Most web sites have some type of legal contract that is presented to site visitors for any number of reasons. Do your web site visitors actually read them? It probably depends upon how the contracts are presented to the web site visitors, and how the wording is constructed.
Are the contracts written clearly? Or, could they be interpreted in multiple ways? Or trick people into thinking they are agreeing to something other than what the legalese is trying to obligate them to agree to?
The Google Chrome end user license agreement (EULA) recently came under fire because of the way it was presented and worded.
Could your organization face the same wrath?
The second article within my Sepember issue of IT Compliance in Realtime Journal is “3 Things to Know About Privacy Policies and Legal Contracts.”
Here is the unformatted second section of that article; down load the full article to see a much nicer version…
___________________________________
Are the Terms of Your Legal Contracts Enforceable?
In determining whether your legal contract is enforceable, first think about how the legal contract is presented to your Web site visitors. Will they read it? Quite frankly, most people probably do not. But, let’s think about those who do. It is, after all, a legal document that must be seriously considered before you post it.
Does your legal contract clearly list all the terms and conditions of using the software you offer for download? Are the terms reasonable and enforceable (as opposed to unscrupulous or invalidated by public policy)? Do you provide a way to allow the individuals that download your software to completely uninstall the software with no negative or residual impacts upon the individuals?
The FTC has determined that certain actions performed by downloaded software are so detrimental to the user’s system that just giving a notice of the potential negative effects is not going far enough. If software does really bad things to the individual’s computer, or takes PII in ways that could be argued were not clear, the legal statement may be determined invalid.
Keep in mind that Web site legal contracts allow for no negotiation on the part of the Web site visitor. The individual basically has to take the legal contract as-is or leave it. A legal contract such as a EULA is called a “contract of adhesion.” The law applies different standards to a contract of adhesion because only one party, the Website, has any say over the terms. The FTC will likely say that certain unreasonable terms within a EULA will not be valid in a contract of adhesion.
Adhesion contract (contract of adhesion): n. a contract (often a signed form) so imbalanced in favor of one party over the other that there is a strong implication it was not freely bargained. Example: a rich landlord dealing with a poor tenant who has no choice and must accept all terms of a lease, no matter how restrictive or burdensome, since the tenant cannot afford to move. An adhesion contract can give the little guy the opportunity to claim in court that the contract with the big shot is invalid (Source: http://legal-dictionary.thefreedictionary.com/contract+of+adhesion).
With a EULA and other types of Web site legal contracts, it is important for organizations to understand that even though it may be possible to demonstrate the Web site visitor electronically agreed to the terms of a EULA, legally it may not be considered as true consent.
___________________________________
Tags: awareness and training, contract, EULA, Google Chrome, Information Security, IT compliance, IT training, license agreement, policies and procedures, privacy training, risk management, security training