Slashdot Mirror

← Back to Stories (view on slashdot.org)

CNN Uses P2P Video & Adds Terrible EULA

Posted by CmdrTaco on from the you-gotta-be-kidding-me dept.

Futurepower(R) writes "CNN's use of software called Octoshape presents an incredibly abusive EULA. If you agree to the EULA, you agree that CNN can use your bandwidth, and that you will pay any costs. Also, you lose the right to monitor your own network traffic. You can't even use information collected by your own firewall. Quoting the EULA: 'You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software. Octoshape recognizes that firewalls and anti-virus applications can collect such information, in which case you not are allowed to use or distribute such information.' "

43 of 254 comments (clear)

  1. good luck with that by Anonymous Coward · · Score: 5, Insightful

    Does anyone actually believe that click-through licenses are valid? If asked, one could always say that they let their cat chase the mouse around until the software worked.

    1. Re:good luck with that by Shakrai · · Score: 4, Insightful

      Does anyone actually believe that click-through licenses are valid?

      Who gives a shit if it's valid? Is the no-monitoring part enforceable? They gonna install DRM on my machine that makes sure I'm not capturing packets? They gonna push that DRM out to my gateway to make sure I'm not capturing them there?

      This is what happens when you let the lawyers draft the EULA without even consulting with the techies.....

      --
      I want peace on earth and goodwill toward man.
      We are the United States Government! We don't do that sort of thing.
    2. Re:good luck with that by fuzzyfuzzyfungus · · Score: 4, Insightful

      You will, if you get sued over it. Obviously, the terms are ludicrous and nigh-unenforceable. This doesn't mean that they won't be enforced; just that they'll probably be enforced selectively to, say, silence critical reviews.

    3. Re:good luck with that by Anonymous Coward · · Score: 5, Interesting

      Person A accepts EULA.
      Person B owns network and watches packets through router.

      Person B did NOT accept the EULA and thus is not bound by it.

      That's like people saying 'You can't read out signs' as a parade or protest walks by your window.

    4. Re:good luck with that by mcgrew · · Score: 5, Insightful

      Contracts are legally binding

      Only if it can be proven that both parties to the contract agreed to the contract. If you set up an agreement with a company over the phone, your recorded voice proves it's you. When you take out a loan your signature proves you agreed to it.

      With a clickthrough EULA there is no proof. When I install software on someone else's machine, and I click the EULA, how can they be held to it? If the EULA is on the box, how can they prove who opened the box?

      --
      Free Martian Whores!
    5. Re:good luck with that by cdrguru · · Score: 5, Insightful

      The issue is privacy. Since they are "borrowing" user's bandwidth this exposes other users potentially personally identifying information to the first user. Now you can track other user's activities (within a fairly narrow scope) by using information that can be gathered on your own computer.

      I suspect they had to put this in because of this potential. Would it fly if it was clearly exposed what was happening in EU countries? I doubt it. How about if they said:

      By using the CNN service you will be receiving information about other user's online activities as they will be receiving information about your activities. This is an essential part of the service that cannot be disabled. By accepting this agreement you acknowledge that no part of your activities on the CNN web site or other related services may be private, secret, anonymous or in any way protected from every other user of the CNN web site or other related services.

      Would that be better?

    6. Re:good luck with that by Ark+Ku+Mon · · Score: 3, Informative

      Yes. The US Legal system believes that they are valid.

      Actually the US case law is inconsistent and have only ruled on the validity specific EULAs not about them in general. There have been cases where EULAs have been ruled enforceable and valid and others to the contrary. So your statement is actually misleading.

      I know its "common knowledge" on slashdot that they aren't valid, but find one US case that says they aren't valid. There are many that say they are...

      In this case, the U.S. Court of Appeals for the Third Circuit held that a EULA disclaimer waiving all express and implied warranties, printed on the outside of the box, was not binding.

      http://en.wikipedia.org/wiki/Step-Saver_Data_Systems,_Inc._v._Wyse_Technology

      Also Rich, Mass Market Software and the Shrinkwrap License (23 Colo. Law 1321.17)

      So, there you go. And, yes, there are cases where particular EULA has been held up by a court, but contrary to your claim there has been no case law that has ever ruled on EULAs in general in such a definitive manner as you have claim.

    7. Re:good luck with that by DoofusOfDeath · · Score: 4, Interesting

      With a clickthrough EULA there is no proof. When I install software on someone else's machine, and I click the EULA, how can they be held to it? If the EULA is on the box, how can they prove who opened the box?

      I think this issue recently arose with some user writing bots for an online game. The problem is, if you don't agree to the EULA, then (ostensibly) you haven't met the copyright owner's terms for using their work. And thus, using the service/software/whatever is a violation of copyright law at that point.

    8. Re:good luck with that by mcgrew · · Score: 3, Insightful

      So for free services like this, exactly what consideration am I putting up? They're giving me software/media/etc., but I'm not giving them anything. I'm pretty sure mutual consideration is one of the required elements of a contract -- am I missing something here?

      CNN is putting up a website. Web sites are supposed to be accessable. What did I have to give up to read your post, to which you own copyright? To have a EULA for web content is antisocial at best.

      Imagine putting a dollar bill in an envelope and writing a EULA for taking the free dollar on the envelope. Would you seriously expect that anyone would respect that EULA? Well, that's what CNN did, and the fact that they expect anyone to respect their EULA shows that they're not exactly living in reality.

      --
      Free Martian Whores!
    9. Re:good luck with that by torstenvl · · Score: 5, Informative

      This post is wrongly moderated. It is not informative. It is misinformative, or uninformative at best. The argument that the recognition of particular EULAs is distinct from recognition of the validity of EULAs "in general" betrays an ignorance of the judiciary and of contract law. This is simply not the way that the legal system works; courts must rule on an actual case or controversy and are not permitted to announce "general" rules of law. Furthermore, Step-Saver is anachronistic and the Third Circuit is relatively unpersuasive. In fact, there are NO major legal markets and NO major software companies within the Third Circuit's jurisdiction. ProCD v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996), however, has higher persuasive authority because it is (a) newer, (b) out of a major circuit, (c) written by an enormously influential appellate judge. In addition, it is the law in the entirety of the Seventh Circuit, which includes Chicago. Others may point to Klocek v. Gateway, 104 F. Supp.3d 1332 (D. Kan. 2000), but Klocek is a district court case, and therefore has no precedential value beyond its persuasiveness, which is in turn less than that of ProCD.

      Trial courts don't make law. The only U.S. Circuit Court of Appeals cases on point hold, unanimously, that EULAs are enforceable. The law is relatively clear here, and is unlikely to change unless and until the Ninth Circuit or the Supreme Court take up the issue. I'm sorry, but you're just wrong.

    10. Re:good luck with that by mcgrew · · Score: 3, Insightful

      Last time I checked what the website was supposed to be was up to the owner to decide

      And last time I checked if you can access a site, you can access it. A site owner can no more say "you can only access this site if" any more than a book publisher can tell you you can't resell the book or rip off the cover (which publishers have tried to do).

      If you don't want your work seen, don't put it on the internet. It's up to the owner to decide what to post, NOT how I may or may not access it.

      Practically every website with any form of registered users has a user agreement

      Half of all married people commit adultery, too. That doesn't make it right. Antisocial behavior is antisocial behavior no matter how many people practice it.

      --
      Free Martian Whores!
    11. Re:good luck with that by bennomatic · · Score: 3, Insightful

      I actually think your wording would be better and more honest. Add to that something saying that by using the service you are agreeing not to use information that may be available to you regarding other users' activities for nefarious purposes would be good. Naive, maybe, but better than what I see here.

      --
      The CB App. What's your 20?
    12. Re:good luck with that by sexconker · · Score: 3, Funny

      I hear the Interceptor is nigh-uncatchable.

    13. Re:good luck with that by von_rick · · Score: 3, Insightful

      What would be even more interesting would be if person A accepts EULA on a machine M1, and uses machine M2 to gather packet information from M1. Is a person bound by the EULA on any computer he/she uses but accepting it on a single machine?

      --

      Face your daemons!

    14. Re:good luck with that by Todd+Knarr · · Score: 3, Insightful

      Except that that goes back to a situation we discussed in business law classes. Take the case where you've paid the seller for the goods, he's accepted your payment, and all that's left is for him to actually deliver the goods. If the goods are still in his possession, say on his loading dock, and he won't give you access to them, you have to go through the authorities to get them (or sue him for non-delivery, demanding your payment back). But if he's released the goods into your possession but is preventing your access, eg. he's shipped them to you but the shipping container's sealed with locks and he won't give you the keys, being owner and in possession of the goods you're allowed to call a locksmith to remove the locks and gain access to your property. You can't unduly damage the seller's property in the process, but you aren't helpless.

      Applying that reasoning to the case where the seller delivers the goods sealed with a piece of tape saying "By breaking this seal you agree to additional terms contained inside.", breaking that tape would be legally meaningless. You own the goods, the seller has delivered the goods into your possession, the seller has no more legal right to demand agreement to terms regarding your property.

      Another analogous situation: you pay for your groceries, take your bags and head to the door. On the way, a supermarket employee stops you and asks you to complete a survey. You refuse and he says "I'm sorry, we can't let you leave with your groceries until you do.". Not only can you ignore his demand, if he tries to stop you you can call the cops and have him arrested for unlawful restraint.

      Which all comes to the question: if the seller has accepted your payment and delivered the software into your possession, does he have any legal right to demand you agree to additional terms at all? If he doesn't, what gives any legal force to the idea that doing what's neccesary for you to gain access to your goods constitutes agreement to a demand the seller has no legal right to make?

    15. Re:good luck with that by LunarCrisis · · Score: 3, Informative

      Oh no. Is my computer broadcasting an IP address again?

      Seriously, that's all the personally identifying info it should be sending out.

      At the very least, you also have information on what content they are downloading.

      --
      Mr. Period: Nine is the one that's right by ten!
      Nine: One day I will kill him. Then, I will be Ten.
    16. Re:good luck with that by commodore64_love · · Score: 5, Insightful

      >>>Who gives a shit if it's valid? Is the no-monitoring part enforceable?

      No it's not enforceable, because it's invalid. ;-) Yes I went-round in a circle, but let me back that up with a Supreme Court ruling, which invalidated Paypal's EULA back in 2006, and ultimately led Paypal o hand-out $50 or $200 refunds to its customers. The Justices determined that consumers can not sign-away their rights, and therefore large sections of the EULA were declared invalid/illegal. I suspect if the justices reviewed CNN's EULA, large portions of it would also be declared invalid because "citizens can not sign away their rights as protected by law".

      It's your bandwidth. It's your computer. And it's your home. You have a right to monitor what passes into & out of your own home, and no EULA can override that legally-protected right. Therefore if I ever use CNN, I'll just keep running my bandwidth meter and counting how many megabytes I used today. Screw em.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    17. Re:good luck with that by SanityInAnarchy · · Score: 3, Insightful

      I have no problems with corporations using P2P to cut costs.

      Where I have a problem is when they also want to revoke rights.

      If they just used BitTorrent to deliver streams, no problem, I applaud that. Maybe multicast would be better for some streams, but whatever. If it's really a problem, I can limit my upload, or block them from uploading at all.

      However, when their EULA prevents me from reading my own logs (much less any of the above shaping), that's when I have a problem.

      --
      Don't thank God, thank a doctor!
    18. Re:good luck with that by Red+Flayer · · Score: 3, Funny

      Half of all married people commit adultery, too. That doesn't make it right. Antisocial behavior is antisocial behavior no matter how many people practice it.

      That's nonsense. Please, look up the definition of the verb 'to socialize'.

      Married people who do NOT commit adultery are practicing antisocial behavior.

      Now please excuse me, I'm off to socialize with my secretary.

      --
      "Trolls they were, but filled with the evil will of their master: a fell race..." -- J.R.R. Tolkien on Olog-hai
  2. Dear CNN, by Anonymous Coward · · Score: 4, Informative

    No.

    1. Re:Dear CNN, by Jurily · · Score: 4, Funny

      No.

      You misspelled "Fuck you."

  3. shit, I already broke the EULA..... by Shakrai · · Score: 5, Funny

    Noticed how much upload bandwidth was being used and fired up Wireshark to figure out what was going on. Hang on a sec, there's a knock at the doo$*)&!&*()@*!)(*)(NO CARRIER

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
    1. Re:shit, I already broke the EULA..... by characterZer0 · · Score: 5, Funny

      Who the hell knocks on your door, pushes you out of the way, pounds on they keyboard, types "NO CARRIER", and hits Submit?

      --
      Go green: turn off your refrigerator.
    2. Re:shit, I already broke the EULA..... by aquarajustin · · Score: 3, Funny

      Christ, how could you have possibly moved the 'p' over that far? It's "captcha." Also, if you didn't always post AC, you'd know that there's no captcha for regular users.

    3. Re:shit, I already broke the EULA..... by Sancho · · Score: 5, Funny

      What's a "NO CARRIER" joke?

    4. Re:shit, I already broke the EULA..... by Taevin · · Score: 3, Funny

      Perhaps he was dictating?

    5. Re:shit, I already broke the EULA..... by rk · · Score: 3, Funny

      He could be on to us though. Should we send a team to pick him up?

  4. OK, then... by serviscope_minor · · Score: 5, Interesting

    OK, then. Install it on your machine (and agree to the EULA, if you wish), and then plug your machine in to my network. I certainly didn't agree to the EULA, so I can and will make use of that information.

    --
    SJW n. One who posts facts.
    1. Re:OK, then... by Spatial · · Score: 3, Insightful

      I always wondered about stuff like that with EULAs in general.

      What happens if you replace the EULA with your own terms before installing, and therefore never agree to anything they said at all? It occurs to me that the agreement not to modify the software is actually in the EULA, so what are they going to do about it?

  5. From the article: by igotmybfg · · Score: 3, Funny

    At first glance, Ferrell adds, the multiple connections to his PC looked on his security alert system like some kind of SQL attack.

    Oh really.

  6. Tin foil hat by sstpm · · Score: 5, Funny

    CNN is providing us a service, making sure that Big Brother can't monitor what news stories we are watching. The EULA is there for our protection. Thank you, CNN!

  7. Well, they should have read my Eula by Bill,+Shooter+of+Bul · · Score: 5, Funny

    I send an extra header in my http streams that contains a Eula stating that by responding to the request, they acknowledge that any Eula they present to me is null and void.

    --
    Well.. maybe. Or Maybe not. But Definitely not sort of.
  8. I noticed this during the inauguration of Obama by DrewBeavis · · Score: 5, Interesting

    I have Little Snitch on my mac and noticed all the OUTGOING bandwidth being used while watching their video stream. After I figured out what was going on, I went to MSNBC instead. The quality is great at CNN and the idea is decent, but unless I read the EULA (which I didn't beforehand), I wouldn't know my contribution to the cloud. My employer monitors outgoing bandwidth usage and I could have been in trouble for high flows if I would have watched the whole thing. Being at a university, we have a large pipe, but I think I needed to be asked first a little more explicitly if they could use it.

  9. Re:Really? by Anonymous Coward · · Score: 5, Informative

    It sure does.

    here is the official EULA

    Half way down in section three. What is it about EULAs that, despite being universally hated and legally toothless, inspires companies to make fucking assholes of themselves when writing them?

  10. Any clue how to uninstall Octoshape? by chaosdivine69 · · Score: 4, Funny

    Sorry for a newbie like question but anyone know how to uninstall this Octoshape plugin? I mindlessly clicked "agree" in a fleeting effort to watch live video on that plane that crashed into the Hudson river on one of my machines. For all I know I just signed away rights to my kidney and left "testie" too. Any info. would be appreciated... Cheers.

    1. Re:Any clue how to uninstall Octoshape? by chaosdivine69 · · Score: 3, Interesting

      Answered my own question (glad to have BOTH my jewels back fyi!) Read this from GrindStone Media: http://www.grindstonemedia.net/2008/12/04/octoshape-peer-to-peer-video-streaming-technology-for-flash/

  11. No Eula on Linux by GRW · · Score: 3, Interesting

    I went to CNN and ran a live video and didn't get the EULA pop up. Just another reason to abandon Windows for Linux.

  12. Explains why my work banned it. by insomniac8400 · · Score: 4, Informative

    On inauguration day cnn.com live video was banned for using too much bandwidth. Now I know why. It was probably flooding the upload pipe.

  13. They need these permissions by itsdapead · · Score: 3, Informative

    Imagine you didn't agree to these conditions. How do you expect CNN to deliver the service?

    If you agree to the EULA, you agree that CNN can use your bandwidth, and that you will pay any costs.

    Its a P2P service - so if you use it, you are sharing your bandwidth with other users. Or, top put it another way, CNN are using your bandwidth to deliver their material to their customers.

    So if some joker leaves it running in his hotel room and gets charged $1 per megabyte, he shouldn't sue CNN. Sounds fair.

    You may not collect any information about communication in the network of computers that are operating the Software or about the other users of the Software by monitoring, interdicting or intercepting any process of the Software.

    So if I collected data about the other CNN customers who are sharing my bandwidth via the P2P service, their IP addresses, what they were watching, and when and published it, that would be OK, would it?

    We take these things as read when we use P2P, but obviously some lawyer at CNN has done a bit of due dilligence and covered his arse in case some troll comes along and sues them.

    The fuss about this is a bit like the scare stories photo-sharing sites requiring permission to reproduce/modify/sub license your photos: they need these permissions to run their service.

    --
    In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
  14. So then CNN is taking responsibility for my system by rindeee · · Score: 5, Insightful

    Since the EULA requires me to be hands-off, is CNN then going to assume legal responsibility for my system. In the event that a vulnerability is exposed in their P2P software, are they responsible for patch management and compliancy assurance? Should my system become compromised and, say, used as a distribution point for kiddie porn because of their EULA requirements, can I assume their legal council will represent me? How about we turn this around on them. They've removed all responsibility for security from the user, so demand it from them.

  15. Re:It becomes illegal to read your own firewall lo by LordKronos · · Score: 4, Insightful

    No, I don't think I missed any point, but I think you missed mine? Why did they add this clause to the EULA? You think they did it to stop you from looking at your firewall logs? Huh? What do they have to gain from that?

    cdrguru made a relevant point. The most likely explanation for why they did this was to "protect" the privacy of their other users, since this is something like a bittorrent application. I was simply pointing out that since they can't actually protect anything, they should have just notified users of the shared info rather than pretending like they can legalese such shared info out of existence.

    I also was not saying you shouldn't worry about the EULA or anything. I was saying why their approach to setting up the EULA was backwards.

  16. Re:What If the router is mine? by rufty_tufty · · Score: 4, Funny

    Nope. You're completely liable for things outside of your control. This is thanks to the Because Act. This little known piece of international legislation is, in fact, at the heart of many of the most prominent legal actions in the world today. Much loved by the RIAA, MPAA and the US due to it's implicit allowal for random search and seizure, legal 'fishing trips', non-judicially warranted wire taps, and it's espousal of 'guilty until proven guilty' legislature; the entire text of the Because Act has been reproduced below:

    Because Act

    1. Because.

    1.1. Just, because.

    --
    "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
  17. The linked story says it's done with Adobe's help. by Futurepower(R) · · Score: 5, Informative

    "Obviously, the terms are ludicrous and nigh-unenforceable."

    Also, there is another point. Slashdot editors change stories submitted to them seemingly at random, but retain the submitter's name.

    The story as I wrote it mentions that Adobe is allowing Octoshape to use Adobe's Express Installer to install the software.

    Basically, that means that if you allow rights to Adobe, you are also giving rights to anyone who pays Adobe. Adobe's updating software is very annoying, in my opinion, but this new situation takes the abusiveness to a much higher level. See the linked story, Watch a live video, share your PC with CNN, at WindowsSecrets.com.