Can we apply this loophole to other online "services"....?
A man who blamed his girlfriend's five-year-old son for making loss-making trades in expensive natural resources through his online betting account is not bound by a term he agreed to on the bookmaker's website, the High Court has ruled. The term stated that an accountholder is deemed to have authorised all trading made under …
Can we apply this loophole to other online "services"....?
It's not a loophole but a legal right to negotiate individual terms in contracts. We frequently throw away this right everytime we "sign" a contract for something. it's why when something goes wrong the first thing people shout is "Unfair Terms & Conditions in Contracts" law.
There is no such legal right. Read the article, which explains it properly.
I'm afraid there is no "legal right to negotiate individual terms in contracts" if the other party doesn't wish to negotiate. We do not necessarily throw away such a "right" to individually negotiate terms when we "sign" - having not necessarily had one in the first place.
Actually I'm gobsmacked that a software program that allowed any user to book up tens of thousands of dollars didn't have a password. Those kinds of dollars, I'd expect a security token as well and a log out with inactivity
Unless the user let the browser remember the password. There should perhaps be stronger security than password/username, e.g. verification by response to mobile phone, or pin/bankcard validation used for online banking.
What we'll get next is a check box next to every clause in a contract agreement online, so rather than scrolling to the bottom accepting all of the above but not necessarily confirming that all is understood, we'll end up having to tick each individual clause.
But even then, the OFT has ruled that checking a box cannot be taken as automatic acceptance of a complex contract. *Especially* when websites use that as a step to prevent progression in a sequence of steps.
Doesn't matter. That wouldn't have saved the contract.
One of the tenets of the Unfair Contract Terms rules seems to be that you need to be able to negotiate, in order for it to be a fair contract. So whatever permission hoops they make you jump through don't help them.
To be fair, they have to be fair. This means that they can't use really broad terms, without reasonable exceptions. Or lumber you with unlimited liability, while accepting none themselves. If terms are one-sided, then they're likely to be struck down.
Also they have to be willing to negotiate. So all these Ts&Cs that you're given are likely to be unfair, because they're issued as a 'take-it-or-leave-it'. Whereas when you negotiate a contract between companies, both sides get to change what's in there.
Finally you can't get away with burying shit deep in the contract. If you write it in legalese, and the first ten paragraphs are definitions of terms, then you're pretty much guaranteeing that only lawyers will read it. So at that point, anything obvious will probably stand up in law. But if the court thinks that a term you've stuck in there isn't something the consumer would be expecting, then it's likely to get ruled unfair.
I'm no lawyer, but I've read a few reports of these types of cases from people who are.
One of the tenets of the Unfair Contract Terms rules seems to be that you need to be able to negotiate, in order for it to be a fair contract.
Not always. From the article, the requirement to negotiate apparently only applies to terms which might cause "a significant imbalance in the parties' rights and obligations arising under the contract, to the detriment of the consumer". So these Ts&Cs, for example, may be fine if the organization writing them has accepted a reasonable balance of liability.
I'd say a good rule of thumb is "don't draft a contract you wouldn't sign (as a consumer)."
Cheers for that. Looking back at my post I didn't put it very well, and was too definitive.
This seems to be one of those nice pieces of law, that basically seems to say, 'don't take the piss'. Which I approve of.
It would seem they could have avoided this by simple means of requiring the user to enter a password before each trade or after a certain time. Apple found this to their cost too.
Indeed. For example, Lloyds TSB's online banking requires you to enter your password again to confirm any transaction that debits your account. It's a pest but a good safeguard against exactly this sort of thing.
Entering a password before each trade would make the site unusable.
How long does it take a five year old to get to the computer? Probably a lot less time than it takes to go and make a cup of coffee.
Here's a novel idea. How about making the person who's account it is responsible for that account? If he leaves it logged in at his girlfriends then it is his responsibility.
I'm a member of multiple gambling sites (although not Spreadex) and every single one of them allows you to set a maximum amount you are prepared to lose over a period of time. You can change this but you have to enter your password to do so. This idiot obviously had his limit set to 50k+ or had it set to no limit. I have no sympathy for him. The court should have thrown his claim out.
> Lloyds TSB's online banking requires you to enter your password again...
Spreadex is not a bank. It is a gambling site.
My Rabo account makes you use a hard token to perform any sort of transaction including buying or selling funds. You fill out the transaction detail, then log onto a hard token, stab in some server generated code and then type the resulting number back into the transaction form. Makes it pretty hard for anybody to do anything without possession of a lot of info.
That said, I have an online account with a US trading firm where once you're in you're in. I haven't tried borrowing on margin or whatever to see if extra security is invoked but for regular trade tickets your login is good enough to see it filled. That said, the site throws you out quite quickly from inactivity and has other session checks.
Ok, that's a fair point. I guess trading is a lot more fast-paced than online banking.
Clearly he didn't take enough care of his computer's security, but also Spreadex allowed an authenticated session to persist for too long. The article suggests he left his machine at his girlfriend's and it was accessed in his absence. The logged-in session should have been dropped by Spreadex, surely?
I think both parties are guilty of lax security really.
Your Rabo account is a financial account. A Spreadex account is a gambling account.
> The logged-in session should have been dropped by Spreadex, surely?
The article does not specify how long it was between him leaving his girlfriends and the trades occurring.
The kid might well have gone onto the computer just as the idiot was leaving the girlfriends.
From within the gambling industry they are viewed as the lowest of the low, the ones who have already sold their grandmothers and would happily sell yours.
The whole spread betting business model is based upon you being able to lose an infinite amount of money very quickly and so bankrupt their customers.
Gambling industry doesn't pay high wages and have fancy offices in central London because you stand a chance of winning :)
Seems this guy has put a lot of thought and effort into getting away with his stupid choice of betting..
How long does it take to lock your screen (assuming you did not give the kid the password)?
"Entering a password before each trade would make the site unusable."
In which case Spreadex's business model is bad. If you can't engineer adequate security and failsafes into your site, your site shouldn't be dealing with large quantities of cash. Or any quantities, for that matter.
Same amount of time it takes to forget a lot of other important stuff because people are human and some of us, yourself obviously not included, make stupid human mistakes sometimes!
Or just maybe he made the duff trades himself and used the old "it wasn't me" line. I bet if the "kid" had made 50k worth of winning trades he would have kept quiet and pocketed the dosh ;-)
Whereas a bank is also a gambling establishment.
iIRC gambling establishments have similar rules to banks?
@The Indomitable Gall "In which case Spreadex's business model is bad."
I don't know about spread betting (I'm not that stupid), but your comment suggests that you don't know anything about trading platforms.
The main differentiators between top-line systems and those in lower tiers is speed: how recent are the prices, how low is the latency. Owners of trading platforms typically put in lots of expensive features to enable users to make trades quickly. Entering a password before every trade is out of the question.
> In which case Spreadex's business model is bad...
You obviously do not participate in live gambling. That is betting on a football/tennis/cricket match when it is playing, a horse race after the start or betting on a market during trading hours. In all of these the odds can fluctuate wildly in short time scales. In the couple of seconds it takes to enter your password the odds can change from 100/1 to 2/1 and you thus loose the opportunity.
Gambling sites force you log in before you place any bets. Most will time your session out if there is no activity after an hour or so. None of them will leave your session logged in indefinitely.
You, the customer, are expected to take reasonable precautions to protect your account. Leaving yourself logged in and letting a five year old play with it is unreasonable.
This idiots action might well result in all of us having to enter a password for every bet which will be a real pain. Especially since in the 3 hours between 14:00 and 17:00 I've made somewhere in the region of 200 to 300 bets.. If I have to enter my password every time then it will change from the long complex one it is now to a short simple one that can be easily and quickly entered on a keyboard.
Oh, what would small kids and cybercrooks do if not for the nice feature of "remember password" of most browsers :3
Unusable? For business purposes, perhaps. But given it's a gambling site, consumer law applies - the relevant statute being the Unfair Terms in Consumer Contracts Regulations. This looks at the fairness of key clauses, by assessing if any clauses impose excessively detrimental imbalances of obligations on one or other party. In this case the clause at issue was the one which said one did not have to confirm it was the consumer, who might be attempting to make a new contract each time he placed a trade.
The judges decided the fact they didn't confirm it was the consumer making a contract at each commissioned event, meant there was no contract at the key events in question: the requisite "meeting of minds", i.e. intention to be legally bound, required to make a contract binding, had not occurred. Ergo there was no contract, and he could not be bound.
You write "Here's a novel idea, How about making the person who's account it is responsible for that account? If he leaves it logged in at his girlfriends then it is his responsibility."
Yet that's exactly what the contract stated, and exactly what the judges found fault with.
English legal system 1: Shits 0.
Exactly! So it's set up for you to be able to lose as much money as possible! That's what these sites are for after all - to make money from gamblers.
I also wonder whether he would have tried to back out of the trades if they had been profit making?
I think I'll let my five year old play with my computer, then when she makes some losing bets I'll refuse to pay and if she happens to win I'll keep quiet about it.
It's a damn sound strategy. And now there's clear legal precedence, so it can't fail, can it? (all my legal knowledge comes from watching Harry's Law and Boston Legal...)
I just need to find someone's five year old to borrow while I make a series of outrageously risky trades and bets.
My two children can be borrowed for a small fee. We will call it reverse baby sitting.
You pay me a small fee and I will supply either a 2YO or a 4YO.
The 4YO is more computer literate but has a tenancy to drift to the cbeebies website. Maybe some pointers could be given to him before you leave the room. Something along the lines of "when I am out of the room don't click the big bid now button" (learned this from eBay - almost bought a drum kit )
That's all very well ukgnome. But do they know how to program my TiVo?
For an even more reasonable fee, I will lend you my cat. Never showed much of an aptitude for computers, until I caught him one click away from deleting all my files. I was very disappointed at the breakdown of our relationship (I had always provided a reasonable quantity of food and access to various facilities) and so was he, after I threw him in the pond. I now close the screen over my laptop, and am on the look-out for the signs of him developing opposable thumbs.
Yes, but they will get cheese spread over your remote control.
And blu-ray player
It fact I would go as far to say that even in the absence of cheese spread in your house my little angels would still manage it. Still it's a small price to pay considering they will save you 50K in gambling debts.
Putting a frigging password on your 'puter and then NOT telling anyone what it jeffing well is.
Especially around your current squeeze's child from her previous liaison with Satan.
Spawn of Satan indeed!
Agreed, I kept hearing about people sharing passwords (such as social networking or other type of account) with their current squeeze and then are surprised when after a split in the relationship the partner takes revenge on their account.
Don't share passwords, its more trouble than its worth.
Sorry, but I think he IS liable, not because of any clause, but because he was dumb enough to leave his laptop unlocked, with software open/running/unsecured that would cost him money....
But still I agree with the sentiment that a pass code should be needed to trade... or some other type of confirmation...
...that his girlfirend's 5-year old *really* made those trades?
I find it hard to believe that a five year could navigate such a site.
while I go and bone your Mum.
Really dumb think to do with gambling sites having 'keep me logged in' automatically ticked.
But without any way to really disable that then these things are gonna happen. Call of nature and the need to distract the little ones.
My 3 year old's pretty good at getting round websites and he can only just read. a 5yo would have no trouble. He's also really good at clicking on wildly random stuff that breaks things - which is why he has his own desktop account and I watch him like a hawk - a couple of close shaves with facebook and ebay taught me that in a real hurry!
It would need more than random clicking though. The kid would have had to enter the amounts of the bets in various boxes.
It depends on the circumstances. If he usually bet a fiver on the footie, then suddenly made a huge bet on gold, or if the bet was absurd (e.g. he bet the price of gold would double tomorrow) then he probably didn't make it.
But this is moot. Spreadex just said "we don't care who made the bet, give us the money". I guess Spreadex do have a pretty good idea of whether he did actually make the trade based on his history. Maybe that's why they didn't argue the point in court.
my 5yo has her own puppy linux P1 laptop, she is more than happy to find websites in "favourites". cbeebies, zoobleworld etc.
From what I make of the judgment it matters not who was alleged to have made the trades, the law says that the catch-all aspect of the contract is unfair, and in finding it unfair the court put the onus on the site owners to prove the account holder made each and every one of the trades, and they can not do it.
The sites business contract is flawed under UK law, the moral aspect of who did, or did not make the trades is a secondary issue, and not for the courts to judge.
Quote: From what I make of the judgment it matters not who was alleged to have made the trades, the law says that the catch-all aspect of the contract is unfair, and in finding it unfair the court put the onus on the site owners to prove the account holder made each and every one of the trades,and they can not do it.
Then they would be equally able to reclaim monies paid out to him on the same basis.
Besides which, if he allows a 5yo access to such accounts, he shouldn't even be allowed to internet access anyway. It's lying cheating scum like him who turned the internet from the sharing of information it was to the dumbed down lowest common denominator it is now.
He should have his laptop confiscated in my opinion.
I can't believe he got away with this.
systemd'oh! DNS lib underscore bug bites everyone's favorite init tool, blanks Netflix
Biting the hand that feeds IT © 1998–2017