policy page

During the year I recall encountering some installations that don't even allow scrolling the whole SLA before proceeding. There's just the 'I have read and agree' tickbox alongside a 'Save for later' option. This, let's just get on with it, approach has its appeal, but it also suggests the agreement isn't to be taken seriously, as it doesn’t matter if we lie about having read any of it. All very strange considering this documentation remains important enough for massive companies to draft out, have checked by lawyers, present in some form or another and insist on imposing on users.

Just what are we agreeing to?

So just what is it that the licence contains that they’d rather we didn’t dwell on? Most of us will rightly assume that the text will refer to intellectual property rights regarding copying or transfer. These aren’t unreasonable restrictions in most cases, although the idea that you should be downloading a software package such as Flash for each machine you run it on – rather than ferry a copy around on a USB drive for multiple installations – seems rather draconian. Still, the companies would argue it’s part of the deal. You want our free app, then you download it so our site stats look good. We should obey, but often we don’t when there’s a family of laptops to support.

Such behaviour is a relatively minor offence given the scope of most licence agreements to relieve the vendor of the responsibility of actually delivering a functioning product. No doubt the developer would endeavour to provide something that works, but we’ve all experienced buggy software that has delivered hours, if not days, of misery.

Indeed, like many software agreements, Adobe’s Flash licence openly acknowledges the issue and kicks off with this point:

1.1 Warranty disclaimer. The software and other information is delivered to you “as is” and with all faults... Adobe and its suppliers and certification authorities make no warranties conditions, representations, or terms... as to any matter including without limitation non-infringement of third party rights, merchantability, integration, satisfactory quality, or fitness for any particular purpose.

Even with a bit of pruning it remains heavy on the legalese. Don’t forget this is just one agreement that eight million of us are nodding to daily and are supposed to have read and understood. And if I understand this right, it’s saying: don’t blame us if it isn’t any good.

By the way, did you know you’re not allowed to instal Flash Player on a server?

3.2 Server Use. This agreement does not permit you to install or Use the Software on a computer file server. For information on Use of Software on a computer file server please refer to http://www.adobe.com/go/acrobat_distribute for information about Adobe Reader; or http://www.adobe.com/go/licensing for information about the Adobe Runtimes.

It seems a bit confusing though, as the licence for Flash also refers to Acrobat Reader – no doubt a ‘one size fits all’ draft for the free stuff. As for Runtimes, presumably Adobe reckons people that run servers have a better understanding of its terminology, and refers to Flash and the like. If you follow the link though, it explains that you need to apply for a licence to distribute the software, not actually run it on the server. I guess this grey area comes down to a definition of a server, because these days you can get one as an app for £14.

Mac OS X 10.8 server

Better uninstall Flash before running this on your Mac – it's the rules you know

I’m a bit worried about this one, though:

4.4 Notices. You shall not alter or remove any copyright or other proprietary notice that appears on or in the Software.

So quoting that is a breach? I’ve removed it and altered it by isolating that clause from the rest of the text.

Now, if I went through all of the areas that piqued my interest, this is could eat up quite a bit of time for mankind, but hey, chances are you agreed to this all of this. And in doing so, you also indicated that you had read and understood it too. So you’re absolutely fine with all these legal obligations for using this (free) software, right? I guess, like me, you assume that nothing too bizarre is in there that and that only sensible clauses appear and nothing that would be a major inconvenience. But here’s the last one I’ll look at today, and I’m not even half way through the agreement.

After mentioning all the things I can’t do in Section 5 Transfer, the agreement says:

You may, however, transfer all your rights to Use the Software to another person or legal entity provided that: (a) you also transfer (i) this agreement, and (ii) the Software and all other software or hardware bundled or pre-installed with the Software, including all copies, Updates, and prior versions, to such person or entity...

So Adobe wants me to pass on all the Flash updates that my machine has installed? You’re kidding me, right? They’re not even on the web site any more. Was I banned from deleting them too? I guess that might count under the “no modification” clause in section 4.5.

Oh and don’t forget this...

(b) you retain no copies, including backups and copies stored on a Computer...

So if I flog a computer with Flash on it, I’m supposed to weed it out from my backups in order to satisfy this clause that, like so many many many millions of other users, I ticked “I agree” ? If I’m wrong about any of this, well I did read, but I guess I misunderstood. So is that my fault or those who wrote the document? Is there further legalese that insists that users should meet a certain level of intelligence to be sure that having read, they really have understood?

In essence, what is being imposed is some clumsy form of regulation from the vendor that doesn’t recognise end-user habits or the language they speak. No surprise that nobody reads this stuff then. So what’s the point? Surely this legal drafting increases the price of the software we pay for – even with the free stuff, this will occur indirectly.

The point, I suspect, is that vendors prefer not to trust users and robustly defend their interests in legalese that will be called into play when necessary. The defence seems like a nuclear option when you consider who the targets are. By contrast, users blindly trust vendors with each tick of the I agree box, having never read a single line of the licensing contract.

Rules and regulations

There’s evidently an uneasiness about the concept of responsibility, as the vendor seeks to limit its responsibility to the user and yet in the same text, regards the user as irresponsible and insists they follow every whim concealed in the agreement. Oddly enough, this resonates with the banking crisis. Bear with me here. Recently, as speaker in the BBC’s Reith Lecture series, Harvard History Professor Niall Ferguson argued against regulation in the banking sector. The phrase he oft repeated was that the banking crisis did not reflect the rule of law, but the rule of lawyers. In short, those that had taken us into this mess went unpunished and that impenetrable regulation had made it impossible for justice to be seen to be done.

He remarked that if there was less regulation and in its place the certain knowledge that those who stepped out of line would be met with the full power of the law, then fewer destabilising risks would be taken and more sensible decisions would likely follow as a consequence. Again, it’s all down to acting responsibly and if that can be safely assumed with clear and simple rules, then you don’t need to get bogged down in incomprehensible legalese and its associated expense.

Dodd-Frank Act on Kindle

The Dodd-Frank Act was passed to improve "transparency in the financial system" yet it's 394,894 words long

Ferguson remarked that after the banking crisis talks in the US, the remedy in the Dodd-Frank Act was further excessive regulation. “The act requires that regulators create 243 new rules, conduct 67 studies - to see if the rules are necessary - and issue 22 periodic reports.” You can read all of the lecture here.

Hands up who thinks that has worked?

So how do we unravel the licence agreement prerequisite that dogs all our software installations? Those thousands and thousands of unread words that someone was paid to write and others paid to check and double check. Perhaps software vendors could assume that users will act responsibly. There will always be those users that don’t, but how is having a lengthy licence agreement ever going to have any impact on their behaviour?

Like the banking deregulation idea, it’s all about knowing the rules. I thought I knew the rules about installing Flash, based on common sense presumptions, but there’s some bloody stupid stuff in there I’ve found... assuming I understood. And there lies the problem.

Feel the fear and do it anyway

Companies don’t want to hold a gun to your head when you invest in a product and bark, ‘you better behave buster or you’re dead’. So the weapon of fear is concealed in legalese that they don’t even want us to read, let alone understand. In fact, I have doubts that any company would expect users to abide by these rules. Why? Because these agreements are put together by people too and, except in case of professional interest, they’ll be ticking I agree without reading a word for their own computing needs too.

So it’s farcical. We all know this as it’s part of our everyday experience. The weapon of fear of prosecution doesn’t work because the numbers are so vast and most users are reasonably well behaved. And those naughty people that need to be concerned about what’s in them will turn a blind eye, just like the rest of us are encouraged to. If corporations think weighty licence agreements work, the lie isn’t just with us as we tick I agree and understand, it is with them too.

The issue isn’t just to do with being obliged to lie just to proceed with a software installation, it’s the assumption that what you are agreeing to is reasonable and you needn’t worry your little head by reading any of it. Yet in some instances, the hoops you’re being asked to jump through are extremely unreasonable and it’s time this idiocy was filleted out. It could surely make software cheaper and more attractive to buy.

So, to ask the question again: just what is it that the licence contains that they’d rather we didn’t dwell on? The answer must be the relationship that you have with the company as a customer. It’s a behind-the-scenes contract that says, we have to do this, but you don’t have to worry about it if you play fair. It’s like assuming the person you marry will be faithful only for them to tell you later: I was always going to screw around, honey, I thought you knew.

Indeed, the trouble with this arrangement is there is an increasing arrogance in what is considered acceptable to demand from the user. A lot of this can be buried in licence agreements that sprawl into issues of privacy which then links to yet another policy document and another ten minutes or more of your life that you’ll never have back again. And so it goes.

For me, this all began with a feeling of unease about the lies we routinely tell for our everyday computing needs – we never read this stuff and it seems like we're not expected to either. Yet I’ve come to the conclusion that this discontent has less to do with this process troubling an innate honesty. It is more about an increasing feeling of contempt for the 'I agree and understand' approach that, time and again, undermines personal integrity to perpetuate what amounts to a meaningless relationship. ®