Question Please Help with Adobe Creative Cloud "Terms of Use"

[michaelm101]

I have a subscription to Adobe CC and will be using it for designing/altering highly confidential, proprietary items.

I'm concerned because I got BURNED badly back in the '80s.

I just received the following message while logging in:

"Updated Terms of Use
We've made some changes to the Adobe General Terms of Use regarding the use of Software and Services, including:

Clarified that we may access your content through both automated and manual methods, such as for content review (Sections 2.2 and 4.1)......"

Please explain and advise.

Thanks very much for your continued help and support!

 

[USAFRet]

What part are you concerned with?
"we may access"...?

That could be a simple as hosting your content on their cloud, and moving it between their server in the background.

 

[CParsons]

We've made some changes to the Adobe General Terms of Use regarding the use of Software and Services, including:

Reading the full terms explains it.. as they suggest 2.2 and 4.1..

https://www.adobe.com/legal/terms.html#content

2.2 Our Access to Your Content. We may access, view, or listen to your Content (defined in section 4.1 (Content) below) through both automated and manual methods, but only in limited ways, and only as permitted by law. For example, in order to provide the Services and Software, we may need to access, view, or listen to your Content to (A) respond to Feedback or support requests; (B) detect, prevent, or otherwise address fraud, security, legal, or technical issues; and (C) enforce the Terms, as further set forth in Section 4.1 below. Our automated systems may analyze your Content and Creative Cloud Customer Fonts (defined in section 3.10 (Creative Cloud Customer Fonts) below) using techniques such as machine learning in order to improve our Services and Software and the user experience. Information on how Adobe uses machine learning can be found here: http://www.adobe.com/go/machine_learning.

4.1 Content. “Content” means any text, information, communication, or material, such as audio files, video files, electronic documents, or images, that you upload, import into, embed for use by, or create using the Services and Software. We reserve the right (but do not have the obligation) to remove Content or restrict access to Content, Services, and Software if any of your Content is found to be in violation of the Terms. We do not review all Content uploaded to the Services and Software, but we may use available technologies, vendors, or processes, including manual review, to screen for certain types of illegal content (for example, child sexual abuse material) or other abusive content or behavior (for example, patterns of activity that indicate spam or phishing, or keywords that indicate adult content has been posted outside of the adult wall). You may learn more about our content moderation policies and practices, including how we moderate content, at our Transparency Center.

 

[Rufulg]

I have also received questions from concerned users about these very paragraphs.
The way I understand it, it is aimed at being able to screen the content at government's request, for example, which sadly absolutely makes sense in today's world.
However, the way it is framed absolutely does not limit it to governmental request. It sounds like Adobe can access any CC content any time without having to justify it, which doesn't really seem necessary or proportionate.
My users do not work on particularly sensitive or confidential content, but it's still content that we own and that's copyrighted.
For these reasons, I'm also interested in others' takes on this.

 

[Mr_KayZ]

My workplace decided to ditch Adobe because of these absurd terms of service because our work is under strict NDAs. While we are looking into alternative options, it's just plain silly that Adobe decided to push this change that breaches confidentiality.

To quote my CEO: "If I was Adobe, I would access the data anyways and use that as AdSense data to make a quick buck, assuming I have zero morals. Adobe clearly does not."

 

[Ralston18]

Not a lawyer (full disclosure) so this post not intended to provide any legal advice in any manner.

My thought is that Adobe's terms are somewhat the result of over broad lawsuits that include anyone and everything possible associated with some civil or criminal case as being liable.

Primary intent being some financial settlement via settlements, trials, appeals, and so forth. [Cynicism conceded.]

Adobe has the right but not the obligation to do anything. Seems to be a defensive mechanism.

But open ended enough to allow Adobe to do other things.......

Other companies likely already doing much the same or are planning to.

Again, not a lawyer here, so I will defer to the legal community.

 

[Rufulg]

My thought is that Adobe's terms are somewhat the result of over broad lawsuits that include anyone and everything possible associated with some civil or criminal case as being liable.

But if that's the case that would mean that Adobe had indeed accessed some data for whatever reason in the context of these lawsuits, and I really don't see any valid reason for them to do so, unless the very specific case of the authorities asking them because of a suspicion of activities that breach the law (mere complaints from people wouldn't justify it, because if there has been complaints, it means the content has been published, therefore Adobe doesn't need to browse through private content in order to assess the problem). So why just don't state "we can access your content in case of criminal inquiry" in the TOS?
I mean, 10 years or something ago, it made a global uproar when it was said thet Apple had put a backdoor in its products in case of governmental request.
It shows that this kind of issue was already problematic (although it seems quite necessary now).
Adobe stating they can access any content for no reason at all is really bad in terms of precedent.

 

[Moonstick2]

Our automated systems may analyze your Content and Creative Cloud Customer Fonts (defined in section 3.10 (Creative Cloud Customer Fonts) below) using techniques such as machine learning in order to improve our Services and Software and the user experience.

That's probably the key part right there. They want to treat customer files as an AI training set to give them AI goodness. Akin to the way Chat GPT trawled a lot of stuff and it all seemed okay until it started regurgitating full paragraphs of copyrighted material.

I'm not saying that necessarily means your clever secret widget design is suddenly going to become a helpful suggestion by AdobeAI in everybody else's work, but the point is when it comes to highly confidential data, the answer 'I don't see that anything will really be that bad if we give access' isn't the right one. Owners of such data don't want it going anywhere it doesn't have to, full stop. The intentions of the people who get it don't come into it.

They do give you the option to opt-out. The problem there is that such options have a habit of being reset and needing you to realise you need to reselect it, while in the meantime...

It's okay though, because "Adobe takes your privacy seriously". That more or less the same phrase is used any time a company has to issue a press release in response to a massive data breach is neither here nor there, I'm sure.

 

[Rufulg]

That's probably the key part right there. They want to treat customer files as an AI training set to give them AI goodness.

Thanks for the input!
That would explain why these TOS are deliberately allowing Adobe to access any content anytime.

 

[Ralston18]

As before: I am not a lawyer but I have the sense that all of it is simply the legal equivalent of covering the rear flank.

 

[Moonstick2]

Thanks for the input!
That would explain why these TOS are deliberately allowing Adobe to access any content anytime.

They're very explicit about it. From the FAQ link:

When we analyze your content [processed or stored on Adobe's servers] for product improvement and development purposes, we first aggregate your content with other content and then use the aggregated content to train our algorithms and thus improve our products and services.

They're also at pains to stress that any manual review that they may do in respect of this would be on content stripped of identifying features and user-generated materials. But that's only the manual: their automatic analysis takes the whole thing, because otherwise it would be no good.

That particular condition has been in there for a few years, by the way. That's not what's changed. The significant thing that appears to be new in 2.2 and 4.1 is making explicit the possible use of manual review to screen for illegal or abusive content (including rude words). And no, that doesn't have to require any kind of governmental request.

Really, if you're going to want to work with other people's highly-confidential material you shouldn't be doing any of it on the cloud. It's always going to be a lot more trouble than its worth since for the owners it's an issue if it goes anywhere, regardless of whether anything bad happens to it. And you'll always be the one to get it in the neck if there is any kind of potential leak or exposure.

 

[Moonstick2]

As an update on this, there's been enough of a brouhaha that Adobe have issued a clarification.

This highlights what was changed, and goes to pains to stress that their AI ('Firefly') isn't trained on customer data. The reason for the T&C allowing machine learning to access cloud data is probably due to "Adobe...exploring ways for creators to be able to train the machine learning model with their own assets so they can generate content that matches their unique style, branding, and design language without the influence of other creators’ content." i.e. you may in future be able to train up your own cloud AI model based on your content and nobody else's.

I'll reiterate though that the issue when working with highly-confidential files or NDAs is usually the very fact of a third party having access to said files, not the question of whether that third-party is going to do anything negative with that access.

 

[Moonstick2]

I don't want to turn this into a news thread so I'll stop after this, but since it may be relevant to the OP, Adobe are going to post an overhaul of their ToS. It's mainly about clarifying the (non) usage of content to train AI. They apparently still sidestep or ignore the issue of content subject to NDAs being potentially viewed by a human reviewer.