Bette-Jo Hughes: Avoid the Click-Wrap Trap

February 4th, 2015

Avoid the Click-Wrap Trap

There is always talk about the potential and actual consequences of new, emerging technologies. In fact, it usually forms the basis of the discussion of these new technologies: – “can you believe how much cheaper/easier/faster things are going to be?”, or “don’t you think things will be more invasive/less secure/harder to regulate?” As important as it is to theorize and attempt to predict the effect of a quickly evolving world, it is equally important to recognize the changes that have happened so slowly, they might not have been noticed at all.

Let me use, as an example, contracts. In the paper-era a contract would have been physically printed, read and signed. Sneaking unfavourable or undiscussed terms into an agreement that is read and physically signed can be hard. Now, in the electronic age, contracts have grown to such length and complexity that it is hard to imagine online terms shorter than the length of the phone book. The fear, of course, is that hidden amidst the hundreds of pages and numerous links are terms that permit misuse (or perhaps simply unexpected use) of your data – whether that is your organizations’ data, or your own personal data.

For this reason, I have put together a few quick things to remember when entering into these “click-wrap” or “click-through” agreements.

  1. Remember that a click wrap agreement is still a contract, and should be treated and reviewed in the same, diligent way – for organizations this includes negotiating terms (you’d be surprised at the willingness of vendors to revise their standard wording).
  2. Know what will happen with your data, who will be able to use it, and for what reasons.
  3. There are no free lunches! If a service or app is free, it is likely that you are trading off your data or particular uses of your data for the service.
  4. When you buy a licence for the app or online service, you don’t necessarily own it. This means that things can be removed or changed without your approval. If this is the case, do you really want to hold business critical data, or important personal information here?
  5. “Delete” does not always mean forever…or even at all. Some services set out in their agreements that accounts can be deactivated, but not deleted, or that user data will be retained indefinitely. You should know how long your data will be retained before you provide it.
  6. Save or print off, and date a copy of the terms that you have agreed to. If you wouldn’t throw out your phone contract, or a vendor agreement, why not retain a copy of this contract too?

Remember that contracts and agreements should protect your interests. Don’t agree to terms that will put your data or your organization at risk. Over time vendors will get the message that control over our data is important, and we won’t simply hand it over for an app that will tell us the best place to find a free lunch.

Bette-Jo Hughes - Associate Deputy Minister and Government Chief Information Officer, Ministry of Technology, Innovation and Citizens' Services, Province of British Columbia

Bette-Jo has been the Chief Information Officer for the Province of British Columbia since October 2012. The Office of the Chief Information Officer (OCIO) plays a leadership role in promoting and guiding the management of government information as a strategic business asset, and supporting technology infrastructure as a key enabler of business transformation. Prior to […]