The Future of Ignoring Things
(Originally published on InformationWeek's Internet Evolution, October 3, 2007)
For decades, computers have been helping us to remember, but now it's time for them to help us to ignore.
Take email: Endless engineer-hours are poured into stopping spam, but virtually no attention is paid to our interaction with our non-spam messages. Our mailer may strive to learn from our ratings what is and is not spam, but it expends practically no effort on figuring out which of the non-spam emails are important and which ones can be safely ignored, dropped into archival folders, or deleted unread.
For example, I'm forever getting cc'd on busy threads by well-meaning colleagues who want to loop me in on some discussion in which I have little interest. Maybe the initial group invitation to a dinner (that I'll be out of town for) was something I needed to see, but now that I've declined, I really don't need to read the 300+ messages that follow debating the best place to eat.
I could write a mail-rule to ignore the thread, of course. But mail-rule editors are clunky, and once your rule-list grows very long, it becomes increasingly unmanageable. Mail-rules are where bookmarks were before the bookmark site del.icio.us showed up -- built for people who might want to ensure that messages from the boss show up in red, but not intended to be used as a gigantic storehouse of a million filters, a crude means for telling the computers what we don't want to see.
Rael Dornfest, the former chairman of the O'Reilly Emerging Tech conference and founder of the startup IWantSandy, once proposed an "ignore thread" feature for mailers: Flag a thread as uninteresting, and your mailer will start to hide messages with that subject-line or thread-ID for a week, unless those messages contain your name. The problem is that threads mutate. Last week's dinner plans become this week's discussion of next year's group holiday. If the thread is still going after a week, the messages flow back into your inbox -- and a single click takes you back through all the messages you missed.
We need a million measures like this, adaptive systems that create a gray zone between "delete on sight" and "show this to me right away."
RSS readers are a great way to keep up with the torrent of new items posted on high-turnover sites like Digg, but they're even better at keeping up with sites that are sporadic, like your friend's brilliant journal that she only updates twice a year. But RSS readers don't distinguish between the rare and miraculous appearance of a new item in an occasional journal and the latest click-fodder from Slashdot. They don't even sort your RSS feeds according to the sites that you click-through the most.
There was a time when I could read the whole of Usenet -- not just because I was a student looking for an excuse to avoid my assignments, but because Usenet was once tractable, readable by a single determined person. Today, I can't even keep up with a single high-traffic message-board. I can't read all my email. I can't read every item posted to every site I like. I certainly can't plough through the entire edit-history of every Wikipedia entry I read. I've come to grips with this -- with acquiring information on a probabilistic basis, instead of the old, deterministic, cover-to-cover approach I learned in the offline world.
It's as though there's a cognitive style built into TCP/IP. Just as the network only does best-effort delivery of packets, not worrying so much about the bits that fall on the floor, TCP/IP users also do best-effort sweeps of the Internet, focusing on learning from the good stuff they find, rather than lamenting the stuff they don't have time to see.
The network won't ever become more tractable. There will never be fewer things vying for our online attention. The only answer is better ways and new technology to ignore stuff -- a field that's just being born, with plenty of room to grow.
(Originally published as "How Your Creepy Ex-Co-Workers Will Kill Facebook," in InformationWeek, November 26, 2007)
Facebook's "platform" strategy has sparked much online debate and controversy. No one wants to see a return to the miserable days of walled gardens, when you couldn't send a message to an AOL subscriber unless you, too, were a subscriber, and when the only services that made it were the ones that AOL management approved. Those of us on the "real" Internet regarded AOL with a species of superstitious dread, a hive of clueless noobs waiting to swamp our beloved Usenet with dumb flamewars (we fiercely guarded our erudite flamewars as being of a palpably superior grade), the wellspring of an
Facebook is no paragon of virtue. It bears the hallmarks of the kind of pump-and-dump service that sees us as sticky, monetizable eyeballs in need of pimping. The clue is in the steady stream of emails you get from Facebook: "So-and-so has sent you a message." Yeah, what is it? Facebook isn't telling -- you have to visit Facebook to find out, generate a banner impression, and read and write your messages using the halt-and-lame Facebook interface, which lags even end-of-lifed email clients like Eudora for composing, reading, filtering, archiving and searching. Emails from Facebook aren't helpful messages, they're eyeball bait, intended to send you off to the Facebook site, only to discover that Fred wrote "Hi again!" on your "wall." Like other "social" apps (cough eVite cough), Facebook has all the social graces of a nose-picking, hyperactive six-year-old, standing at the threshold of your attention and chanting, "I know something, I know something, I know something, won't tell you what it is!"
If there was any doubt about Facebook's lack of qualification to displace the Internet with a benevolent dictatorship/walled garden, it was removed when Facebook unveiled its new advertising campaign. Now, Facebook will allow its advertisers use the profile pictures of Facebook users to advertise their products, without permission or compensation. Even if you're the kind of person who likes the sound of a "benevolent dictatorship," this clearly isn't one.
Many of my colleagues wonder if Facebook can be redeemed by opening up the platform, letting anyone write any app for the service, easily exporting and importing their data, and so on (this is the kind of thing Google is doing with its OpenSocial Alliance). Perhaps if Facebook takes on some of the characteristics that made the Web work -- openness, decentralization, standardization -- it will become like the Web itself, but with the added pixie dust of "social," the indefinable characteristic that makes Facebook into pure crack for a significant proportion of Internet users.
The debate about redeeming Facebook starts from the assumption that Facebook is snowballing toward critical mass, the point at which it begins to define "the Internet" for a large slice of the world's netizens, growing steadily every day. But I think that this is far from a sure thing. Sure, networks generally follow Metcalfe's Law: "the value of a telecommunications network is proportional to the square of the number of users of the system." This law is best understood through the analogy of the fax machine: a world with one fax machine has no use for faxes, but every time you add a fax, you square the number of possible send/receive combinations (Alice can fax Bob or Carol or Don; Bob can fax Alice, Carol and Don; Carol can fax Alice, Bob and Don, etc).
But Metcalfe's law presumes that creating more communications pathways increases the value of the system, and that's not always true (see Brook's Law: "Adding manpower to a late softer project makes it later").
Having watched the rise and fall of SixDegrees, Friendster, and the many other proto-hominids that make up the evolutionary chain leading to Facebook, MySpace, et al, I'm inclined to think that these systems are subject to a Brook's-law parallel: "Adding more users to a social network increases the probability that it will put you in an awkward social circumstance." Perhaps we can call this "boyd's Law" [NOTE TO EDITOR: "boyd" is always lower-case] for danah [TO EDITOR: "danah" too!] boyd, the social scientist who has studied many of these networks from the inside as a keen-eyed net-anthropologist and who has described the many ways in which social software does violence to sociability in a series of sharp papers.
Here's one of boyd's examples, a true story: a young woman, an elementary school teacher, joins Friendster after some of her Burning Man buddies send her an invite. All is well until her students sign up and notice that all the friends in her profile are sunburnt, drug-addled techno-pagans whose own profiles are adorned with digital photos of their painted genitals flapping over the Playa. The teacher inveigles her friends to clean up their profiles, and all is well again until her boss, the school principal, signs up to the service and demands to be added to her friends list. The fact that she doesn't like her boss doesn't really matter: in the social world of Friendster and its progeny, it's perfectly valid to demand to be "friended" in an explicit fashion that most of us left behind in the fourth grade. Now that her boss is on her friends list, our teacher-friend's buddies naturally assume that she is one of the tribe and begin to send her lascivious Friendster-grams, inviting her to all sorts of dirty funtimes.
In the real world, we don't articulate our social networks. Imagine how creepy it would be to wander into a co-worker's cubicle and discover the wall covered with tiny photos of everyone in the office, ranked by "friend" and "foe," with the top eight friends elevated to a small shrine decorated with Post-It roses and hearts. And yet, there's an undeniable attraction to corralling all your friends and friendly acquaintances, charting them and their relationship to you. Maybe it's evolutionary, some quirk of the neocortex dating from our evolution into social animals who gained advantage by dividing up the work of survival but acquired the tricky job of watching all the other monkeys so as to be sure that everyone was pulling their weight and not, e.g., napping in the treetops instead of watching for predators, emerging only to eat the fruit the rest of us have foraged.
Keeping track of our social relationships is a serious piece of work that runs a heavy cognitive load. It's natural to seek out some neural prosthesis for assistance in this chore. My fiancee once proposed a "social scheduling" application that would watch your phone and email and IM to figure out who your pals were and give you a little alert if too much time passed without your reaching out to say hello and keep the coals of your relationship aglow. By the time you've reached your forties, chances are you're out-of-touch with more friends than you're in-touch with, old summer-camp chums, high-school mates, ex-spouses and their families, former co-workers, college roomies, dot-com veterans... Getting all those people back into your life is a full-time job and then some.
You'd think that Facebook would be the perfect tool for handling all this. It's not. For every long-lost chum who reaches out to me on Facebook, there's a guy who beat me up on a weekly basis through the whole seventh grade but now wants to be my buddy; or the crazy person who was fun in college but is now kind of sad; or the creepy ex-co-worker who I'd cross the street to avoid but who now wants to know, "Am I your friend?" yes or no, this instant, please.
It's not just Facebook and it's not just me. Every "social networking service" has had this problem and every user I've spoken to has been frustrated by it. I think that's why these services are so volatile: why we're so willing to flee from Friendster and into MySpace's loving arms; from MySpace to Facebook. It's socially awkward to refuse to add someone to your friends list -- but removing someone from your friend-list is practically a declaration of war. The least-awkward way to get back to a friends list with nothing but friends on it is to reboot: create a new identity on a new system and send out some invites (of course, chances are at least one of those invites will go to someone who'll groan and wonder why we're dumb enough to think that we're pals).
That's why I don't worry about Facebook taking over the net. As more users flock to it, the chances that the person who precipitates your exodus will find you increases. Once that happens, poof, away you go -- and Facebook joins SixDegrees, Friendster and their pals on the scrapheap of net.history.
The Future of Internet Immune Systems
(Originally published on InformationWeek's Internet Evolution, November 19, 2007)
Bunhill Cemetery is just down the road from my flat in London. It’s a handsome old boneyard, a former plague pit (“Bone hill” -- as in, there are so many bones under there that the ground is actually kind of humped up into a hill). There are plenty of luminaries buried there -- John “Pilgrim’s Progress” Bunyan, William Blake, Daniel Defoe, and assorted Cromwells. But my favorite tomb is that of Thomas Bayes, the 18th-century statistician for whom Bayesian filtering is named.
Bayesian filtering is plenty useful. Here’s a simple example of how you might use a Bayesian filter. First, get a giant load of non-spam emails and feed them into a Bayesian program that counts how many times each word in their vocabulary appears, producing a statistical breakdown of the word-frequency in good emails.
Then, point the filter at a giant load of spam (if you’re having a hard time getting a hold of one, I have plenty to spare), and count the words in it. Now, for each new message that arrives in your inbox, have the filter count the relative word-frequencies and make a statistical prediction about whether the new message is spam or not (there are plenty of wrinkles in this formula, but this is the general idea).
The beauty of this approach is that you needn’t dream up “The Big Exhaustive List of Words and Phrases That Indicate a Message Is/Is Not Spam.” The filter naively calculates a statistical fingerprint for spam and not-spam, and checks the new messages against them.
This approach -- and similar ones -- are evolving into an immune system for the Internet, and like all immune systems, a little bit goes a long way, and too much makes you break out in hives.
ISPs are loading up their network centers with intrusion detection systems and tripwires that are supposed to stop attacks before they happen. For example, there’s the filter at the hotel I once stayed at in Jacksonville, Fla. Five minutes after I logged in, the network locked me out again. After an hour on the phone with tech support, it transpired that the network had noticed that the videogame I was playing systematically polled the other hosts on the network to check if they were running servers that I could join and play on. The network decided that this was a malicious port-scan and that it had better kick me off before I did anything naughty.
It only took five minutes for the software to lock me out, but it took well over an hour to find someone in tech support who understood what had happened and could reset the router so that I could get back online.
And right there is an example of the autoimmune disorder. Our network defenses are automated, instantaneous, and sweeping. But our fallback and oversight systems are slow, understaffed, and unresponsive. It takes a millionth of a second for the Transportation Security Administration’s body-cavity-search roulette wheel to decide that you’re a potential terrorist and stick you on a no-fly list, but getting un-Tuttle-Buttled is a nightmarish, months-long procedure that makes Orwell look like an optimist.
The tripwire that locks you out was fired-and-forgotten two years ago by an anonymous sysadmin with root access on the whole network. The outsourced help-desk schlub who unlocks your account can’t even spell "tripwire." The same goes for the algorithm that cut off your credit card because you got on an airplane to a different part of the world and then had the audacity to spend your money. (I’ve resigned myself to spending $50 on long-distance calls with Citibank every time I cross a border if I want to use my debit card while abroad.)
This problem exists in macro- and microcosm across the whole of our technologically mediated society. The “spamigation bots” run by the Business Software Alliance and the Music and Film Industry Association of America (MAFIAA) entertainment groups send out tens of thousands of automated copyright takedown notices to ISPs at a cost of pennies, with little or no human oversight. The people who get erroneously fingered as pirates (as a Recording Industry Association of America (RIAA) spokesperson charmingly puts it, “When you go fishing with a dragnet, sometimes you catch a dolphin.”) spend days or weeks convincing their ISPs that they had the right to post their videos, music, and text-files.
We need an immune system. There are plenty of bad guys out there, and technology gives them force-multipliers (like the hackers who run 250,000-PC botnets). Still, there’s a terrible asymmetry in a world where defensive takedowns are automatic, but correcting mistaken takedowns is done by hand.
All Complex Ecosystems Have Parasites
(Paper delivered at the O'Reilly Emerging Technology Conference, San Diego, California, 16 March 2005)
AOL hates spam. AOL could eliminate nearly 100 percent of its subscribers' spam with one easy change: it could simply shut off its internet gateway. Then, as of yore, the only email an AOL subscriber could receive would come from another AOL subscriber. If an AOL subscriber sent a spam to another AOL subscriber and AOL found out about it, they could terminate the spammer's account. Spam costs AOL millions, and represents a substantial disincentive for AOL customers to remain with the service, and yet AOL chooses to permit virtually anyone who can connect to the Internet, anywhere in the world, to send email to its customers, with any software at all.
Email is a sloppy, complicated ecosystem. It has organisms of sufficient diversity and sheer number as to beggar the imagination: thousands of SMTP agents, millions of mail-servers, hundreds of millions of users. That richness and diversity lets all kinds of innovative stuff happen: if you go to nytimes.com and "send a story to a friend," the NYT can convincingly spoof your return address on the email it sends to your friend, so that it appears that the email originated on your computer. Also: a spammer can harvest your email and use it as a fake return address on the spam he sends to your friend. Sysadmins have server processes that send them mail to secret pager-addresses when something goes wrong, and GPLed mailing-list software gets used by spammers and people running high-volume mailing lists alike.
You could stop spam by simplifying email: centralize functions like identity verification, limit the number of authorized mail agents and refuse service to unauthorized agents, even set up tollbooths where small sums of money are collected for every email, ensuring that sending ten million messages was too expensive to contemplate without a damned high expectation of return on investment. If you did all these things, you'd solve spam.
By breaking email.
Small server processes that mail a logfile to five sysadmins every hour just in case would be prohibitively expensive. Convincing the soviet that your bulk-mailer was only useful to legit mailing lists and not spammers could take months, and there's no guarantee that it would get their stamp of approval at all. With verified identity, the NYTimes couldn't impersonate you when it forwarded stories on your behalf -- and Chinese dissidents couldn't send out their samizdata via disposable gmail accounts.
An email system that can be controlled is an email system without complexity. Complex ecosystems are influenced, not controlled.
The Hollywood studios are conniving to create a global network of regulatory mandates over entertainment devices. Here they call it the Broadcast Flag; in Europe, Asia, Australia and Latinamerica it's called DVB Copy Protection Content Management. These systems purport to solve the problem of indiscriminate redistribution of broadcast programming via the Internet, but their answer to the problem, such as it is, is to require that everyone who wants to build a device that touches video has to first get permission.
If you want to make a TV, a screen, a video-card, a high-speed bus, an analog-to-digital converter, a tuner card, a DVD burner -- any tool that you hope to be lawful for use in connection with digital TV signals -- you'll have to go on bended knee to get permission to deploy it. You'll have to convince FCC bureaucrats or a panel of Hollywood companies and their sellout IT and consumer electronics toadies that the thing you're going to bring to market will not disrupt their business models.
That's how DVD works today: if you want to make a DVD player, you need to ask permission from a shadowy organization called the DVD-CCA. They don't give permission if you plan on adding new features -- that's why they're suing Kaleidascape for building a DVD jukebox that can play back your movies from a hard-drive archive instead of the original discs.
CD has a rich ecosystem, filled with parasites -- entrepreneurial organisms that move to fill every available niche. If you spent a thousand bucks on CDs ten years ago, the ecosystem for CDs would reward you handsomely. In the intervening decade, parasites who have found an opportunity to suck value out of the products on offer from the labels and the dupe houses by offering you the tools to convert your CDs to ring-tones, karaoke, MP3s, MP3s on iPods and other players, MP3s on CDs that hold a thousand percent more music -- and on and on.
DVDs live in a simpler, slower ecosystem, like a terrarium in a bottle where a million species have been pared away to a manageable handful. DVDs pay no such dividend. A thousand dollars' worth of ten-year old DVDs are good for just what they were good for ten years ago: watching. You can't put your kid into her favorite cartoon, you can't downsample the video to something that plays on your phone, and you certainly can't lawfully make a hard-drive-based jukebox from your discs.
The yearning for simple ecosystems is endemic among people who want to "fix" some problem of bad actors on the networks.
Take interoperability: you might sell me a database in the expectation that I'll only communicate with it using your authorized database agents. That way you can charge vendors a license fee in exchange for permission to make a client, and you can ensure that the clients are well-behaved and don't trigger any of your nasty bugs.
But you can't meaningfully enforce that. EDS and other titanic software companies earn their bread and butter by producing fake database clients that impersonate the real thing as they iterate through every record and write it to a text file -- or simply provide a compatibility layer through systems provided by two different vendors. These companies produce software that lies -- parasite software that fills niches left behind by other organisms, sometimes to those organisms' detriment.
So we have "Trusted Computing," a system that's supposed to let software detect other programs' lies and refuse to play with them if they get caught out fibbing. It's a system that's based on torching the rainforest with all its glorious anarchy of tools and systems and replacing it with neat rows of tame and planted trees, each one approved by The Man as safe for use with his products.
For Trusted Computing to accomplish this, everyone who makes a video-card, keyboard, or logic-board must receive a key from some certifying body that will see to it that the key is stored in a way that prevents end-users from extracting it and using it to fake signatures.
But if one keyboard vendor doesn't store his keys securely, the system will be useless for fighting keyloggers. If one video-card vendor lets a key leak, the system will be no good for stopping screenlogging. If one logic-board vendor lets a key slip, the whole thing goes out the window. That's how DVD DRM got hacked: one vendor, Xing, left its keys in a place where users could get at them, and then anyone could break the DRM on any DVD.
Not only is the Trusted Computing advocates' goal -- producing a simpler software ecosystem -- wrongheaded, but the methodology is doomed. Fly-by-night keyboard vendors in distant free trade zones just won't be 100 percent compliant, and Trusted Computing requires no less than perfect compliance.
The whole of DRM is a macrocosm for Trusted Computing. The DVB Copy Protection system relies on a set of rules for translating every one of its restriction states -- such as "copy once" and "copy never" -- to states in other DRM systems that are licensed to receive its output. That means that they're signing up to review, approve and write special rules for every single entertainment technology now invented and every technology that will be invented in the future.
Madness: shrinking the ecosystem of everything you can plug into your TV down to the subset that these self-appointed arbiters of technology approve is a recipe for turning the electronics, IT and telecoms industries into something as small and unimportant as Hollywood. Hollywood -- which is a tenth the size of IT, itself a tenth the size of telecoms.
In Hollywood, your ability to make a movie depends on the approval of a few power-brokers who have signing authority over the two-hundred-million-dollar budgets for making films. As far as Hollywood is concerned, this is a feature, not a bug. Two weeks ago, I heard the VP of Technology for Warners give a presentation in Dublin on the need to adopt DRM for digital TV, and his money-shot, his big convincer of a slide went like this:
"With advances in processing power, storage capacity and broadband access... EVERYBODY BECOMES A BROADCASTER!"
Simple ecosystems are the goal of proceedings like CARP, the panel that set out the ruinously high royalties for webcasters. The recording industry set the rates as high as they did so that the teeming millions of webcasters would be rendered economically extinct, leaving behind a tiny handful of giant companies that could be negotiated with around a board room table, rather than dealt with by blanket legislation.
The razing of the rainforest has a cost. It's harder to send a legitimate email today than it ever was -- thanks to a world of closed SMTP relays. The cries for a mail-server monoculture grow more shrill with every passing moment. Just last week, it was a call for every mail-administrator to ban the "vacation" program that sends out automatic responses informing senders that the recipient is away from email for a few days, because mailboxes that run vacation can cause "spam blowback" where accounts send their vacation notices to the hapless individuals whose email addresses the spammers have substituted on the email's Reply-To line.
And yet there is more spam than there ever was. All the costs we've paid for fighting spam have added up to no benefit: the network is still overrun and sometimes even overwhelmed by spam. We've let the network's neutrality and diversity be compromised, without receiving the promised benefit of spam-free inboxes.
Likewise, DRM has exacted a punishing toll wherever it has come into play, costing us innovation, free speech, research and the public's rights in copyright. And likewise, DRM has not stopped infringement: today, infringement is more widespread than ever. All those costs borne by society in the name of protecting artists and stopping infringement, and not a penny put into an artist's pocket, not a single DRM-restricted file that can't be downloaded for free and without encumbrance from a P2P network.
Everywhere we look, we find people who should know better calling for a parasite-free Internet. Science fiction writers are supposed to be forward looking, but they're wasting their time demanding that Amazon and Google make it harder to piece together whole books from the page-previews one can get via the look-inside-the-book programs. They're even cooking up programs to spoof deliberately corrupted ebooks into the P2P networks, presumably to assure the few readers the field has left that reading science fiction is a mug's game.
The amazing thing about the failure of parasite-elimination programs is that their proponents have concluded that the problem is that they haven't tried hard enough -- with just a few more species eliminated, a few more policies imposed, paradise will spring into being. Their answer to an unsuccessful strategy for fixing the Internet is to try the same strategy, only moreso -- only fill those niches in the ecology that you can sanction. Hunt and kill more parasites, no matter what the cost.
We are proud parasites, we Emerging Techers. We're engaged in perl whirling, pythoneering, lightweight javarey -- we hack our cars and we hack our PCs. We're the rich humus carpeting the jungle floor and the tiny frogs living in the bromeliads.
The long tail -- Chris Anderson's name for the 95% of media that isn't top sellers, but which, in aggregate, accounts for more than half the money on the table for media vendors -- is the tail of bottom-feeders and improbable denizens of the ocean's thermal vents. We're unexpected guests at the dinner table and we have the nerve to demand a full helping.
Your ideas are cool and you should go and make them real, even if they demand that the kind of ecological diversity that seems to be disappearing around us.
You may succeed -- provided that your plans don't call for a simple ecosystem where only you get to provide value and no one else gets to play.
(Originally published as "Shrinkwrap Licenses: An Epidemic Of Lawsuits Waiting To Happen" in InformationWeek, February 3, 2007)
*READ CAREFULLY. By reading this article, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.*
READ CAREFULLY -- all in caps, and what it means is, "IGNORE THIS." That's because the small print in the clickwrap, shrinkwrap, browsewrap and other non-negotiated agreements is both immutable and outrageous.
Why read the "agreement" if you know that:
1) No sane person would agree to its text, and
2) Even if you disagree, no one will negotiate a better agreement with you?
We seem to have sunk to a kind of playground system of forming contracts. There are those who will tell you that you can form a binding agreement just by following a link, stepping into a store, buying a product, or receiving an email. By standing there, shaking your head, shouting "NO NO NO I DO NOT AGREE," you agree to let me come over to your house, clean out your fridge, wear your underwear and make some long-distance calls.
If you buy a downloadable movie from Amazon Unbox, you agree to let them install spyware on your computer, delete any file they don't like on your hard-drive, and cancel your viewing privileges for any reason. Of course, it goes without saying that Amazon reserves the right to modify the agreement at any time.
The worst offenders are people who sell you movies and music. They're a close second to people who sell you software, or provide services over the Internet. There's a rubric to this -- you're getting a discount in exchange for signing onto an abusive agreement, but just try and find the software that doesn't come with one of these "agreements" -- at any price.
For example, Vista, Microsoft's new operating system, comes in a rainbow of flavors varying in price from $99 to $399, but all of them come with the same crummy terms of service, which state that "you may not work around any technical limitations in the software," and that Windows Defender, the bundled anti-malware program, can delete any program from your hard drive that Microsoft doesn't like, even if it breaks your computer.
It's bad enough when this stuff comes to us through deliberate malice, but it seems that bogus agreements can spread almost without human intervention. Google any obnoxious term or phrase from a EULA, and you'll find that the same phrase appears in a dozens -- perhaps thousands -- of EULAs around the Internet. Like snippets of DNA being passed from one virus to another as they infect the world's corporations in a pandemic of idiocy, terms of service are semi-autonomous entities.
Indeed, when rocker Billy Bragg read the fine print on the MySpace user agreement, he discovered that it appeared that site owner Rupert Murdoch was laying claim to copyrights in every song uploaded to the site, in a silent, sinister land-grab that turned the media baron into the world's most prolific and indiscriminate hoarder of garage-band tunes.
However, the EULA that got Bragg upset wasn't a Murdoch innovation -- it dates back to the earliest days of the service. It seems to have been posted at a time when the garage entrepreneurs who built MySpace were in no position to hire pricey counsel -- something borne out by the fact that the old MySpace EULA appears nearly verbatim on many other services around the Internet. It's not going out very far on a limb to speculate that MySpace's founders merely copied a EULA they found somewhere else, without even reading it, and that when Murdoch's due diligence attorneys were preparing to give these lucky fellows $600,000,000, that they couldn't be bothered to read the terms of service anyway.
In their defense, EULAese is so mind-numbingly boring that it's a kind of torture to read these things. You can hardly blame them.
But it does raise the question -- why are we playing host to these infectious agents? If they're not read by customers or companies, why bother with them?
If you wanted to really be careful about this stuff, you'd prohibit every employee at your office from clicking on any link, installing any program, creating accounts, signing for parcels -- even doing a run to Best Buy for some CD blanks, have you seen the fine-print on their credit-card slips? After all, these people are entering into "agreements" on behalf of their employer -- agreements to allow spyware onto your network, to not "work around any technical limitations in their software," to let malicious software delete arbitrary files from their systems.
So far, very few of us have been really bitten in the ass by EULAs, but that's because EULAs are generally associated with companies who have products or services they're hoping you'll use, and enforcing their EULAs could cost them business.
But that was the theory with patents, too. So long as everyone with a huge portfolio of unexamined, overlapping, generous patents was competing with similarly situated manufacturers, there was a mutually assured destruction -- a kind of detente represented by cross-licensing deals for patent portfolios.
But the rise of the patent troll changed all that. Patent trolls don't make products. They make lawsuits. They buy up the ridiculous patents of failed companies and sue the everloving hell out of everyone they can find, building up a war-chest from easy victories against little guys that can be used to fund more serious campaigns against larger organizations. Since there are no products to disrupt with a countersuit, there's no mutually assured destruction.
If a shakedown artist can buy up some bogus patents and use them to put the screws to you, then it's only a matter of time until the same grifters latch onto the innumerable "agreements" that your company has formed with a desperate dot-bomb looking for an exit strategy.
More importantly, these "agreements" make a mockery of the law and of the very idea of forming agreements. Civilization starts with the idea of a real agreement -- for example, "We crap here and we sleep there, OK?" -- and if we reduce the noble agreement to a schoolyard game of no-takebacks, we erode the bedrock of civilization itself.