[thescrewdriver]

Very few people will read the privacy terms. Just because they have a document people clicked 'agree' below without reading doesn't mean that MS should not be held to account for what Windows 10 is leaking. For many users not using Windows isn't an option.

[Lawtonfogle]

We need a complete rework of our entire legal system in regards to consent to contracts. The problem is that it'll never happen because there is so much of an advantage given to the capital owners by having it so the rest of the population doesn't really understand what they are signing up for.

[drdaeman]

Yet, I believe he has a point, and he had pointed to the very core problem.

If you hadn't read the EULA/ToS/Privacy Policy/etc, but had consented to those (by clicked "agree" in case of click-wrap packaging thingy), the fact is Microsoft is very unlikely to be held accountable if their actions are perfectly conforming to the agreement you had agreed without even reading. Something is surely not right with this whole situation.

[kuschku]

EULA, ToS, etc do not apply in Europe if they contain terms that the user can not reasonably expect.

An OS sharing all your data even with snooping disabled falls under this regulation, and multiple EU data privacy officials are already investigating and preparing a case.

[PythonicAlpha]

Could be, but also could not.

Microsoft once already was under EU investigation and the whole thing was settled with minimal efforts for Microsoft (the only thing I remember was, that they had to provide a browser selection screen).

When the OS sends encrypted data to their servers, who will prove, that their is an offense made? Even when the terms are troublesome in the EU, they will just make some cosmetic changes to the terms for Europe. There are other terms, that are not valid in the EU, but Microsoft did even not change them yet (as much I know), even when it gets problems to enforce them on the courts.

Privacy might be a issue in Europe, more than in the US, but don't forget: the privacy officers in Germany have nearly no power, and are laughed at or ignored by most politicians.

Microsoft has nearly nothing to fear, IMHO from the EU, so long the US jurisdiction is also holding its peace. In Germany/the EU, nobody has the guts to fence to hard against a large US corporation -- but that is my opinion.

It would be nice, when the EU would act on it, but I don't trust it!

[kuschku]

Look up Thilo Weichert, or, his replacement and long-years assistant Marit Hansen (Dipl.-Inf.)

They fought many battles, especially against Facebook, which led to court rulings in the manner of "Instant change of terms, instant destruction of data, or 6 months jail for the CEO".

Internationally, many might laugh about the ULD, but you do not risk a fight with them. And now, with them starting to look at Microsoft, I would not want to be in Microsofts place.

[tomswartz07]

The other thing to note is that they've changed the terms during an automatic update.

The terms that they changed had several opt-out (as opposed to off-by-default opt-in) features that are mentioned in OP's article.

[drdaeman]

So, Microsoft did unethical but legal move.

That's almost exactly what he said - Legally, user is at MS' mercy, ethically that's not OK.

[malka]

Even if people were to read it, how many are able to understand legalese ?

Am I supposed to consult a lawyer each time I want to install a software ?

[PythonicAlpha]

With such an argumentation, you could just trash any terms. As long as they are not against any law, they are valid, as long as they do not contain something that is totally unexpected (for example that you must pay Microsoft additional fees above the normal price).

I also think, that Microsoft should be held accountable -- but it starts with those terms!

I think, many people just rushed into Windows 10, because it was free. But free, seldom means free in deed. A clever trick of Microsoft to trick people into this.

As long the privacy terms are not effectively changed and the OS stops to send coded data to servers, this OS can not be trusted.

[wfo]

Terms and conditions as a requirement to use a product you've already purchased shouldn't ever count for anything. So I think you should trash any terms. And I'd hope in a civilized country if a company tries to use mandatory-accept 300 page terms and conditions to abuse their customers a judge would step in and say "no."

And this is absolutely unexpected. That's why there's a very popular post on ars technica and hacker news and reddit with tons of well-informed technical people surprised about it and pretty pissed off.

[RaleyField]

> in a civilized country if a company tries to use mandatory-accept 300 page terms and conditions

If you don't like 300 pages of ToS then don't buy Windows. It's your free choice. Software should be protected speech. I don't like Windows 10, but then I also think that Microsoft should have the right to write Windows however they like as long as they don't factually lie in their privacy statement and other documents.

> to use a product you've already purchased

The person who sold you Windows should've informed you of the license.

[wfo]

> It's your free choice.

No, it isn't. Very few choices in a very capitalist society are actually free, they are free in the sense that choosing to comply or not with a gun to your head is "free". Which is why regulation is necessary. Burying anything significant in a ToS is in our society meaningless, because if it actually had teeth it would be fraud.

[thescrewdriver]

I've currently got a system with the Windows 10 downloaded, but I am hesitant to actually proceed with the (up?)grade. Like many people I assumed that it was just the same old Windows with more enhancements, not something with batshit crazy privacy defaults, that even when disabled still leak data.

[PythonicAlpha]

That is the point. People are tricked into this and most of them did not read the terms or just ignored them.

But Microsoft is on the secure side, because you confirmed the terms -- and not many judges in the world will blame Microsoft in this situation, even when you argue, that you haven't read the terms. When you sign an other contract, you also can not argue, you haven't read the terms (even when they are in very small letters).

[Silhouette]

When you sign an other contract, you also can not argue, you haven't read the terms (even when they are in very small letters).

Sure you can. And if it's a contract of adhesion between a business and a consumer where the terms are unreasonably loaded in favour of the business, you might actually win, too.

(I am not a lawyer, your jurisdiction may vary, etc. I have however worked with real lawyers on real terms and conditions documents, and have been consistently advised that it's preferable to avoid surprising terms and that if any do need to go in then they should be early and prominent to maximise the chance of them standing up if anything ever got to court.)

[PythonicAlpha]

Sure, you can try with any contract -- and go to trial.

But I have seen worse contracts and the companies are coming threw with it most of the time, but maybe in your country the juristic system is better and not the size of the company or the number of lawyers are important.

I for my side, would not bet on winning a trial against Microsoft in such a case.

[Silhouette]

In reality it probably wouldn't be an individual customer against Microsoft anyway. It would be someone like the national data protection regulator or European authorities, acting on behalf of the population as a whole, and they would probably be looking at the actual behaviour of Microsoft and whether it violated data protection laws. If Microsoft attempted to argue that weasel words in their terms permitted their behaviour but the evidence showed that in the real world users didn't know or understand the implications, I doubt that would work out very well for Microsoft. Those authorities are generally more pro-privacy than the US, and they have handed serious financial penalties to big tech companies before.

[Lawtonfogle]

Uninformed consent is not consent. This needs to be applied to the business world and all other legal contracts.

[PythonicAlpha]

You are right. But I have seen so many cases, where companies come away with it.

This is something, that definitively should be changed in our legal systems, but they are far from perfect, even when there are sometimes some honorable judges around (much to seldom in my country!).

[RaleyField]

> Uninformed consent is not consent.

Better way of arguing for your point would be to say that you cannot consent if you are uninformed, but if you were presented with the privacy statement then whose fault is it that you are uninformed and still went ahead agreeing to something you don't understand. Do you also take candies from strangers? I don't think what Microsoft is doing is ethical, but then I think it would be much more unethical for us to take Microsoft's right to free speech. I think you are arguing for nanny state.

[Lawtonfogle]

>whose fault is it that you are uninformed and still went ahead agreeing to something you don't understand.

There is no practical way for the average person to have a significant enough understanding of privacy policies due to the wordings and the 'as provided by law' type clauses that require understanding of even more complex documents (and possible even court cases). That people agree to it anyways is because it cuts one out of so much to not agree to privacy policies. Even going to the doctor involves a policy that includes 'as allowed by law' that makes it very difficult for anyone other than a specialized lawyer to understand.

Microsoft knows that people aren't understanding this and using it to their advantage. A ban on taking advantage of this is no more a nanny state than already existing bans on many cons and scams (those that don't rely on lying but on confusion and misleading others). For example, I can't hand out checks for $100 that include really nasty terms of repayment ($200 due in one month, else I get to seize any items I wish from your possession). This isn't a ban on any freedom of my own except my freedom to take advantage of others.

To relate it to your example of taking candies form strangers, if I'm handing out bad candies and someone else is eating them, who is at fault? Even if they should know better (which with these being complex legal candies that means most people shouldn't know better) I'm still at fault for handing out bad candies.