An Anonymous Coward writes:
Is it just me or have ISP (Internet Service Provider) terms and conditions gotten a lot more one-sided about what you can't do and what they can do?
I was considering switching to the new Vodafone Connect broadband and phone service as there are some nice discounts for existing Vodafone customers (and I've had enough of BT's high prices for FTTC) but reading through the text of their Acceptable Use Policy (AUP) has caused me to think again. I'm sure a lot of the text in the agreement is fairly standard, and to be honest it's been a while since I switched providers, but some of these terms seem rather overreaching. For example:
2.7. You must not use the Vodafone Connect Services to access, download, send, receive, store, distribute, transmit, upload or in any way deal with material or data that we deem:
i. to be offensive, threatening, defamatory, racist, abusive, harassing, invasive of privacy, obscene, harmful, indecent or menacing;
Those words cover one hell of a lot of territory... sorry, did you deem my use of the "H" word offensive? What if I'm in a private chat with a friend and he calls me a "####" so I tell him to "#### off"? Use your imagination, we could be covering offensive, abusive, obscene and indecent right there (if not more).
Further on there's a section titled "Actions we may take" (where "we" is Vodafone) and this one really got my attention:
[More after the break...]
4.1. We may, at our sole discretion, run manual or automatic systems and monitoring in order to ensure that you remain compliant with the terms of this AUP at all times (for example we may scan for open mail relays, or open proxy servers). By accessing the internet via our Vodafone Connect Services you are deemed to have granted us permission to access and monitor your computer systems and networks.
So just by using their service I've given permission for them to access and monitor all my systems and networks! Well, given that they bought Cable & Wireless they do have a history of working closely within the surveillance system. Funny though, that they deem it acceptable to "access and monitor" my systems when earlier in the AUP it states:
2.11. Without the explicit permission of the relevant operators you may not run "scanning" software which accesses remote machines, networks or other computer systems.
Of course, they've got the usual "we can change this document at any time without explicitly telling you, and continuing use of the service means you agreed to any new conditions we've set" (See section 1.3) and finally you better not ever get a virus (goodbye Windows users):
2.13.You must ensure that your computer systems and network are not configured in such a way that others are able to exploit them in order to disrupt the internet or any other third party network. This includes but is not limited to ensuring that your network cannot be exploited as an open mail relay, open proxy server, or as a component of a wider network used in denial, or distributed denial of service attacks by third parties.
EULAs, TOU, privacy policies, none of that crap means anything to me. As explained in other posts, I firewall, VPN, use anonymous non-logging DNS lookup, and go where I want, do what I want on the web. I can't scan ports? How about if I VPN to England, proxy to Russia, then to Hong Kong, and aggressively scan every IP address on my ISP's list? Whatcha gonna do about it? Maybe it would be fun to just hack in, and give EVERYONE triple the bandwidth that they pay for! Did I say triple? Let's go for several orders of magnitude - everyone gets 10 gigabit connections!
That would definitely blow some minds, don't you think?
These terms mean that Vodaphone can't be a common carrier and is now responsible for monitoring everything that goes over their pipes. I'm guessing these terms will last until somebody gets harassed through Vodaphone's network and sues.
You don't normally see this level of abuse in a ToS for a communications service in the US because it would cause them to lose their common carrier status and open themselves up to a whole world of liability for content that people send over their wire.
c/p from this very page on which we converse:
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
I thought they just got declared common carriers within the last year? And they were/are dead-set against it. Yet before that, nobody was suing them over content? In theory vs. in practice.
I'm not sure. The whole thing confuses me. Correct me if I'm wrong, please.
I'm somewhat confused here, I thought vodaphone had operations in the US, but apparently they're British, so this wouldn't apply. Although, the UK might have their own equivalent of common carrier status.