Slashdot Mirror
Gator's EULA Dissected
theVP writes "Ben Edelman has recently written up his disassembly of the Gator EULA. He has come across some interesting finds, including the fact that their EULA states that you can't remove their software via 3rd-party means, as well as prohibiting the use of packet sniffers or intercepting the data coming from their software."
Often times, it's mentioned on /., K5, Fark, etc. that EULAs aren't enforceable as a contract. Would this be a good case for someone to take Gator to court over, since Gator seems to want to restrict a person's ability to use thier computer? Would a judgement against Gator cause other companies to be less restrictive in their EULA terms? Or, would other companies just point and laugh (figuratively) at Gator for getting nailed?
Overrated / Underrated : Moderation
Is it really that typical to prohibit use of packet sniffers? Any other programs include this in their EULA? I've never seen it before, though perhaps I haven't been reading the right EULAs.
If programs can prohibit packet-sniffers, then how are users (or researchers or testers or auditors) supposed to confirm whether or not programs are complying with their own privacy policies?
Gator's license, as presented by Kazaa, merges section headings in with body text. No bold type separates section headings from the paragraphs that follow. For that matter, no line breaks separate the headings from the paragraphs. They're just all merged together.
Example:
Seriously! See screenshots.
Rogabean writes: "When you installed say, Kazaa, you agreed that in exchange for running Kazaa for free that you also agree to run for instance Gator. So removing Gator should entail removing Kazaa or whatever program bundled it. I can't argue that point."
Certainly Gator claims that Gator is required in exchange for getting Kazaa for free. Whether or not users understand this and meaningfully accept it is another question, of course. If they did, there's a certain persuassive force to Gator's requirement that Gator stay as long as Kazaa stays.
But why not put an Add/Remove entry in Control Panel that lists Gator? Selecting Gator's Remove entry would trigger a popup that prompts "Warning: Removing Gator will remove Kazaa too. Do you want to continue?"
This way, users could always get rid of Gator by going to Control Panel and removing the Gator item, just like any other program.
In contrast, as it stands, users must figure out what programs came with Gator, then separately remove each of those programs. The current procedure is quite a bit longer and more complicated than what I propose, and quite a bit less intuitive and more complicated than removal of most other Windows programs.
There is nothing really shocking in prohibiting the use of packet sniffers
The "shocking" thing is that they think the clause does anything.
If I wanted to sniff Gator packets, well, I sure as hell wouldn't install it on my machine anyhow. I'd get one of my friends to install it and use it on the local network, and I'd stiff those packets.
I am not bound by the license and as it would be my network I can do whatever sniffing I want. Legally I couldn't "do whatever the hell I wanted" with the data since copyright could still apply, but the interesting data that I might want to share with the public about what Gator sends couldn't be copyrighted as it would be the output of their program, and would also merely be factual data. (So even if they tried to include a copyrighted signiture or something in their packet, they couldn't stop me from stripping that out and still talking about what I saw.)
Pointless provision, and there's not a damned thing they can do about it either. (Force the user to agree not to let anybody else packet sniff? Yeah, I'd like to be able to prevent other parties from packet sniffing, but I seem to lack that power.)
I'm wondering if anyone is working on documenting how the spyware EULAs, like Gator's, might violate any one of the many Microsoft product EULAs, and how that violation might be used to leverage Microsoft(or it's board) into smashing the alimighty Hammer of Bill on these spyware companies.
Say like folks who use/subscribe to MSN services( MSN Wallet, bCentral, MSN Shopping, Expedia, MSN Maps, MSN Music, etc) or the application services (Passport, Messenger, Encarta, Money, MSN Toobar, Mappoint, Streets and Trips, Picturte It, Windows Media, etc, etc..), can there not be conflicts between Gator's EULA and any of these M$ product EULAs and servcies websites terms of use for the data they collect and claim "ownership" to?
It would seem Microsoft could gain some ground with users if, instead of focusing on attacking Open Source products and their infringement on M$ EULA, to target the compainies exploiting the vulnerabilities of their software and it's users, aka GATOR. Everyone would cheer that effort.
I think that's the right way to approach / attack Gator's EULA. IANAL, but for a contract to be valid there has to be consideration (something of value, could be intangible or tangible) given to each side.
Currently, software companies are skating on the thin ice that the EULA actually gives you permission to load the software into memory (i.e. making a copy of it) and use it - purchasing the box and media the software is stored on does not. So that is the consideration you get for agreeing to the EULA (which contains the clauses which are the consideration they get) This is pretty much BS as far as I'm concerned - some judges do not agree.
In any case, you could certainly argue that since you didn't want the software, know the software installed itself, or know that it is running, you haven't gotten any consideration from Gator at all. If a judge agrees with that, the EULA is so much hot air - it would not bind you at all.