CNN Uses P2P Video & Adds Terrible EULA

Futurepower(R) writes "CNN's use of software called Octoshape presents an incredibly abusive EULA. If you agree to the EULA, you agree that CNN can use your bandwidth, and that you will pay any costs. Also, you lose the right to monitor your own network traffic. You can't even use information collected by your own firewall. Quoting the EULA: 'You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software. Octoshape recognizes that firewalls and anti-virus applications can collect such information, in which case you not are allowed to use or distribute such information.' "

good luck with that

Does anyone actually believe that click-through licenses are valid? If asked, one could always say that they let their cat chase the mouse around until the software worked.

Re:good luck with that

[Shakrai]

Does anyone actually believe that click-through licenses are valid?

Who gives a shit if it's valid? Is the no-monitoring part enforceable? They gonna install DRM on my machine that makes sure I'm not capturing packets? They gonna push that DRM out to my gateway to make sure I'm not capturing them there?

This is what happens when you let the lawyers draft the EULA without even consulting with the techies.....

Re:good luck with that

[fuzzyfuzzyfungus]

You will, if you get sued over it. Obviously, the terms are ludicrous and nigh-unenforceable. This doesn't mean that they won't be enforced; just that they'll probably be enforced selectively to, say, silence critical reviews.

Re:good luck with that

[mcgrew]

Contracts are legally binding

Only if it can be proven that both parties to the contract agreed to the contract. If you set up an agreement with a company over the phone, your recorded voice proves it's you. When you take out a loan your signature proves you agreed to it.

With a clickthrough EULA there is no proof. When I install software on someone else's machine, and I click the EULA, how can they be held to it? If the EULA is on the box, how can they prove who opened the box?

Re:good luck with that

[cdrguru]

The issue is privacy. Since they are "borrowing" user's bandwidth this exposes other users potentially personally identifying information to the first user. Now you can track other user's activities (within a fairly narrow scope) by using information that can be gathered on your own computer.

I suspect they had to put this in because of this potential. Would it fly if it was clearly exposed what was happening in EU countries? I doubt it. How about if they said:

By using the CNN service you will be receiving information about other user's online activities as they will be receiving information about your activities. This is an essential part of the service that cannot be disabled. By accepting this agreement you acknowledge that no part of your activities on the CNN web site or other related services may be private, secret, anonymous or in any way protected from every other user of the CNN web site or other related services.

Would that be better?

Re:good luck with that

[commodore64_love]

>>>Who gives a shit if it's valid? Is the no-monitoring part enforceable?

No it's not enforceable, because it's invalid. ;-) Yes I went-round in a circle, but let me back that up with a Supreme Court ruling, which invalidated Paypal's EULA back in 2006, and ultimately led Paypal o hand-out $50 or $200 refunds to its customers. The Justices determined that consumers can not sign-away their rights, and therefore large sections of the EULA were declared invalid/illegal. I suspect if the justices reviewed CNN's EULA, large portions of it would also be declared invalid because "citizens can not sign away their rights as protected by law".

It's your bandwidth. It's your computer. And it's your home. You have a right to monitor what passes into & out of your own home, and no EULA can override that legally-protected right. Therefore if I ever use CNN, I'll just keep running my bandwidth meter and counting how many megabytes I used today. Screw em.

So then CNN is taking responsibility for my system

[rindeee]

Since the EULA requires me to be hands-off, is CNN then going to assume legal responsibility for my system. In the event that a vulnerability is exposed in their P2P software, are they responsible for patch management and compliancy assurance? Should my system become compromised and, say, used as a distribution point for kiddie porn because of their EULA requirements, can I assume their legal council will represent me? How about we turn this around on them. They've removed all responsibility for security from the user, so demand it from them.

Re:It becomes illegal to read your own firewall lo

[LordKronos]

No, I don't think I missed any point, but I think you missed mine? Why did they add this clause to the EULA? You think they did it to stop you from looking at your firewall logs? Huh? What do they have to gain from that?

cdrguru made a relevant point. The most likely explanation for why they did this was to "protect" the privacy of their other users, since this is something like a bittorrent application. I was simply pointing out that since they can't actually protect anything, they should have just notified users of the shared info rather than pretending like they can legalese such shared info out of existence.

I also was not saying you shouldn't worry about the EULA or anything. I was saying why their approach to setting up the EULA was backwards.