UCITA By the Back Door

InfoWorld's Gripelog airs a subject that should interest this community — involved as we were with efforts against UCITA back in the day. One main aim of the derailed UCITA initiative was to give software manufacturers and content owners a degree of control over users' computers. Gripelog's Ed Foster informs us that UCITA is sneaking back in, under the cover of an anti-spyware bill, S. 1625, now making its way through the US Senate. One clause in this draft bill would legalize what the BSA calls "electronic self help" — i.e., the ability for commercial entities to cripple or disable software or networks on your computer if they believe you are violating their property rights.

contempt

[nuzak]

By writing themselves into the law as "above the law", I no longer feel particularly feel any moral obligation to obey the law. The only principle that guides my behavior now when it comes to dealing with the RIAA/MPAA is "don't get caught".

Congratulations, you people just created another pirate.

I would be open to this, *IF*

[maynard]

I would be open to this if the legislation placed control of whether software on a privately owned computer should be disabled in the hands of a court rather than in the hands of the software vendor. The problem with this legislation, and all DRM, is that it hands much too much control over to the vendor, which is a conflict of interest. Governments exist to protect property rights, not private corporations or individuals.

I haven't read this legislation. But UCITA most certainly did not do that; it placed control completely in the hands of the software vendor (copyright holder). I think this type of DRM could fly with a real adjudication process that's fair and fully public.

Is there a flip side?

[mangu]

I wonder, can this be used to monitor GPL violations?

Re:Does it mean

[caseih]

Well the GPL doesn't apply to anyone until they are distributing software--it clearly states one can *use* the software under the GPL without agreeing to the license until I distribute the software to others. Then of course the full force of the GPL applies. Thus I can run GPL'd code in proprietary software all I want as long as it never leaves my machine. Obviously the people who are distributing this kind of software would definitely be in violation of the GPL. But I don't really see how the UCITA applies to end users here in the case of GPL'd software.

Re:According to this bill

[Cathoderoytube]

Just curious. Would this mean that software companies would have to make different versions of their software for the Canadian market? Since the bill only applies to the spying on and infringing of the rights of Americans. I would assume that these sorts shenanigans would be fairly illegal here in Canada because of our privacy laws.

If worse comes to worse you could start buying your software from Canada, or it might be as easy as ticking Canada as your country during the installation process...

Publicity is key

[vanyel]

...as Sony learned with the rootkit. Any software that does crap like that will quickly find itself shunned like the malware it is...

Re:contempt

[TheGratefulNet]

Congratulations, you people just created another pirate.

I keep saying that - its a self-fulfilling prophecy.

the more unjust laws that lobbyists create, the more anger and disillusionment the customer (!) base will become.

they have created more pissed-off customers than they realize. so any laws just become ignored by those in the current generation.

I wonder where this will end? where will it extrapolate to? will the media industry ever 'get it'? this is an arms race and its not heading toward any kind of stability and in fact its heading quite out of control.

our politicians are creating favorable laws for themselves and their lobbyist contributors. big business is having a cream-fest with all the new laws that have been passed in the last several years, to their benefit and to the detriment of the consumer.

I encourage people to decide for themselves if they should follow UNJUST LAWS or not. for a long time, slavery was allowed and perfectly legal and laws supported it. it was bad to follow such laws back then and similarly, when you find bad laws its your patriotic duty to ignore them.

we can't seem to change the laws - the power base is not ours. so, what we have left is to nullify the laws by challenging them and refusing to follow them.

LONG LIVE CIVIL DISOBEDIENCE.

Re:Self-Help & Much To-Do About Nothing.

[Valdrax]

The sentence makes a lot more sense if "...software for fraudulent..." was their intended language.

Not that I can really criticize, given that the sentence before that one was missing a subject and verb, and the sentence before it had an "or" when an "of" was meant.

*sigh.

Re:Screw 'em I say!

[cyberchuck.nz]

It will frankly create a situation ripe for software-license blackmail and extortion.

Had that problem with AutoDesk a while back. One of our remote sites wanted to transfer an AutoCAD licence from one PC to another and decided the way to do this was without informing the IT Department.
Uninstalled it from PC #1, installed it on PC #2 and got stuck trying to "activate" it. The portable licence transfer utility got removed in the process, so we couldn't do the licence transfer ourselves. Email AutoDesk and not only would they not help us out, they demanded we give them proof of purchase for all our copies of AutoCAD otherwise they'd subject us to a software audit.

In the end we complied, gave them proof of purchase for all our AutoDesk software along with scans of the boxes (they list the serial number on the top) and we eventually got the required key out of them to activate the product on the new PC.
But this goes to show that the companies will do anything they can to extort the users of their software

Re:Can O Worms

[Anonymous Coward]

And we all remember how that went down

You mean them getting to hand over a few truckloads of unsellable CDs to libraries? I bet that taught them a lesson.

Re:Self-Help & Much To-Do About Nothing.

[Talez]

For quite enlightened reasons (and the more cynical would say selfish ones too), courts tend not to favor resolutions that encourage self-help. Courts are not going to interpret the phrase "detection or prevention of the unauthorized use of software fraudulent or other illegal activities" to allow for deprivations of or interference with the enjoyment of personal property without due process. This law can't be interpreted in any manner to set up a due process satisfying procedure, so it's pretty much unconstitutional if interpreted to allow remote disabling or (suspected) pirated property.

But that's the thing. The vendors do not consider said software your personal property. They consider it to be their property that you have a license to use and they would no doubt argue that all the way to the SCOTUS.

Re:Screw 'em I say!

[EdIII]

Excellent Point. Most Excellent POINT. Anybody else reminded of "Prima Nocta" from Brave Heart? :D I think that what happened to that Lord will be remarkably similar to possible events in the future.

You did forget one group of people. The Simple End Users. Companies that would choose this type of behavior will screw these people over ridiculously fast. I don't think the receipt will make it into their pockets before they are bent over with a funny expression on their face. However, that is what hard chargebacks, attorney generals, BBB, etc. are for too. Whether or not a law supports them will be irrelevant. Any company that actually chooses to enjoy this right will be committing suicide. Regardless of SIZE too... even OS manufacturers can find themselves out in the cold, you know who I am talking about it :P

I think you are right about the companies. Dead right.

Speaking as a company myself, I am already on an OSS platform. Not because I am cheap but rather that I cannot take the risk of using certain vendors. Every company I have ever worked with and for has to carefully consider who they "partner" with. Choosing a vendor can be a long term relationship that is difficult to change when the waters get a little choppy.

At least with OSS I actually have access to the code myself. I can hire some people and make whatever small changes that I need too. I don't have someone breaking down my door with the lawyerpult trying to stop me from conducting my business. I ALSO don't have any company that has access back in to my systems that can CRIPPLE MY WHOLE NETWORKS AND SERVICES AT WILL.

No, I choose my vendors very carefully. I realize that I am forming a long term relationship with them and I want a company that will cooperate with me for OUR mutual benefit. I do have some closed source vendors that I use, but they were carefully considered.

You mention extortion, but even the possibility of that is a deal breaker for me. How could I go out and get more funding for my company if I had to explain to investors that my vendor has contractual rights to shutdown my services and ruin the relationships with my own customers? What if I did not explain something like that? Would I be liable? Seems that would be something an investor would want to know.

The sad/funny part about this is that the pirates will still find a way to completely cripple this state-sponsored DRM/Spyware and the only companies affected will be good companies that make honest attempts at being compliant with licensing agreements. I am sure most of us has found an odd company or two that was not completely in compliance, but they still paid thousands and thousands of dollars to reach that 90%+ compliance. I only ran into one company my whole life that was blatantly running pirated software EVERYWHERE.

I agree with you. Let a corrupt Congress do what it does best. The market will react accordingly. The only contracts being signed will be ones specifically taking away these new rights from the vendors.

Re:business opportunity

[Anonymous Coward]

I work part-time at a computer store and am sometimes surprised at what people just don't know about computers. I am a long time OSS user and pretty much everything on my systems are opensource, but at work I can't really recommend that to people with problems. Just today a middle aged lady came in and said her computer was telling her that she had spyware on it and wanted to remove it (Microsoft Security Center). She said that she had Norton Antivirus/spyware and but that it didnt find it. I would personally recommend spybot or adaware or something similar, but I cant really say that at work. I have to sell something even if I know better. If she asked me an hour later after work I would give an entirely different answer. Its people like that will never move to linux.

Re:Microsoft has tried this...

[Opportunist]

Bad PR used to be bad for companies when people actually cared about anything but their wallet. It's not really a problem anymore.

Remember Sony? The guys with the rootkit? And? PS3s sell well, BluRay won the HD war and they're having a record high in profits.

Oh, you mean not enough media coverage, it was a far too geeky topic? Ok, another example: Nokia in Germany. In a nutshell, they cashed in the bribe, fulfilled just the necessary contract and then laid off their workers and moved to Rumania. Now THAT had media coverage! A national outcry, politicians trashing their Nokia cells in front of cameras and calling people to do just the same to "stick it to them"...

Nokia recovered instantly from the week long "boycott". Hey, you get one of those cells free with your next 2 year contract, how can you lose?

People have the long term memory of a gold fish and their eyes on their wallets.

Read it with the DMCA anti circumvention clause

[hadaso]

If it is used for preventing copyright infringement then perhaps you can have a court rule that it was not appropriate to disconnect you, but you are not allowed to do anything to protect yourself against it happening beforehand because it can be interpreted as circumventing means of protection against copyright infringement. And even if it does companies would be reluctant to provide tools to do it, so you're on your own.

So if you're an organization that needs a license for 50 copies of whatever you'd get a license for 100 just in case some race condition makes the monitoring processes that you are not allowed to stop detect 51 copies (when you actually have 49 but moved 2) and then stop your entire business network and corrupt your data bases by disabling some components while others still work. Of course this won't happen but it will cost money to prevent it from happening and the money would go to the hands of those that might make it happen.

See Sony v. Universal

[Odder]

People can't be punished for time shifting [virtualrecordings.com]. Society did not consider time shifting a publication and does not prevent it to enforce the created right of copyright. Recent rulings on the broadcast flag all reached the same conclusion so both their broadcast and listening for and obeying the broadcast flag are voluntary - ie a pointless competitive disadvantage that outrages customers.

In time, encrypted works will not be considered publications and lose copyright protection. Encrypted works may never enter the public domain and fail to meet the US Constitutional requirement of limited time of protection.