Adobe (and Other Un-named Offenders): I Expect Better

by Patricia McGinnis 0

Like millions of Internet users, I often useAdobe Flash®Player for viewing online videos. One day three weeksago, the familiar “update” screen appeared. I was encouraged by theassurance that “Updating takes under a minute on broadband – norestart is required.” I can’t imagine what got into me, except foranalyst-type curiosity piqued by my ongoing research in personaldata privacy. When I came to the box to click indicating “I haveread and agree to the terms of the Flash Player License Agreement”with a link “Read the license here,” I decided to click on the linkand read the license.

Uh-oh.

Forget the “updating in under a minute” part….it took Firefoxseveral minutes (on our office high-speed line) just to downloadand display the 3.3M PDF containing the license agreement. Thedocument is 280 pages, and contains “End User License Agreements”in 32 languages, meaning that my PC also had to load multipleforeign script fonts in order to display it.

OK, I found the seven pages in dense, legalese English, but no wayto signify that I accepted only the English version, nor any way toconfirm that the remaining 271 pages contained exactly the samelicense terms, only translated. Several provisions of the “End UserLicense Agreement” were explicitly subject to the terms of twoadditional documents, the “Privacy Policy” and the “Terms of Use,”each referenced by embedded links.

I won’t bore you (or perhaps alarm you) with the details, but itseems the “Online Privacy Policy” describes policy for the Adobewebsite, rather than the privacy policies embedded in the operationof their software after it has been downloaded. Given numerousexclusions for third party tools, offline activities, etc., Iconclude that I have no idea what Flash Player copies or sends orsaves, nor where or for whom, when it runs on my machine.

Similarly, I followed the link to find the “Terms of Use,” whichextends or supersedes the license agreement in some cases. Thatexcursion produced six more pages of even smaller print, dealingagain with all of the websites or online services of Adobe SystemsIncorporated. Once again, certain provisions incorporated”Additional Terms” for specific products, including Flash products,to be accessed by more clicks on still more menu items in asidebar.

Nearly 90 minutes later, I emerged in a frustrated fog. Havingwaded through at least four layers of linked and embeddeddocuments, I abandoned the effort to understand the terms for whichAdobe requires that I “read and agree to…” I tried, I really did,but in order to proceed, I would have to go back and falsely checkthat harmless-looking little box.

Perhaps before I upgrade again, Adobe will find a way to separateout the documents that relate to its various products. I presumeother users would also greatly appreciate a smoother path throughsomething less than 300 pages of multi-purpose boilerplate, inmultiple documents linked together.

It strikes me as a bad idea that lawyers are able to define theterms of the relationship between the provider and the consumer.Adobe is not alone among many “well-regarded” consumer brands, inoffering individuals virtually no chance to make informed,considered choices about the privacy risks that they face dailywhen they do, in fact, check that seductive little box andaccomplish their upgrade in 60 seconds or less.

For the record – why did I wait three weeks to prepare thiscommentary? In fact, I wrote a somewhat more detailed draft at thetime, and two weeks ago sent it to both Adobe’s privacy officer andto a media relations representative, with a request to discuss it.No response from either source.