Legal Framework (Tip of the Iceberg)

A question arises: isn’t there a legal hurdle for the giants? They incorporate changes as part of software updates which involve contractual relations between them and the users. Doesn’t cancelling or harming existing useful services, amount to a breach of a contract? It seems that (at least) currently, this is hardly the case. First, users can reverse most of the changes with basic technological knowledge, e.g., the Gallery application is still relatively easily acquired. In this sense, the giants merely change the default (a powerful tool as some research suggests, yet not coercive or binding). Additionally, and even if the changes are irreversible, the giants have a contractual claim that users have inter alia agreed to the removal of certain services in the (somewhat voluntary) process of updating their phones’ software.

The primary consumerist counterclaim would be that the license agreements users have with giants are standard-form contracts. However, in order to generate special scrutiny, users should prove that the contract under examination is adhesive, which is not always easy. Even if it is considered such a contract, it does not follow that the court would determine that the contested clauses are unenforceable, especially since the giants would claim that these clauses introduce certain benefits and efficiencies to the users. As per other consumerist claims (e.g., deceptive acts), which rely on the FTC Act, they seem not to fit and require too heavy burden of proof in the circumstances.

Thus, though these unwelcome changes are disturbing, the legal toolbox seems insufficient (especially as long as the software changes are taking a soft and disguised shape).

Technological Alternatives

There's no real measurement behind the model, right? Why not be simple instead of falsely complicating?

All of this assumes an unfree software ecosystem. The stuff you're talking about doesn't happen to you once you're not part of a proprietary software update ecosystem, and you are able to run software you control, rather than software controlling you. That's harder with mobile tracking devices instead of real computers, but you could be running CyanogenMod or Replicant rather than stock Android, which would help. And you could replace the proprietary laptop with a notebook running free software. Add a storage server of your own, preferable a real machine under the bed somewhere, or a virtual personal server to make an alternative to the platform-company "cloud," and you'd have everything they can give you with more privacy and security than you'll ever otherwise achieve. But you don't investigate, so you don't find out, so this draft results. Let's see if the next draft can be more aware of alternatives.

When Getting Back What You Already Had Costs You Your Privacy – The Story of Software Updates

-- By EdyGlozman - 06 Mar 2015

Introduction

There is a basic equation that stands at the heart of the relationship between humans and technology giants: usability and functionality in consideration for the waiver of privacy. The more information individuals agree to share about themselves, the better services they are promised. Share your phone number with your email provider and you will enjoy a better security verification; share your culinary preferences and you will be quickly offered a variety of restaurants that meet your palate; and generally share your tastes and wishes, and you will receive a better accustomed product or service, suited specifically to you.

Sounds fantastic? Well, not quite so. Some critics suggest that there is no real benefit in the services, that there are alternative measures to receive customized products, and that the users’ sacrifice is much greater than their gain. However, this is not the focus of this brief note. This note’s goal is to touch on a rather more subtle issue, which I believe has skipped the eyes of many. Even if one agrees that the abovementioned equation exists and that there is a real value that individuals derive from sacrificing their privacy, it appears that in certain instances the giants downgrade the services and implicitly condition restoration upon users’ consent to a more significant privacy sacrifice.

For purposes of clarity, if the basic equation suggests that a consumer is willing to sacrifice ‘P’ degrees of privacy in order to receive ‘S’ degrees of services, it appears that the giants try to create a world where to receive the same (or at best marginally better) ‘S’ degrees of services, to which one is already used, she should sacrifice ‘2P’ degrees of privacy. I will start off with a few examples to illustrate this point and then briefly discuss some related economic and legal aspects.

Examples

Example #1 – GPS Services

While it appears that over the last decade the accuracy level of GPS for smart phones has stagnated, the requirements from users have gradually increased. Currently – for the sake of ‘accurate GPS service’ – some devices require users to approve location reporting and history collection. These functions enable technology giants to periodically store and use the device's most recent location data. Should users not accept these options, their GPS will perform much slower – despite the fact that reporting and history collection do not seem to be necessary in order to enable a satisfactory (and possibly maximal) level of service.

Example #2 – Gallery vs. Photos

Android users who upgraded their phones’ software system from Kit-Kat 4.4 to Lollipop 5.0 were surprised to find out that the default application for photo handling called ‘Gallery’ was removed, and they were left only with ‘Photos’ application. Unlike Gallery, Photos is lacking a few basic and convenient functions, the main of which is the division of photos (according to their source) into folders. However, if the user backs up all of the photos online (as Photos loudly encourages the user to do), these functions (and more) would of course be available. Thus, functions that were previously available without uploading photos, are available now only if the user agrees to share with the ‘cloud’.

Economic and Legal Framework (Tip of the Iceberg)

In their actions, the giants capitalize on two phenomena called by behavioral economists ‘loss aversion’ and the ‘endowment effect’. The first addresses people’s stronger preference to avoid losses than to acquire gains. The second relates to people’s tendency to ascribe more value to things merely because they own them (Kahneman et al., The Endowment Effect, Loss Aversion and Status Quo Bias, 1991). It follows that it is harder for people to separate from products or services that they have been enjoying and which they have found useful. Being aware of it, the giants can use the ‘taking away’ of existing services (such as accurate GPS, or convenient photo application) as a weighty leverage over people’s privacy.

However, isn’t there a legal hurdle for the giants? They incorporate changes as part of software updates which involve contractual relations between them and the users. Doesn’t cancelling or harming existing useful services, amount to a breach of a contract? It seems that (at least) currently, this is hardly the case. First, users can reverse most of the changes with basic technological knowledge, e.g., the Gallery application is still relatively easily acquired. In this sense, the giants merely change the default (a powerful tool as some research suggest, yet not coercive or binding). Additionally, and even if the changes are irreversible, the giants have a contractual claim that users have inter alia agreed to the removal of certain services in the (somewhat voluntary) process of updating their phones’ software.

The primary consumerist counterclaim would be that the license agreements users have with giants are standard form contracts. However, in order to generate special scrutiny users should prove that the contract under examination is adhesive, which is not always easy. Even if it is considered such a contract, it doesn't follow that the court would determine that the contested clauses are unenforceable, especially since the giants would claim that these clauses introduce certain benefits and efficiencies to the users. As per other consumerist claims (e.g., deceptive acts), which rely on the FTC Act, they seem not to fit and require too heavy burden of proof in the circumstances.

Future Thoughts

The situation of unwelcomed changes, the possible hidden purpose of which is to encourage users to give away their privacy is disturbing. Yet, especially as long as these changes are taking a soft and disguised shape, the legal toolbox seems not to be proficient in providing a solution. The current method to handle it thus would be to increase public awareness to the phenomenon and educate users about technological alternatives to degraded services. It is easy (especially for the ignorant majority) to fall prey to these privacy pit falls, however awareness could lay the foundations for change.

To restrict access to your paper simply delete the "#" character on the next two lines:

• #Set ALLOWTOPICVIEW = TWikiAdminGroup, EdyGlozman
• #Set DENYTOPICVIEW = TWikiGuest

Note: TWiki has strict formatting rules for preference declarations. Make sure you preserve the three spaces, asterisk, and extra space at the beginning of these lines. If you wish to give access to any other users simply add them to the comma separated ALLOWTOPICVIEW list.