[LINK] CNN, Octoshape and Obama

Roger Clarke Roger.Clarke at xamax.com.au
Mon Feb 9 08:50:29 AEDT 2009 

[Off-list conversation, posted with permission]

At 14:45 +1100 6/2/09, Michael Skeggs mike at bystander.net wrote:
>cnn p2p sneaky into google got me what looks like the source article:
<http://windowssecrets.com/comp/090205>>http://windowssecrets.com/comp/090205
>It has some screen shots too.


[Roger replied:]
Great article, but Livington's not addressed an aspect I believe is crucial.

He says at the end:
"I personally would rather put up with a slightly jerky video than 
run an application on my PC that's sending God-knows-what to 
who-knows-whom."

So he (and many other people like him) need transparency, i.e. a 
clear declaration of what the app does, to which they can consent or 
deny.

But:
(1)  the information in the pop-up window is only:

      "This site requires the Octoshape Grid Delivery enhancement
      for Adobe Flash Player.  Install now?  YES or NO"

      That doesn't include information necessary to enable informed consent

(2)  there's not even a button to enable display of the licence agreemt

      So the words within the licence agreement don't enable informed
      consent (and anyway it's hopefully non-effective at law!)

(3)  according to Livingston's first bullet, the statement is false,
      and hence in breach of the (almost never prosecuted) provisions
      re false and misleading statements (in Oz, that's s.52? of the TPA)

(4)  according to Livingston, the unseen (and hopefully ineffective!)
      EULA says that what's installed is a peer-to-peer app that will
      "deliver parts of the video and audio stream to other end users of
      the Software."

      But even that is sufficient to enable informed consent.
      e.g.
      "the app will use some of your disk-space and bandwidth to deliver
      parts of the video and audio stream to other end users of the
      Software"


Mike continued:
>I actually don't think this is a big deal, as bit torrent and other 
>p2p stuff do this all the time, and the data is obviously generic, 
>rather than personal. The only concern I have is it did not seek 
>informed consent from the user, and it looks like the opt in was 
>deliberately opaque.

Do they do it without gaining informed and freely-given consent?


-- 
Roger Clarke                  http://www.anu.edu.au/people/Roger.Clarke/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in Info Science & Eng  Australian National University
Visiting Professor in the eCommerce Program      University of Hong Kong
Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW

More information about the Link mailing list