To close out CDT’s participation in the Computers, Freedom, and Privacy Conference, I spoke Friday on a panel about notice and consent for downloadable software. The panel really drove home the idea that there is still much ground to be covered in terms of making notice effective.

I was pleased to be joined on the panel by David Fewer from the Canadian Internet and Public Policy Clinic (CIPPIC). Back in November 2005, CDT and CIPPIC jointly filed a complaint against Canadian spyware company Integrated Search Technologies (IST) at both the Federal Trade Commission in the U.S. and Competition Bureau Canada. David explained that the Competition Bureau has unfortunately declined to take up the complaint, but he is still working to interest the provincial authorities in Quebec to take up the issue. We are hopeful that the authorities in Quebec will realize how egregious IST’s practices were and decide to pursue an investigation.

As a counterpoint to the lack of enforcement action we have seen in Canada, I spoke briefly about some of the good developments we have seen at the FTC in the U.S. Starting with the Seismic Entertainment case — which addressed the practice of downloading software without any notice or consent — the FTC has steadily upped the ante on the what kind of notice should be required. If we fast forward to the FTC’s most recent enforcement actions, against Zango and Direct Revenue, we see the Commission requiring that the material terms about software downloads be displayed outside of any End-User License Agreement (EULA). Although this may seem like an obvious requirement, having a regulatory agency issue this requirement makes a strong statement to the software industry: burying material terms in a EULA does not work and does not qualify as adequate notice.

This entry was posted on Tuesday, May 8th, 2007 at 4:02 pm and is filed under Consumer Privacy. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.