Any legal action that promises to eliminate one spyware purveyor is OK by me, but the lawsuit announced by the FTC on Wednesday against Odysseus Marketing could be more significant than that. It's the first time in a long time any legal authority has come out and said that a EULA doesn't give a company the right to do anything it wants.
In its complaint the FTC alleges that Odysseus lured customers to download a free program called Kazanon that it falsely claimed would allow them to download peer-to-peer files anonymously. What Kazanon actually did according to the FTC was download a spyware program called Clientman that would in turn download dozens of other spyware/adware programs such as Blazefind, eZula, InternetOptimizer, Ncase, and WebRebates.
The FTC charges that Odysseus has an obligation to disclose to consumers what its software actually does and that obligation is not met by hiding the disclosures in their EULA. "The consequences of downloading Kazanon are disclosed only in the End User License Agreement, in the middle of the two-page document," the FTC complaint reads. "The home page of the Kazanon web site contains no information about the consequences of downloading Kazanon other than a hyperlink that is labeled 'Terms and Conditions,' which links to the Kazanon EULA. The hyperlink is not labeled to convey the nature, relevance, or significance of the EULA. To download Kazanon, a consumer is required to check a small box to 'certify that (he or she) has read agrees with all the Terms and Conditions.' However, the consumer does not have to click on the 'Terms and Conditions' hyperlink or view the Kazanon EULA to download Kazanon."
The Kazanon EULA gives Odysseus the right to do all manner of spywarish things such as installing other programs, collecting personal information about the user, altering search engine query results, displaying pop-up ads, etc. If there's anything unusual about it compared to other spyware EULAs, it's that it is actually shorter and blunter than most. Which raises an interesting question: if the Odysseus click-OK checkbox is not sufficient disclosure for the FTC, where does the agency think the line should be drawn between deceptive spyware and legal adware? For example, is Direct Revenue -- one of the companies whose software the FTC says was installed surreptitiously by Clientman -- just as guilty as Odysseus? What about 180 Solutions, whose terms and conditions the Kazanon EULA specifically says users also accept?
And as long as we're talking about EULAs and deceptive practices, let's not forget that spyware isn't the only kind of software that mixes the two. A few weeks ago I wrote about an outfit called Manay Software that uses its EULA to hide the fact that its "free" software CDs can cost a lot. And then there was the story about ParkingTicket.com trying to charge a New York City woman $5,000 for violating their EULA by not perjuring herself.
It's probably too much to hope for that the FTC can go after the big spyware fish, and they certainly can't go after every two-bit Internet scam. Still, we can all applaud the agency's action in taking this step with Odysseus. It sends a message that hasn't been heard much from our legal system of late: a EULA is not a license to cheat and steal.
Read and post comments about this story here.
9:38:24 AM 
|
