Suppose I get a preconfigured VPS with Claude Code, and ask it to make an android port of an app I have built, it will almost always automatically downloads the sdkmanager and accepts the license.
That is the flow that exists many times in its training data (which represents its own interesting wrinkle).
Regardless of what is in the license; I was a bit surprised to see it happen, and I'm sure I won't be the last nor will the android sdk license be the only one.
What is the legal status of an agreement accepted in such a manner - and perhaps more importantly - what ought to be the legal status considering that any position you take will be exploited by bad faith ~~actors~~ agents?
This is not copyright infringement in the USA:
> …it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided… that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner
— https://www.law.cornell.edu/uscode/text/17/117
> Citing the prior Ninth Circuit case of MAI Systems Corp. v. Peak Computer, Inc., 991 F.2d 511, 518-19 (9th Cir. 1993), the district court held that RAM copying constituted "copying" under 17 U.S.C. § 106.
Step N in the analysis is "is it a copy?" Step N+1 is "does the copy infringe upon the rights of the owner"?
On the other hand, if you take a laser and intentionally induce the cat to push the key, then you are bound.
> If licenses are valid in any way (the argument is they get you out of the copyright infringement caused by copying the software from disk to memory) then it's your job to go find the license to software you use and make sure you agree to it; the little popup is just a nice way to make your aware of the terms.
The way you set up the scenario, the user has no reason to even know that they're using this new version with this new license. An update has happened without their knowledge. So far as they know, they're running the old software under the old license.
You could make an equally good argument that whoever wrote the software installed software on the user's computer without the user's permission. If it's the user's fault that a cat might jump on the keyboard, why isn't it equally the software provider's fault?
... but the reality is that, taking your description at face value, nobody has done anything. The user had no expectation or intention of installing the software or accepting the new license, and the software provider had no expectation or intention of installing it without user permission, and they were both actually fairly reasonable in their expectations. Unfortunately shit happens.
Probably a real judge would want to say something like "Why are all of you bozos in my courtroom wasting public money with some two-bit shrinkwrap bullshit? I was good at surfing. I could have gone pro. I hate my life..."
proceeds to write a 75 page diss and bill taxpayers for that
In general, agents "stand in the shoes" of the principal for all actions the principal delegated to them (i.e., "scope of agency"). So if Amy works for Global Corp and has the authority to sign legal documents on their behalf, the company is bound. Similarly, if I delegate power of attorney to someone to sign documents on my behalf, I'm bound to whatever those agreements are.
The law doesn't distinguish between mechanical and personal agents. If you give an agent the power to do something on your behalf, and it does something on your behalf under your guidance, you're on the hook for whatever it does under that power. It's as though you did it yourself.
If I were an attorney in court, I would argue that a "mechanical or automatic agent" cannot truly be a personal agent unless it can be trusted to do things only in line with that person's wishes and consent.
If an LLM "agent" runs amok and does things without user consent and without reason or direction, how can the person be held responsible, except for saying that they never should've granted "agency" in the first place? Couldn't the LLM's corporate masters be held liable instead?
So in a case like this, if your agent exceeded its authority, and you could prove it, you might not be bound.
Keep in mind that an LLM is not an agent. Agents use LLMs, but are not LLMs themselves. If you only want your agent to be capable of doing limited actions, program or configure it that way.
It's basically the same with longstanding customer service "agents". They are authorized to do only what they are authorized to semantically express in the company's computer system. Even if you get one to verbally agree "We will do X for $Y', if they don't put that into their computer system it's not like you can take the company to court to enforce that.
It's not that straightforward. A contract, at heart, is an agreement between two parties, both of whom must have (among other things) reasonable material reliance in each other that they were either the principals themselves or were operating under the authority of their principal.
I am sure that Air Canada did not intend to give the autonomous customer service agent the authority to make the false promises that it did. But it did so anyway by not constraining its behavior.
> It's basically the same with longstanding customer service "agents". They are authorized to do only what they are authorized to semantically express in the company's computer system. Even if you get one to verbally agree "We will do X for $Y', if they don't put that into their computer system it's not like you can take the company to court to enforce that.
I don't think that's necessarily correct. I believe the law (again, not legal advice) would bind the seller to the agent's price mistake unless 1/the customer knew it was a mistake and tried to take advantage of it anyway or 2/the price was so outlandish that no reasonable person would believe it. That said, there's often a wide gap between what the law requires and what actually happens. Nobody's going to sue over a $10 price mistake.
Fundamentally, running `sdkmanager --licenses` does not consummate a contract [0]. Rather running this command is an indication that the user has been made aware that there is a non-negotiated contract they will be entering into by using the software - it's the continued use of the software which indicates acceptance of the terms. If an LLM does this unbeknownst to a user, this just means there is one less indication that the user is aware of the license. Of course this butts up against the limits to litigation you pointed out, which is why contracts of adhesion mostly revolve around making users disclaim legal rights, and upholding copyright (which can be enforced out of band on the scale it starts to matter).
[0] if it did then anyone could trivially work around this by skipping the check with a debugger, independently creating whatever file/contents this command creates, or using software that someone else already installed.
(I edited the sentence you quoted slightly, to make it more explicit. I don't think it changes anything but if it does then I am sorry)
You don't have to explicitly hold yourself out as an agent to be treated as one. Circumstances matter. There's an "apparent authority" doctrine of agency law I'd encourage you to study.
> Rather running this command is an indication that the user has been made aware that there is a non-negotiated contract they will be entering into by using the software - it's the continued use of the software which indicates acceptance of the terms.
Yup, that's a contract of adhesion, and so-called "click-wrap" agreements can be valid contracts. See e.g. https://www.goodwinlaw.com/en/insights/publications/2022/08/...
> if it did then anyone could trivially work around this by skipping the check with a debugger, independently creating whatever file/contents this command creates, or using software that someone else already installed.
Courts tend not to take kindly to "hacking attempts" like this, and you could find yourself liable for copyright infringement, trespass to chattels, or possibly even criminal charges under CFAA if you do.
Let me put it this way: U.S. and English law are stacked squarely in favor of the protection of property rights.
Yes, because law is generally defined in terms of intent, knowledge, and other human-level qualities. The attempt to "hack around" the specific prompt is irrelevant because the specific prompt is irrelevant, just like the specific weight of paper a contract is printed on is irrelevant - any contract could define them as relevant, but it's generally not beneficial to do so.
> There's an "apparent authority" doctrine of agency law I'd encourage you to study
Sure, but this still relies upon an LLM agent being held out as some kind of bona fide legal agent capable of executing some legally binding agreements. In this case there isn't even a counterparty who is capable of making that judgement whether the command is being run by someone with the apparent intent and authority to legally bind. So you're essentially saying there is no way for a user to run a software program without extending it the authority to form legal contracts on your behalf. I'd call this a preposterous attempt to "hack around" the utter lack of intent on the part of the person running the program.
The instruction prompt is absolutely relevant: it conveys to the agent the scope of its authority and the principal's intent, and would undoubtedly be used as evidence if a dispute arose over it. It's not different in kind from instructions you would give a human being.
> this still relies upon an LLM agent being held out as some kind of bona fide legal agent capable of executing some legally binding agreements
Which it can...
> You're essentially saying there is no way to run a software program without extending it the legal authority to form legal contracts on your behalf.
I'm not saying that at all. Agency law is very mature at this stage, and the test to determine that an actor is an agent and whether it acted within the scope of its authority is pretty clear. I'm not going to lay it all out here, so please go study it independently.
I'm also not entirely sure what your angle here is: are you trying to say that an LLM-based agent cannot under any circumstances be treated as acting on its principal's behalf? Or are you just being argumentative and trying to find some angle to be "right"?
By "prompt" I was referring to the prompting of the user, by a program such as `sdkmanager --licenses`.
If a user explicitly prompted an LLM agent to "accept all licenses", then I'd agree with you.
> Which it can...
It can be held out as a legal agent, sure. But in this case, is it? Is the coding agent somehow advertising itself to the sdkmanager program and/or Google that it has the authority to form legal contracts on behalf of its user?
> I've counseled you already to study the law - go do that before we discuss this further
While this is a reasonable ask for continuing the line of discussion, I'd say it's a lot of effort for a message board comment. So I won't be doing this, at least to the level of being able to intelligently respond here.
Instead I would ask you what you would say are the minimum requirements to be able to have an LLM coding agent executing commands on your own machine, yet explicitly not having the authority to form legally binding contracts.
(obviously I'm not asking this in the capacity of binding legal advice. and obviously one would still be responsible for any damage said process caused)
That’s a hot take indeed.
A guy who's not a lawyer arguing about lawyering with an actual lawyer. Typical tech bubble hubris.
At $WORK, a multi-billion company with tens of thousands of developers, we train people to never "click to accept", explaining it like "look, you wouldn't think of sitting down and signing a contract binding the whole MegaCorp; what make you think you can 'accept' something binding the company?"
I admit we're not always successful (people still rarely click), but at least we're trying.
That sounds pretty heavy-handed to me. Their lawyers almost certainly advised the company to do that--and I might, too, if I worked for them. But whether it's actually necessary to keep the company out of trouble....well, I'm not so sure. For example, Bob the retail assistant at the local clothing store couldn't bind his employer to a new jeans supplier contract, even if he tried. This sounds like one of those things you keep in your back pocket and take it out as a defense if someone decides to litigate over it. "Look, Your Honor, we trained our employees not to do that!"
At least with a mechanical agent, you can program it not to be even capable of accepting agreements on the principal's behalf.
The closest analogy we have, I guess, is the power of attorney. If a principal signs off on power of attorney to, e.g. take out a loan/mortgage to buy a thing on principal's behalf, that does not extend to taking any extra liabilities. Any extra liabilities signed off by the agent would be either rendered null or transferred to the agent in any court of law. There is extent to which agency is assigned.
The core questions here are agency and liability boundaries. Are there any agency boundaries on the agent? If so, what's the extent? There are many future edge cases where these questions will arise. Licenses and patents are just the tip of an iceberg.
The general question of the personhood of artificial intelligence aside, perhaps the personhood could be granted as an extension of yourself, like power of attorney? (Or we could change the law so it works that way.)
It all sounds a bit weird but I think we're going to have to make up our minds on the subject very soon. (Or perhaps the folks over at Davos have already done us the favour of making up theirs ;)
It checked the box.
Your English is very interesting by the way. You have some obvious grammatical errors in your text yet beautiful use of formal register.
it's a piece of non-deterministic software running on someone's computer
who is responsible for its actions? hardly clear cut
You buy a piece of software, marketed to photographers for photo editing. Nowhere in the manuals or license agreements does it specify anything else. Yet the software also secretly joins a botnet and participates in coordinated attacks.
Question: are you on the hook for cyber-crimes?
You can't sit back and go "lalalala" to some tool (AI, photo software, whatever) doing illegal things when you know about it. But you also aren't on the hook for someone else's secret actions that are unreasonable for you to know about.
IANAL.
I guess you could say that you didn't have a reasonable expectation that a bot could accept a license, but you're on a lot shakier ground there...