On Friday, I posted on Amazon’s new video download service, Amazon Unbox Video. Today, I want to head into the terms of use. My version of the printout runs 26 pages though only the first ten are actually about Unbox; the remaining pages relate to Microsoft’s .Net framework. Three characteristics stand out in the terms of use: phoning home to the Amazon mothership; remote destruction; and soft contractual rights. Consider these one by one.
Section 3 of the terms of use tells you that you need to install the Unbox video player and agree to the supplemental Microsoft license to use the new service. The video player “may operate on your Authorized Device continuously for a variety of reasons, including the management of your Digital Content.” The software will also access the Internet to check for software upgrades, and although the software will not upgrade without your consent, if you don’t upgrade your content may cease to function. So consent or else. And Amazon reserves the right to force upgrades if it believes doing so is necessary to protect Amazon or its content partners. Although “Amazon respects your privacy,” the service will provide information to Amazon so as to “manage rights associated with the Digital Content” including whether the content has been deleted or has been viewed.
I suspect my tone sounds a tad hostile but I don’t really mean it that way. For better or worse, this is exactly the design we should anticipate with digital rights management software and therein lies the central market conundrum for DRM. Indeed, I am surprised that folks are surprised by the design. It may be sensible for the law to validate DRM as it does in the Digital Millennium Copyright Act, as I have argued before, but that is a far cry from saying the consumers will embrace it. The law should facilitate sales of purple shirts with pink and yellow polka dots, but no one should buy them.
Given that Amazon intends to support both online sales and rentals, it either needs to implement built-in expiration or some sort of phoning home to the mothership. The rental structure contemplates a 24-hour window in which to watch the download and a 30 day period in which to start watching.
Section 3 also sets forth the remote destruction policy: “if you uninstall or otherwise remove the Software, your ability to view all Digital Content you have downloaded to the Authorized Device will immediately and automatically terminate and we reserve the right to delete all Digital Content from that Authorize Device without notice to you.” As Gus pointed out in his comment on my last post, this isn’t your father’s version of a sale. Old-school sales meant that when you purchase something you actually have it. Here even for “purchased” content, breaking off contact with the mothership forfeits the content.
The third item of interest is the soft contractual rights established by the terms of sale. By soft rights, I mean “rights” that you have until you are told that you don’t. In section 9 of the terms of sale, Amazon reserves its right to make an assortment of changes. Subsection c: “if Amazon changes any part of the Service ..., you acknowledge that you may not be able to access, view, or use Digital Content in the same manner as prior to such changes, and you agree that Amazon shall have no liability to you in such case.” Subsection d: “Amazon reserves the right to modify, suspend, or discontinue the service at any time without notice to you, and Amazon will not be liable to you should it exercise such rights.” Subsection e: “Amazon reserves the right to make changes to this Agreement at any time. Your continued use of the Service following any such changes will constitute your acceptance of such changes.” OK, we get it.
Put this way, all of this sounds extraordinarily one-sided, but I am not sure that that is completely right. We do see rights of this sort in other contexts. So if you look at the University of Chicago benefits package, there are certainly some rights which are of the form “you have this right unless we change our policy.” The point of the soft right is to preserve flexibility going forward and to try to ensure that past practices don’t create enormous legacy rights going forward. An intergenerational fail-safe or flexibility to address changed circumstances. At the same time, in actual cases, the right is probably enforceable against arbitrary manipulation (the difference between deciding particular cases and establishing general rules).
I don’t really do contracts for a living, so I don’t know if there have been cases litigating whether the soft rights are actually enforced as hard rights or whether the entities giving soft rights are able to sustain unilateral changes in those rights. (If you know of cases on that, please comment.)
Soft rights are not enforced then by the standard mechanisms of contract law, such as a lawsuit by the other party to the contract. Instead, soft rights are set by the market, meaning by competition with other providers and by what consumers are willing to accept. In the online service contract, soft rights ensure the service provider can evolve the service over time and be in the position of only offering one version of the service. The provider doesn’t want to have to support legacy versions of the service. The power to change the service so that one version is always being provided reduces the cost of providing the service and ensures that the provider can continuously make changes to the service. If competition is actually working, those changes should be in the joint interests of content producers, download service providers and user/consumers.
In many ways this is an unremarkable DRM contract. As I have noted in other work, phoning home may very well become ubiquitous. It is one of the distinctive features of the networked age. I don’t have a good sense of the pervasiveness of soft contractual rights but my guess is they are fairly widespread especially in online contracts. Connecting at a distance brings other possibilities, including the remote destruction that we see here. But that said, I don’t fully understand why Amazon believes that it needs to implement remote destruction of “purchased” content merely because someone exits the service.
There is clearly a question of notice to consumers here, as I believe that Cory Doctorow pointed out in a post on this. Amazon gave clear notice when it was selling copy-controlled CDs. I don’t think they are being as transparent in indicating the limitations of Unbox video downloads. I doubt that that is in Amazon’s long-term interest. It is too successful a company to want to taint its image in what for now at least is a sideshow business. I also suspect that we will work our way to a legal regime that will require better notice than Amazon is giving here.
Finally, DRM ultimately faces a market test: Will consumers buy the product? They clearly have purchased DVDs, subject to encryption, and Apple has obviously become the dominant seller of online content, notwithstanding its use of FairPlay DRM. Products have to offer substantial advantages to overcome consumer resistance to DRM, and it is clear to me, at least for now, that Amazon Unbox video is a long, long way from doing that.
First of all, there's something wrong with that CNET reporter if his favorite Star Trek episode is "For The World Is Hollow and I Have Touched the Sky." It's unwatchably awful, right up there with "Spock's Brain" and the one where Data builds a Mayan temple.
But putting that aside, I'm still not sure I agree that "[f]or better or worse, this is exactly the design we should anticipate with digital rights management software." The DRM envisioned by the EULA (who knows what's actually been implemented) seems to encompass at least three different types of controls: locks, monitoring, and automated self-help. Furthermore, it does all of these things in a thoroughly obfuscated way.
One could imagine a world in which one of these three sorts of controls was widely implemented and understood. One might even imagine a world in which content distributors could choose among those three controls at their option. But the technology here not only adopts all 3 controls at once, but is very cagey about how they are being implemented, and there are no likely alternative sources of consumer familiarity.
I.e., it's as if Hertz rented me a car that not only has monitors on my speed and location, but also has a block preventing acceleration above 75 mph, and also will automatically turn off if I make an illegal U-turn. That seems like overkill, but I may still agree to it as long as that's all that's going on. However, there's no guarantee that that's all that's going on: the agreement states that the car may contain all sorts of other controls that Hertz is not specifically telling me about and that I wouldn't have reason to know about otherwise (e.g., a hidden camera in the front seat filming me as I'm driving). There are purple shirts out there, and yellow-polka-dotted shirts, and pink-polka-dotted shirts, but there are very few purple shirts with pink and yellow polka dots sold in an opaque wrapper that does not let you see beforehand how ugly it looks.
There are reasons why the terms in the Unbox EULA are so open-ended and vague, of course. One is that the technologies and business models are in flux, and it is much easier to change either of those things than to pay lawyers (who are way too expensive, even for Amazon) to draft a new agreement. So you see the same thing here that you do with privacy policies -- announcements of what you call "soft rights" along the lines of, "Here, very generally, is what we are doing or may choose to do in the future, but we can choose to do something different at any time." (For privacy policies, at least a few district courts have held such policies can be enforceable contracts, but breaches of the promises have produced no recoverable damages. See, e.g., In re Jetblue Airways Corp. Privacy Litig., 379 F. Supp. 2d 299 (E.D.N.Y. 2005).) The consequences of being vague are thought to be minimal, while the consequences of being specific but wrong are catastrophic.
But unfortunately being vague about the features of the DRM just helps perpetuate the mistrust that led the distributor to be vague about the DRM in the first place.
Posted by: Bruce Boyden | September 13, 2006 at 04:21 PM
I believe that Prof. Picker's response is that "If competition is actually working, those changes should be in the joint interests of content producers, download service providers and user/consumers." And, while I do agree that we need to be wary of "soft rights," I also believe that this is a case that demonstrates the viability of this response.
Amazon Unbox has existed for less than a week, and discussion of the sort of problems created by soft rights has been seen in technical, legal, and mainstream news.
The current world is one of quick retaliation against online entities. Just look at Facebook, which last week introduced a new feature that raised the immediate ire of its user base--it took days for this to go from "new feature" to "mistake" to "textbook example" of how not to change policies.
The same ease with which we can copy music and movies that creates the need for DRM can also put a check on many abuses that it makes possible. Abuses of soft rights fall square in the sights of these checks--the service has yet to be around long enough for there to have been abuses, and it is already being scrutinized. So long as there is a legitimate need for future maleability, I think the market can and will tolerate such contracts.
We should also question how we expect Amazon to reshape these soft rights. Do we expect that they will reduce the already minimal set of rights? It seems just as likely that the rights could be upward-revised. Perhaps a year from now they change the service to allow a wider range of uses--and this change could be applied retrospectively. Typically we wouldn't expect a need for a contractual basis for this--no consumer would sue over being given more rights. But there could be technical reasons for the change in this case: changing rights might require changing software on your computer. More, as rights become more complicated, "more" and "less" can be blurred. Perhaps Amazon licenses Apple's DRM and starts only distributing iPod-compatible videos--to be benefit of most consumers but to the detriment of a few.
There might also be issues about updating the software to avoid bugs. Last week there was some discussion about Microsoft's response to holes in its DRM--it patched a bug that allowed users to bypass its DRM faster than it patches critical security holes. (Search Google News for "microsoft DRM patch"--the link is too long to fit in the comment.) That is interesting in itself. But its relevance here is whether a that type of software "problem" is a feature or a bug? If the software lets you bypass its controls, is that a right? I think that the courts would side with Amazon in a case like this no matter what--but the contractual language short-circuits a process that might otherwise take a trial to figure out.
That said, I am a proponent of distrust. And I am alarmed that Amazon's idea of a "sale" is contingent upon continued use of their service. I expect that there is a "technical" basis for this: the Unbox software manages the rights, and once you're off the Unbox wagon, Amazon has no way to manage (permit or deny) access to content.
This is where I have a problem with the soft rights. Imagine a counterfactual world in which I had both disposable income and free time (I seem to remember it--I think it was called "before law school"). In this world I've built up quite a collection of movies from Amazon. Now Amazon comes along and announces some new policy that I just don't want to live with. I face a hold-up situation: rejecting the changes costs me my entire movie collection, accepting it costs me the burden of living with it.
It seems that this is a case where we should prefer that Amazon be required to maintain legacy support for former customers, to allow them to maintain access their content. From a technical perspective this should be relatively painless--we just need to find a way to get Amazon to do it. Really, I would prefer the use of some (yet to be developed) third-party licensing authority. When Amazon sells you rights to a movie, you download the encrypted file, and Amazon sends this third-party a key that gives you access. But now I'm reengineering the industry.
--Gus
Posted by: Gus | September 13, 2006 at 09:11 PM
输送机
Posted by: 输送机 | September 15, 2006 at 03:41 AM
I wonder if anyone has done a comparison of DRM or other online enterprises and the credit card industry. The two have some interesting intersections. We have all received those mail inserts whereby our credit card company changes its agreement with the holder. There are generally opt-out possibilites (rather than opt-in) and the decision to opt-out doesn't actually cancel the card at that moment but generally provides that the holder cannot renew the card unless they accept the new changes. This provides credit card companies the ability to have a consistent card agreement with its holders (if delayed by a few months). Generally, these changes are subject to strict market pressures given the competitive nature of the credit card market. In that sense, all contractual rights are "soft" rights as defined by Prof. Picker in that when a given contractual right becomes too expensive to be maintained, the right disappears in less than a year. I do not have many conclusions to draw from this example, yet, but at least it proffers a strong example by analogy of the drm/online enterprise soft rights model.
Posted by: Ian | September 16, 2006 at 02:04 PM
Ian,
Yes, we talked about this at our faculty lunch on Wednesday. So the point should generalize to service contracts generally (credit cards being a good example) and also arises in employment relations (my U of C example in the post), where Eric Posner noted that the issue had been litigated regarding employment manuals. The differences here are the continuing conversion of products into services in the online world and the fact that past "products/services" are revocable (remote destruction by Amazon of the downloads). In most (?) service situations, the past services aren't revocable. Remote destruction means that the value subject to destruction grows with each download, so that the size of the bond, to draw on a different literature, grows over time.
Posted by: Randy Picker | September 16, 2006 at 04:00 PM
Prof. Picker,
I think I see your point. Remote destruction is no different than other distributive costs (e.g. querty keyboard and spreadsheet macros). By increasing the use of distributive cost models, businesses can protect themselves from competition by creating barriers to entry via those distributive costs. This creates huge first mover advantages. And perhaps, protecting this contract right (the right to destroy the product) may not be worth the cost in the loss of competition down the road. I guess the tradeoff would consist of the need to create incentives now to create this content/product and the desire to have competition with low barriers to entry in the future.
Posted by: Ian | September 19, 2006 at 03:59 PM