Newsletter - sign up here
Search Webster
Webster's pieces from The Oldie
Webster's Webwatch

Terms and Conditions

November 2015

If you bought a washing machine that caused a catastrophe (flood, fire, trouser damage) because it was badly engineered, you’d expect to be able to force some recompense from the makers.  What’s more, they would expect you to succeed, and so they might try a bit harder to make sure their machine works well, if used properly.

Therefore, you would be astonished, if, just before you paid for it, you were asked to sign a long legal agreement in which you absolve the makers of any liability no matter what happens, including any disasters caused by their faulty design. 

In fact, you wouldn’t just be astonished, you’d be appalled, but that is exactly what you are doing when you tick the “I’ve read the Terms and Conditions” box on new software.   Even the biggest companies do it.  For example, Apple’s standard Terms and Conditions run to over 20,000 words and attempt to render the company untouchable; they even include a clause in which you indemnify Apple against any action it suffers as a result of your use of their software.   If you don’t sign it, you can’t use it. Click here to read the full thing, if you dare.

This can’t go on.  More and more, our lives are becoming entwined with computers in one way or another; they are in cars, mobile phones, washing machines, central heating, televisions, medical equipment and even some lawnmowers.  Add the possibility of these computers being connected to some sort of network (all they would need is access to a mobile phone signal) and the opportunities for exploiting flaws in software are huge. 

There have already been a few examples of what might happen; it was recently demonstrated how computers could remotely take control of a Jeep, and drive it.  In that case the hackers manipulated a weakness in the car’s software; that’s now fixed, but it had been known about for months before anyone did anything about it.  Indeed, manufacturers are sometimes reluctant even to admit the problem; when Volkswagen was contacted by academics to point out a similar flaw, it responded with lawyers, not gratitude.

If that seems a bit far-fetched, far more likely is the threat of simple extortion.  “Ransom-ware” attacks are becoming more common, using flaws in common software on ordinary computers.  It simply invades the system and locks it solid until you pay a ransom.  There is no reason why this sort of trick can’t be played on cars; modern vehicles, especially expensive ones, increasingly resemble computers on wheels.  Imagine how you would feel if you had to pay £100 to start your car. 

There are solutions, but they depend, firstly, on software manufacturers acknowledging their fallibility and acting quickly when shortcomings are exposed.  Google set a good example: they offer financial rewards if you can find a hole in their programmes.

Secondly, designers of software need to be liable for the consequences of their work, just as washing machine makers are; they should not hide behind acres of legal nonsense.  That won’t wash anymore; perhaps it made some sense in the early days of computing, when we were all feeling our way to some extent, but not nowadays. Designers need to be ready to accept that if their software proves to be inadequate and causes difficulties, they are at risk of being successfully sued.

I remember the comedian Eddie Izzard suggesting that, as well as the YES and NO boxes, software licences should have a third tick box that says “OF COURSE I haven’t read them”.  We need to be able to trust the designers to get it right, and for them to suffer the consequences if they get it wrong, whether or not we’ve read some dense, 20,000 word document.

It’s not much to ask in return for our money.