Informed consent in information technology: Improving end user licence agreements

Information technology suffers from a distinct lack of care with respect to adequate informed consent procedures. Computer users are commonly asked to consent to various things that could threaten their personal identity, privacy, and property, yet little care is taken in assessing whether the consent is truly informed. Some software even takes advantage of the confusion rife in informed consent procedures in order to install otherwise unwanted software on users’ computers (such as adware or spyware). End user licence agreements (EULAs) are a common example of these poorinformed consent procedures, which have their basis in the inappropriate use of medical informed consent procedures, instead of being based on concepts that have been developed specifically for IT. In this paper, I outline some of the problems that need to be overcome in informed consent in IT, and present a more appropriate theory for informed consent (based on the Manson and O’Neill waiver of normative expectations theory). I will then look at some current and recent suggestions for improvements or practical implementations of mechanisms to deal with informed consent. Then, in the third section, I will firstly identify the normative expectations, establish a communication framework, and then suggest an agreement mechanism that greatly improves the potential for informed consent decisions for EULAs. Examples will be used to illustrate the process, but will not cover the details of the actual legal agreement. It will, instead, focus on delivering the content of this agreement in a way that improves the user experience and focuses on changing the approach for informed consent in EULAs. Finally, I demonstrate two models that show examples of practical implementation of these concepts and make some conclusions about their feasibility.