[kelthan]

Automatically opting-in customers to a more restrictive TOS is pretty suspect, especially given the timing. IANAL, but I'm pretty sure that a court would not allow that, given that the TOS was changed AFTER the breach and it's pretty clear that the company is trying to avoid legal issues after-the-fact.

I would expect the court would evaluate any breach under the TOS that was in effect at the time of the breach, rather than under a new (and arguably suspect one) that was put in place after it, arguably in an attempt to "rewrite history".

[everforward]

They ought to be evaluated as if no TOS exists. Given the clear intent to defraud customers by misrepresenting the contract they were bound by, the claims should be evaluated under the TOS most favorable to the plaintiffs. The most favorable TOS is the one that's invalid because 23andMe didn't get anyone to actually agree, ergo the claims are evaluated as if no TOS exists.

This is an attempt to undermine consumer protection laws, and the government should treat it as a direct attack. Other companies are watching. The government needs to send a clear message that this won't be tolerated before it spreads, becomes the status quo, and leaves many consumers believing that they don't have any rights or protections.

The head of legal should also be disbarred under American Bar Association rule 1.2(d):

> (d) A lawyer shall not counsel a client to engage, or assist a client, in conduct that the lawyer knows is criminal or fraudulent, but a lawyer may discuss the legal consequences of any proposed course of conduct with a client and may counsel or assist a client to make a good faith effort to determine the validity, scope, meaning or application of the law.

This reads as clear contract fraud in the factum [1]. Customers are told that they're bound by new contract terms, despite that 23andMe never got agreement, nor tried to get agreement, nor even know whether customers have read the new contract. I can't fathom any other reasonable interpretation of the situation. They created a fraudulent contract hoping to confuse other entrants to prior versions of the contract, and intend to benefit from that confusion. It seems clear to me. They are attempting to undermine the legal system, and the ABA needs to deal out swift punishment as one of the protectors of that system.

1: https://en.wikipedia.org/wiki/Fraud_in_the_factum

[blagie]

> ABA needs to deal out swift punishment as one of the protectors of that system.

This is part of the legal system. It shouldn't be, but it is. If you can toss a hundred issues the other party has to refute, you drive up legal costs to where litigation is no longer practical. The other side loses by default of not being able to afford litigation.

The ABA is, indeed, one of the protectors of the legal system, and have no vested interested in undermining it. The system means their constituents, lawyers, make more money.

Footnote: The mistake you made is that 23andme isn't undermining the legal system, but rather, justice. The two are not the same.

[everforward]

> This is part of the legal system. It shouldn't be, but it is. If you can toss a hundred issues the other party has to refute, you drive up legal costs to where litigation is no longer practical. The other side loses by default of not being able to afford litigation.

You can very much be slapped by the judge and/or the ABA for doing that. I think there's certainly an argument that the bounds on a frivolous claim/motion are too narrow and/or the penalties are too low, but there are mechanisms to prevent that. From Livingston v Adirondack Beverage Company (1998)[1], a frivolous claim/motion occurs when:

> (1) "the 'factual contentions are clearly baseless,' such as when allegations are the product of delusion or fantasy;" or (2) "the claim is 'based on an indisputably meritless legal theory.'"

From there, the court can dismiss the case or order the offending party to pay reasonable expenses to the defense. The court can also sanction the offending lawyer, penalties vary by jurisdiction. In Federal court, this is governed by Federal Rule of Civil Procedure 11. There aren't any hard limits on the court's power to sanction lawyers in there; it's whatever they think will deter the behavior. A quick search showed sanctions under Rule 11 reaching up into the millions, though commonly much lower.

> The ABA is, indeed, one of the protectors of the legal system, and have no vested interested in undermining it. The system means their constituents, lawyers, make more money.

I'm dubious that they are stupid enough to think that, and it does not line up with what I know from the lawyers I know/have known. The ABA has an incredibly privileged position that they can really only maintain through self-regulation. It's a private group that regulates who can represent people in public court; their position is tenuous to start with.

I think of late they may be over-emphasizing a lawyer's duty to vigorously defend their client to the detriment of some of the other ethical rules. I can see how they get there; of course as a defendant you want your lawyer to do everything to protect you, even if it might be a tad shady.

Perhaps the courts need to fire a warning shot that the ABA needs to course correct. I truly doubt the ABA is stupid enough to try to buck the judicial system. They are and always have been subservient to the courts. Watch a lawyer get chewed out by a judge sometime; they just have to sit there, take it, and say "yes, your honor" at the right time (god forbid you forget the honorific while getting chewed out).

> Footnote: The mistake you made is that 23andme isn't undermining the legal system, but rather, justice. The two are not the same.

The legal system purports to be an implementation of justice. The two are not separable, at least not without the legal system committing ritual suicide by telling the public that the two are separate. I'm not arguing that our legal system is just, but rather that they purport to be and that external appearance is integral to their legitimacy.

Openly acknowledging that the legal system isn't interested in justice would be a huge blow to their public support, which is effectively the only power they have. A populace that doesn't believe the legal system is just might as well just hand those powers over to the executive. It won't be just either, but it'll be swifter.

1: https://caselaw.findlaw.com/court/us-2nd-circuit/1286266.htm...

[blagie]

> You can very much be slapped by the judge and/or the ABA for doing that.

You can. The bar is very, very high. It's adequate to have a fig leaf of plausibility.

> In Federal court, this is governed by Federal Rule of Civil Procedure 11.

I am most concerned about lower courts, and especially the lowest of the low. Go into a family court at some point, and see the lawyers lying and throwing around allegations they know to be false.

> Perhaps the courts need to fire a warning shot that the ABA needs to course correct

They very much need to do this.

> I truly doubt the ABA is stupid enough to try to buck the judicial system

I think there is a mistake here:

1) Judges are mostly lawyers and in ABA culture. It's not clear they'd want to buck the system.

2) There is no plausible alternative. The populace won't hand those powers over to the executive, since we have a constitution (and we're all indoctrinated into separation of powers since little kids, and even so, it's a good idea even with corruption in the judicial). The ABA's position is secure. For the ABA (not an individual lawyer) to be scared, there would need to be a plausible threat.

3) Being corrupt is the opposite of "openly acknowledging." By far the best thing we can do to address corruption is to openly acknowledge it, and then when things don't improve, to point fingers at the bottlenecks.

[bertil]

I’m curious if their lawyer has a defense in saying that they advised against it, but were told to try it anyway.

I’m even more curious if the change of ToS alone could be grounds for a trial, even a class action—making the risk not even worth the try.

Even harder to swallow: discover that the lawyers using the class action got hold of the data from the leak and used that in their marketing.

[underlipton]

There should a (modern version of a) letter-writing campaign to pressure the government to take this seriously. The literal core of one's being is on the line.

[throwaway092323]

They probably know that it doesn't hold water legally. The hope is to victim blame as much as possible so that fewer people sue them in the first place. The next step will be to "remind" people about the TOS that they totally agreed to.

[dylan604]

This looks like a perfect class action case. There's really no physical harm or financial harm to the users, but a class action might be the only way for it to hurt. But IANAL, and probably have it all wrong in my head???

[underwater]

Why is it that in the US individuals have to band together and privately launch a class action to stop these types of parasitic behaviours. The government is supposed to represent the interests of citizens.

[alistairSH]

That's exactly why - we have a largely dysfunctional federal government (and most state governments aren't much better).

The biggest downside is the lawyers take a massive chunk of any award and the actual victims are often left with very little. Or, even worse, the victims get worthless coupons (like with many credit/PII breaches - the award will be 1-year of credit monitoring from the company that allowed the breach in the first place).

[BrandoElFollito]

This credit score system in the US always made me curious. Say some point I had a proposition to move to the US and I asked the company offering the job how they will ensure that I immediately get the best possible score. They said it was not possible because it was a personal score.

I told them that I will certainly not start to build a credit score at 40 yo so they will have to find someone else.

[listenallyall]

You refused a job because the company would not assist you in obtaining a perfect ("best possible") credit score?

a) nobody has a perfect score b) FICO algorithms are proprietary from third-party companies, how would your potential employer have any influence?

[aamoyg]

I thought our government was dysfunctional on purpose?

[dylan604]

working as intended. won't fix. <closes ticket>

[wharvle]

1) Common law versus civil law. We rely a lot more on private lawsuits than on regulator action. This is probably a mistake, given that it sure looks like it adds costs to common law countries with little to no benefit (and, arguably, harm) but it’s what we have.

2) The consumer protection laws we do have, and the bodies to enforce them, are relatively weak and enforcement is spotty at best. The most recent serious attempt to kinda fix this is the formation of the CFPB, and one of our two relevant political parties deliberately prevents it from working when they hold the White House (sample size of one, admittedly) and has been trying to totally kill it, in the legislature or (better, because it’s popular and this is deniable) in the courts.

[mistrial9]

> consumer protection laws we do have, and the bodies to enforce them, are relatively weak

IANL - however, in the US and in US States, many serious cases have been decided in favor of the consumer, over decades. It is the most recent waves of privacy versus ad revenue that are indeed, very weak. It is awkward to defend these regulators since their failures are sometimes glaring, however it is my impression that serious settlements against industry can have silence or "gag orders" attached, and they often do. The industry lawyers can argue that the news of the settlement alone constitutes additional commercial damage to the company, and of course they are right in a narrow sense.

[zlg_codes]

> The government is supposed to represent the interests of citizens.

I'm not sure that's ever happened in this country. They pay all sorts of lip service, but when challenged or under pressure, the US makes a lot of excuses for leaving its own people behind.

Thankfully we can repay that favor and see how they like it when there's nobody left to defend them.

[listenallyall]

Who is "we" and "them" in your statement?

[losteric]

It's not true that individuals need to band together. A single individual can kick off a class action lawsuit, private litigators can even kick start a lawsuit themselves (though ultimately the lawsuit will bring in impacted individuals).

The idea of private litigators is to complement the innate limitations of federal/state lawyers, by offering profit as an incentive.

Ideally yeah Americans would have stronger laws around TOS, customer privacy, data handling and security, and robustly funded state lawyers... but we don't.

Practically speaking, such gaps are not unique to technology. Every industry has this same problem, and your awareness of those problems is reflective of the general public's political engagement with this thread's topic. So having gaps that private litigators address is really quite normal and part of the incremental progress of legislation and state enforcement.

[dylan604]

Lobbying. Citizens United. Disinterested populace.

Do you need a longer list?

[tacocataco]

First Past The Post voting discouraging competition in the electoral system.

[lp0_on_fire]

Exactly. Same reason construction vehicles have "Stay back 200 feet: not responsible for broken windshields" written on the back.

[constantly]

Yep. A small tangent for anyone who has seen these: they’re very clearly not specifically enforceable. I got a window banged up by things falling off a truck with this signage, and the first thing they said when I called their “How Am I Driving” number the first thing they said was that they were not responsible citing this sign. Fortunately that sign was non binding. :)

[jstarfish]

Georgia (state) takes it a step further. They wrote an exemption to the license plate law that allows dump truck owners to display the plate only on the front of the vehicle. Makes it that much harder to hold them accountable.

[sonicanatidae]

Its like they don't know drivers and their willingness to make "for damn sure" the other side is made aware of their displeasure. lol

[lelandfe]

“If you can read this bumper sticker, the occupants of your vehicle agree to…”

[Rayhem]

"Private sign, DO NOT READ"

[eweise]

At least in California, its illegal for anything to fall from a vehicle except water and bird feathers so not sure how that sign help them.

[eshack94]

If I'm not mistaken, that's the point the person above you was making. Those stickers on dump trucks that say "Stay back 200 feet. Not responsible for broken windshields" are worthless from a legal perspective.

They do absolutely nothing to remove liability from the truck driver/company. If a rock falls from their truck and cracks your windshield, they absolutely are responsible for any damages.

Rather, their sole value is to convince drivers that the trucking companies aren't at fault, so that drivers whose vehicles are damaged from falling rocks erroneously elect not to press charges or pursue damages.

[dexterdog]

Isn't their sole value to keep most people back far enough so they don't get their windshields broken?

[eshack94]

Actually yeah, you're probably right. That's probably their main value followed by what I commented originally (in the case drivers aren't far enough back and get hit by a rock).

[ironick09]

i’m guessing you have a problem with signs that say “danger, do not enter” as well

[listenallyall]

Such a lawsuit, if one was filed, would be in civil court, where nothing is guaranteed. If, in the unlikely case that the suit was not settled and it actually went to jury, no judge would direct that jury that truckers "absolutely are responsible for any damages."

If you are tailgating directly behind a rock truck with a big sign "stay back 200 feet" for an extended period of time, or end up right behind the truck because you're in a big hurry, or because you thought you could squeeze through an empty lane, a good lawyer could absolutely argue, successfully, that you are at least halfway responsible for the damage, if not 100%.

[eweise]

I disagree. Likely this type of suite would be handled in small claims court so there is no jury and no lawyers. Also, the law is really clear. There is no scenario where trucks are allowed to spill stuff on the road. The only argument they might try is to say that the rock didn't come from the truck but was kicked up off the road as they drove. But you know, that's probably not going to work if the truck was indeed carrying rocks. I think you might be giving lawyers too much credit. Really all they will do, is make it so painful for you to get in front of a judge, that you give up.

[padjo]

The point being that while it’s not at all enforceable there’s a non zero number of people who will think it is and not fight it

[quickthrower2]

What about fallen leaves?

[chihuahua]

Straight to jail!

[quickthrower2]

Or at least probable cause for a search :-)

[dotnet00]

or the "Warranty void if removed" stickers on electronics, which are not legally enforceable in the US.

[arwhatever]

“Not responsible for black eye if something falls from your vehicle and damages my vehicle.”

[andrei_says_]

Except that the truck driver has zero fault for the gravel on the road and the spacing between the tires and the mud guard of the truck his employer maintains.

Or did you mean you’d seek out the ceo of the truck company and give them a black eye?

[wongarsu]

If it's gravel they are transporting it's obviously their fault, it's the responsibility of the driver to secure the load (with some blame falling on truck companies for providing insufficient equipment).

If it's random gravel from the road it's more understandable. But even then the driver is very much responsible for the mud guards on the truck they are operating, just as the police would write a ticket to the driver for worn down tires or broken lights.

[andrei_says_]

But are they “a punch in the face”-responsible?

I lived in Boston for a while. Cracked windshields were extremely common. No one was ever upset at another person.

[93po]

A driver has a legal obligation to not drive a vehicle that is spreading debris on the road, which they are often doing and that debris often comes from their construction sites. There are places that use track washing stations at entrances and exits to prevent this.

[sithlord]

This is usually related to drivers who do not use the cover of their truck they are legally supposed to. So rocks fly out the top.

[londons_explore]

And usually because the truck is over full too. For almost any load, if you fill the truck to the brim you have overloaded it. (Unless you're moving styrofoam)

[Tempest1981]

Or dump trucks, which leak out the seams as they go over bumps

[whaleofatw2022]

Or smaller contractor type trucks with tools in them.

Ever have to dodge an axe at 35MPH? Not fun.

[arcanemachiner]

Also mud flaps

[candiddevmike]

Does this apply to shopping carts in parking lots?

[batch12]

I wish a class action could include those of us who have never used their service, but whose relatives have.

[thereddaikon]

And just because a TOS says something doesn't mean it will necessarily hold up in court. They aren't law.

[kelthan]

Right. Also, the practice of having a sticker on a shrink-wrapped box of software that read "By opening this package you agree to the Terms of Service contained within", where the TOS was inside the box that you needed to open the package to read, was deemed unenforceable back in the 90's. It's the reason that TOS' are now displayed as a pop-up during installation. Not that many more people actually read them before installing the software, but at least they are given the option to.

I suspect that a competent lawyer could fairly easily argue that this "automatic opt-in" is the same thing in a slightly different format.

[d3w4s9]

"a court would not allow that"

I don't know where you have been the last few years, but I am pretty sure things like that happen all the time, based on the emails I received regarding ToS updates. And I have never heard any company got into trouble in court. Maybe public opinion, but that's it.

[smcl]

I'd say it's more than suspect, what's the point of agreeing to a terms of service if they can change after you agree to them?

[huytersd]

They usually put that exact thing into the ToS. The right to change it at any time.

[wongarsu]

Just because they write that doesn't make it legally enforceable. You can't agree to terms you don't know. Which is why many services will haunt you to explicitly agree to the new ToS when you next log in.

And even if you click agree there are legal questions about how much that can change about your past relationship, and what kind of changes you can legally make.

[smcl]

Ahh ok this sounds like a thing that’s OK in the USA but not EU :-/

[raphman]

Indeed.

> "Besides the general requirements of 'good faith' and 'balance', the EU rules contain a list of specific contract terms that may be judged unfair.

> Here are some situations where contract terms may be judged unfair under EU rules:

> [...]

> - Terms which allow you to alter a contract unilaterally unless the contract states a valid reason for doing so."

https://europa.eu/youreurope/business/dealing-with-customers...

[smcl]

Ahh ok this sounds like a thing that’s OK in the USA but not EU :-/

NOTE: instead of downvoting as a knee-jerk defense of USA, just reflect on whether you'd benefit from some slightly better consumer protection laws.

[smcl]

NOTE: instead of downvoting as a knee-jerk defense of USA, just reflect on whether you'd benefit from some slightly better consumer protection laws.

[dannyw]

Federal Arbitration Act severely, and nearly completely, ties courts hands around throwing out binding arbitrations.

Of course, if people don’t accept the new terms, they are still bound by the one ones. But if you don’t opt out…

[kelthan]

But having the company update a TOS that automatically removes rights from the consumer, after the consumer already agreed to a TOS that didn't previously restrict those rights is likely not going to hold up in court, either. Especially when the TOS changes were made after an event likely to trigger litigation.

This isn't a case of a minor change to consumer rights in the TOS like changing who would arbitrate a case. It's a significant restrictive change to the rights of the customer in favor of the company. And it was made after a security breach that affected a huge portion of the companies clients which is likely to trigger lawsuits of the form that the TOS now seeks to restrict.

This is clearly a case of attempting to close the barn door after the horse was spotted in the next county over.

[BobaFloutist]

The good news is binding arbitration has some significant downsides for corporations - look up "mass arbitration".

[lozenge]

> IANAL, but I'm pretty sure that a court would not allow that

You and a lot of the people who replied to you seem to be confusing what is unjust with what is illegal. You can't use one to deduce the other.

[baryphonic]

Cornell's law school has a pretty good guide to these "adhesion contracts" such as web TOS.[0] This alteration strikes me (IANAL) as running the risk of being unconscionable. If the contract change is unconscionable, then the new terms mandating binding arbitration are void.

Again, IANAL. Just my opinion as a citizen, not legal advice. Seek competent legal advice before taking legal action.

[0] https://www.law.cornell.edu/wex/adhesion_contract_(contract_...

[jalapenos]

Have they ever implied this would apply to accrued causes of action though?

Would like a laywer to correct me if wrong, but these terms would only apply to any future events, not to the hacks that happened under the previous terms, for which they've already accrued the right to sue in a court (or whatever those terms said) regarding that hack, and 23andMe hasn't really implied otherwise just by updating its terms?

If they wanted that, they'd have to have explicitly included language like "by continuing to use our services after this notice, you covenant not to sue in court for any prior causes of action" or the like?

[Affric]

Yep. Having defended contracts that legally the company could novate the circumstances that lead to the notation had to be either outside of our control with a third party changing our underlying costs or the first and second parties failing to agree a new contract and a standard contract that was already defined being put in place. This was later deemed unfair and the standard contract was made much cheaper. Ha!

My point being that in Australia my vibe is that this will be looked upon in a very negative light by courts and any regulators.

[gentleman11]

Any contract that can be changed at the whim of one party should automatically be invalid

[pbhjpbhj]

That should be a crime in itself. Looks a lot like fraud.

[wackycat]

Right! If this were a law rather than TOS it's the whole ex post facto situation.

[amelius]

What if they sell their entire business to a subsidiary?

[sonicanatidae]

I would like to think they will be nailed to the wall, but the current is that they will get a pittance fine, at best, before accepting their well earned bonuses.

I hate this timeline.