Almost every software product has a click-through End User License Agreement (EULA) that we typically just click OK on so we can actually use the software. Perhaps we shouldn’t be so quick to click, because we’re often giving up our privacy or agreeing to other restrictions, but the software companies have us over a barrel, so we dutifully agree and move on. This is a real problem. EULAs were originally intended to protect the software company from liability and to prevent us from ripping them off. More recently, however, they’re throwing in binding arbitration clauses (which can be argued are legitimate protection for the company, but it does restrict our rights) and privacy clauses, which is the subject of this article. I believe these EULA problems can only be fixed through legislation, because competition and free enterprise don’t apply after we’ve already bought the product.
I have a Sleep Number bed and bought the SleepIQ add-on. SleepIQ is a $300 system in the pump (the mattress is filled with air) that measures your breathing, heart rate, and sleep. While it probably isn’t really worth $300, it is pretty cool, so when you buy a Sleep Number bed (and you should – they’re good), buy SleepIQ too. The sensor in the pump talks to an app on my iPhone, and the app was recently updated, which required me to click through a EULA. Well, I read this one, and it stinks. They threw in that they can do nearly anything they want with my private personal information that they’ve collected, including using it for marketing (not a surprise) or selling it to their business partners (bad). If I didn’t agree with the EULA, I needed to disable the SleepIQ system, thus throwing out the $300 I paid. It did say I could continue to use the bed – how generous of them!
This sort of thing isn’t any different than if you bought a car, and when you got it home, the entertainment/navigation system popped up a EULA that required you agree to all sorts of abusive terms or they’d disable all the features. That likely wouldn’t fly in cars, because consumer protection for cars is pretty good (lemon laws) and the consumer outrage would torpedo sales from that manufacturer. Sadly, with most other products, we’re stuck with whatever they want to give us.
What should be done?
I think EULAs should be restricted to EULA things, like defining the protections for the software company and restricting copying and other things. Agreeing to such a EULA could still be required before the user can use the software. Privacy statements have no place in the EULA, and I think protection of our personal data should be a legislated default. In no way should we be forced to give up protection of our private data in order to use the service. Of course, the company can offer us incentives that make the service more effective if we opt in to sharing our information, but it should not be mandatory. There are some services whose whole purpose is to share our data with someone – well they should get our permission explicitly, as well.
The problem is, companies aren’t going to do this voluntarily. There’s profit in our names and email addresses and personal preferences. Selling that information is essentially free money for a company that makes software or other products. Since consumers don’t often know what we’re signing away and realize that we have no choice in doing so, there’s little market pressure to stop this practice. That’s why (I hate to admit it) government should get involved and protect the rights and privacy of its citizens. We need to stop companies forcing customers to agree bad things in order to use services we pay for. This sort of behavior should not be accepted or allowed.