[This post has been authored by Amishi Aggarwal, a 2nd year student at NALSAR University of Law, Hyderabad. Part I is available here.]
As discussed in the previous post, the nature of an IoT device as a fiduciary is jeopardized due to the conflict of interest involved. However, as previously mentioned, these conflicts of interest are not entirely forbidden, and full disclosure of the same to the principal is required, along with subsequent consent.
It is generally argued that the disclosure is made when the user buys the device on the terms and conditions of the seller. However, users often fail to review the standard form contracts or the terms and conditions of the seller. Even if they do read the terms, it is highly unlikely that they understand the implications of the same on them in the post-contractual period due to the legal jargon used.
The defence of unconscionability could potentially be used as an escape from the compulsory imposition of standard terms. The standard terms are almost always tilted in the favour of the manufacturers, who have stronger bargaining power. When a customer with comparatively lesser bargaining power, and almost no real choice, signs an unreasonably one-sided contract with inadequate knowledge of the terms, it is unlikely that their consent was ever given to all the terms. In such cases, the terms of the agreement are no longer sacrosanct. Freedom of contract entails that both the parties come together to make provisions which would best suit their individual needs and interests, while ensuring that they are mutually acceptable to the other party. However, in the case of standard term contracts, the users have no bargaining power and no reasonable opportunity to understand what they are signing up for. Hence, it cannot reasonably be said that they have consented to terms which they have neither read nor understood. The importation of a constructive notice principle would seriously jeopardise the interests of users, and encourage the companies to introduce more one-sided contracts with impunity.
Hence, even where the conflict of interest is disclosed at the time of the purchase, it is not clear whether the form of disclosure is enough to ensure the user’s (principal’s) consent to it. Therefore, this once again brings the fiduciary nature of the purported agent-principal relationship of the IoT device with the user into question.
Secondly, this very conflict of interest poses another question: Is the IoT an agent of the manufacturer or of the user? As exemplified through the case of DRS Boards of Amazon, manufacturers usually have enough command over the device such that they can control the quantity and kind of data collected, along with the frequency of such regulation. This data may be used to communicate with users as well as to advertise other products that they are likely to buy, given their personal habits and lifestyle as recorded by the IoT. Thus, the manufacturers of these devices could allow third-parties to feed product advertisements to users while the users think that the device is acting on their behalf and for their own benefit. However, in reality, these may just be products which the manufacturer is advertising for their own benefit (since they would get paid by third parties for such advertisement). Therefore, there is uncertainty as to whether the IoT is acting on behalf of the user or the manufacturer.
Thirdly, the concept of ‘apparent authority’ is difficult to reconcile within the framework of the IoT-user relationship. This concept is applicable whenever the third party is reasonable in assuming that the agent has the power to enter into the contract despite the act being beyond the scope of its authority. Apparent authority is derived from the fact that the principal placed the agent in a position wherein it was reasonable for a third party to believe that they had the authority to perform the particular act. The example of the smart fridge, as mentioned in the first part of this series, is pertinent here. For instance, the fridge is authorised to order consumable goods from any seller. On one day, a small online retailer was selling the goods the device generally buys from Amazon on a cheaper rate but with a no-refund policy. The IoT device undergoes a glitch because of which it orders more eggs than it is authorised to. It is reasonable for the seller to presume that the IoT device has the authority to order eggs, and the number of eggs ordered is also not exorbitantly high. This would be a case of apparent authority, where the user will be bound by the contract with the online retailer, but can recover the amount from the agent who exceeded his authority. However, a problem arises, since the user cannot recover the amount from the IoT device, which is the agent in this case.
It may be argued that users should be able to recover damages from the manufacturer in such a situation. However, this would depend on whether the risk of loss lies with the manufacturer according to the contract. The terms and conditions stipulated by the seller generally place the risk of loss on users. In such a situation, it would become difficult for the user to use the defence of unconscionability since courts have regularly upheld the standard terms on the basis that they were accessible to the user at the time of concluding the contract. The question of whether these terms were read and understood by the users has been sidelined in such decisions.
Furthermore, it is hard to qualify such an act done in excess of authority as a “defect in the good” per se. Defects are generally defined in a pedantic manner excluding liability from an act which the AI thought it could do based on the behaviour and habits of the user. This leaves the user with no remedy when the IoT carries out acts outside of its scope of authority.
The IoT acts on behalf of users, with or without their orders, once it is authorised to do something. It even enters into contracts on behalf them. However, some aspects of the relationship between the IoT device and the user do not align with the principles of contract of agency. This relationship does not satisfy the fundamental requirements of agency- from lacking a legal personality to having a conflict of interest with the user and not acting as a fiduciary. Even in the case of apparent authority, it cannot do good the loss to the user.
While the contract entered into by the user and the manufacturer may resemble certain aspects of a principal-agent relationship, the contract may be tilted towards the manufacturer placing any risk of loss entirely on the user. Generally, all that the legal relationship between the user and the manufacturer consists of is the terms and conditions of the manufacturer. However, the ability and propensity of the user to read these terms and comprehend their legal implications is very limited. Despite unfair provisions such as unilateral amendment clauses, courts generally uphold standard terms on grounds of freedom to contract. Therefore, with the introduction of IoT, requisite legal standards need to be introduced to ensure that the users are not left without any recourse, and both the parties have a fair deal at the end of the day.
 De Bueshe v. Alt (1878); Sec 8.06, Restatement (Third) of Agency.
E. Allen Fransworth, Contracts, 3rd edn, 296-297 (1999).
Linda Ruth, Commercial Law: Problems and Materials on Sales and Standard Contracts 69 (2012).
Supra note 2.
Hely- Hutchinson v. Brayhead Ltd., (1968) 1 QB 549.
Watteau v. Fenwick, (1893) 1 QB 346.
Amazon, Barnes, Noble Label, Sears all provide that buyers assume the risk of any kind of loss once delivery has been done. See Standard Terms & Conditions, Sears (Aug 26, 2012); Terms and Conditions of Use, Barnes & Noble (Apr 10, 2-16) etc.