Bug 10366 - (int-172169) MyNokia SMS sent after update without any action from the user
(int-172169)
: MyNokia SMS sent after update without any action from the user
Status: RESOLVED WONTFIX
Product: Desktop platform
startup-shutdown
: 5.0:(10.2010.19-1)
: N900 Maemo
: Unspecified critical with 53 votes (vote)
: ---
Assigned To: unassigned
: startup-shutdown-bugs
:
:
:
:
  Show dependency tree
 
Reported: 2010-05-27 23:43 UTC by gwjgwj
Modified: 2014-03-08 10:25 UTC (History)
20 users (show)

See Also:


Attachments
UK T & Cs (32.38 KB, text/html)
2010-06-14 00:33 UTC, Faheem Pervez
Details
Screenshot (German) (565.02 KB, image/jpeg)
2010-06-25 13:48 UTC, Andre Klapper
Details


Note

You need to log in before you can comment on or make changes to this bug.


Description gwjgwj (reporter) 2010-05-27 23:43:06 UTC
SOFTWARE VERSION:
10.2010.19-1

EXACT STEPS LEADING TO PROBLEM: 
Reflash the firmware and eMMC

EXPECTED OUTCOME:
No SMS should be send due to reflash

ACTUAL OUTCOME:
An SMS is sent to the number +484777. This is probably related to mynokia
registration.

REPRODUCIBILITY:
So far once

EXTRA SOFTWARE INSTALLED:
None

OTHER COMMENTS:
I find it unacceptable to cause any operations that increase my cell phone bill
to occur without my prior agreement.
Comment 1 Andre Klapper maemo.org 2010-05-27 23:50:56 UTC
*** Bug 10368 has been marked as a duplicate of this bug. ***
Comment 2 Andre Klapper maemo.org 2010-05-27 23:56:20 UTC
Hi,

> An SMS is sent to the number +484777.

Any idea who that number belongs to? Are you in Poland or use a Polish
provider?
Which exact emmc image do you use? The global one?
When exactly was that message sent? After the flash and its first booting of
the N900? And what is its content?

> This is probably related to mynokia registration.
What is the exact URL of mynokia?
Comment 3 gwjgwj (reporter) 2010-05-28 00:13:44 UTC
(In reply to comment #2)
> Hi,
> 
> > An SMS is sent to the number +484777.
> 
> Any idea who that number belongs to? Are you in Poland or use a Polish
> provider?

It probably belongs to the wholesale SMS sending service 

http://www.smscentral.pl/

I am in Poland and use the Polish operator.

> Which exact emmc image do you use? The global one?

RX-51_2009SE_10.2010.13-2.VANILLA_PR_EMMC_MR0_ARM.bin
and the global firmware.

> When exactly was that message sent? After the flash and its first booting of
> the N900? 

I do not know the exact moment, but it was some time after the flash and first
booting of the device. Probably before I got an SMS from Nokia welcoming me to
the mynokia service.


> And what is its content?

I do not know the contents of the message, it does not show up in the
conversations, but it shows up in my online billing.


> > This is probably related to mynokia registration.

> What is the exact URL of mynokia?
> 

http://www.nokia.com/mynokia
I do not recall registering there.

In the settings menu of n900 at the last position there is a "My Nokia" icon.
When I click on it, an "Usun kanal" (remove channel) option is shown. Clicking
on it sends an SMS to the same +487777 number. After the click I got the
message that I have been unsubscribed from the service.
Comment 4 Oskar 2010-05-28 01:09:14 UTC
(In reply to comment #0)
> An SMS is sent to the number +484777. This is probably related to mynokia
> registration.

If it is related to the MyNokia registration, then neither the phone # nor the
fact that the device was flashed (incl. eMMC) are relevant. PR1.2 forces this
registration with normal OTA-update, too, and it is reasonable to assume that
they send SMSes to local numbers according to region settings.

If it turns out that this is the background of this bug report, it may be more
of a legal than a technical problem. :(
Comment 5 Mikko Vartiainen 2010-05-28 01:49:23 UTC
I think that the exact steps would be:
1. Flash or update OTA firmware to PR1.2
2. (Re)start the phone & enter PIN number
3. First run wizard for MyNokia service launches
4. Wizard presents options to see terms of service and proceed/continue, no
option for cancel (sorry cannot quote exactly as the wizard is run only once)
5. Press proceed (only way to get away from the wizard)
6. SMS is sent

Expected outcome:
Ability to cancel MyNokia registration & no SMS sent
Comment 6 Rüdiger Schiller 2010-05-28 11:31:42 UTC
I was not aware of it sending SMS to a short/quick-number, I was looking for
another bug and found this one, checked my bill and recognized it too. Two
SMSs, one after upgraded and one when I unsubscribed from MyNokia services. As
this is a short/quick-number I will be charged for it as my SMS/Data-plan does
not include texts to quick-numbers (anything without regional, opereator or
service predial).
I cannot see if I get charged for this but even if not I don't want my device
do anything that might reveal my cell-number to some company automatically!
Comment 7 Andre Klapper maemo.org 2010-05-28 16:11:35 UTC
This is clearly written in the "Terms and Conditions" when you run "My Nokia"
from "Settings" for the first time:

"Upon first use of your device and after you have updated the Nokia device
software an activation message will be sent to Nokia."

Hence closing as INVALID.
Comment 8 Mikko Vartiainen 2010-05-28 16:38:58 UTC
I think that point of this bug is that it is impossible to decline MyNokia
registration (other than throwing phone to trash bin)
Comment 9 Andre Klapper maemo.org 2010-05-28 16:49:49 UTC
Sounds like a different issue. This bug itself is invalid (see subject line).
Comment 10 Oskar 2010-05-28 17:45:42 UTC
(In reply to comment #9)
> Sounds like a different issue. This bug itself is invalid (see subject line).
> 


this is  exactly the issue described by the original bug report. i cannot see
what you're reading into the report or its headline that would make this bug
report invalid. a text message is sent without any action from the user; this
must not happen. no message must sent automatically only because the device was
upgraded. sending the message would only be ok if the user performs an action
that requires this message to be sent, like actively and willingly subscribing
to this dubious mynokia service.
Comment 11 Andre Klapper maemo.org 2010-05-28 18:01:45 UTC
So the complaint here is now that "after you have updated the Nokia device
software an activation message will be sent to Nokia" and that you think that
this is not needed?
Comment 12 Mikko Vartiainen 2010-05-28 20:20:54 UTC
exactly. To me these are just same issue, different words. Underlying issue is
that it's not possible to decline MyNokia registration after PR1.2 update or if
it is, it's hidden too well.
Comment 13 Oskar 2010-05-28 20:28:12 UTC
(In reply to comment #11)
> So the complaint here is now that "after you have updated the Nokia device
> software an activation message will be sent to Nokia" and that you think that
> this is not needed?
> 

The complaint is that after upgrading to PR1.2, an SMS (which costs money) is
sent without any action from the user, giving away personal information (phone
number) which may not be what the user wants - again without any action from
the user. 

The Terms and Conditions you are referring to in comment #7 don't change this
fact or excuse it. They actually make it even worse by saying something like:
"Your device will now register you at MyNokia, no matter if you like it. In
doing so, it will tell us your phone number by sending an SMS that you're gonna
pay. There is no way you can avoid this other than switching off your device
immediately and *never* using it again."

The proper solution to this bug report would be to have the device NOT send an
SMS _without_user_interaction_, but have it send the SMS after the user had
_requested_ it being sent - or at least agreed. (Either by answering "Yes" to a
question that comes up after an update and allows to answer "No" as well, or by
selecting the "Subscribe"-option in the MyNokia-settings.)
Comment 14 gwjgwj (reporter) 2010-05-28 20:37:09 UTC
(In reply to comment #13)
> 
> The complaint is that after upgrading to PR1.2, an SMS (which costs money) is
> sent without any action from the user, giving away personal information (phone
> number) which may not be what the user wants - again without any action from
> the user. 
> 
> The Terms and Conditions you are referring to in comment #7 don't change this
> fact or excuse it. They actually make it even worse by saying something like:
> "Your device will now register you at MyNokia, no matter if you like it. In
> doing so, it will tell us your phone number by sending an SMS that you're gonna
> pay. There is no way you can avoid this other than switching off your device
> immediately and *never* using it again."
> 

In addition, the user is not informed about this feature neither at firmware
download time nor during the firmware reflash.
Comment 15 Andre Klapper maemo.org 2010-05-28 20:56:20 UTC
(Please avoid quoting the entire previous comment for better readability.)

> the user is not informed about this feature

Well, it's written in the Terms & Conditions that I quoted in comment 7 before
clicking "Subscribe". But maybe I'm wrong - I didn't try it myself yet.
Comment 16 Andre Klapper maemo.org 2010-05-28 21:02:21 UTC
...and somebody please change the summary to reflect the request here.
Comment 17 gwjgwj (reporter) 2010-05-28 21:21:25 UTC
(In reply to comment #15)
> (Please avoid quoting the entire previous comment for better readability.)
> 
> > the user is not informed about this feature
> 
> Well, it's written in the Terms & Conditions that I quoted in comment 7 before
> clicking "Subscribe". But maybe I'm wrong - I didn't try it myself yet.
> 

The terms and conditions do not appear until you run the upgraded device with
the SIM card inserted. These terms and conditions are also invalid in some
jurisdictions, as they impose additional restrictions on the user not known to
him at the purchase time. If you disagree, you cannot downgrade the device to
the previous firmware, as the CMT firmware is never downgraded by the flasher.
So, when the user is informed, and disagrees, it is to late - the only thing he
can do is to go to the place of purchase and request his money back.
Comment 18 gwjgwj (reporter) 2010-05-28 21:39:27 UTC
There is a workaround to this issue - after the firmware upgrade you have to
boot the device with the prepaid SIM card with a negative balance. Then, the
terms & conditions will appear, ~user/.cherry_state file will be created and
the system will think, that the user has registered, even if no SMS has been
sent. Then, you can shutdown the device and put in your regular SIM card.
Comment 19 gwjgwj (reporter) 2010-05-28 22:14:49 UTC
(In reply to comment #18)

I was wrong, this workaround does not work.
Comment 20 Andre Klapper maemo.org 2010-05-29 14:38:20 UTC
Sorry to be a PITA here, but I still miss a clear, structured, idiot-proof,
"numbered list" step by step way to reproduce this problem, plus a clear
explanation when the problem happens and what the problem exactly is.
It would be great if somebody could provide it here.

(I don't consider "sending an SMS to Nokia" itself a problem because it's
explained in the Terms and Conditions but I don't know at which point this
happens and after which steps).
Comment 21 Oskar 2010-05-29 16:36:16 UTC
SOFTWARE VERSION:
10.2010.19-1

EXACT STEPS LEADING TO PROBLEM: 
1. Go online with a device running PR1.1.1
2. Wait until the orange [!] blinks and tells you about the update to PR1.2
3. Perform the update OTA (alternatively, flash the device)
4. Wait until the device reboots

EXPECTED OUTCOME:

The device will ask you if you want to register at MyNokia, explaining that it
is done by sending an SMS. You can answer "Yes" or "No". You are informed that
you can register (or unsubscribe) at any time later under settings->My Nokia. 

ACTUAL OUTCOME:

The device tells you: "... you will receive free tips & support messages. By
continuing, you accept Nokia's terms." 
The only way to continue is the button [Done], which neither expresses consent
nor refusal. Pressing this button will send the SMS against your will.
The full dialog you see after upgrading is represented in this forum post:
http://talk.maemo.org/showpost.php?p=685145&postcount=62

REPRODUCIBILITY:
always


OTHER COMMENTS:
"Sending an SMS to Nokia" *is* a problem. The fact that it's explained to you
doesn't chnge that. The problem isthat you can't decide if you want the SMS to
be sent at all. They must give  you a choice. They must at least tell you
before upgrading from PR1.1.1 to PR1.2 (which they don't). It would be legal to
say "We will force you to register at MyNokia starting with PR1.2. If you don't
want that, you are free to keep PR1.1.1. The new firmware, though, comes with
new terms and conditions that you must accept before installing because there's
no way back."
Better, of course, is to let users accept or decline after the first boot with
PR1.2. 

As I said in comment #4, the whole thing is a legal problem, not a technical
one. What Nokia does is force users to register at a service and pay for an SMS
(which they don't want to send) without the consumer being able to say no. It's
legally OK to introduce new terms and conditions with new software, but if you
do so, you must inform the user before the new software is installed and he has
passed the point of no return.
The technical implication of this bug report is that the way the PR1.2 updater
works does not comply to the specifications given by civil law.
Comment 22 kelvan 2010-05-29 21:20:59 UTC
*** This bug has been confirmed by popular vote. ***
Comment 23 redex 2010-06-01 12:44:00 UTC
I was also not able to cancel this dialog. I was only able to read the "Terms
and Conditions" and after clicking "done" my data was immediately sent to
Nokia. 
I had to send a second message to unsubscribe this "service" and now I have to
pay for both! 
Now I have no warranty that my data is really ereased! Is the "incomming N900
messages counter" at the Nokia headquater really decreased by one or is my
payed message still a part of the statistics? 

My data is now somewhere abroad. Who is responsibble that the data is safe
errased without residues as the law directs? I put no trust in this.

I bought the N900 in germany. It should keep on local laws because I made a
contract with a local company when I bought it!
Comment 24 Ian Stirling 2010-06-02 18:34:58 UTC
This is also related to https://bugs.maemo.org/show_bug.cgi?id=10261, as the
terms and conditions are perhaps not valid.
Comment 25 Graham Cobb maemo.org 2010-06-09 20:36:09 UTC
I realise that fixing this serious (and certainly illegal in the UK under the
Computer Misuse Act 1990) spyware installation problem will take at least a few
days for an emergency fix to be created, tested and rushed out.  I will leave
it up to Nokia's legal dept to work out if they should suspend all PR1.2
downloads until, at least, they can add a warning that once you have installed
the software your device is unusable until you permit it to send an SMS to
Nokia containing unspecified personal information.

In the meantime, please get an immediate answer from Nokia development about
EXACTLY what information is included in the SMS which is being sent to Nokia. 
Obviously the sending phone number is identifiable.  What other information is
included (IMEI, IMSI, home network code, any information from the filesystem or
from the device configration, etc)?  So we can all assess what information has
been accessed without our permission and whether we need to issue subject
access notices to Nokia UK under the UK Data Protection Act.

Encouraging users to install software which makes their device unusable until
they have provided something you want (and have not made clear beforehand) is
illegal in most countries, I should imagine, not just the UK.
Comment 26 Andre Klapper maemo.org 2010-06-09 21:32:11 UTC
CC'ing Quim as this goes into the lawyer's corner.
Comment 27 Janeene Beeforth 2010-06-10 06:57:01 UTC
Auto-subscribing every N900 owner to the MyNokia service with no user
interaction is ALSO illegal according to the MyNokia service's Terms and
Conditions.

From the MyNokia FAQ:
****
Question 7: Can I join My Nokia if I am under 13?

Answer: You need to be of a certain age limit (which differs from country to
country) to register for "My Nokia". The following are the age limits for the
respective countries:
* Australia - 13 years old
****

There's no age check on the automatic sign-up.

From the MyNokia Terms of Service:
****
Eligibility for the Service(s) No person under the age of 18 or who otherwise
is a minor under his/her local legislation (even if 18 or older) is eligible to
use and/or register as a User of the Service(s). In the event that you are of
the age of 18 but still a minor in your country, you will need to obtain
consent from your parent(s) or other legal guardian(s) for using and/or
registering as a User of the Service(s).
****

There are no checks at all to verify whether it is actually "legal" for the
owner of the N900 to be signed up to their service.
Comment 28 Randall Arnold 2010-06-11 02:16:47 UTC
Blogged for exposure (see quoted comments under "PR1.2 automatic SMS fiasco")
http://tabulacrypticum.wordpress.com/2010/06/10/maemo-missteps-for-2010/
Comment 29 Andre Klapper maemo.org 2010-06-13 20:12:54 UTC
(In reply to comment #25)
> In the meantime, please get an immediate answer from Nokia development about
> EXACTLY what information is included in the SMS which is being sent to Nokia.

Please read the "Terms and Conditions" text first as it is listed there (at
least in the German version here).
Comment 30 Andre Klapper maemo.org 2010-06-13 20:25:10 UTC
(In reply to comment #0)
> An SMS is sent to the number +484777.

Can somebody tell me the exact command how to find out the exact number that
the SMS message was sent to?
Comment 31 Graham Cobb maemo.org 2010-06-13 20:46:46 UTC
(In reply to comment #29)
Can you attach the Terms and Conditions text (in English) to this bug report? 
I have not upgraded and will not until this bug is fixed but I am interested to
know what would be sent if I did upgrade.  Obviously once I can see that text
it is too late to stop it!

What is the process for anyone who has already upgraded to view that text
again?

Is the same text displayed if you reflash instead of upgrading OTA?
Comment 32 Andre Klapper maemo.org 2010-06-13 21:09:03 UTC
(In reply to comment #31)
> (In reply to comment #29)
> Can you attach the Terms and Conditions text (in English) to this bug report?

No idea how to copy them or where they are located.

> What is the process for anyone who has already upgraded to view that text
> again?

Settings > My Nokia > Terms and Conditions
Comment 33 Faheem Pervez maemo.org 2010-06-14 00:33:30 UTC
Created an attachment (id=2875) [details]
UK T & Cs

In reply to Graham Cobb:

I've attached them for the UK. They're in a tarball
(/usr/share/cherry/terms/eTerms.tar.gz) on the device.

libcherry uncompresses them with the elegant combination of g_strdup_printf and
system: mkdir -p %s && cd %s && tar xvzf /usr/share/cherry/terms/eTerms.tar.gz
eTerms/%s/%s/eTerms.htm

The first string specifier is the MCC, which is probably read from the
get_current_cell_info D-Bus method call to Phonet that it performs and the
other, I think, is the MNC. If it can't perform this call (which'd be likely if
it's ran at startup), it looks at /usr/share/osso-startup-wizard/mcc.txt.
Comment 34 Andre Klapper maemo.org 2010-06-14 16:57:24 UTC
Also see http://wiki.maemo.org/PR1.2_compulsory_My_Nokia_subscription
Comment 35 John Veness 2010-06-15 01:04:59 UTC
(In reply to comment #30)
> Can somebody tell me the exact command how to find out the exact number that
> the SMS message was sent to?

I don't know if there is a command to find out the number, as such. The logic
to determine which number is used is inside the (closed-source) binaries in the
cherry package (see
http://wiki.maemo.org/PR1.2_compulsory_My_Nokia_subscription)

The SMSes that are sent does not seem to be put into the on-device database, so
cannot be seen as an outgoing message, but can be seen if the owner's cell
provider provides a service (e.g. on the web) to see what texts have been sent.
This is probably the method that people are using when they mention a number
that the text has been sent to.

xmob on talk.maemo.org analysed the binary and found several phone numbers
embedded, which are probably used in different countries. See
http://talk.maemo.org/showthread.php?p=685145#post685145
Comment 36 Wrong Text 2010-06-15 12:14:48 UTC
(In reply to comment #7)
> This is clearly written in the "Terms and Conditions" when you run "My Nokia"
> from "Settings" for the first time:
> 
> "Upon first use of your device and after you have updated the Nokia device
> software an activation message will be sent to Nokia."
> 
> Hence closing as INVALID.
> 

Don't be so arrogant. It's not INVALID at all. I didn't agree to those terms
and conditions. I decide where and when I send text messages, not nokia, not
you.
Comment 37 Andre Klapper maemo.org 2010-06-15 12:23:28 UTC
(In reply to comment #36)
> Don't be so arrogant. It's not INVALID at all.

Please don't fullquote previous comments, and please read the ENTIRE bug report
before commenting on stuff that was days ago and already reverted.
Comment 38 Quim Gil nokia 2010-06-22 02:18:43 UTC
Hi, here you have a technical clarification of how the MyNokia application
works in Maemo 5. Hopefully it will help clarifying some points:

• Not all countries and device languages are within the scope of the My Nokia
program. In those cases, My Nokia subscription should not have been prompted
and no registration text message should have been sent. If a user is concerned
that a text message has been sent without prompting, he will need to contact
Nokia (I can act as gateway). Our current technical investigations do not show
that any text messages have been sent without user prompting.

• The fact that the “Unsubscribe” button in the My Nokia application is always
available does not indicate that the device has been subscribed. The button is
always enabled.

• The fact that the “Subscribe” button in the My Nokia application is disabled
does not indicate that the device has been subscribed. The button is enabled if
the country and language combination is supported by My Nokia, and disabled
otherwise.

• A return message from My Nokia saying that unsubscription was unsuccessful
may also mean that the device is not subscribed in the first place, or that the
person is already opted out from receiving My Nokia text messages.
Comment 39 Randall Arnold 2010-06-22 09:38:25 UTC
The dialog form needs an opt-out button, no matter what.  At the very least,
omitting one is a profound UI design flaw and even violates the Nokia
programming design guidelines (or at the least the ones that were in place when
I worked there).
Comment 40 Quim Gil nokia 2010-06-22 11:53:19 UTC
(In reply to comment #39)
> The dialog form needs an opt-out button, no matter what.

Fair enough. Let me ask to the developers about this.
Comment 41 Attila Csipa nokia 2010-06-22 15:47:57 UTC
A tangential point is that the information about cost (or the SMS itself) is
ambiguous at best. The terms and conditions specify that 'identifiers will be
sent to Nokia'. It does not specify the way of transmitting that data (it
vaguely says 'charges for text messages and transmission of data will apply').
Without knowing what destinaton/number is meant under Nokia and what exact
services are being used to relay the information, it is impossible to know what
the cost of registration will be.
Comment 42 Geoff Kuenning 2010-06-22 22:13:07 UTC
(In reply to comment #38)
> Our current technical investigations do not show
> that any text messages have been sent without user prompting.

Then perhaps Nokia can explain why two text messages were sent from my
phone to Switzerland (at my expense) on the day I upgraded.  I
certainly was not asked whether I wanted to send a text message of any
sort, let alone to Switzerland, and let alone for a service I never
asked for.

This was a huge mistake on Nokia's part.  The only reason a
class-action lawsuit hasn't already been filed is the relatively small
number of N900 users.  But just because Nokia dodged the bullet
doesn't mean it was right in what it did.

I greatly appreciate Quim Gil's forthrightness on this topic.  Now
somebody from higher up needs to step up, admit that a
well-intentioned mistake has been made, and find a way to cure the
public-relations problem.  Since the monetary amounts involved are
small, my suggestion would be a 1-Euro credit at the Ovi store for
every N900 owner who has upgraded.
Comment 43 Janeene Beeforth 2010-06-25 02:07:40 UTC
(In reply to comment #38)
> • Not all countries and device languages are within the scope of the My Nokia
> program. In those cases, My Nokia subscription should not have been prompted
> and no registration text message should have been sent. If a user is concerned
> that a text message has been sent without prompting, he will need to contact
> Nokia (I can act as gateway). Our current technical investigations do not show
> that any text messages have been sent without user prompting.

At no time during the PR1.2 upgrade was the "optional" MyNokia subscription
mentioned. There was at one point a screen asking me to accept the PR's Terms
and Conditions, with only an Accept button on it. This screen also did not
mention MyNokia.

My mobile phone bill shows that an SMS was then sent to Nokia Australia.

The same thing happened for my husband's N900 when he received it 3 days later,
and applied the PR1.2 update.

There was no choice, no prompting, and no opt-out - in fact, no mention at all
of an SMS being sent from our phones that we would have to pay for.
Comment 44 Andre Klapper maemo.org 2010-06-25 10:50:34 UTC
(In reply to comment #43)
> This screen also did not mention MyNokia.
> no mention at all of an SMS being sent from our phones that we would have to pay for.

Both was mentioned in the Terms and Conditions so this is not true. (However
Nokia could have put it into a more prominent place than the T&C that probably
only 5% of the people have really "read" before accepting them.)
Comment 45 Faheem Pervez maemo.org 2010-06-25 11:02:41 UTC
The real issue is not the T&Cs or not the Russian Roulette "you may not have
not been registered", but the simple fact that we can't click "Decline" on the
Cherry startup screen. I also find registering from the phone to be rather
pointless as you can choose what number is given etc. when signing up from the
My Nokia website.

And that's a big no-no when even Microsoft gets it right: As part of Windows'
OOBE stuff, I was asked if I wished to register with Microsoft during the third
stage of XP's setup wizard. The difference here? I was given the option of "No,
I do not wish to register".
Comment 46 Andrei Dancau 2010-06-25 11:05:20 UTC
If you download the firmware .bin from tablets-dev.nokia.com and flash using
the flasher you are not warned in any way and cannot opt out of sending the
sms.

I find this a complete breach of privacy. And what if I don't want MyNokia and
don't want to send any SMS? Do I need to stop using my phone since I cannot
refuse in any other way?
Comment 47 Attila Csipa nokia 2010-06-25 11:45:41 UTC
The black retail box of the N900 states* that registration via SMS is required.
Whether that policy is in enforceable in a particular country and in
concordance with local privacy laws and/or other requirements is a different
(legal) matter. How T&C can be presented/agreed on a device that can be
upgraded in so many ways is yet another. At the heart of the matter is that
people should be allowed to opt-out or be warned more prominently, if nothing
else as a sign of goodwill, in order not be perceived as some legal-but-sneaky
way of collecting personal data.

*fine (tiny letter) print on the back
Comment 48 Janeene Beeforth 2010-06-25 13:30:45 UTC
(In reply to comment #44)
> (In reply to comment #43)
> > This screen also did not mention MyNokia.
> > no mention at all of an SMS being sent from our phones that we would have to pay for.
> 
> Both was mentioned in the Terms and Conditions so this is not true. (However
> Nokia could have put it into a more prominent place than the T&C that probably
> only 5% of the people have really "read" before accepting them.)

1. It was not possible to refuse. The only button provided was "Accept". There
was no cancel, no opt-out, or any other options.
2. It appeared AFTER the update had begun...and could not be interrupted or
refused. Somewhat akin to "by opening this box, you agree to the T&C inside
which you can only see after opening this box...".
3. According to the My Nokia terms and conditions, it is ILLEGAL for anyone
under the age of 13 to have a My Nokia account at all, and requires parental
consent for those under 18.

What was a user meant to do? Interrupt a firmware update(!) half way through if
they didn't agree and risk bricking their phone - and how? Reboot? How about a
teenager who didn't have parental consent - they're forced by the update to
either risk bricking their phone or to violate the very set of Terms &
Conditions they're agreeing to?

I also may have been blind at the time, but I couldn't see a way to actually
view those Terms and Conditions on the phone when asked to accept them. I admit
there may well have been a way, but I don't remember one. Given it was a
firmware update and there was no option other than to Accept...I didn't dare
interrupt it by trying to find a way to refuse.

And hey - as a user, my options were to either:
1. Permit Nokia send sms's (and hide them from me) from my phone at my cost to
sign me up for a supposedly "optional" service (and potentially more in the
future?), or
2. Accept that I'm not allowed to receive any more bug fixes?

Is this going to happen with every firmware update from now on?
Comment 49 Andre Klapper maemo.org 2010-06-25 13:45:21 UTC
General comment, not specific to a previous comment:

This bug report is about something that nearly every N900 user runs into.
By its nature also everybody can easily create his/her opinion on this and
hence could comment on it.
However that's not helpful.
Please only add comments if you have something to add that was not mentioned so
far. If you want to, click "Vote for this bug" but please avoid "Me too!"
comments - for such kind of conversation there is http://talk.maemo.org
Thanks!
Comment 50 Andre Klapper maemo.org 2010-06-25 13:48:55 UTC
Created an attachment (id=2923) [details]
Screenshot (German)

(In reply to comment #48)
> 3. According to the My Nokia terms and conditions, it is ILLEGAL for anyone
> under the age of 13 to have a My Nokia account at all, and requires parental
> consent for those under 18.

That's handled in bug 10261 already.

> I also may have been blind at the time, but I couldn't see a way to actually
> view those Terms and Conditions on the phone when asked to accept them.

I only have a photo from an N900 in German but next to the "Fertig" (Done)
button there is a "Bedingungen" (Terms and Conditions) button.
Comment 51 Ndi 2010-06-25 18:49:52 UTC
@#47 (Attila Csipa)

The back of the device says this is an OVI device, and registration is
required, and that OVI terms and conditions apply. This implies that
registration is required _for_OVI_services_. Which may be. It should not be
mandatory for people not using OVI, or for those already signed up, especially
since people who do use OVI use the free, online sign-in.
Comment 52 Attila Csipa nokia 2010-06-26 16:15:11 UTC
(In reply to comment #51)
> The back of the device says this is an OVI device, and registration is
> required, and that OVI terms and conditions apply. This implies that
> registration is required _for_OVI_services_. Which may be. It should not be
> mandatory for people not using OVI, or for those already signed up, especially
> since people who do use OVI use the free, online sign-in.

IANAL, so I would not go into what "implies" anything, but that is not the
point here (I was just mentioning it in the context of what IS said to the
user). This bug is about the general notion of this being preferred to be
either an opt-in service, or, more bluntly, that there is no way of disagreeing
with the terms (as said, *regardless* of what they are and how they are
formulated). 

But let's not forumize this issue, if you are a lawyer or simply wish to
discuss the matter further, the proper place for a community discussion is
talk.maemo.org (plenty of threads on the issue already).
Comment 53 Vincent Lefevre 2010-06-28 00:34:02 UTC
(In reply to comment #7)
> This is clearly written in the "Terms and Conditions" when you run "My Nokia"
> from "Settings" for the first time:
> 
> "Upon first use of your device and after you have updated the Nokia device
> software an activation message will be sent to Nokia."

"activation message" could mean an e-mail message. So, no, this is not clear.

(In reply to comment #47)
> The black retail box of the N900 states* that registration via SMS is required.

Wrong. There's nothing about SMS. The only thing about a requirement is "Many
features and mobile services are network dependent and require network
support." But wifi is some kind of network (often free), so that this does not
means one has to pay.

(In reply to comment #51)
> The back of the device says this is an OVI device, and registration is
> required, and that OVI terms and conditions apply.

There's no such thing written on the back of my device.
Comment 54 Ndi 2010-06-28 00:45:38 UTC
Back of device discussion should move here:

http://talk.maemo.org/showthread.php?p=731940

where a shot of the retail box exists and opinions can be discussed. Also,
perhaps we should determine what is on the back of what device before further
adding to this bug.