Ensuring Your Terms Of Service Is Not Meaningless, Pt 1: The Click of Assent


The terms of service for website is a contract. Because of that, the principles of contract law apply. Two important principles of contract law for terms of service are “meeting of the minds” and “illusory promise”. Those phrases may sound a bit meaningless, legal, and abstract. However, each one holds a common pitfall that can void an entire website’s terms of service – as if it didn’t exist at all. This post is about “meeting of the minds”, and its accompanying post is about an “illusory promise” that comes up often in online terms of service.

“Meeting of the minds” and getting a click of assent.

“Meeting of the minds” means that both parties to an agreement have the same deal in mind. Usually both parties sign a contract to give a clear indication that they understood what the terms were, and agreed to them.

Signatures are difficult to do with a web interface. The alternative is to have users click on something which very clearly indicates that the user agrees to the terms of service. Usually that is a checkbox on registration that says something like “I agree to the terms of service and privacy policy”, with hyperlinks to both. It has to be an affirmative action that the user knows they are taking, something with a clear meaning and alternative interpretation.

The most typical way is to get the user to check a box when signing up for the service. There should be a link to the terms of service right there. The box should have no other purpose, except perhaps to agree also to the privacy policy (although if you are seeking GDPR compliance, you want a separate privacy checkbox).

If you do not get a click and rely on terms of service that say “By using this website you agree . . . “, then your terms of service are almost certainly going to be a collection of words without legal effect. The user may not have read that text, and they may be using (and in fact almost certainly are) using the website not to indicate assent, but just because they want to use it.

What about the privacy policy?

A privacy policy is not necessarily contractual. The main reason you have it there is to comply with privacy laws like California’s privacy policy law, or the GDPR. But, so long as you’re asking the user for assent, is to be common practice and I think it’s a good idea to ask the user to accept the privacy policy also. If there later is a dispute about how the user’s information was used, it might be helpful to say “hey, you clicked that you agreed on the privacy policy.”

What about terms of service updates? 

To ensure that the end user agrees to any revision to the terms of service, you will need to get user consent again. Typically this is done with another click on a box with “I agree to the updated terms of service” or something similar.

Leave a Reply

Your email address will not be published. Required fields are marked *