Introduction
Standard contracts are written terms that regulate how consumers legally can use purchased products. DRMs on the other hand are technical measures that control how consumers de facto can make use of digital goods and services. Amongst other things, DRMs frequently enforce standard contract terms.

Both DRMs and standard terms are seldom open to individual negotiation – either the consumer accepts them or the consumer will have to take its business elsewhere. If consumers had a wide variety of easily comparable terms this would not be a problem. But as the situation is today, with opaque and often standardised conditions, consumers are facing insurmountable difficulties in obtaining fair terms. Even the legally trained consumer will have trouble getting a proper understanding of all the terms you meet in every day life.

Just like other business practises, standard terms and DRMs do not always stand up to legal scrutiny. In this article I will focus on DRM and contract terms consumers meet when purchasing music online. More specifically, I will look at some of the terms in iTunes Music Store (iTMS, iTunes) Terms of Service (ToS).

At the outset I would like to emphasise that these terms are not unique to iTunes. There are many other digital products where similar conditions apply: software, videogames, CDs, DVDs, etc.

A number of provisions in the iTMS Terms of Service are questionable both in relation to community and national law. I will focus on three terms which are of particular interest in relation to DRM:

  • iTMS ability to unilaterally change terms and conditions,
  • The limitations on liability, and
  • The limitations on interoperability.

Unilaterally change terms and conditions
According to iTunes Music Store Terms of Service, Apple reserves the right, at its sole discretion, to change the way customers can use downloaded material (iTMS 2006).

It says in article 20 that:
"iTunes reserves the right, at any time and from time to time, to update, revise, supplement, and otherwise modify this Agreement and to impose new or additional rules, policies, terms, or conditions on your use of the Service."

Furthermore, in article 9d it says that:
"[Y]ou acknowledge that you may no longer be able to use Products to the same extent as prior to such change or discontinuation [...]."

This entails that Apple reserves the right to unilaterally change the way a file can be used after the purchase. For instance, Apple could limit the number of times an iTMS file can be burned onto a CD. If you buy a music file on iTMS today you can burn a playlist 7 times. According to the ToS, Apple is entitled to limit the number of playlist you can burn from the same file tomorrow.

Amendments in the terms and conditions can be enforced by changing the DRM.

A study by Intertek (2005) found that although it would be technically challenging, it is possible to change the DRM on already downloaded material. Boing Boing, a tech news site, reported last year that iTunes Music Store has changed customers’ usage rights to material customers already had on their computer (Boing Boing 2005). By installing updates to the iTMS software, customers lost the ability to:

  • stream unlimited over the local network (down to 5 times per 24 hours),
  • stream over the internet,
  • burn a playlist 10 times (down to 7).

Changes might not be enforced by changing the DRM, but simply by amending the Terms of Use. According to the legal terms:
"It is your responsibility to check these Terms of Use periodically for changes."

If a costumer uses the file in a way which was allowed at the time of purchase, but is no longer permitted, the consumer is in breach of contract. The Terms of Service sets out a range of sanctions which iTMS can apply as they see fit.

Article 14a of the terms state that:
"If you fail, or iTunes suspects that you have failed, to comply with any of the provisions of this Agreement, […] iTunes, at its sole discretion, without notice to you may [my italics]: (i) terminate this Agreement and/or your Account […]; and/or (ii) terminate the license to the software; and/or (iii) preclude access to the Service (or any part thereof)."

This entails that the customer could be banned from iTMS at Apples sole discretion and without notice just because she failed to keep herself regularly updated on the Terms of Use.

The right to unilaterally change terms of contract is considered an unfair term according to Directive 93/13/EC (EU 1993) on unfair terms in consumer contracts. Consumers do not expect new terms and conditions being applied retroactively; if you buy a product today and you can use it in certain ways, you expect that you will be able to use the product in the same way tomorrow.
In the annex to the Unfair Terms Directive there is a non-exhaustive list of terms which may be regarded as unfair. Letter j is of particular interest here:
"enabling the seller or supplier to alter the terms of the contract unilaterally without a valid reason which is specified in the contract;"

Limitations on liability
Recent examples have shown that DRM systems can cause severe security risks. The copy-protection technology that has been used on some Sony BMG CDs, XCP, left consumers’ computers open to attacks (for more information on XCP see EFF 2006).

According to another tech news site, The Register, serious security flaws have recently been discovered in iTMS (Leyden 2006). iTunes Music Store, through its conditions, disclaims all liability for attacks on consumers’ computers, even if it is caused by security flaws in Apples DRM, Fairplay.

Article 18a (ii) of the Terms of Service says that:
"iTUNES DOES NOT REPRESENT OR GUARANTEE THAT THE SERVICE WILL BE FREE FROM LOSS, CORRUPTION, ATTACK, VIRUSES, INTERFERENCE, HACKING, OR OTHER SECURITY INTRUSION, AND iTUNES DISCLAIMS ANY LIABILITY RELATING THERETO." [The paragraph is for some reason all in capital letters in the iTMS Terms of Service].

This type of term is not specifically mentioned in the annex to the Unfair Terms Directive, but the list is not exhaustive. Consumer protection legislation in many Member States (the Nordic countries for instance) prohibit limitations on consumers' statutory right to damages.

Pursuant to the Norwegian Consumer Contract Act (2001) section 33, vendors are liable for damages caused by the purchased product. Contractual limitations on consumers’ right to damages are void. This law is not directly applicable when downloading music, but it is indicative of the fairness of the term. Consequently, this term should be considered unfair under the Unfair terms Directive.

Interoperability
Fairplay, the DRM used by iTMS, prevents the consumer from using other players than Apple’s iPod to play music purchased from iTunes.

The contract also limits which players can be used. Article 9 b states that:
"You shall be authorized to use the Products on up to five iTunes-authorised devices [my italics] at any time. […] You shall be able to store Products from up to five different Accounts on certain devices, such as an iPod [my italics], at a time."

The only portable player authorised by Fairplay is iPod. Thus, the contract only allows consumers to use iPod to play files downloaded from iTunes.

Consumers can easily get around this limitation. As the test (Intertek 2005) commissioned by BEUC shows, Fairplay can be erased and the file converted to MP3 format by burning a CD with iTunes files and then subsequently ripping them back to the computer.

If a consumer uses this method to make use of a different player, e.g. a Creative player, this would not be in accordance with the contract.

Tying the consumer to use a certain player, however, can be contrary to community and national legislation. Consumer law, competition law and even copyright law can be used to combat this type of business practise.

It has been discussed whether iTune's refusal to licence Fairplay to competitors could constitute an abuse of dominance contrary to article 82 of the EC Treaty. This is doubtful however; both because of the difficulty in establishing dominance and because of the European Court of Justice’ reluctance to impose mandatory licensing (see Reckon 2006).

Consumer protection rules could be an easier option. One could argue that contractual obligations tying iTunes customers to one specific portable player is unfair pursuant to the Unfair Terms Directive.

A French consumer group, UFC Que Choisir, has initiated legal proceedings against Apple, claiming that tying iTunes customers to use iPod and vice versa, is not in accordance with the French consumer code article 122 which says that:
"It is prohibited to refuse to sell a product, or supply a service, to a consumer without a legitimate reason, and to make the sale of a product subject to the purchase of a minimum quantity, or to the accompanying purchase of another product, or another service, as well as making the provision of a service subject to provision of another service, or to the purchase of a product."

Depending on national legislation, copyright law itself can be used to combat the lack of interoperability. Take for instance the Norwegian Copyright Act that implements Directive 2001/29/EC (the Copyright Directive). Circumventing effective technological measures is prohibited under section 53a of the Copyright Act. In the third paragraph there is an exception to the anti circumvention provision: effective technological measures can be circumvented to play legally acquired works on relevant players. According to some commentators this provision gives consumers the right to circumvent Fairplay in order to use other portable players than iPods (Vigmostad 2005). The Norwegian Consumer Ombudsman has consistently held that standard contractual terms limiting consumers’ statutory rights are unfair and void under the Norwegian Marketing Control Act (1972) section 9a .

A different question is whether Fairplay is protected under the Norwegian Copyright Act or the Copyright Directive at all. Both section 53a and article 6 of the Copyright Directive only protects effective technological measures. In the preparatory works to the Copyright Act, copy-protection on CDs that could be erased by simply writing with a pen on it was characterised as an ineffective protection measures. The copy-protection technology on files downloaded from iTunes is erased simply by burning a playlist. This is very easy to do and is permitted under the contract.
Having said that, making it easy to get around DRMs, and especially those that curtail competition, is a definitively a good thing for consumers and I would not like to see a more effective DRM being implemented in the future.

How do we deal with these kinds of terms?
The Unfair Terms Directive article 7 obliges Member States and other parties to the EEA (European Economic Area) agreement to have "adequate and effective means […] to prevent the continued use of unfair terms".

In the next paragraph of the article it says:
"The means referred to in paragraph 1 shall include provisions whereby persons or organizations […] may take action according to the national law concerned before the courts or before competent administrative bodies […] to prevent the continued use of such terms".

In Norway the Consumer Ombudsman deals with unfair contract terms. According to the Marketing Control Act Section 9a:
"Terms and conditions which are applied or are intended to be applied in the conduct of business with consumers can be prohibited if the terms and conditions are considered unfair".

Terms and conditions can mean both traditional written terms, but also technical ones like DRMs.

The Consumer Council of Norway has complained to the Consumer Ombudsman in order to get iTunes terms amended. The Consumer Council has also argued that certain aspects of the DRM Fairplay are unfair and should be amended (Consumer Council of Norway 2006; see also Singstad 2006)

Bottom line
To conclude, there are ways of combating the unfair use of DRMs with today’s legislation. However, the current legal regime does not fully take into account the unique characteristics of digital products. European and national consumer legislation focuses mainly on traditional tangible products bought in traditional ways.

Also, the Community legislation being proposed and adopted in this area predominately caters to business interests and does not take into consideration the dire consequences for consumers. Take for instance the Commission’s proposal on harmonisation of criminal measures on IPR infringements (EU 2005). According to article 3 of the proposal, intentional infringements of IPRs on a "commercial scale" must be treated as criminal offences. One of the justifications of the proposal was that the "[i]ncreasing use of the Internet enables pirated products to be distributed instantly around the globe". The Directive does not require a profit motive to apply. Thus, it seems that illegal file-sharing through P2P networks are covered by the Directive. Consequently, the proposal can potentially criminalise the technologically proficient youth of Europe. The Commission withdrew the original proposal for competency reasons. To our knowledge the Directive will be reissued in March without substantial amendments. For other examples of EU IPR initiatives where consumer considerations are absent, see Kutterer 2005.

As a response to the lack of public interest considerations in EU policy on IPR, BEUC launched a campaign for consumers’ digital rights in November 2005 (BEUC 2005). We believe that business interests are not the only ones which deserve protection in the digital environment. Our aim with the campaign is to raise awareness in this field both among policymakers and consumers and to promote a better legal framework for consumers.

Sources

About the author: Lars Grøndal is a legal advisor currently working for BEUC, the European Consumers’ Organisation. He is on a secondment from the Norwegian member, The Consumer Council of Norway. Contact: lars.grondal@beuc.org or lars.grondal@forbrukerradet.no

Status: first posted 23/02/06; licensed under Creative Commons
URL: http://www.indicare.org/tiki-read_article.php?articleId=177