In the past, an End User License Agreement (EULA) may have been referred to as “the fine print” in contracts. Also known as a User Agreement, Terms of Service, or License Agreement (or any other of the many other names it goes by), a EULA is designed to give a person/consumer the permission to use/license a proprietary software or hardware. In exchange, a consumer grants the owner of the software or hardware, be it a company or other organization, any number of considerations, from monetary compensation to private information.
So, what is it that we usually find in this fine print? I will attempt to break this down into five general and (hopefully) simple parts:
- Definitions – Generally, the first part of a EULA is the definitions section where all parties, products, software/hardware companies or organizations involved in this contract are identified and named for the remainder of the contract.
- Use – The use section defines what and how the product can be used for, including on what technological platforms. In this section you can also find who is eligible to use the product and how many licenses are granted. In this section, there is usually a vague explanation of what the company or organization will collect and do with your data. This section can also outline outside contractors, partners or third parties that will have access to your data.
- Restrictions – In this section, you may find any restrictions on the product use itself, such as reverse-engineering or modification, tampering with coding/programming, reselling, or transferring of the purchased license or agreement.
- Liability & Termination – The failsafe absolution of the companies liabilities should the program not work. An interesting part of this section in some EULAs is the wording to avoid legal repercussions should the organization lose data or become a victim of a data breach.
- Governing Body – Lastly, there will be a small blurb of what country, city or other locality governs the EULA requirements.
This contract, although not usually considered a legal document, does hold users to a strict obligation to provide the negotiated resource. In most cases, an application, service, or product cannot be used or even installed unless the consumer accepts the (usually vague) terms or conditions. Most of us are familiar with these pop-ups that appear as we rush to install the newest applications or social media service and most of us do not take the time to read them – not that they are readily comprehensible to the average user in the first place. Ultimately these unavoidable agreements are meant to protect the copyright owner – meaning the giant corporation leasing us their software or application so we can post pictures of our dinner – and not us as consumers. All the while they are tracking and monetizing us, where we go, what we buy, our favorite foods, what we watch on TV and how certain things we see in the media make us feel.
So, who governs these agreements? This is a complicated question to answer as it depends on the country or region/locality. In Europe, the General Data Protection Regulation (GDPR) is the main source of consumer data protection and fairness. The GDPR dictates what is acceptable consumer data use and the levels of safety that need to be adhered to, but it effectively stops short of unveiling vague EULAs or clearing up often confusing terminology and variable interpretation. Similarly, in the United States, Consumer Data Protection Laws are in place to protect consumers, but they are not nearly as organized as in the EU, and they are mainly broken into legislative acts that protect data in certain lines of business or for certain vulnerable groups. For example, the Health Insurance Portability and Accountability Act (HIPAA) protects consumer data collected by organizations in the health industry, while the Children’s Online Privacy Protection Act (COPPA) specifically regulates what data can or cannot be collected on/from children under the age of thirteen. Conclusively, these acts do not work to clarify EULA’s either.
Although EULAs are meant to protect the owner of the product and are written by large corporations that implement multiple methods of data manipulation and control, they can also be looked at as the first line of defense to consumers. However, this depends on the locality or governing body that dictates the rules and laws that protect consumers.
As we know, data accumulation and manipulation are issues of widespread importance in the Global North, but what about in developing nations? In the coming weeks we will explore End User License Agreements of emerging technology (mixed reality) from both the Global North and South in an attempt to spotlight the pros and cons of data accumulation and control and the differences of its effects.
-F. Ortiz