As software takes over the Internet of Things (IoT), users can no longer blithely sign unchecked licence agreements, unless they want to hand the keys to their kingdoms to third parties.

Many suppliers, from Apple to Rolls Royce, are intensifying the role of software in operating their products and using the resulting data flows to rebase their business models on recurring revenue rather than CapEx.

This can have significant benefits for both suppliers and customers in terms of convenience, cash flow and matching capacity to demand. But End User Licence Agreements can seem like ransom notes from kidnappers when things go wrong.

This came out when US farmers were reported to be using John Deere software decrypted by Ukrainian hackers to repair their broken tractors.

Last October, tractor maker John Deere required buyers to sign a EULA that gives it sole ownership of all information related to the operation of the tractor.

This includes software, data files, documentation, engine calibration tables and machine-to-machine data from any John Deere licensed product.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Verdict.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

The collected data includes engine control parameters such as fuel metering, fuel injection rates, fuel injection timing, fuel pressure, the engine speed versus torque relationship, intake boost pressure, fuel-to-air ratios and engine timing.

This forces farmers to use licensed workshops and mechanics to fix things when they go wrong.

Even if a farmer buys and fits new parts himself, he still needs a software key from a licensed person to enable them.

This can cost farmers hundreds of dollars and lost time, and even lost production.

John Deere is taking advantage of the Digital Millennium Copyright Act, a US law designed to penalise the theft of intellectual property such as videos and music, to force customers to use licensed channels to repair their machines.

The John Deere EULA appears to be transposed from licence agreements commonly found in consumer goods.

For example, it says the software is supplied as is and absolves John Deere from any responsibility as to its fitness for purpose.

It stops customers from suing for damages if things go wrong with the software, and the warranty period is 12 months at best.

Under the Digital Millennium Copyright Act, users are precluded from using workarounds. Criminal penalties include up to five years in jail and a $500,000 fine for a first offence.

The John Deere licence agreement terms are patently unsuitable for goods with a potential working life of decades.

They are even less suitable for equipment used in critical infrastructure, whether at national or corporate levels.

In response, several US states are considering so-called right to repair laws to force manufacturers to give owners and independent contractors access to repair information.

So, what is a farmer, or indeed any user of an IoT-controlled device, to do if a hacker bricks the device, or the system locks you out of your car or house?

This raises important issues for everyone selling or buying such devices: who owns the data generated by the system, whom should be able to access and use it, and under what circumstances?

Anyone who wants to take advantage of the IoT needs to scrutinise the associated licence agreements.

Users should insist on retaining their rights over the goods on which they depend and the data they produce.

With artificial intelligence and automated decision making increasingly modifying behaviour in the world,  this will provide a necessary balance of power when things, as they sometimes will, go wrong.