Sprint's Wireless Broadband - And What A TOS!

Xpresso85 writes "Just a few weeks ago, Sprint started offering Broadband Direct in my area , it's a $44/month wireless Internet service. Their Terms Of Service is one of the worst yet. You can not portscan, probe, run game or Webservers of any kind, upload or download viruses, use anonymous e-mail, view porno, post anything vulgar or hateful, you cant even encourage anything illegal. They also reserve the right to enter your home or property, monitor your activities, and "share" your personal info with other companies. Lastly, they restrict you from sending out spam, I guess they don't like competition. That's one service I won't be getting anytime in the near future!"

Re:Commentary appears incorrect

[King+Babar]

...but I suspect that this is merely to give them carte blanche to "kick ban" harrassing folk. Same with their policy of port scans and the like (as they probably don't want to have people contacting their sysadmins saying that there are script kiddies trying to break into their networks).

Yup. This particular TOS is pretty much designed to make sure that they can enforce something at some time rather than everything at every time. Specifically, they mention that:

10.4 Sprint's failure to enforce strict performance of any provision of this Agreement will not be construed as a waiver of any provision or right. Neither the course of conduct between parties nor trade practice will act to modify any provision of this Agreement.

In other words, Susie runs SuSe and sshd on her home box so she can use, e.g., scp from work to home and back. Now, that *could* be seen as an illegal server (although there could be a loophole due to the fact that the TOS only bans servers used by "others"). But in fact, they would never bother with this. On the other hand, Ned is a napster user who is not only sucking up all the local bandwidth but arguably sharing MP3s in a way that could be construed to involve copyright infringement. They will probably tell him to knock it off.

The most worrisome point of this TOS is one that I haven't seen mentioned yet:

8.1 You understand and agree that Sprint's network gathers information about internet usage such as the sites visited, session lengths, bit rates and number of messages and bytes passed. Sprint uses this information in the aggregate. Sprint may share this aggregated information with other parties from time to time. Sprint will not use or disclose any personal identifiable information regarding internet usage unless compelled by a court order or subpoena or [sic]You consent to the use or disclosure [sic]or to protect Sprint's Services and facilities.

I've marked possible typos with [sic] here. One problem here is that there is arguably never any good (non-marketing) reason to collect "personal identifiable information" in the first place, since this is the kind of thing that is ripe for subpoena. Indeed, most corporations are learning the lesson that they should do things like forcibly delete email and log information pretty rapidly, just so that third parties won't have anything to go after. Now, it's possible that Sprint never really does store personal identifiable information except email, but they don't say that.

Problem two is that even if they only collect information about web-browsing behavior in the aggregate, they (or other marketers) can often have other information about you that can be used to do an alarmingly good job of determining who surfed where...and targeting you for directed marketing campaigns in the process. Now, there may be very little escape from the Database Nation these days, and you can argue that at least they are being frank, but this kind of thing still gives me the creeps.

Commentary appears incorrect

[kniedzw]

From the TOS:

7.4 The Internet contains unedited materials that may be offensive or objectionable to you. You access these materials at your own risk. Sprint has no control over and accepts no responsibility for these materials. Customer may wish to utilize software designed to limit access to certain material on the Internet.

The rest of the TOS, while somewhat harsh-sounding, appears to be fairly standard legalese, saying that you aren't allowed to use Sprint to break laws; the only bit that somewhat distressess me is the following. You are not allowed to

7.1.2 post or transmit any unlawful, threatening, abusive, libelous, defamatory, vulgar, obscene, indecent, profane, hateful, bigoted or otherwise objectionable information of any kind, including without limitation any transmissions, constituting or encouraging, conduct that would constitute a criminal offense, give rise to civil liability, or otherwise violate any local, state, national or international law, including without limitation U.S. export control laws and regulations;

...but I suspect that this is merely to give them carte blanche to "kick ban" harrassing folk. Same with their policy of port scans and the like (as they probably don't want to have people contacting their sysadmins saying that there are script kiddies trying to break into their networks).

They also have provisions limiting bandwidth consumption and servers that you can run from home, but most broadband services limit those these days, especially by forcing lease refreshes every month or so (or sooner).

Yeah, it seems somewhat fascist, I'll agree. ...but it's broadband. It's not a T1 or even DSL. You get what you pay for, and from what I see, this isn't that bad.

It does have good points

[Ergo2000]

While I think they've gone a bit too far (though it seems to be primarily written to legally cover their own ass for instances where countries like France try to shoot the messenger) most of it seems pretty reasonable and it seems like they're giving themselves a clear legal mandate to boot abusive users off the service. Personally I'd love if providers started kicking port scanners off their system as it is irritating, and a complete waste of bandwidth, for thousands of little script kiddies to sit there doing nmap -p 1-55000 24.0.0.0/32 all day. Argue all you want about your right to port scan but the reality is that you have no such right to probe other people's computers for vulnerabilities like that. Go out at 2 in the morning and try all the door knobs in your neighbourhood and see what sort of treatment it gets you. "But I was only trying to improve security!".

As far as the limitations on hosting it sounds very similar to most @Home TOS agreements which basically say you can't run servers for anything. Of course they're not really trying to prohibit that (and indeed they can easily block incoming port 80, etc., but they don't), they're just giving themself legal recourse. The prices that people are paying is based upon average, amateur fair use and when someone sets up a 24/7 Napster server alongside their FTP server, website, IRC server, etc., they begin unfairly consuming an inordinate and completely financially unjustified amount of bandwidth. Compare the price of an unmetered T1 which technically has less bandwidth than my cable modem. Is someone stupid to pay that much more? Not at all. One is meant to be saturated with services, the other is financially created as a burst service for the Average Joe.

Re:Er, How is it enforced?

[TopShelf]

I wouldn't worry that much about - basically these TOS's serve as the provider's backup should they need it to kick a troublesome user off the network. Remember the stink over @Home's TOS, that restricted telecommuting? Our tech manager at work called to give them hell, since us programmers are going to do our on-call support via VPN. Their response is that they don't snoop around for every violation of the TOS, but have it in place in case they need it.

These companies have better things to do, anyway - like come up with hours and hours of Muzak to numb your brain while waiting on hold...