Berin Szoka

Market Forces At Work: The PR Backlash Against Google Chrome’s EULA

Most debates–from privacy to net neutrality–about consumer protection in Internet policy come down to the following increasingly-cliched exchange:

1. Advocate of Regulation: “The government must intervene to protect users against Companies who want to [___________] by writing new laws or regulations!”

2. Regulatory Skeptic: “Why don’t we rely on the FTC’s enforcement of End User License Agreements (EULAs), privacy policies and other terms of service (TOS) under existing law?  If companies spell out their policies clearly and then are required to stick to them, those policies will become part of competition:  Companies will compete for consumers by offering attractive policies the same way they compete for consumers by offering attractive products & prices.”

3. Advocate of Regulation: “That doesn’t work because nobody actually reads all that legalese!  They’re impossibly dense for non-lawyers, so companies always make such agreements as broad as possible to allow them to do whatever they damn well please–and bury all the really scary provisions.”

And yet… within 12 hours of releasing its new Chrome Browser, Google removed a clause from the Chrome EULA that essentially would have Given Google the right to whatever it liked with all content posted by users anywhere online using Chrome.  If this incident demonstrates anything, it’s that there are significant “market forces” at work to restrain companies from writing agreements & policies that allow them to screw consumers.  Indeed, it beautifully demonstrates why the Regulatory Skeptic ultimately wins this debate with one final response:

4. Regulatory Skeptic: “It doesn’t matter if 99%+ of users never read a EULA or TOS.  No matter how hard companies might try to bury some ominous provision, the relatively small number of consumer protection watchdogs who do read such provisions protect everyone else by calling attention to true areas of concern.  Not every blogger who complains about something he doesn’t like in a EULA is going to make Slashdot, but overall, provisions that cross a certain line will get public attention and most companies will bend over backwards to avoid bad PR.  So, the market does work to protect consumers without the need for further government regulation.”

Google made the following change:

11. Content licence from you
11.1 You retain copyright and any other rights that you already hold in Content that you submit, post or display on or through the Services. By submitting, posting or displaying the content, you give Google a perpetual, irrevocable, worldwide, royalty-free and non-exclusive licence to reproduce, adapt, modify, translate, publish, publicly perform, publicly display and distribute any Content that you submit, post or display on or through the Services. This licence is for the sole purpose of enabling Google to display, distribute and promote the Services and may be revoked for certain Services as defined in the Additional Terms of those Services.

Google has explained that the company simply made a mistake by essentially copying and pasting this provision from the EULAs for other Google products:

Google’s Rebecca Ward, Senior Product Counsel for Google Chrome, now tells Ars Technica that the company tries to reuse these licenses as much as possible, “in order to keep things simple for our users.” Ward admits that sometimes “this means that the legal terms for a specific product may include terms that don’t apply well to the use of that product”

The outcry over this provision has produced 189 stories (according to my last Google News search)–and even made The Nerd York Times, a/k/a Slashdot.

Mehan Jayasuriya of PublicKnowledge (an organization best known for its multiple Emmy-winning performances in the role of “Advocate of Regulation” alluded to above) has decried Google’s over-reach and echoed the same general themes the advocates of regulation always resort to about the inadequacies of EULAs:

the Google Chrome EULA controversy is just another case of a high-profile company lazily copying and pasting together a EULA with little regard for the terms therein. And as humorous as the entire 12-hour fiasco might be, Google’s misstep reminds us yet again why it’s important for end-users to read the EULAs that come attached to software and services and why it’s doubly important for companies to run a fine-tooth comb over the language in their EULAs before releasing them into the wild. In all honesty, though, end-users shouldn’t have to dig through every EULA for fear that something like this might be buried inside. If a EULA requires that a user relinquish significant rights in order to use a piece of software or a service, that fact should be made abundantly clear to the user, through some means other than a condition buried deep inside a click-through EULA.

But this incident demonstrates why the ordinary user doesn’t “have to dig through every EULA!”  As long as there are bloggers eager for a “big story,” the truth will get out, and as we’ve seen with Google Chrome, that’s generally going to be enough to cause companies to back down–not merely because they want consumers to use that particular service but because, in the case of a company like Google with a larger reputation to uphold, it’s just not worth damaging their public image.

Mehan himself applauds the blogosphere for its role in spreading the story “like wildfire” and gives Google credit for having “acted quickly to rectify the situation”–but doesn’t seem to connect the dots and recognize the broader policy implications:  That this process of public pressure might not only eliminate the need for regulation, but work even work better than attempts by bureaucrats to keep pace with rapidly evolving technologies and changing expectations of privacy–especially online.  Simply put, consumers always look to experts as surrogates.  Thanks to the Internet, surrogate-expertise is far more effective (and rapidly so) than ever before:   The blogosphere itself plays the role of collective experts & consumer protection watchdogs.

I’ll take that process–messy as it is–any day of the week over clumsy, one-size-fits-all regulation by would-be techocrats who don’t really understand technology.

September 4, 2008 | Comments |

Viewing 12 Comments

    • ^
    • v
    This point you make here is really important, and it is often made by others here at the TLF--especially Tim--with regards to Net neutrality and other issues:

    "consumers always look to experts as surrogates. Thanks to the Internet, surrogate-expertise is far more effective (and rapidly so) than ever before: The blogosphere itself plays the role of collective experts & consumer protection watchdogs."

    Indeed, some of us geezers are old enough to remember those crusty pre-Internet days when we waited patiently each month for a copy of Consumer Reports to be delivered in our mailboxes to get independent, watchdog reviews and analysis of new products and services.

    Think about that: Waiting a month for expert review of new stuff! My kids will laugh at the thought when they get older and tell them about how things used to work. They will grow up in a world of instantaneous collective watchdogging by the Netizenry. In essence, the collective intelligence of the Net is the new Consumer Reports.

    But hey, I'm sure the FCC could things done much quicker if we just past some laws and empower them to meddle in these markets in the name of "protecting consumers." I mean, they just have such a great track record on that front.
    • ^
    • v
    Google's browser exists in a universe where there was zero friction -- it was a new entrant in a highly competitive market and it had exactly 0% of it. Of course the marketplace speaks in a situation like that.

    Your first-sentence reference to Network Neutrality isn't exactly the same, is it? Most U.S. addresses have only one or two broadband choices. Customers don't have the same ability just to slide over to the any number of alternative broadband providers as they do to switch web browsers.

    And lest we forget that this controversy was about an item in the Terms of Service that was available to be scrutinized. The broadband providers, so far, are not being very forthcoming as to the real terms and limits and privacy invasions within their services.

    Robb Topolski
    • ^
    • v
    Fair points all, Robb. I didn't mean to suggest that this argument would play out exactly the same way in every context or for every issue. Companies like Google are indeed probably more likely to cave to public pressure on their EULAs than would be an ISP. I think the same dynamic does play out for ISPs as well, but you're right that I'd have a harder argument to make there.
    • ^
    • v
    Umm, folks, this wasn't a "market" matter in the first place. Various Google people have made it clear that the TOS was just a boilerplate thrown-together for a relatively low-level project.

    The point which makes the argument in this article laughable and ludicrous - and I mean that, I'm not just being colorful, it's pretty much blithering nonsense - are examples such as "arbitration" and "no class action" clauses, which have been bitterly fought in court, and where corporations don't care about the bad publicity.
    • ^
    • v
    @Robb Topolski - Did you notice how Comcast quickly (and, yes, clumsily) caved on its up-to-that-time undisclosed BitTorrent throttling? The marketplace spoke in that situation too.

    @Seth - Alas, it's a corollary of markets serving the great mass of consumers that it doesn't always serve every outlier. You are among a small group that doesn't like these clauses in EULAs, it's up to you to generate enough interest; it's not a failure of markets if others don't share your concerns.
    • ^
    • v
    @Jim - Do you even know what I'm talking about? I'm serious. That sounds rhetorical, but I mean it. Do you know the issues I'm describing? Your reply is pure knee-jerk sneer.

    Bleh. I really shouldn't do this. Libertarians are like cuckoo-clocks, their "Cuckoo" is "Markets".

    [Tedious explanation - denial of class-action affects HUGE NUMBERS OF PEOPLE! It is one of the major legal tools against corporate abuse.
    "Arbitration" is almost a Libertarian fantasy, where you contract away all your legal recourse]
    • ^
    • v
    Thanks for your comments, Seth. I'm a little confused by why you're fixated on arbitration and class action suites--neither of which I mentioned. I take your point that there are cases in which companies won't back down when criticized for "over-reaching" in their EULA. Indeed, I acknowledge as much in my post. My point is not that the threat of public criticism will prevent any company from ever including any provision that offends someone, or that they would inevitably back down when criticized for doing so. Rather, my point is that such crticicism and the threat thereof together provide a powerful check on the tendency of companies to "over-reach"--either consciously or (as appears to have been the case here) simply by thoughtless drafting--and that, overall, the result will be a constant, rough "happy medium" between the two extreme ends of the spectrum here: (i) those who want companies to give them everything for wonderful services and content for free with no strings attached and (ii) companies that want to harvest the internal organs of their customers' children. This happy medium should roughly approximate common expectations of privacy, fairness, etc.--or, one might argue, would actually tend to fall more on the side of consumers, precisely because web companies are so dependent on customer goodwill that they will generally be willing to err--when pressed--on the side of not being perceived to screw over their customers.
    • ^
    • v
    I'm "fixated" on arbitration and class action suits because they are obvious counter-examples and extremely important. Yes indeed, you didn't mention them. No personal offense meant, but that is why your argument is babbling nonsense, because those are a few elephants in the room which make a mockery of your post.

    To wit: "my point is that such criticism and the threat thereof together provide a powerful check". But they don't. There's no powerful check.

    Let me try to outline how nonsensical, how absurd, is what you've written - note, I mean this literally, I'm not being gratuitously rude.

    GOOGLE DID NOT WANT TO HAVE THOSE TERMS. IT WAS A *MISTAKE*. AN *OVERSIGHT*. NOT SOMETHING THEY WANTED TO DO!!!

    WHEN COMPANIES *DO *WANT OPPRESSIVE TERMS, THEY *IGNORE* THE FLAMERS (see arbitration, class-action, for proof).

    THE ONLY THING WHICH HAS WORKED IN *MANY* CASES IS *G-O-V-E-R-N-M-E-N-T R-E-G-U-L-A-T-I-O-N* (see European Union reverse-engineering rights for proof).

    Your whole so-called "argument" is based on finding power where there is none.

    It's meaningless to project anything from trivial case that when a company has a drafting error, they'll change it, to when they deliberately and intentionally do want to take away customer's legal rights. In fact, your "happy medium" is joke, literally - if a company makes a copying error, they'll fix it if people complain, and if a company wants to take away legal rights, they'll ignore people who complain, so each side sometimes wins and sometimes loses ....
    • ^
    • v
    I'd have to agree with Seth here.

    "If this incident demonstrates anything, it’s that there are significant “market forces” at work to restrain companies from writing agreements & policies that allow them to screw consumers."

    It demonstrates no such thing. This only demonstrates that Google will fix a clerical error if the blogosphere makes a stink about it, it is the "market force" equivalent of kicking in a door that Google never intended to close in the first place.

    If you want to demonstrate the market force of the blogosphere, you need to find a case where a company really wanted to put something nasty in an eula but was stopped by "the market".

    Choice-of-court, no class-action, no reverse engineering, signing over copyright, warranty disclaimers and limited liability.. There are lots of examples of eulas containing what most people would consider unconscionable, while examples of "the market" / blogosphere forcing companies to remove these terms from eulas are rather scarse.
    • ^
    • v
    Berin, I feel like you might have misunderstood part of my post--or perhaps you were reading into it in a manner that I never intended. Note that nowhere in my post do I advocate the use of any sort of legislation or suggest that an army of privacy "bureaucrats" is the solution to this problem. Yes, end-users should read EULAs because, as we've seen, the unfortunate reality is that some EULAs (whether intentionally or unintentionally) require users to relinquish significant rights to their IP. However, the onus should really be on companies to solve this problem--and here's where I agree with you--and market forces can play a large part in incentivizing this. If Google truly wants to "do no evil" and endear itself to users, it will take a leadership role here and make sure that the terms and conditions of its software are presented to end-users in as clear a manner as possible, so as to avoid another PR fiasco like this one. While you're right to note that the blogosphere and market pressures discovered and eliminated this problem quickly, we can only hope that in the future, the EULAs attached to less high-profile pieces of software receive the same level of scrutiny.

    - mehan
    • ^
    • v
    Thanks, Mehan. I apologize if you felt that I was picking on you. Yes, to be fair, you weren't calling for government intervention here--but I didn't accuse of you of that.

    I merely pointed out--quite fairly, I think--the irony that you seemed to recognize what most of your colleagues at Public Knowledge don't: that market forces do do check corporate behavior even if only a tiny percentage of users actually read EULAs. Public Knowledge has never been shy about advocating for regulation.
    • ^
    • v
    there are so many advantages and features with Chrome, such as it's speed, for example; now if only they would take care it's quirky cookie management...

Trackbacks

blog comments powered by Disqus