How Terms and Conditions are used to absolve responsibility

[2manycarls]

I don't understand how it's legal for any company - although I'm referring to online companies, businesses, and websites here - to deny accountability for the safety of their products or user information just by putting a disclaimer somewhere deep in their Terms and Conditions, and their only response to that is one of 'well, just don't use our services then.'

I've had my personal information stolen from multiple websites now, and they claim no responsibility for the information they force a person to use to participate in those services. For instance, I recently had my information stolen from a gaming website (XXX), which provides online games to download and play. They force a person to use a valid email to create an account in order to download and play their games. I tried one of their games, didn't like it, and shortly thereafter received an email notice from their site that my account information had been hacked by someone in Russia! I tried to reach out to the company, asking them to terminate my account, and never received a response. I tried to use a link in the email provided to unsubscribe to their emails (which they sent multiple, presumably anytime whoever hacked my account used it), but it's a broken link. I researched the website specifically, and it's widely known that the gaming accounts on their website are vulnerable (reddit thread where many people had their account information stolen), yet somehow, because of a simple two sentences of legal-ese buried deeply in their Terms and Conditions, they have no responsibility to the security of users' personal information.

How and why is this legal?

 

[quincy]

I don't understand how it's legal for any company - although I'm referring to online companies, businesses, and websites here - to deny accountability for the safety of their products or user information just by putting a disclaimer somewhere deep in their Terms and Conditions, and their only response to that is one of 'well, just don't use our services then.'

I've had my personal information stolen from multiple websites now, and they claim no responsibility for the information they force a person to use to participate in those services. For instance, I recently had my information stolen from a gaming website XXX, which provides online games to download and play. They force a person to use a valid email to create an account in order to download and play their games. I tried one of their games, didn't like it, and shortly thereafter received an email notice from their site that my account information had been hacked by someone in Russia! I tried to reach out to the company, asking them to terminate my account, and never received a response. I tried to use a link in the email provided to unsubscribe to their emails (which they sent multiple, presumably anytime whoever hacked my account used it), but it's a broken link. I researched the website specifically, and it's widely known that the gaming accounts on their website are vulnerable (reddit thread where many people had their account information stolen), yet somehow, because of a simple two sentences of legal-ese buried deeply in their Terms and Conditions, they have no responsibility to the security of users' personal information.

How and why is this legal?

What is the name of your state or, if not in the U.S., what is the name of your country?

Terms and conditions, and disclaimers, can mitigate damages in the event of a lawsuit. These do not (necessarily) absolve an online site of all responsibility should a legal action be filed.

The Communications Decency Act section 230 can also protect a website from a lawsuit.

 

[Just Blue]

I don't understand how it's legal for any company - although I'm referring to online companies, businesses, and websites here - to deny accountability for the safety of their products or user information just by putting a disclaimer somewhere deep in their Terms and Conditions, and their only response to that is one of 'well, just don't use our services then.'

I've had my personal information stolen from multiple websites now, and they claim no responsibility for the information they force a person to use to participate in those services. For instance, I recently had my information stolen from a gaming website xxx), which provides online games to download and play. They force a person to use a valid email to create an account in order to download and play their games. I tried one of their games, didn't like it, and shortly thereafter received an email notice from their site that my account information had been hacked by someone in Russia! I tried to reach out to the company, asking them to terminate my account, and never received a response. I tried to use a link in the email provided to unsubscribe to their emails (which they sent multiple, presumably anytime whoever hacked my account used it), but it's a broken link. I researched the website specifically, and it's widely known that the gaming accounts on their website are vulnerable (xxx thread where many people had their account information stolen), yet somehow, because of a simple two sentences of legal-ese buried deeply in their Terms and Conditions, they have no responsibility to the security of users' personal information.

How and why is this legal?

In what U.S. state was the company located?

 

[quincy]

As a note: If you had your personal information stolen from "multiple websites," the problem could come from a lack of adequate security on your own computer.

 

[adjusterjack]

It could also be the result of doing questionable things on questionable websites.

I researched the website specifically, and it's widely known that the gaming accounts on their website are vulnerable

You could have, and should have, done that research BEFORE using the site. But you didn't. That's on you.

 

[Zigner]

Why not create an email address that is used just for that service? It has to be "valid" - but that doesn't mean it can't be a "burner" email address.

 

[quincy]

Doing questionable things on questionable websites is always a possibility - as would be clicking on questionable links.