254 comments

[ 6.2 ms ] story [ 282 ms ] thread
What I want is a standardized set of icons, which grant or deny specific things, that all websites can agree on, sort of like the ones available for software licensing, here:

https://creativecommons.org/licenses/

It would be great if we could "standardize away" the whole T&C fiasco.

Icons are good. But would be even better if they were switches the user can turn off/on.
That sounds like a GPL loophole to me.

It would be much easier to extend and replace if someone could turn off the condition " You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License." [0]

I'm all for making these easier to read, but they shouldn't be line-item veto.

[0]http://www.gnu.org/licenses/gpl-2.0.html

I agree you should not be able to change a software license but if Facebook had an icon for each thing they did like: [share with 3rd party] [sell your info] ...
Would that hold up in court? An icon?
Like many things, it depends. As long as one can demonstrate that the icon in question has a clear meaning to a "reasonable person" or "typical user", then use of the icon would likely hold up in court.
You're in luck at least when it comes to privacy in the EU! The GDPR makes various references to the creation and use of standardised icons to give a meaningful overview of the intended data processing. I know, I know, another GDPR reference but I thought it was interesting to note that a piece of regulation is pushing implement precisely what you were talking about, albeit in the field of privacy.
We have standardized nutritional labels in the United States and I would like to see a similar standard for terms and conditions. Icons could be part of it but also leave room for text and listing of what common data (email, ip, name, etc.) the service will collect and how they will use it.
How can PayPal rationalize closing accounts because users opened them years ago when they were too young? Is that really an issue for a 28 year old?

Contract or no, PayPal looks really bad here. One would think they would be looking for good will rather than this kind of press in such a competitive market.

Yeah, why wouldn't they just contact her and lock her account until she re-signs? That way they both win. She's clearly of legal age now and penalizing her so severely for something she did as a child is really unnecessary.

When my landlord discovered she didn't have a rental agreement on file for the garage space I was renting from her she didn't evict me, she left a note on my door.

There are financial incentives.

Paypal is a lot like shady ad networks in that they let you accrue a balance while waiting for you to do something they can justify terminating you for. When that happens, they lock you out and keep your money.

Unlike your landlord, Paypal profits from eviction.

Because they have an ass-covering-oriented legal team who will say "the user was unable to legally agree to the terms" thefore we (PayPal) will be vulnerable if they were to do something fraudulent.
Why not ask accepting terms NOW or else account will be blocked on m/d/y?
Likely they didn't do this because of concern that a person could update their agreement to the T&C, then do something fraudulent, then claim the updated agreement was coerced because the person's livelihood was somehow attached to the PayPal account.
PayPal close user accounts on the slightest pretext. Often they keep the money.
(comment deleted)
> If a typical user wouldn’t understand the [user agreement documents], the consent that companies rely on for their business activities would be legally invalid.

I’ve not had time to read the GDPR, so this is news to me.* Especially surprising, because it’s exactly what I want the law to say, and I’m not used to that.

I’d also like that principle to apply to the law as a whole, but I appreciate that’s as much wishful thinking as hoping to read and understand the full source-code of everything on my phone.

* fortunately not my problem, family matters replaced the day job.

If agreement for a contract requires easily understood English, what does that mean for my mortgage?
I don't typically have my lawyer review the TOS of each website I sign up for, but I did have him review my mortgage. Everyone picks a different place to draw the line between careful understanding (or hiring out a review from someone with careful understanding), and just blindly signing on the dotted line.

For me that is somewhere between purchasing a tractor and purchasing a house. The point is the no sane person includes Netflix in the "needs careful review" category, but I sincerely recommend that everyone take their home purchases seriously.

Curious if you tried to change any of the boilerplate terms and if you did, how did it work out?
A friend of a friend changed the “we will send you advertising” into “we will not send you advertising”, then when the bank sent them advertising anyway they demonstrated that the bank manager had signed the changed document and therefore the bank was in breach of the mortgage contract and technically they could keep the house without paying for it.

For whatever reason, they then said it would be fine if the bank never sent them more advertising rather than actually trying to get a free house.

For a slightly more reliable story, Argakov v Tinkoff seems fun. At least the first round, the reports I’ve seen are a bit dated and further escalation and retaliation may be less fun.

Pity there wasn't a free house but I shouldn't be surprised. Thank you for sharing both stories.

That Argakov one is particularly spooky with the viable death fear. From the first hit I could find: “Our lawyers don’t think [Agarkov] will get 24 million rubles, but four years in prison for fraud. Now it’s a matter of principle for @tcsbank,” Tinkov added. ( from https://www.rt.com/business/tinkoff-bank-agarkov-credit-299/ )(empasis mine)

Oh boy. When the fight become principled it's time to fire the client xxxxx refer the client out to someone else

Legally, don’t know if GDPR applies to mortgages.

I’d like mortgages etc. (and insurance) to be forced to use easy-to-understand language: It’s basically life changing if a financial instrument goes wrong.

Why is obfuscating the intentions of a document in dense language most people can't properly understand a thing that's allowed to be upheld? They might as well write the damn things in Esperanto for all they're worth to most of the folks who click agree.
I can only think it must be analagous to why programs have a lot of features people don't understand or use. Git might be a case in point. Smart programmers think of every possible edge case and "what if" and try to cover all those things. The result is a confusing mess for people who just want to get the "happy path" work done.

Lawyers try to think of every interpretation and circumstance and try to be sure the agreement addresses those unambiguously. Ironically, the dense language that results is anything but unambiguous to the untrained reader.

Mildly pedantic complaint: Esperanto is actually easier to learn than many other languages so the analogy doesn't work.

  But I get what you mean.
Just like an underage person or drunk is unable to give consent, it should be illegal to coerce an average Joe untrained in the law to agree to a 50-page document filled with legalese, unless you pay for them to be advised by a lawyer.
When exactly did it enter the public consciousness that drunk people are unable to give consent? I feel if this is true, there are many drunken hookups that become questionable. I'm in my mid-30s, and I feel this concept wasn't really a thing in my clubbing days.
Obama's 2011 Title IX "Dear Colleague" letter was a big part of it, establishing the lowest standard of proof in claims of sexual assault on college campuses. Schools responded by saying, effectively, that if you have sex with someone who's had a drink, and that person later regrets it, regardless of what they might have told you at the time, you have no defense.

It's all ridiculous because universities have no competence in investigating or adjudicating such claims, but that's another topic.

So anyone who was in college in the past 10 years will have had drummed into their heads that there is no consent possible by an intoxicated person.

> So anyone who was in college in the past 10 years will have had drummed into their heads that there is no consent possible by an intoxicated person.

Which creates all kinds of weird outcomes when both parties were equally drunk.

Well, it would if logic were the overarching guideline on these topics.

As it stands, the male is presumed guilty on college campuses when both parties are drunk and he must then meet a draconian burden of proof to extricate himself from the situation.

At least, that has been my experience.

Your own ignorance of the law and unawareness of what constituted consent at the time does not reflect on the state of society at the time. It was always illegal and immoral to have sex with someone who was very drunk (at least, well before either of us was born). The line was and is not always clear, but there have always been clear cases (e.g. having sex with someone who has passed out or drugged is obviously illegal and immoral).

Similarly, legal contracts require a meeting of the minds, which requires that parties not be intoxicated. A quick search suggests such contracts are not void by default but are voidable.

You've never heard "alcohol is the most common date rape drug?"
nope, or at least I didn't back in my drinking days. it was just normal for people to get wasted and hook up. does that not happen anymore?
> If a typical user wouldn’t understand the documents, the consent that companies rely on for their business activities would be legally invalid.

I like that standard, seems to comport to the "meeting of the minds" requirement for a valid legal agreement/contract.

I totally agree. The terms and conditions, or some offering of them, should be available in the same way that quick start or full guides are - in a form that adds to the usability of the service. E.g. "when you upload a photo, ____ owns the photo, for _____ period, and may do a, b, c, and d with it"
The problem is that legal terminology doesn't always match conventional descriptions of what's happening.

Copyright is actually a perfect example of this. In order to send my photo over the Internet to other people who want to view it, you need much more than the legal right to display my picture. Sending a picture over the Internet involves copying, distributing, and sublicensing the image countless numbers of times. So any site with user-uploaded content will have something very close to (Imgur's for reference):

> With regard to any file or content you upload to the public portions of our site, you grant Imgur a non-exclusive, royalty-free, perpetual, irrevocable worldwide license (with sublicense and assignment rights) to use, to display online and in any present or future media, to create derivative works of, to allow downloads of, and/or distribute any such file or content.

There's no way the typical user will understand this, but that's not because it's obfuscated. The typical user just doesn't have the background to understand what all these rights are or why Imgur requires them. It would be severely misleading to write the literal meaning in layperson's terms:

> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.

I'm sorry, I don't follow why the plain English version is severely misleading, or couldn't be supplemented to capture the full extent of Imgur legalese. Why do you think this is the case?
> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.

But isn't it precisely what the legalese means? I mean, unless otherwise restrict by some law other than the copyright laws, Imgur can use those images for anything. The statement does not limits the use to "reasonable business activities". Why will it be severely misleading to write it that way?

It's precisely what the legalese means, and carries connotations which are absolutely nothing like what Imgur intends. They claim unlimited rights not because they don't want to be bothered to restrict them, but because the structure of the Internet makes it impossible to write a simple description of when copies will be made.

They could try going into detail:

> We can send copies of your image to anyone who, following standard Internet routing protocols, says that someone has requested to see the image and promises to forward the copy onwards to the original requester. Anyone we send the image to can also create copies themselves following this rule, and can temporarily store the copies as needed to make further copies.

But then neither the average Joe nor lawyers are going to be able to understand it.

> which are absolutely nothing like what Imgur intends

But how do we know this? If they intend something, they should write that down in the contract. I am having hard time imagining that their lawyers cannot draw a contract which waives only the copyright requirement for the purposes of image hosting and restricts the images from being used for other things. The principle of charitable interpretation tells me to believe what people/company write in their contract. In my opinion, the expansive definition in the contract is there to

a) Save their ass when they do something which does not seems kosher to the public.

b) Allows them to pivot to other use of the data which might have nothing related to their current business model.

c) It is cost effective to draw up the contract in this way, given the current legal system and its requirements.

Note that I am not saying that Imgur is doing something immoral or whatever. I am just saying that if they wrote down this

> When you upload pictures, you have to give us the right to make as many copies of the pictures as we want, modify them however we'd like, and send those copies to whoever we want anywhere in the world.

as the simplified legalese, that it is the current interpretation. I contend that the average Joe will have better understanding of the _current_ contract with the simplified statement. I also think that Imgur (and other services) will find money to draft a better contract if they were required to make a simplified language version.

Again, it'd definitely be possible to write a document more narrowly describing what they need a license to do. But that doesn't solve the problem. The updated version would be more readable for network engineers, less readable for lawyers, and still incomprehensible to the average person who just wants to upload a meme.
I agree with you. Though I do think that this is not an unsolvable problem with the right incentives. As I noted, the people at company X might be the best people at heart, but the current legal system does not encourages drafting of a contract that precisely (and easily) describes the terms being agreed between the two parties. This is not even a unique feature of contract law, the same to true to various extend for all branches of the law.

My gut feeling (of which I have no proof) is that the current legal system is costing more money to the society than is necessary. For one thing, it is decreasing the trust in the legal system, since people now (correctly) assume that in many facets of modern life, they are agreeing to things they don't understand, that they are giving up more rights than they should, and that there is no reasonable solution to this problem yet.

Some complication in the law is necessary since the world is a complex creature, but I think that the common person (say at least half of the population) should have reasonable understanding of the legal language. One way to approach it is to have a requirement for simpler contract, but I don't know if it is _the_ way to deal with this problem. I am not a lawyer after all. All I know is that something is broken, and if not fixed, will lead to more problem down the line. A system like this where no-one trusts nobody is clearly not sustainable. It's just not a good way to organize as a society.

"Hi. When you upload an image to imgur, we need the legal right to distribute it to other people. We also process your image to look right on different devices, which requires the legal right to modify your image. We promise not to distribute or modify your image beyond what we do here at imgur.com, and won't sell it to other people"

Seems easy enough to write.

>They claim unlimited rights not...

The reason doesn't matter if they are claiming those rights. So the given layman terms version is still true.

>”I don’t think the average person likely reads that whole document.”

This is my favorite quote in the whole article. Sums up the pompousness of the company quite nicely I think. This is one of the largest companies in the world. The quote could easily have been “we go to great lengths to make sure that’s the case,” or “that’s the point, grandpa.” At least it wouldn’t have come across as dishonest and cowardly that way.

That is actually quite honest. Do you read temrs for all services? Or do you read terms at least for most important services?

If you do, great. Many don't and just complain or are surprised when they learn what almost every service on the web does with his data.

OP is saying that it is actually the intent of the company that the end user does not read the ToS; it's an accusation that the quote demonstrates deceptive intent and therefore not honest in a way you haven't considered (in your response).
I assume Facebook has data showing how long each user stays on the T&C page before consenting or not.

I wouldn't be shy to conjecture that time elapsed before consenting is a very small fraction of the time it would take an average reader to get through, let alone comprehend the terms and conditions.

There is one thing I'm curious about. Imagine Facebook's terms stated: "We will scrape any and all information we possibly can from you. We will use it in any and all ways we see fit. You agree to never sue us for anything whatsoever. We also have the right to do whatever we want to your account for any reason we want. We can also add or remove anything from these terms at any time and for any reason we like without telling you, and with immediate effect." That is probably a fairly reasonable cliff notes of their actual terms. Would this actually deter anybody from using their software?

In other words, are companies piling on the legalese to protect themselves or to deceive users? Maybe I'm overly cynical but I think even those terms would not really stop any meaningful number of people from signing up.

>Martin Garner, an analyst at technology consultancy CCS Insight, suggests companies walk readers through their policies step by step. That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.

Merging t&c with settings... I like this idea a lot. Privacy controls with the agreement right there. You and the website clear on exactly what the relationship is.

Gonna bring this up during checkin today.

> That way they could opt out of selected provisions—limiting, for instance, third parties that can gain access to the data or restricting the kinds of information companies may stockpile.

Am I understanding this incorrectly or are you suggesting that we allow people to selectively opt-out of portions of a T&C document? Because good luck getting any legal department to buy into that whatsoever.

More like, it would look like this:

1. You agree to allow us to share your email address with 3rd parties (have useful targeted advertisements? y/n)

2. You agree to allow us to parse your messages internally (enable auto-reply suggestions in messages? y/n)

Something like that.

I mean I think there would still be "hard-coded" T&C, "standing order" type things you agree to just by using the app at all. Like, not uploading goreporn or something.

Of course company legal departments won't do that on their own initiative, however, they will help arrange that in a sane manner if the legislature forces them to do so.

The GDPR requirement is that companies will have to allow people to selectively opt-in to the portions of currently typical T&C documents which currently say that the user allows you to use their data for various purposes, or these portions will automatically be considered null and void.

This is already now implemented in a bunch of places - e.g. I got a mobile internet contract recently which involved being asked a bunch of questions about what private data uses I'd be okay with or not, and that resulted in customized/removed/added paragraphs in the agreement that I signed; but the other companies have still about a month until GDPR requires everyone here to do so or stop using people's data.

Disclaimer: I hate complex / abusive T&C's, and I'm keen to see them abolished. But...

It seems to me like we as a public are blaming corporations for our failures. As adults we're responsible for what contracts we enter into, except in cases of coercion.

99% of us were stupid enough to state that we accepted terms that we didn't even read. Especially in cases where the product/service was purely optional (Netflix, Call of Duty, etc.), I don't see how this is anything but our fault. IMO, we have not been acting as competent, responsible adults.

Should we change our laws to make complex and/or abusive T&C's go away? Absolutely. But are corporate lawyers the only flawed agents here? IMO, no.

> 99% of us were stupid enough to state that we accepted terms that we didn't even read.

I don't think that's fair. These things are written at a high reading level (worse than Beowulf: https://theconversation.com/googles-terms-and-conditions-are... ; https://www.creditcards.com/credit-card-news/unreadable-card... says credit cards require a reading level half the population lacks), with domain knowledge the vast majority of us lack. Reading them is pointless - even with a college education we don't have the information needed to detect many legal traps laid in these things.

They're also extremely lengthy, and generally "subject to change at any time without notice".

I agree with your points about the incomprehensibility and onerous terms of such agreements. And in cases of coercion or semi-coercion (e.g., it can be hard to get a job without owning a cell phone), I can understand accepting the T&C's despite those problems.

That's why I'm limiting my argument to other situations such as Netflix and video games. For those situations, I'm arguing that adults should accept full responsibility for choosing to accept those horrible T&C's.

(comment deleted)
250 hours: that is the number of hours required to actually read all the adhesion contracts the typical American is exposed to in a year.

https://www.theguardian.com/technology/2017/mar/03/terms-of-...

250 hours is a full man-month of time. Do you have a free month in your calendar to read contracts and do very little else? Nobody I know has that sort of free time. So calling people or their behaviors "failures" for not reading all contracts is an unfair, unrealistic expectation.

Even if all people started reading, fully understanding, and declining those contracts, they can be made longer so people stop reading them again.
Access to Facebook, Spotify, or Netflix is not a human right. These are private services offered by private companies who are free to offer those services on any terms they choose. It’s fine and completely understandable that you may not have time or cannot understand the agreements under which they may choose to offer you access. Your remedy for that is to not use the services in question. Your remedy isn’t to lie to them and falsely certify that you have read and contemplated them.
Bold words. Question: Off the top of your head, for what period of time may you make a claim or cause of action arising out of or related to use of Hacker News or its terms of use?

I'm just curious whether you've read and understood the terms of use for the site you're making these bold claims on.

(comment deleted)
Actually I have read them, back when I agreed to them many years ago. I don’t recall the specific detail you are asking off the top of my head, nor would that be a reasonable expectation of anyone. However, since I read and agreed to the terms and conditions, I know that a) such a document exists; b) that I can refer to it at anytime to answer such questions if I have them; and c) that I did not lie to Hacker News when I registered.

Can you make the same claim?

Adhesion contracts are not limited to social media and entertainment sites, and I suspect you are picking those sites to belittle based on the frivolity those sites' categories.

Adhesion contracts appear in banking, medical, and insurance contracts and yes, when you sign up for Facebook or Netflix. Yes, you can choose different services. Please identify a banking, credit card, brokerage, doctor, and insurer that does not have lengthy contracts.

The point is that they don't have to have short contracts. If you choose to use their services, then you should review the agreements, or at least not complain when they exercise their rights under those agreements that you falsely claimed to read.
The problem is the average adult doesn't get educated in the ways of contract law.

In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.

While everyone has the "freedom" to learn on their own time, it seems disingenuous to be able to legally bind people who honestly have no clue what they are agreeing to.

Also, from the tech perspective, UX demands that "onboarding" to a product be as minimally difficult as possible. Tech will ALWAYS give you the option to skip reading the EULA, and T&C because otherwise, most people would look at the terms being laid out and just say "Screw that noise."

You have a fundamental asymmetry which will be ruthlessly exploited.

If not by the legalese and banking on the user not understanding, then by the company just glossing over how skewed in their favor the terms are and rushing the user past the ugly bits to the custom designed addictive parts.

> In fact, I think this is a symptom of the fact that attorneys and legal practitioners are a "protected" class with a relatively high barrier to entry to basic education in their field.

There's essentially no barrier to entry to basic education in the field; there are classes on the basics in most undergraduate institutions (including community colleges)—corporations and contract law (plus elements of some other subfields) often under the banner of “business law”.

Availability of the class != assurance that every citizen has taken it and passed.

Furthermore, most tech companies don't even engage or give the opportunity to engage in the "negotiation" part of the contract forming process.A EULA or ToS document isn't a meeting of equals. It's a salesman rushing you down the hall telling you to sign, sign, SIGN!

In fact, if nothing else, technology has provided one of the finest examples of a cautionary tale with regards to a "delegatory" legal profession (a profession where legal literacy is contained to a specialized sub-population and where literacy of the full population in the intricacies of the legal system cannot be assumed). I'd be interested in seeing a chart of user accounts of major software platforms or providers at time of ToC/EULA change in order to run the numbers to prove it, but I have a hunch that due to arbitrary/periodic ToC/EULA changes, there is a possibility that the tech industry has generated more legal contracts that no user has bothered to read or understand than the entire legal profession has honestly brokered (I.e. ensured informed consent between both parties) in its entire recorded history.

Caveat emptor be damned. There is something fundamentally wrong with a system that could manage something like that.

Let's be real. You can't expect everyone to be fluent in legalese, just as you can't expect everyone to learn plumbing, masonry, electricity or carpentry just to pick the right contractor when remodeling your house.
There supposedly exists an ideal human, one whom every demagogue on the internet imagines must exist anytime any of a number of subjects is talked about.

This ideal human:

- Reads every terms and conditions agreement, and understands it, for every service they intend to use -- online and in meatspace -- or chooses not to use that service;

- Never drives even a couple of miles an hour over the speed limit or commits any of a number of other minor traffic infractions for which 90% of drivers swear they are never guilty;

- Has taken the time to educate themselves about the various backup strategies available and has selected the correct one for their needs (and read the T&C for it);

- Is aware of every applicable law in their local municipality and follows it to the letter;

- Is always on time;

- Always follows the latest health guidelines for sleep, exercise, and diet, no matter how many times those things change;

- Has taken the time to understand password security and follows all of the current recommended best practices (and has read the T&C for all the software they use for it);

- Always keeps their system and application software exactly up-to-date (always ensuring there is a viable backup first, of course, and restoring that backup as a test, of course, before proceeding with the update);

- Monitors their credit score and carefully follows sound financial planning advice and all applicable tax laws;

- Has learned nearly everything there is to know about their particular vehicle so that they can't be taken advantage of by shady mechanics;

- Always uses whatever pronoun is appropriate for the individual they're addressing.

I have never met this person, but they must exist, because if they didn't, people would start behaving as though all of these expectations, altogether, are totally unreasonable.

I kind of wish this person didn't exist, so we could stop talking about them and instead start talking more honestly about some of the challenges our society faces.

This is much like the illusory rational economic actor, or the imaginary private property rights that libertarians insist must exist without a government with laws (and weapons) or [insert alternative that possesses weapons and you hope is benevolent]. All of these ideas share a common theme of seeking an easy intellectual shorthand, an oversimplification, and being unwilling to engage in the messy chaos of reality and humanity.
Humans are very flawed. If a person sends out thousands of bill looking letters (writing in fine print that its an offer), some will just pay without looking. Adware that infects machine and inject harmful code is being presented as free games, quiz, or antivirus and those get installed. Others will get called and accept unnecessary deals, with some elderly people pilling up multiple subscriptions. Those are just the grey legal areas, as then we have the world of direct lies, fraud and scams.

People are flawed or else 99% of the illegal activity in the world would not work. Competent and responsible adults can still be tricked, fooled or bamboozled. T&C are however useally about stuff that has a $40 price tag rather than $200k car, so there hasn't been much pressure to create laws to make it fair. There is also the aspect that when T&C get into the courts the legal system has been rather skeptical about the unbalanced terms and if it can ever been said that the consumer has had informed consent, so it usually sort it self out without political intervention.

> 99% of us were stupid enough to state that we accepted terms that we didn't even read.

It’s not stupid. It’s a smart, savvy practical decision. There’s not much reward for investing the time and effort to read and understand TOS which are not easy to parse. Plus we don’t have much choice. For the nontechnical user there simply isn’t an alternative service in most instances, much less one with a less onerous TOS.

I think this is using an overly simplistic blame/responsibility model and if we don't want to have more problems on our hands, we really need to change it.

> 99% of us were stupid enough to state that we accepted terms that we didn't even read.

Well, here's the thing, if 99% of people do something, what's going on here? That's an extremely high rate. Surely if this was a normal choice, there would be a large dissent group? 20% at least? This doesn't sound like it was a real choice.

And consider how it plays out. If choosing the right way is a highly unusual action (1%), and you make this a personal responsibility thing, for any given T&C you cannot use the program. Both because they're too long to read and because you can't agree with them. No phone, no internet, no bank accounts, no entertainment. Since choosing this way already makes you highly unusual, this all just effectively cuts you off from society.

People cannot be individually responsible for mass behaviors. It doesn't really work. Mass behaviors are managed by memetics, which is a higher level force that only specific individuals, or groups of individuals, can actually manipulate.

So I disagree with you entirely. If anyone is responsible for the 99% T&C acceptance rate, it's pretty much never going to be individuals. If we do try to select a person or a group of people, it would be people who manage media and marketing, since memetics is their job.

Thank you.

Is this a fallacy with a established name?

("nobody is doing it right but it's obviously must be their fault")

People do this with programming languages as well.

"haha everyone's making stupid mistakes using this language .. it can't be the language so we should blame the people"

B2C contracts are not contracts between equals, and it is as foolish to apply the same standards to businesses and consumers as it is to treat pedestrians like automobiles for purposes of traffic law. The reality is that businesses can afford lawyers to spend time on a contract they will use with a million consumers, but the consumers cannot afford lawyers for the hundreds of B2C contracts they are presented with in the ordinary course of life.
I would say accepting that we are flawed agents is pretty much the point.

If people are, in fact, acting stupid some of the time, prone to fall for certain persuasion tactics and subject to biases and common fallacies, then maybe a rule such as "as adults we're responsible for what contracts we enter into, except in cases of coercion" simply doesn't cut it.

One thing I’d like to see outlawed is forced arbitration. Waiving someone’s right to a lawsuit is just wrong and only serves to benefit the company.
What's even more odd, is that in some cases the company gets to select the arbitration company (and repeat business is based on outcomes).
They're outlawed in some countries, notably in Europe.

EU rules presume pre-dispute arbitration clauses in consumer contracts are invalid. France and Sweden completely prohibit consumer arbitration in certain cases. Germany won't enforce a consumer arbitration clause unless it's in a separate, signed document or part of a fully-notarised contract.

Lots of information available at https://www.hausfeld.com/news-press/mandatory-arbitration-in....

As another example, Quebec has similar rules for consumer contract. They also forbid contracting for a different choice of law, and unless through a notarial act (in the civil law sense of notary rather than common law notaries public), also forbid stipulating a different domicile to avoid the jurisdiction of their local courts.

Just like with your European example, none of this applies to business-to-business contracts.

I was amused to read recently that, thanks to having an ancient Yahoo! mail account, I am now subject to binding arbitration when I have a disagreement with a Yahoo! spinoff called "Oath." Also, I cannot participate in a class action or jury trial. That should work out well for me the next time they leak all of their user data.
Yep I saw that too- and I still use them b/c of stuff I set up a decade ago. I'm just not sure it's in fact worth the trouble to change (they are Verizon now).
And contracts that forbid people from joining class actions.
If I walk into a McDonald's, I wager that the social normality requirements and laws that permit my access there and permit the owner to legally throw me out is longer than the 50,000 words cited in the article. However, I fully understand enough of them that I'm able to transact the purchase of my hamburger and leave. All the rules there are in the owner's favor, and very few are in mine. I'm not trying to be reductionist, I understand the backlash, but there is no inherent right to use PayPal.
I don't remember having to read and sign a license the last time I bought a hamburger from McDonald's. Has that changed?
You legally entered someone else's property, which is governed by many laws.
At a really high, generalized level (with contract law being a subset), I think the legal system (and in many ways society in general) has yet to really get a grasp on the concept of resource exhaustion attacks. We all know about DDOS as it applies to digital systems, but individual humans and the social systems we make also all have actual, hard limits on how much information we can possibly process, store, and communicate/move around. A lot of the foundations of law and debate date back to long before we entered the sharp part of our current information production J-curve, when it was much more possible for a single human to be more generalist and it was simultaneously simply more difficult and expensive to pump out hundreds or thousands of pages of contract and law. But those days are past, and at some point, to the extent we want (and we should want it) law to work for humans, there need to be actual principles around the fact that if something exceeds the time/memory/intelligence a human could reasonably apply to it then it shouldn't matter if "they could in theory". Let alone if they really couldn't, even in theory (not enough seconds left in their lives). Organizations may be able to act as superhumans here, able to subdivide work and specialize towards a single goal, but for regular actual humans resource cost should be a fundamental consideration of legal validity.

I'd like to see this improved for both sides of the equation though FWIW. I agree that as a user/consumer, the EULA/TOS situation is intolerable and that there's a lot of sketchy or outright bullshit stuff in many (maybe most) of them. But I do think some of the contents are also genuinely guarding against liability that frankly really just shouldn't exist by default either. If someone writes up some software or makes a service and just puts it out there on the open market with no promises, they shouldn't need any sort of contract at all saying they won't be liable if it's used for life-safety critical applications for example (EULAs/TOS are full of this, right up to "this is not for nuclear reactors you fucking idiot" clauses). The law should provide for minimal basic standards and simple money-back guarantees for lack of performance, but just as users shouldn't have to read a 50 page EULA that somewhere buried within tries to take lots of their rights and lay claim to as much of their information as possible and such, so should developers not have to worry about being sued because there was a bug unless they've actually affirmatively promised there wouldn't be a bug. Major liability should tie into things application promises and SLAs, which would be more generally negotiated between entities who can reasonably handle the increased information and legal complexity and think it all through.

I do really hope we see some standardization all the way around. It seems like there could be some real win/wins in this area, and that it's not necessarily that politicized either.

The really scary part is that any form of democracy itself rests on a similar assumption. Time, human attention, and learning capacity are all finite and no longer map well at all to an abstract, unbound ideal of civic responsibility or awareness. Other countries seem to interpret contract law differently as well. https://europa.eu/youreurope/citizens/consumers/unfair-treat...
I've been thinking of writing my own Terms of Service for my cryptocurrency-related web startup -- with plain and clear language that the average person should be able to understand. Several people have advised me that this is a horrible idea and that I should enlist the help of a lawyer to write it instead.

Some things I want to protect myself against:

- People suing if they lose their private keys and are no longer able to make transactions

- People suing if they forget their passwords and can no longer access their email they signed up with to do a recovery.

- People suing if they lose their 2FA code and can no longer access their account

- People suing if a bug in my software causes them to lose access to their account or coins

- People suing if I decide to close down my service (I will give 90 days notice --- or maybe more, haven't decided yet) and did not deactivate their accounts.

Basically trying to protect myself for anything that is not fraud on my part.

Seems like most people here are pro-"short and sweet" ToS -- what do you think about writing it myself?

> People suing if a bug in my software causes them to lose access to their account or coins

Everything else sounds pretty reasonable, but this doesn’t. If you cause someone harm, you should expect that they will attempt to recover damages from you, regardless of what your T&C says. I cannot fathom why you think you should be protected against this eventuality. Buy insurance instead.

Regarding your question, notwithstanding the hand-wringing on this page, a given T&C clause tends to exist because someone has been sued over the matter being clarified. If the law specified each point, or if society were less litigious, these clauses would not be necessary. But this is not the case. I think you would be a fool to risk your company’s wellbeing to satisfy the whims of uninformed HN commenters. Almost all of them will blindly accept and be bound by your T&C regardless of their stated beliefs on this site, and, even if that were not the case, they are a tiny, unrepresentative slice of your market.

Fair enough. I guess this is why I should get a lawyer involved! I was assuming there was some distinction between accidental negligence and fraud as far as what could be protected against.
why shouldn't the customer be able to recover damages from you if you had an accident, or were negligent? they were paying you to take care of this stuff for them. if they wanted the risk of accident and incompetence, they'd just do it themselves.
Does that draw any distinction between paying and non-paying customers then as far as their rights? I see tons of "you assume all risks" sorts of Terms of Service, but I have a feeling those are likely just there and don't do much.
Is this a standard you would like to be subjected to from someone who is responsible for your money? For example, if your bank, through an accidental, non-fraudulent error, allowed a criminal to extract your account’s entire value as cash, do you think they ought to be able to defend themselves by saying they did not commit fraud?
You should never write a contract yourself unless you are a lawyer. There's a case law which usually involved, and if aren't careful, you might have big problems.
But it seems like getting a lawyer involved is exactly what leads to these complicated Terms of Service. I would have to find a lawyer who agreed to significantly dumb down the Terms of Service, which I would suspect they would be opposed to -- I mean they are writing these things like this for a reason, right?
They write the thing the way they are written because likely there was a case where simpler language lead to the company losing in court. There's also a principle Contra Proferentem, that intreprets all ambiguities in favor of the non drafting party, so the drafting party should be extra careful and write all this pesky legalese.
There is no reason why terms should not be written in plain English and indeed under European consumer protection laws, you should be writing the terms in plain English because it means the user has a better chance of understanding them, and (regardless of the first part) you have a better chance of enforcing them should the need arise.

Please be aware that not all lawyers are the same and you can find many who will be more than happy to write a set of terms that are in plain English, ambiguity-free and protect your company against any areas of concern that are legitimate for you to protect against.

PayPal is a company that just needs to go away. They screw people out of their money left and right. And for the cherry on top their ui is complete garbage
I see a lot of people talking about Terms of Service being too long. This is a problem for governments as well: How many laws do you think apply to you right now? How long do you think it would take for you to understand exactly what you can and cannot legally do? Do you think the average police officer, or even federal agent, has a full understanding of those laws?

I hope that this is a problem that we can fix in the future.

Sure, we're covered by many laws, but also many rights--the right to fair trial, the right to legal representation, the right to petition the government, and so on. If a law is poorly or vaguely written, it can be challenged on those grounds--many laws are tossed as unenforceable.

But when you click on a user agreement, there's no negotiation or possibility of redress. Take it or leave it, and they just cut you off if they feel like it. The comparison to laws is nonsense.

True of legalese in contracts, but also Law in general has multiplied like Gremlins.

Hammurabi's code of laws, was written in common language, and was brief enough every subject could understand them.

It makes no sense that we should be subject to a volume of law that we could never even read, let alone understand.

Musk is correct in insisting that laws should expire, and it should be easier to remove a law than add one. Minimum Viable Law.

Long ago lay people had no idea what the bible said because they could not read Latin. Well lawyers are the new priests, legalese is the new Latin.

> Hammurabi's code of laws, was written in common language, and was brief enough every subject could understand them.

While laws being written in common language sounds like a good idea, common language is open to lots of ambiguity and loopholes. Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?

> Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?

But in practice, it's the opposite. Law is full of ambiguities and loopholes. That's why we hire lawyers-- to find ones that work in our favor.

Funnily enough even the tightest drafted legalese is actually often subject to a range of ambiguity and loopholes. I feel it can be a quality inherent in certain language regardless of whether it's plain English or legalese, particularly if there is money at stake in injecting a degree of ambiguity into the language (which is what I'm paid to do!).

Overall, if done correctly there should be no issue with expressing the parties' intentions in plain English rather than using dense legalese. It's something I strive to do every day in my job for sure.

Of course I agree with your general point about laws being drafted to be precise and narrow, it's just that using legalese doesn't always secure this objective. Sometimes it's just clear that the draftsperson was having a bad day.

I agree. Wittgenstein had much to say that is relavent here, although he is referenced far more than he is read (unfortunately).
The society became much more complex since the Hammurabi's code. You argument is similar to people's who say that programs are over-engineered, and should be much simpler. There's some over-engineering but the main cause is that the world becomes more and more complex.
> Shouldn't our laws, in general, be written to be as precise and narrowly defined as possible?

But they aren't that either.

There will always be more diversity in real life than on paper. You can't predict everything that will ever happen.

The real problem is structural.

We have a set of laws and if they're overly broad and prohibit lots of things they shouldn't, nobody really notices because prosecutorial discretion is a thing. As long as prosecutors mostly don't charge honest people with the overly broad laws, nobody gets up in arms to fix them even though everyone is in violation.

On the other hand, if someone does something unpopular and there is no law against it -- or there is a law against it but there isn't a law specifically against it and Something Must Be Done -- then we get a new overly broad law.

Laws get added but never removed, and each one prohibits more than it should. Over a hundred years of this and you get Three Felonies A Day, the only reason everyone isn't in prison is prosecutorial discretion, and lawyering is an exercise in figuring out which parts of which laws you actually have to follow to avoid being prosecuted without ever admitting that that's what's happening.

As possible? Of course; nobody can be against that, but people will disagree about what’s possible.

I don’t think that means they should be more narrowly defined than they are now. That would mean a permanent weapons race between those finding and exploiting loopholes and the government, with those having access to the smartest lawyers (= the richest) staying ahead of the law.

For example, if “income” would be restricted to money received in exchange for services, companies would start paying in goods, for example by providing “free” housing, cars, etc. if the government includes such things in the law, companies could start paying out in gold, rather than money. When that gets included, companies could sell special (extremely cheap, no voting rights, must sell when leaving the company) shares to personnel, and pay most of the salary in dividends. That list is endless. Companies could start operating under the flag of Liberia, claim that they don’t pay you for work done, but that they charge you for the use of their machines, and that you sell them the stuff you made with them, etc.

> It makes no sense that we should be subject to a volume of law that we could never even read, let alone understand

Why does that not make sense? The law must cover everything from "dont kill certain species" to "don't commit this very specific type of fraud". Society is so advanced we need more laws. Of course Hamurabi's code was short because it didn't need to stop investment bankers committing fraud or voting laws to prevent racial bias or workers rights etc etc. Certainly there are improvements but you will never fit it all into one short book that a layperson could read.

The garbage part is not that there is a large volume of law, but that the law is made even larger implicitly through a system of historical precedent without being explicitly updated to reflect those changes.

As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.

>As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.

Another easy example in the opposite direction is how case law has substantially diluted the meaning of words like "infringe", "unreasonable" and "excessive" in amendments 2^1, 2^2 and 2^3.

As an easy example, the commerce clause in the US constitution has come to mean something that no layman would ascribe to it.

Any support for that statement?

I think you would be hard-pressed to find a layman who, when presented with the commerce clause, replied that he had inferred the Dormant Clause [0] or Civil Rights Act [1] from it.

[0] https://en.wikipedia.org/wiki/Dormant_Commerce_Clause [1] https://en.wikipedia.org/wiki/Civil_Rights_Act_of_1964 - "... principally its power to regulate interstate commerce"

I dunno. Seems pretty straightforward to me. Commerce among the states is Congress's domain, so state laws can't unduly interfere.
Its also been interpreted by the courts to mean that you cannot grow crops you consume yourself, because you would have purchased the crops otherwise and are affecting interstate commerce.

Whether or not you agree with that interpretation, it would take some willful ignorance to say that the plain text reading of regulating interstate commerce means you can regulate all commerce because you might have bought something from someone otherwise

Wheat grown by a farmer for his own consumption, not bought or sold, not carried across state lines, can be regulated by Congress as it affects "commerce ...among the several States."

See Wickard v. Filburn.

If you don't want to look it up but still want to understand it, the gist is that by growing your own wheat, you're not buying wheat from farmers, which lowers the price of wheat that may be grown by out-of-state farmers. By growing your own wheat, you're impacting inter-state commerce.

At least that's the logic of the court.

This is the sort of loophole that allows it to apply to everything. By going on a date with person A, you reduce their willingness to spend money on certain products associated with people who don't go on dates, and increase their willingness to spend money on certain products associated with going on dates. Therefore, the federal government can make laws about who you date, and dating becomes considered a commercial venture (so freedom of association wouldn't apply, same reason freedom of association doesn't allow people to bypass minimum wage laws).

This is stretching the law beyond any reasonable interpretation, done so by the same government who gains a lot of power by doing so.

Seems like a poor conclusion.

If a started a business that picks peoples noses among multiple states, would Congress be able to regulate nose-picking by individuals on their own private property?

> Certainly there are improvements but you will never fit it all into one short book that a layperson could read.

However, the law could still certainly be shortened and simplified. The GDPR is written in plain English.

Yet GDPR is so vague that most companies I talk to about it have each taken very different things from it. "Except as required for security purposes" is a big exception.
It's not as big exception taking into account that the requirements are not about pieces of data that you can get and store, but about particular uses of this data.

If you previously had some private data in your core databases that you used for all kinds of things, finding an exception that allows you to store this data for security purposes doesn't allow you to continue business as usual - it won't permit you to use it for marketing purposes, for example, just as an exception that allows you to require and store some data that's needed to execute the service won't permit you to sell that data to third parties as was common practice earlier - for that you'll need to (try to, likely unsuccessfully) obtain the user's consent.

Traditional legalese has plenty of ambiguities, they're just hidden behind obscure language.
Laws are not meant to be an exhaustive blacklist. If they were we wouldn't need juries, judges and lawyers. Laws are rules of thumb that make it efficient enough to enforce a society's moral code to the point where it can be done at scale.

There will always be exceptions and details argue over and ultimately you need a critical mass of society to agree to abide by them to a great enough degree.

Expecting any reasonably non-homogeneous society to be able to agree on where to draw lines what constitutes bad behavior in anything other than the obvious cases ( murder, theft, etc) is naive. Expecting laws to cover the vast majority of bad behavior is naive. Expecting to be able to enforce that theoretical set of laws is naive. Expecting to enforce those theoretical laws without creating something akin to 1984 is just insane.

Do you believe that the law is infallible?
Do you think allowing programs to be specified in plain English is a good idea?

We have "legalese" for the same reason we have programming languages. Terms have specific, sometimes slightly different or more narrow meanings to promote better understanding of intent in languages meant to specify a set of rules.

Specifying laws in "plain English" makes about as much sense to me as programming in English. You'll quickly find that for all but the most trivial of things the ambiguity of the language works against you.

> Do you think allowing programs to be specified in plain English is a good idea?

The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.

That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.

(comment deleted)
> That I write my code in brainfuck is of no consequence to someone, unless that brainfuck is potentially going to incarcerate them.

If you write software to control medical equipment in Brainfuck, it's potentially of consequence to a great many people. Same for autonomous driving routines.

Trying to make things clearer is a good cause. Expecting that everything can be made clear enough for the average person is a fool's errand.

Do we expect the circuit layouts of CPUs to be understandable by everyone? Because we are surely affected by those, in very many aspects of our lives.

Do we expect the full engineering and aeronautics behind an airplane to be understood by everyone? Everyone who flies puts their lives on the line based on those principles and the engineers getting it right.

Do we all expect to understand the numerous ways in which our bodies can get hurt, or interact with chemicals, or develop diseases? We trust doctors to figure out the complications there.

In each case, we've trusted domain experts to sort through the very complex topic and distill the knowledge into a useful form for us. In each case, we also generally know a core amount of the topic to help us navigate the everyday portions. CPUs work by providing a very low level core set of instructions that can be followed. Airplanes work through thrust, airflow and lift. Our bodies deteriorate over time, and if we put bad stuff in, they don't do as well, and some common diseases are known (cold, flu, etc).

The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.

Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.

(comment deleted)
> The law is no different. There's a core set of things people are aware of. As things become more specific, or a problem happens, we call in domain experts to help.

Using Brainfuck is an extreme example but you're taking it to its logical conclusion - off a cliff.

The difference is, the law affects and is applied to everyone. Contracts can and do affect the average person. However, only a domain expert has do deal in code.

We do not expect or require a normal person to read a 5,000 LOC piece of software, or risk giving up rights to participate in everyday society.

> Expecting everyone to be able to read all of the legal code will never happen, nor should it happen. It's expecting too much out of the average person, and would also require the law be dumbed down in ways that were detrimental to it's interpretation.

I'm certain we can put together a reasonable "tl;dr" requirement for contracts targeted at the layman, e.g.

"""

- You may use this application (See: Section A)

- You will pay X per month (See: Section B)

- Late fees may apply (See: Section B, Sub-Section 2)

- We may collect user data (See: Section C)

- We may sell user data (See: Section D)

- We reserve the right to update the terms of the service (See: Section E, Sub-Section 1)

- We reserve the right to cancel service for any reason (See: Section E, Sub-Section 2)

"""

Make the tl;dr non-binding so long as a reasonable person, a typical legal standard, would understand the legalese to have the outcome.

One need not write a "literate contact," nor abandon all of our legal history, terms of art, etc. to improve things to make them more approachable for a normal user.

I have absolutely no problem with trying to make legal documents, contracts, TOS, etc more readable by providing additional information. I just think the idea of replacing what we have with something more like regularly spoken English would be problematic at best, because a lot of the problems we have with interpreting the law are because it's so close to an actual spoken language, and Human languages thrive on ambiguity.
> The difference is that one is expected to consent and be beholden to something they could not reasonably understand without paying a large amount of money to a specialist.

I've found that this is generally less true than I imagine it to be. A lot of law is not actually so difficult to understand. Legalese is still English, and Google is great for figuring out the odd meanings of certain terms of art.

Most of the exceptions I've come across (e.g., buying a house) are IMO actually intrinsically complex transactions. I could undestand, but it'd take so long. And the time taken would happen even if we only had the laws we needed and all those laws were written in plain english. In software terms, lots of essential complexity.

Going back to the article, the problem with Facebook's terms and conditions is definitely not understandability -- see https://www.facebook.com/policy.php. The average high schooler could understand. The problem is people caring enough to 1) find, 2) read, and 3) inconviencance themselves if they don't like the policies.

I beg to differ.

> Waving a 2-inch-thick printed version of the social network’s user agreement, Senator Lindsey Graham quoted a line from the first page, then intoned: “I’m a lawyer, and I have no idea what that means.”

1) Two inch thick I've read some pretty long books in my time but that takes the cake. Most people these days don't even have enough attention span to read a complete internet article. How do you expect them to plough through hundreds of pages of legalese?

2) “I’m a lawyer, and I have no idea what that means.” Do I even need to say any more?

You can simultaneously believe that

* FB is doing their absolute best to make sure no "user" understands what they have agreed to

* writing the law in "plain english" is the stupidest thing I've ever heard of in my life. See the multi million dollar lawsuit this year about whether a missing Oxford comma changed wage rules for a class of truck drivers. Any attempt to write law in plain english introduces giant ambiguities [1].

[1] https://www.nytimes.com/2018/02/09/us/oxford-comma-maine.htm...

That law you cited was not written in "plain English." It was Maine's legal code. And it was ambiguous.
And plain english would have made that better?
Easily.
In the sense of introducing far far more ambiguity and making the law incomprehensible, yes.
You obviously didn't look at the law you are speaking about.
> FB is doing their absolute best to make sure no "user" understands what they have agreed to*

But before making this argument, one should go read FB's ToS and data policy. Here they are:

https://www.facebook.com/terms.php

https://www.facebook.com/policy.php

Where, precisely, is the bit where they steal data from my phone about sms and phone calls?
> Where, precisely...

Right here, clear as day: "We collect information from or about the computers, phones, or other devices where you install or access our Services, depending on the permissions you’ve granted"

Also notice that if they have that data, you explicitly gave permission to access phone/SMS data in the app install process; i.e., you granted those permissions.

> ...steal...

Again, that's the problem! Facebook didn't STEAL that data. They took it with your permission. And they were actually very clear in their policies about the fact that they could take pretty much anything you gave them device premissions to access.

This is NOT a "users can't understand legalese" issue. It's very clear from the above sentence in the data policy that Facebook has the right to record arbitrary shit off of your phone/computer.

This IS a "users don't care and don't have any data clawback rights" issue. Or perhaps a "users are too trusting" issue. But any high schooler could interpret the above sentence as meaning that Facebook does, technically, have the right to collect any information from your phone if you give device permissions.

The distinction is important because it determines appropriate solutions. The solution is NOT making ToS easier to read. The solution is stronger consumer data rights (aka a mechanism to clawback data after the fact) and better consumer education (aka be paranoid)

If you think that merely making ToS easier to read and understand will substantially change consumer behavior, you're in for lots of disappointment.

No, it's not clear at all, and wasn't clear to virtually anyone who agreed to it.
Care to propose a rephrasing that's more clear? If the average person can't understand the meaning of that sentence, the only real solution is to improve K-12 English teaching.

> and wasn't clear to virtually anyone who agreed to it

Virtually everyone who agreed to it never bothered to even try to read the policy in the first place. So, really, what difference does that make?

Again, the fundamental point is that chasing ToS clarity/readability/length is a losing battle. The majority of consumers don't care enough to read, no matter how simple you make things. Improving this metric won't make a difference. This issue is a red herring. Focus efforts elsewhere: consumer education and consumer rights.

Facebook terms of service: https://www.facebook.com/terms.php

Facebook data policy: https://www.facebook.com/policy.php

I agree Lindsay Graham is a skilled orator and politician. But if he blew up the font size until those pages required two inches of 8x11 paper, he must have just terrible eyesight ;-)

Also, neither of those documents is terribly difficult to understand. Like... where, specifically, is Graham getting horribly confused?! Point to the concrete line in one of those two links that requires something beyond a high school education!

Now, I'm sure there's nuance I don't pick up on. But I definitely feel I can understand the ToS and privacy policy without consulting a lawyer.

I don't think some of the terms are fair. But that's a consumer rights issue, not a "legalese" issue.

More generally, on two occasions I've had to get in front of a real judge in a "real" courtroom and make an argument based upon some written piece of law I had to look up and interpret myself. In both cases, I was able to successfully convince a judge that I was on the right side of the law without the help of a lawyer. I'm certainly not saying that's always possible, but I do believe there is a lot of "learned helplessness" when it comes to digging through legeal code or contracts and reading legalese. It's a PITA sometimes, but in many many cases it doesn't require years of training.

I wonder if it would be possible to create an AI that, given a legalese text, could output comments for each fragment explaining and showing examples of what it means. Now that I think about it, wasn't genius.com doing something like that but using crowdsourcing instead?
Privacy policies actually use this as a rhetorical trick to confuse users. E.g., they'll say stuff like "we may collect any device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for any other business purposes. Examples of device information include: [insert list of benign things]"

Or, to put emphasis on the important things:

"we may (read: WILL) collect ANY device information you give permissions to access to do [reasonable thing A], [reasonable thing B], or for ANY other business purposes. Examples of device information include: [insert list of benign things you should totally ignore]"

But here's the problem with the "AI tell us all" approach. If you use ML to mine examples from existing policy texts, you'll end up showing the user all of the benign stuff that the companies put in to reassure users, because that's what the corpus contains. Therefore, your AI will emphasize exactly the wrong types of examples.

Also, notice that this isn't even a legalese thing. There are no legal terms of art or long-winding difficult grammatical constructions. It's just plain old good rhetoric. And it's hard/impossible to legislate away persuasion.

I always found the language in RFCs better than legalese. Just the fact that they specify up front what the words must, shall, required, etc mean makes it less ambiguous. I feel lawyers use the ambiguity of language to bend the law in the way they need at the moment.
Exactly. If the precision of the language of law was working we wouldn't need to fight over it in court. Our new tax code hadn't been read by anyone who passed it- and, as an accountant explained to me long ago- we won't know exactly what it means until we get to court.

Even if a reset is unsustainably simple, it's time for one.

Even if the law worked mechanically, we still need to argue it in court, since the law cannot encode the complexity of the real world anyway. It is perfectly reasonable for someone to break laws, so long as they have sufficient justification for doing so.

For instance, you won't be guilty of violating a law if you are coerced to do so, and the court still needs to evaluate what level of coercion you underwent, and that fundamentally requires human empathy.

The law is not meant to be employed mechanically. It's there to make society more efficient when handling the easy cases.

Courts would be the debuggers/testers. And their findings would need to be integrated into the legal code as they happen.
The problem is when it gets complex it redefines what should be the easy cases.
> We have "legalese" for the same reason we have programming languages.

The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.

"Legalese" is a programming language that allows unsafe pointers. It's compiler not only permits but encourages the use of preprocessor directives to redefine variables and operators. Everything is globally scoped. Nothing is protected. Everything can be overridden. Multiple inheritance is expected.

Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".

> The intended purpose of "legalease" is to eliminate ambiguity and to clearly outline terms and conditions, however it's often used to introduce ambiguity and obfuscate the actual intent of terms and conditions or to redefine existing known and understood laws.

Brief plain English would be about as bad. English with similar verbosity would be much worse. Obfuscating meaning in colloquial English is so trivial it happens on accident when communicating through text on a regular basis.

I'm not arguing that legalese is good, I'm just arguing that it's better than English, specifically because terms have been carved out over time to mean very specific things when used in a legal contract, and that provides for less ambiguity. It does require foreknowledge, but so does every sufficiently complex topic.

> "Legalese" is a programming language that allows unsafe pointers.

With regard to clarity, if legalese is C, English is dictating pseudocode to someone else who is translating to assembly on-the-fly.

> Pretty much everything we advocate against in a programming language is permitted and encouraged in "legalese".

So let's make it better! But coming up with a more specific legal language will require even more training to understand than is currently required, and that's the opposite of making it easily understood by the average person.

My own comparison would be that Legalese is like Perl. It is familiar enough that most laypeople can look at it and get a good idea of what's going on, but it's definitely easy to write in a way that is nigh incomprehensible, either by accident on on purpose. In addition, the familiar appearance of the language hides some advanced conceptual differences that bite the unaware (context in Perl, specific meanings of common terms in legalese).

A new version of legalese might be more akin to Rust or Haskell. Very specific, very exact, but it requires much more up-front learning to understand exactly how everything works and what it means.

In other words, the learning curve would be steeper but the dividends paid for learning it would be greater.

Extending the source-code analogy, a lot of legalese needs more comments saying what the code is supposed to do, so that when a problem arises the legal system can actually debug it and better determine what raw code is is accidental or deliberately-misleading.

Unfortunately some of those comments are never made, or are separate READMEs and not systematically tracked alongside the code itself.

That’s a very interesting idea. I feel like the next logical step after that would be unit tests.
I agree, "write-only" Perl is perfect analogy
But code allows for Plain English: Comments. And nobody writes code without clear comments right? Right? Dear god please tell me you people aren't doing that!?
Depends on what it is and how complex it is. Depends on how explicit the variables and functions can be named. Depends on whether the thing I want to express is a how or a why or a how to use. Depends on if it's a public API or an internal helper used in one place with an unambiguous name. Depends on whether the audience are first year CS students, 50 year old business majors, senior developers with years of experience, or all of the above.

Always do X, never do Y rules are rarely helpful.

Does the comment here really help with your understanding of the code? If you're just now being exposed to programming then it's not enough detail, if you've been programming for 20 years it's far too much noise.

    // Assigns the value of the expression 4 + 5 to x
    // where 4 and 5 are integer literals
    // and + represents the mathematical process known as addition.
    // This allows us to later refer to x by name, where it will be replaced by the value defined here.
    x = 4 + 5;
Without getting too spicy here: What I was saying is that comments allow for people to provide "plain English" context to their code by giving a summary of what the code does, something that most contracts don't do. I was trying to point out that the example OP was using is a flawed comparison.

Code comments are typically written for whoever they're written for. I understand that"Plain English" might be a 2 sentence summary, a line by line review of each step, or a 3 letter reference to a common phrase, but it doesn't change that you have a tool available to you to provide summary context for potentially confusing or complicated pieces of logic.

I was also making the joke that if you're writing extremely complex pieces of code and not providing some kind of comment to accompany it in a setting in which that code, you're probably doing it wrong.

Some people should do some things some of the time, and other things never, but not always. Things can include writing comments for code. fixt

We use programming languages for tasks that do not require human judgement.

If using your product requires the detailed understanding of a standard EULA, my judgement is that I would not like to use your product without training. Think of all the details in those paragraphs that I might mess up!

But using these products does not require the detailed understanding of a standard EULA. It only requires you to click 'I Agree'. The EULA is not there to inform the user, it is there to ensure that your exploitation of them will not be punished when they find out.

Legalese is not what you think it is, it contains perhaps even more ambiguity than plain English in many cases. As often as not legalese circles around the matter rather than addressing it directly and clearly.
(comment deleted)
The issue is that the law is something everyone must live by or face dire consequences. Given this, is it better to have programming for law that is specific but which only few can use (and normally to their advantage), or to have a more ambiguous medium that is accessible to the majority?

The ideal, a specific language everyone is proficient in, is best, but it isn't possible.

Our Plain English development system - unique interface, simple file manager, elegant text editor, hexadecimal dumper, native-code-generating compiler/linker, and wysiwyg page layout facility (for documentation) - 25,000 sentences, is hardly a trivial application. Yet we wrote it, conveniently and efficiently, entirely in Plain English. And the "ambiguity" of the language actually helped.

In Plain English you can, for example, say "Clear the screen" or "Erase the screen" or other similar phrases and still get the same result. So we could type our thoughts the way we happened to be thinking them at the moment, and didn't have to remember (or look up) the exact syntax of the routines we wanted to call.

The instruction manual is here:

www.osmosian.com/instructions.pdf

And the whole shebang (less than a megabyte!) is here:

www.osmosian.com/cal-4700.zip

Just download and unzip. No installation necessary. Exactly the same on any version of Windows from XP to 10.

Please address questions and comments directly to me:

gerry.rzeppa@pobox.com

> Musk is correct in insisting that laws should expire

This is a terrible idea. Stability and gradual, generally understandable, evolution in response to real world conditions are positive attributes of the current precedent-based system that has grown out of the common law.

The current default is accretion. There is no end to it. We will drown in laws.
I disagree. Of all ideas, I think this is his best one.
It's a great idea until "no murder" gets held up by the minority party to win leverage on some other issue. There'd always be some critical law to play chicken with.
Why? What's so bad about forcing us to re-evaluate the reasons why given laws are on the books?

Plenty of laws are relevant only to a specific point in time, but they rarely, if ever, get repealed.

Take the US Chicken Tax. It was put in place in the 60s to deal with economic concerns with France and West Germany at the time (which no longer exists as such!). Why shouldn't it have been given an expiration date? Instead, it remains in perpetuity, with its provisions twisted every few years to suit the interests of auto industry lobbyists. This is perverse.

Some laws, like that one, should be enacted with an expiration date. Some laws even are - e.g. a lot of the post-9/11 surveillance state laws need periodic reauthorization. Plenty of other taxes are enacted as temporary, too, despite how routinely they're extended.

But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.

> But not all laws should expire. Having, say, the crime of murder expire would be quite unhelpful.

I'm pretty sure that laws like that one would be renewed before expiration anyway -- and the current context would allow re-evaluation of penalty as well, which might be something useful to reconsider every couple of decades.

It would be an excuse for political and legislative brinkmanship on a schedule. They can always make changes to the details without a clock adding artificial urgency. It's clear it's the kind of law we want on the books, and to have a penalty on the books, indefinitely. Unlike, say, the chicken tax.
But that renewal provides a hook for legislators to attach all kinds of distasteful things to it.
One question then, is whether laws are generally more like murder, or more like the chicken tax. I don't know, but I suspect there are more chicken-tax-like laws by a considerable margin.
This comment could be made about software and programmers and make exactly as much sense.
Hammurabi's code was simple, but did little to deal with edge cases.

One of the reasons that the body of law has grown as large as it has is because of said edge cases.

> Law in general has multiplied

It's no surprise reading the comments here and elsewhere these days. The media helps build a furor amongst people, and people believe there is no other choice but to use the heavy hand of the government to solve their issues. Many times it's done without alternatives attempted first with the proponents criticizing those against a law as against its intentions. We see it with the Patriot Act, GDPR, etc.

And as global internet laws are written more and more by governments of citizens who implicitly trust them a lot (often just guessing at what can solve the problem instead of empirical evidence based on timid baby steps), their tentacles spread to the point where only those with resources can abide. Things happen in waves and I can only hope we'll come around to not adding laws and regulations all the time.

The power of corporations is at this point like a smaller government with some companies wielding more power than smaller nation states. We are currently in an upswing of corporations extracting more and more money out of people and trying to control them more and more. What are people supposed to do? Wait for companies to just change out of the goodness of their hearts? You cant even talk with your wallet anymore when many practices that are anti consumer, such as tracking every bit of data about you and selling it to anyone, are industry wide practices, couple with the fact that the larger corporations are inching closer and closer to the same level of monopoly power as the robber barons 100+ years ago.

Government overreach is bad, and the government is frequently a bad actor itself, but at least if they are trying to cancel out corporations power we end up with both groups hobbling themselves a bit

This perspective on the bible and Latin is not a good analogy. Most people could not read any language long ago, and priests in general serve several other purposes before reading/expounding upon the bible. From the standpoint of a believer, the bible was not expanded by human decision as laws are (canonical vs. apocryphal discussions aside). The bible was compiled in Latin by Jerome because it was the common ('vulgar') language of the people.

Of course, there's plenty to discuss and argue about in all of the above, but your comparison makes it seem like a done deal.

Rule of law is a really good thing in most societies.
We need something akin to the Uniform Commercial Code, which solved a similar problem with proliferation of contracts in the B2B realm. And I think there should be a strict limit on the amount of verbiage that a B2C contract can contain to remain enforceable, due to the highly asymmetrical nature of the relationship economically.
IMO, this is a question of consumer protection. It's ok to provide complicated contracts to corporations who can afford to hire lawyers, but it's not ok to do so with consumers. If we make a requirement that for consumer products, contract should be now longer than 1 page written in a language understandable by 10 year old, it will solve problem.
I like the elevator pitch approach.

If you can't explain your T&S in as many words as it takes to explain your product, one or the other needs to be revised.

It sounds good in theory, but in practice there're aspect which prevents it from being applicable. See here: https://news.ycombinator.com/reply?id=16886176&goto=threads%...
Yes, you have a valid point.

The one I was more trying to make is that a product should not be simply marketed as "a platform for sharing pictures with your friends" if it is actually "a platform for sharing pictures with your friends in exchange for your participation in unspecified and ethically questionable social experiments."

The T&S can stay the same for all I care, I just think companies shouldn't be able to hide behind them when they dramatically oversimplify the nature of the product in the process of selling or promoting it.

Even if EULAs were easily understood, they are still ultimatums: you either take it or leave it with no room for negotiation or repercussions for demanding far more than the product could reasonably ever be worth. There is no motivation to ever write these in good faith. There should be a general federal law to protect users and businesses from malice, privacy laws (similar to CAN-SPAM,) and a ban on all other end-user license nonsense.
Startup Idea - An AI language translator for legal language to English. It could convert a 20+ page contract to a 1 page bullet list. Maybe this has already been done or does the language of law require quantum computing?
An interesting idea, but complicated by the fact that as often as not the terms expressed are affected by the domain and locale.

For example, for every employment contract that contains a non-compete in California, there is relevant California state law that means it's probably unenforceable. What do you show for that?

Additionally, new case law is being made all the time. Laws aren't static, they are added to, amended or removed through legislature and case law. To my understanding, the case law changes are also more about the specific circumstances of the case as well, so may apply narrowly or widely, depending on ruling. And may be appealed.

I would make a few points:

- I don't think legalese is the issue. Even if you wrote terms in plain English they would still be at a similar length if you wanted to capture the same content of the base terms, and people would still not read them. I don't think there is a high proportion of people who are put off by legalese but would read terms if they were in plain English

- the article has a GDPR bent. Certainly when it comes to uses of personal data, that should form a bigger part of the sign-up experience and be separated out from the main terms.

- when you are looking at general terms & conditions outside of privacy, European consumer law and I imagine most consumer law protects customers from unreasonable actions by corporations toward consumers. It allows the user to assume the company will behave reasonably towards the consumer, and is arguably the appropriate remedy to cure the issue of over-long terms & conditions.

- There is of course limited scope to this and there will be a range of transactions where you are not acting as a consumer and are expected to thoroughly understand the full implications of the transaction you enter into.

- the reckoning in the article is already one partially addressed by the above steps at least in the European Union around consumer law protections, and requirements on the data protection side to call out data uses in the sign-up process rather than bury them in the terms.

Seems to me this is easily fixed.

If a jury of peers cannot understand the legal contract during an arbitration, rule in favor of the signor of the contract and against the writer.

You'll see that shit disappear with a quickness.

This is a great idea but I don't think it goes far enough.

It means that 12 lay people can eventually, after some coaching, study, and debate, understand a contract. Or one lawyer, presumably.

The problem remains though, that one lay person needs to understand it without study or coaching, and without taking days to do so. Most of us have probably clicked through hundreds or even thousands of EULAs and other crap without having days to understand each one. Every app, every shrinkwrap, your toaster, and even the bloody nav on your car with its OK button: there's just too much.

The jury should get as much time to read the contract as the average user spends reading the contract and should not get the help of a lawyer. If the company doesn't collect data about how much time users spend reading the contract, then it should be presumed that they didn't read it at all and then only terms that the jury can guess would be in the contract without reading it should be valid.
Facebook's Privacy Policy, Terms, and Principles are actually written in very clear, plain language. I've read them. They're easy to understand.

I was frustrated by Senator Graham's remarks because he absolutely could understand them, if he bothered to read them. (He said that he didn't understand them.)

The problem though, isn't the Terms. It doesn't matter how plainly written they are. People won't read them.

What matters is designing your product with correct privacy affordances. Put yourself on the shoes of the user, and make sure your app isn't sharing information in a way that would be jarring or unexpected.

For example, Facebook made a mistake with its posting dialogue experience pre 2016. You could say that a post should only be shared "with friends" in a choice box next to your post. However, that post would also be shared with any apps your friend has installed. That's probably not what the posting user would have expected, so it's a poor experience.

If you have inadequate privacy affordances, you shouldn't just hide behind your terms. That's the point.

Edit: I don't understand why I'm being downvoted. If you disagree with something, please let me know. I'm designing our own privacy affordances in our app following the above thinking, after all...