Criminalizing ToS Violations

Many of us question whether sneakwrap agreements like the Terms of Service (ToS) of most websites should be considered a binding contractual agreement. But several stories in the news have shown a disturbing trend that goes even further -- treating a ToS violation not just as a breach of contract, but as a criminal act.

Certainly the story getting the most attention right now is the tragic cyberbullyi

Many of us question whether sneakwrap agreements like the Terms of Service (ToS) of most websites should be considered a binding contractual agreement. But several stories in the news have shown a disturbing trend that goes even further -- treating a ToS violation not just as a breach of contract, but as a criminal act.

Certainly the story getting the most attention right now is the tragic cyberbullying case in which a 49-year-old woman is alleged to have harassed a teenage girl into suicide using a phony MySpace account. Lacking appropriate laws covering cyberbullying, federal prosecutors have brought charges against the woman -- in Los Angeles, MySpace's headquarters, rather than Missouri, where the woman and the teenager resided -- for violating MySpace ToS provisions. As many observers have noted, it's a real stretch to use the federal anti-hacking statutes in this way, and a very slippery slope.

Earlier this month, World of Warcraft (WoW) publisher Blizzard sued MDY, Inc., maker of a program called Glider that automates WoW play. Using a program like Glider undeniably violates the WoW EULA and terms of use, but Blizzard is also suing the company for copyright infringement, arguing that the copy of WoW loaded into RAM when using Glider is illegal, just because it violates the EULA. In other words, they're saying that using a product you've paid for can still be a copyright violation if you don't follow their fine-print rules.

And since copyright infringement can carry criminal as well as civil penalties, another piece of news that might be relevant is the "Copyright Czar" bill that the House of Representatives recently passed. With thousands of ordinary Americans falling victim to identity theft, phishing scams, etc., Congress wants to create a cabinet-level position to fund and marshal federal law enforcement resources to protect ... not us, but the motion picture and music industries. Terrific.

So what does all this mean? Well, think of some of the many overreaching and even unconscionable provisions we've seen in some of the ToS documents we've examined recently. If you read Dilbert.com and you're not precisely 13 years of age, are you guilty of illegally accessing a protected computer under the Computer Fraud and Abuse Act? What about when the Comcast use policy or the Verizon ToS requires you to check back frequently and re-read all their legalese to see if there's been any changes -- will White House staffers be sending the FBI to knock on your door if you forget to do so? And consider all those people who've been reporting that Windows XP SP3 causes endless reboots of their system -- aren't they guilty of criminal copyright infringement for not getting Microsoft's written permission to publish such performance benchmarks, as various Microsoft EULAs demand?

Virtually every ToS has a mix of terms, some of which might be considered reasonable in the context of that business and others so stupid or outrageous that no court would enforce them even under contract law. So for law enforcement officials to accuse someone of a crime because they breached a ToS term is more than problematic. And to equate ToS violation with copyright infringement is to render the Copyright Act useless except as a tool of large corporations.

Post your comments about this story below or write Ed Foster at Foster@gripe2ed.com.

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies