Are software licences fair?
OUT-LAW Radio, 21/02/2008
We investigate complaints that user licences for software are
unfair and draconian. Plus: we look at a conflict between UK
authorities on what exactly counts as personal data
A text transcription follows.
This transcript is for anyone with a hearing impairment or who
for any other reason cannot listen to the MP3 audio file.
The following is the text spoken by OUT-LAW journalist Matthew
Magee.
Hello and welcome to OUT-LAW Radio, the weekly podcast that
keeps you up to date on all the twists and turns in the world of
technology law.
Every week we bring you the latest news and in depth features that
help you to make sense of the ever-changing laws that govern
technology today.
My name is Matthew Magee, and this week we look into charges that
software licences are obscure and unfair, and we chart how two
different definitions of what should be kept private came to be
used by government bodies.
But first, the news:
Broadcasters will be fully responsible for phone in foul ups
and
EU parliament forces ministers' hands on criminalising
piracy
Television stations will now be responsible for all aspects of on
air competitions, broadcast regulator Ofcom has said. It will issue
new mandatory licence conditions for all broadcasters enforcing the
move, following a string of phone-in scandals that involved all UK
terrestrial broadcasters last year.
The new measure is designed to reduce confusion about who regulates
the phone-ins, and Ofcom said it would conduct spot-checks on
broadcasters to ensure compliance.
Premium rate telephone regulator PhonepayPlus has also acted. It
now demands that any phone service provider which wants to
participate in television phone-ins must first gain permission from
it.
The European Parliament has asked EU member states to press
ahead with a plan to criminalise copyright infringement. The
Parliament wants a proposal it agreed last year to be approved by
ministers from each member state.
The proposed EU directive would create new rules on copyright
protection, and would require each EU country to pass laws
criminalising intellectual property infringement. It must be
approved by the Council of Ministers before it takes effect.
That was this week's OUT-LAW news
Be honest: how many times have you bought software, reached the
page with the licence agreement and the 'i agree' button and
thought: excellent, some light reading, I'll devour the lot.
Licences appear to be rarely read, but the national consumer
council says that this is a dangerous failure, and one for which
the licences themselves are to blame.
They are obscure, difficult, biased and strip us of our rights, a
report by the council claims. So are we being cheated by
legalese?
The NCC's senior policy advocate Carl Belgrove, the man behind the
report, outlines his problems with end user licence agreements.
Belgrove: when we had a look at the licence
conditions and also the software products themselves we went
through the entire buying and installation process and we found
that very little information is actually on the box when you
actually get the product. So when you open them you don’t know
anything about the licence restrictions, you install the software,
sometimes you are given a hard copy of the agreement some times you
aren’t but you are usually presented with it on the screen and even
if you do then read it - which most people, if they are realistic
about it, don’t ever look at the actual detail - it is very hard to
understand unless you are a qualified lawyer and also some of the
terms are quite restrictive and people quite often break the terms
of the agreement without knowing it but the question is actually
are they fair in the first place and should they be
enforceable.
The NCC has submitted complaints about 17 pieces of software to
the Office of Fair Trading. It wants the OFT to negotiate with the
software companies to make them publish clearer, fairer
licences.
John Salmon is an IT law specialist with Pinsent Masons, the law
firm behind OUT-LAW. He works on software licences and while he
doesn't agree that they strip consumers of their rights, he does
admit that many are poorly drafted.
Salmon: I do agree they should be shorter, they
should be better written. I think there are terms and conditions in
software licence agreements that are not very clear and could be
written in a more plain English and that's obviously good practice,
that’s better for everybody. Certainly the OFT's guidance makes it
clear that if you are selling to consumers you should have the
conditions written in plain English and I think that is a good
thing. You have got a lot of consumer legislation, the Unfair
Contract Terms Act, the Unfair Contract Terms Regulations etc.
which make it clear that you should be providing these things in
plain English. I don’t think you have got many excuses as a
manufacturer of software not to do so.
Belgrove said that licences strip you of your consumer rights,
and the legal status of software leaves us all vulnerable.
Belgrove: One of the things we're calling for
is for digital content to be covered by consumer protection law
which at the moment it isn’t. Digital content isn’t currently
covered because it’s not a tangible product although we have the
software if you buy something in a box the actual digital content
on it isn’t covered at the moment.
Salmon and Pinsent Masons litigation specialist David Woods
disagree, though. They say that while there is a debate about
whether the Sale of Goods Act applies to downloaded software, it
does apply to package software, and that the Supply of Goods and
Services Act and the Unfair Contract Terms Act and Regulations do
apply to all consumer purchased software.
Belgrove echoes many past complaints about the fact that you often
don't see a software user agreement until you have bought the
product, so you don't know what terms you are signing up to.
Salmon said that the UK courts have already looked at this issue
and said that the practice is allowed.
Salmon: There have been cases both in the UK
and the US and the judges been very pragmatic and have said this is
industry practice, this is what happens, this is a practical way of
dealing with a legal situation.
Belgrove said that regardless of the legal position, companies
should be trying harder to make consumers aware of the terms under
which they use software.
Belgrove: If you look at that from a legal
point of view, I just think from the software company’s point of
view, from a business point of view, it makes sense and it is in
their interest for people to understand what they are agreeing to
when they buy something, for it to be upfront and clear. So I
really just think common sense suggests that there is still an
imbalance and that something should really be done to make it more
accessible.
The OFT must look at all 17 cases referred to it. Though there
are disputes about whether software licences actually strip you of
many of your rights, if the action makes for shorter, clearer
licences, everyone is likely to applaud it.
What is personal data? Well in the world of privacy law these
days, that depends very much on who you ask, especially after the
Information Tribunal last week disagreed with the definition
employed by the Information Commissioner.
In that particular case the Commissioner said that details held by
organisation Yorkshire Forward couldn’t be revealed because they
qualified as personal data. After an appeal, the Information
Tribunal said the details didn't count as personal data.
This wasn’t just a slight difference in interpretation of the law,
it was arguably evidence of a fault line that is emerging that
could make life very difficult for organisations looking for clear
answers on how to treat information.
The term personal data is used in the Freedom of Information and
Data Protection Acts to denote what information must be kept
private.
While the information commissioner publishes guidance saying that
the term covers a wide range of information, a vital UK court
ruling has said the opposite.
Privacy lawyer Rosemary Jay of Pinsent Masons, the law firm behind
OUT-LAW, explains.
Jay: What happened was in 2003 somebody applied
for access to their information under the Data Protection Act and
the court in deciding this had to decide whether or not, if you
extracted information by reference to somebody’s name, whether or
not everything that you extracted was personal data about them. The
court not surprisingly held that it wasn’t and it said, well, just
because you pull up a document with somebody’s name in it doesn’t
mean the whole document is personal data about them. And then the
court went on to deal with the question of personal data and they
said, well, when you are in doubt there are tests that you can
apply and the tests are: is it biographically significant? Does it
focus on them?
The result has been that data protection doesn't stretch very
far, that not very much information qualifies as personal.
The Information Tribunal must follow court precedents, and used the
Durant case to justify disagreeing with the Commissioner's
ruling.
But the picture is complicated by the view of Europe.
The Data Protection Directive, the EU rule which gave rise to the
UK law, defines personal data quite broadly. The European
Commission has taken the UK to task over its implementation of the
directive. OUT-LAW exclusively revealed last year that the
Commission has objections to how fully a third of the directive has
been implemented here.
Then, last summer, the Information Commissioner changed its
guidance on what personal data is. In line with Europe's concerns,
it widened the definitions.
Jay: The Information Commissioner was working
on revising his view and he has also issued guidance which inclines
towards the wider view. So we have now got in the UK a more
restrictive view from the court and guidance from the Commissioner
saying well, we think the proper view actually is the wider view.
So we have got these two separate strands now and the Tribunal has
made it quite clear that it considers that in exercising its formal
powers the Commissioner has to stick with the decision of the UK
court.
The Information Commissioner's office told us that it won't
appeal this judgment because in the end the reason the information
wasn't released was to do with cost and not definitions of personal
data. A spokeswoman said, though, that if future decisions did
hinge on this it would consider appealing or revising its
guidance.
So are these two separate definitional strands ever to be brought
together? Will businesses ever get a definitive definition of
personal data?
Well, they might, because a case on appeal from the Scottish
Information Commissioner is headed to the House of Lords, the only
court whose ruling could trump the Court of Appeal's.
Jay: There is a view that that will be a forum
for resolving this or at least raising it if that doesn’t happen
and it does not get resolved there then I suppose there is a
possibility the European Commission would take legal action against
the UK but it seems a very remote possibility over something like
this.
So businesses may have to muddle along with parallel definitions
for now, but many will be hoping that in April the House of Lords
settles the question once and for all.
That's all we have time for this week, thanks for listening.
Why not get in touch with OUT LAW radio? Do you know of a
technology law story? We'd love to hear from you on radio@out law.com.
Make sure you tune in next week; for now, goodbye.
OUT LAW radio was produced and presented by Matthew Magee for
international law firm Pinsent Masons
