Your Adobe Software May Be Phoning Home Without Your Knowledge

Increasingly, software publishers are looking for new tools and processes to assist them in their license-enforcement programs. While such efforts are understandable to a degree, they sometimes can include methods that are somewhat dubious at least from a customer-relations perspective, if not from a legal perspective. One provision from Adobe’s most recent end-user license terms provides a good example. (The full EULA is available here.)

Section 14 of the EULA includes the following language:

The Software may cause your Computer, without additional notice, automatically to connect to the Internet and to communicate with an Adobe website or Adobe domain for purposes including, but not limited to, license validation and providing you with additional information, features and functionality…Whenever the Software makes an Internet connection and communicates with an Adobe website, whether automatically or due to explicit user request, the Adobe Privacy Policy (http://www.adobe.com/misc/privacy.html) shall apply. Additionally, unless you are provided with Additional Terms of Use, the Adobe.com Terms of Use (http://www.adobe.com/misc/terms.html) shall apply.

It remains to be seen whether such terms will come to be commonplace among consumer-level software license agreements. However, even if they do become commonplace, that is remarkable language from a substantive,legal perspective. Simply by paying for a license and installing an Adobe software product (such as Photoshop or Acrobat), you are agreeing that the software may, at any time, and without your knowledge, connect to and communicate with an Adobe website. Once connected to that website, there is no meaningful limit stated in the EULA as to the kinds or quantity of information that may be reported to Adobe. Furthermore, by connecting to the website the software binds you to Adobe’s Privacy Policy and Terms of Use, both of which documents Adobe is free to amend unilaterally at any time.

Those terms raise a host of privacy-related concerns, especially for businesses that may store sensitive, personal information (such as the kinds of information covered by HIPAA, for example) on the same systems where the Adobe software is installed. Depending on the scope of Adobe software usage and on the architecture of affected IT systems, many businesses may want to consult with counsel to determine whether contemplated and ongoing use of Adobe products licensed under the above terms may be in conflict with relevant contractual or regulatory obligations. It also is important to keep those provisions in mind in the event of an audit, since Adobe previously may have received software-inventory information that could be in conflict with information reported during the audit.