Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
The Courts Government News Your Rights Online

Software Licensing, 2001 258

We were going to run this even before Ledge Kindred submitted it. Cem Kaner of Badsoftware.com has written a nice piece detailing the problems with UCITA, the new law which is being proposed across the United States and which will have terrible effects on the rights of software consumers.

A bit of background for readers unfamiliar with the process: The Uniform Commercial Code is a body of law which is enacted, pretty much identically, in all 50 states. The object is to have a similar business environment for the basics of commerce, so that neither buyers or sellers are blindsided. If the law is fair, both buyers and sellers benefit from uniform expectations about basic commercial transactions.

But of course, laws evolve. The Uniform Computer Information Transactions Act began its life as an amendment to the UCC, but it was so unbalanced in favor of software companies that one of the initial sponsoring organizations dropped out, and it could no longer be considered a UCC amendment. Yet it lives on.

UCITA legitimizes heinous license restrictions in software, actively promoting the worst software practices. Should it pass, the very concept of "used software" (video games, etc.) will disappear, since that can and will be prohibited by licensing terms. Better sell your Funcoland stock. Badsoftware.com has many more examples of how UCITA legitimizes things that big software companies only dream of today, such as prohibiting reverse engineering or even criticism of their products.

As you read this, UCITA is being pressed in states across the country, starting with those where the software industry giants have the most highly-paid lobbyists. Virginia appears to be one of the lead states, and is considering the bill right now in committee. By this time next year, UCITA is likely to be the law of the land. This may seem to be somewhat dry reading, but if you ever use non-GPL software or purchase a computer in the future, this is what you can look forward to. -- Michael Sims, michael @ slashdot.org

Cem Kaner writes:

The August 30th, 1999 issue of the National Law Journal carried an article favoring the Uniform Computer Information Transactions Act. I protested to the Journal about the bias of the article and was invited to write a response, but the inviting Editor left the Journal shortly thereafter, and my response was never published. The claims made in that article, which was written by the Chairman of the UCITA drafting committee and two of his colleagues, are being (and will continue to be) repeated to legislators who are considering the Act. Perhaps your readers will find this rebuttal of interest.

[Editor's note: the pro-UCITA article referenced above is available at http://test01.ljextra.com/na.archive.html/99/08/1999_0822_61.html.]

I grant permission to any reader to recirculate or publish this article, so long as it is attributed to me and published in its entirety (including endnotes). If you are recirculating or publishing it, please let me know.

THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT

In the August 30th, 1999 issue of the National Law Journal, Carlyle C. Ring, H. Lane Kneedler and Gail D. Jaspen presented the proposed Uniform Computer Information Transactions Act ("Uniform law for computer info transactions is offered"). Mr. Ring chaired the drafting committee that wrote UCITA.

UCITA is a proposed law that will govern all transactions involving computer software, electronic databases (such as WestLaw), downloaded books, and some entertainment products. It can also apply to computers and some other goods if their manufacturers put an appropriate notice in the product packaging.

Although the Ring et al. article reported years of work on UCITA as a proposed Article 2B addition to the UCC, it failed to mention that the UCC is a joint project between the American Law Institute (ALI) and the National Conference of Commissioners on Uniform State Laws (NCCUSL). It failed to mention that the ALI called for "fundamental revision" of the draft in May, 1998 (1) and withdrew from the project in April, 1999, effectively killing 2B as a UCC project. Thereafter, NCCUSL renamed the project as UCITA and went forward alone. The ALI members of the Article 2B drafting committee refused to join the UCITA drafting committee. (2)

Although authors Ring, Kneedler, and Jaspen acknowledged that UCITA is a controversial proposal, they listed only its supporters and not such opponents as the Attorneys-General of 24 states, the Bureaus of Competition, Consumer Protection, and Policy Planning of the United States Federal Trade Commission, the leading software developers' professional societies (such as the Association for Computing Machinery, the Institute of Electrical and Electronics Engineers, and the American Society for Quality, Software Division), software trade groups representing small developers (the Independent Computer Consultants Association, the Free software Foundation), the five main library associations, leading intellectual property experts (including the American Intellectual Property Law Association, Committee of Copyright and Literary Property of the Association of the Bar of the City of New York, and fifty intellectual property law professors), other copyright industry associations (such as the Motion Picture Association of America, the National Association of Broadcasters, and the Newspaper Association of America), and every consumer advocacy group that has looked at the bill. (3)

UCITA will have profound effects on intellectual property rights and the quality and security of computer software.

INTELLECTUAL PROPERTY

Under UCITA, almost all software-related transactions will be licensing transactions. When a consumer buys a copy of Microsoft Word and a copy of a book about the program, the software transaction would be a license while the book transaction is a sale, even if the two items were side by side, the customer bought them both from the same cashier, and the software license was not available to the customer until after she paid for the product and took it away. Under UCITA 102(a)(42) a transaction can be a license even if the licensee is given title to the transferred copy.

This is a shift from long-established treatment of intellectual property in the mass market. To see the history of this issue in copyright law, shepardize Jewelers' Mercantile Agency v. Jewelers' Pub. Co., 155 N.Y. 241 (1898) (rejected the fiction of a lease offered to all comers that restricted transfer of the book and use of information in it); Bobbs-Merrill Co. v. Straus, 210 U.S. 339 (1908) (rejected a restrictive notice on a book that prohibited the buyer from reselling the book for less than a minimum price. Under the first sale doctrine, publisher lost its property interest in an individual copy of a book once it sold that copy. The restrictive notice could not transform a sale into a license); RCA Mfg. Co. v. Whiteman, 114 F.2d 86 (2d Cir. 1940) (Licensing language on record albums could not convert a mass-market sale into a license.) For patent law, look at the doctrine of exhaustion, starting with Motion Picture Patents Co. v. Universal Film Manufacturing Co. 243 U.S. 502 (1917).

According to authors Ring, Kneedler, and Jaspen, "UCITA is intended neither to avoid nor to contradict the large body of existing federal intellectual property law." Others vigorously disagree. For example, the American Intellectual Property Law Association (4) protested to NCCUSL that UCITA "eliminates the 'first sale' doctrine" (which allows the owner of a copy to sell it or give it away). Under UCITA 503(2), "a term prohibiting transfer of a party's interest is enforceable, and a transfer made in violation of that term is a breach of contract and is ineffective." A vendor who puts a no-transfer clause in the license achieves a market-wide restriction -- equivalent to elimination of the first sale doctrine. By allowing vendors to enforce such restrictions in the mass-market, UCITA allows them to evade the federal balancing of private and public rights in intellectual property.(5)

Reverse engineering is another example of the intellectual property reach of UCITA. Reverse engineering is a normal engineering practice.(6) Clauses barring reverse engineering have been enforced in negotiated licenses, but not in mass market cases.(7) Some software publishers want to ban reverse engineering in the mass market. Despite authors Ring, Kneedler, and Jaspen's claim of UCITA's neutrality on this issue, UCITA makes contractual use restrictions (no-reverse-engineering is a use restriction) prima facie enforceable. Individual courts might rule that such a restriction is invalid under federal law or against public policy, but it will take several expensive court cases before software developers will know whether they can still lawfully reverse engineer mass-market software in the face of a shrink-wrapped contract term that claims that they cannot.

The AIPLA letter noted that "The President of . . . [NCCUSL], Gene Lebrun, wrote . . . that it is 'expressly stated in Section 2B-105 [that] Article 2B does not displace or change intellectual property law.' . . . We are extremely concerned that the proposed UCITA draft is not consistent with . . . the assurance of President Lebrun." UCITA Reporter Ray Nimmer complained of "distortions" in the debate on UCITA, identifying as a "misrepresentation" "that UCITA allows licensors to prevent licensees from commenting about the products. This allegation makes nice copy and superficial impact, but is simply untrue. You can scroll through the UCITA draft and will not find any such provision." (8) Opponents quickly point to UCITA section 102(a) (20), which defines "contractual use restriction" as "an enforceable restriction created by contract which concerns the use or disclosure of, or access to licensed information or informational rights, including a limitation on scope or manner of use." Section 307(b) states that "If a license expressly limits use of the information or informational rights, use in any other manner is a breach of contract." Under the statute's own definition, a nondisclosure clause is a contractual use restriction. Under Section 307(b), such a restriction is enforceable.

These provisions may keep vital information from the marketplace. Consider the following restrictions, downloaded (July 20, 1999) from www.mcafee.com, the website for VirusScan, a mass-market software product, on July 20, 1999.

"The customer shall not disclose the results of any benchmark test to any third party without McAfee's prior written approval."


"The customers will not publish reviews of the product without prior consent from McAfee."

Clauses like these are enforceable in traditional, negotiated licenses, and they are used to block magazine reviews.(9) UCITA arguably extends the enforceability of such clauses even in mass market products. Perhaps they will eventually be found to conflict with public policy but until then, the plain language of UCITA will have a chilling effect on criticism of mass-market products.

SOFTWARE SECURITY

UCITA section 816 allows software vendors to place disabling codes in software and to activate them remotely (such as by sending an e-mail) to shut down a customer's use of the product.

Such disabling codes create a hole in the customer's system security. UCITA section 816 remedies for wrongful use of such codes are probably not triggered if the software is shut down accidentally or by a third party (such as a cracker who learns the code or a disgruntled former employee of the vendor).

Self-help was portrayed in the UCITA meetings as something essential to protect the interests of small licensors. However, the only group attending the UCITA meetings that represents only small licensors, the Independent Computer Consultants Association, urged NCCUSL to reject self-help. It recommended that licensors be protected without creating the disabling code security risk to customers by statutory authorization for recovery of attorney fees by licensors who obtain an injunction to terminate misuse of the software. This proposal was repeatedly rejected.

CONSUMER PROTECTION

UCITA is hostile to customers of all sizes. It validates post-payment presentation of material terms and permits licensors to put in a form contract a term that allows them to keep changing terms. Licensors can exclude incidental and consequential damages even when an agreed remedy fails of its essential purpose. The drafters rejected proposals from the software engineering professional societies (ACM, IEEE, and ICCA) to allow customers to recover damages caused by defects that were known to the licensor but not documented or disclosed to the licensee. Instead, the standard form exclusion of incidental damages allows the licensor to charge a support fee (such as $5 per minute on the telephone) when a consumer calls to complain about a defect that was known by the licensor when it licensed the software. Software products are often sold in the mass market with hundreds or thousands of known defects. (10) For additional detailed notes on consumer impact of UCITA, see the articles in the note. (11)

Authors Ring, Kneedler, and Jaspen say that "UCITA alters no state laws relating to the applicability of consumer protection to databases, consumer services or software." In contrast, 24 Attorneys General and the Administrator of the Georgia Fair Business Practices Act said that UCITA's "rules deviate substantially from long established norms of consumer expectations. We are concerned that these deviations will invite overreaching that will ultimately interfere with the full realization of the potential of e-commerce in our states." (12)

The Attorneys General also said that UCITA's "prefatory note and reporter's comments incorrectly present the proposed statute as balanced and as leaving 'in place basic consumer protection laws' and 'adding new consumer and licensee protections that extend current law.' . . . [I]n instances in which provisions are described as new consumer protections, such as the contract formation and modification provisions discussed below, consumers actually have fewer rights than they do under present law. . . . NCCUSL . . . should revise the explanatory materials accompanying the statute to scrupulously identify the instances in which the policy choices embodied in the statute either extend or resolve controversies in current law and to clearly explain whether such extension or resolution favors sellers/licensors or buyers/licensees."

NOTES

(1) Jean Braucher, "Why UCITA, Like UCC Article 2B, is Premature and Unsound", UCC Bulletin, July 1999, www.2BGuide.com/docs/0499jb.html.

(2) (www.2BGuide.com/docs/50799dad.html).

(3) See www.badsoftware.com/oppose.htm and www.2bguide.com.

(4) Letter to NCCUSL, July 16, 1999.

(5) Robert P. Merges, "Intellectual Property and the Costs of Commercial Exchange: A Review Essay," 93 Mich. L. Rev. 1570, 1613, 1995; Mark A. Lemley, "Beyond Preemption: The Law and Policy of Intellectual Property Licensing," 87 Cal. L. Rev. 111,1999, http://papers.ssrn.com/paper.taf?abstract_id=3D98655.

(6) Cem Kaner, Article 2B and Reverse Engineering, UCC Bulletin, November, 1998, 1, www.badsoftware.com/reverse.htm.

(7) Sega Enterprises Ltd. v. Accolade, Inc., 977 F.2d 1510 (9th Cir. 1992); Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir. 1988). "Correcting Some Myths About UCITA", http://www.2bguide.com/docs/rne.html

(8) "The Test That Wasn't" August 1999 PC Magazine 29. According to that article, Oracle "formally declined to let us [PC Magazine] publish any benchmark test results."

(9) Cem Kaner & David Pels, Bad Software: What To Do When Software Fails.

(10) Federal Trade Commission letter www.ftc.gov/be/v990010.htm; Steven Chow (a member of the UCITA drafting committee) "Proposed Uniform Computer Information Transactions Act: Bad For Commerce And Innovation" www.2bguide.com/docs/citopp.html; Cem Kaner, "Comments on Article 2B" (section-by-section analysis) October 1998, www.badsoftware.com/kanerncc.htm; "Bad Software: Who is Liable" (analyzes software economics and UCC 2B) May 1998, www.badsoftware.com/asqcirc.htm; and

(11) "Article 2B - Report from the November 13-15, 1998 Meeting", www.badsoftware.com/uccnov98.htm.

(12) Letter to NCCUSL, www.badsoftware.com/aglet1.htm and www.badsoftware.com/aglet2.htm.

This discussion has been archived. No new comments can be posted.

Software Licensing, 2001

Comments Filter:
  • by Anonymous Coward
    If the law is flawed, and it still comes into effect, then use the law as a weapon against itself. How? Some methods come to mind. The first one is to write a shell program which launches all programs you run on your computer. Distribute the program as a commercial product. What this program does when it launches a program is produce a software/hardware liscence agreement. The software is only allowed to run on your hardware, and under your shell program if it agrees to your terms and conditions. Leave a little time for the launched program to respond (which it won't) after which time, it is in violation of the liscence agreement and that means you can do whatever your liscence agreement said you could do. Next, you could write some commercial software with a virus, or brutal bug that does virus like things. When the any company publishes info about the problem (virus) take them to court. The basic premise is to take the law and stretch it to absurdity and when it is shown to be absurd itself, then it would be easier to replace.
  • by Anonymous Coward
    There are people, and organizations out there, believe me, that actually get a warm, fuzzy feeling from having paid the proper amount, and licensed the proper software, and gotten all the proper revisions, so they can be really really legal and happy and hunky-dory and proper.

    And, judging from the content of your post, you go to school in a wealthy school district (who else could afford to upgrade three times in a year, the schools I know of are still using Mac SE's), so they can easily afford these "extravagant" expenditures.

    I understand that there is still a need for extremely complex software like Quark, and that free software does not yet fill this niche.

    And it never will fill that "niche"...more like a gaping hole if you ask me. People (and wealthy school districts) will pay top dollar to have the best availible, even if they never use one-tenth of the capabilities of it, just to prove that they do have it. Am I making sense? I am drunk, you know.

  • by Anonymous Coward
    They already have this in Japan, and it sucks. So if you want to see how it will work in the US, just take a peek at the land of the rising sun.
  • by Anonymous Coward
    And finally, why stop at software? I mean, this could be used much the same way in hand-held devices. Rather than owning it, you lease it, and if you don't pay, they send a signal somehow and shut it down. I mean, that may actually be beneficial. Rather than paying $200 for a device, I pay like $2/mo. or something and when it stops being useful, I just stop paying and they shut it off. I don't own the now piece of junk and if someone else wants it, they can pick back up the fee. But I digress.

    this is very close to how most mobile phone 'sales' work in the UK. You pay nothing up front, but you pay a monthly 'subscription' for a specified minimum period. You do end up owning the phone (usually after about 18 months), but if you stop paying, they can indeed disable the device. To the extent that it won't work on anyone else's phone network either.

    AC
  • by Anonymous Coward
    Utter tripe. I know this particular AC doesn't believe what he writes, which may be construed as funny if only it were close to a true parody. But when the part about "conservative Libertarians" is used by others in mockery...well, that just becomes pathetic.

    As a (basically) libertarian, I have to say that this is the worst "parody" by a neo-socialist I've ever read. Libertarianism is a moral philosophy based on natural law. We have certain rights: period. Nobody "gives" you your rights; you don't have to "earn" them from anybody; you don't even have to declare them, and nobody even has to acknowledge them, but that doesn't make them go away. It's part of human nature.

    Leveraging government power the way the UCITA does is a violation of practically every libertarian principle. Don't give me this politicking BS cheap swipe at libertarians or conversatives. Try doing some reading next time.

    And yes I am logged on. Slashdot thinks I'm not, and I'm in no mood to try remembering my password (it should see the damned cookie it set, as the main page does...grrr...).
  • by Anonymous Coward
    UCITA section 816 allows software vendors to place disabling codes in software and to activate them remotely (such as by sending an e-mail) to shut down a customer's use of the product

    Under the UK's Computer Abuse Act, this would be a criminal offense leading to custodial sentences. There are plenty of precedents.

    AC
  • I'd like to point out a few things WRT people having the technology to reproduce entertainment materials.

    Compare the dollar value of the recording industry before and after the introduction of consumer tape recorders. Now adjust for inflation....

    Compare the dollar value of the movie industry before and after the indroduction of the VCR. Now adjust for inflation.

    The entertainment industry is a growth industry. I wouldn't expect a big drop in their profits until the earths population is on the decline.

    Software is likewise a growth industry. I don't dispute any individual or companys right to license their IP as they see fit, but I do have a problem with passing extraneous legislation.

    There are already laws on the books which protect IP. UCITA only serves to further absolve software houses et al from their responsibility to hold up their end of the bargain.
  • The software to buy is decided on by going for the software house that offers the best incentives to the *person* (not the company!) buying the software.

    I can see that point for the current situation (it happens all the time), but under the new rules things change. Productivity losses due to bad software are hard to count now, but just wait until a LARGE corperation looses millions because their POS software got shut down remotely by mistake and a court holds that the vendor bears NO liability. The stockholders will sue the executives into oblivion for accepting such a needless risk.

    In truth, I'm more outraged in the abstract than in the personal sense (Since I stick to free software). I do worry about the slippery legal slope here, especially the parts about the vendor being able to arbitrarily re-write the agreement at any time and the potential legality of hidden contracts that can be accepted without even knowing it exists. It can only be a matter of time before that becomes very ugly.

  • How many people actually reads the license before opening the shrink wrap or clicking "Next"?

    Almost nobody. Why should they, it's not legally binding. Once that changes, either the news, consumer groups, or even PSAs from the 24 attourneys general who oppose the legislation will clue the consumer in (well, some of them, nothing can clue some people in).

  • The problem is, the new laws would allow a company to prohibit bad reviews. Suppose I try a new game and it wipes out my hard drive and flashes the BIOS with junk. Posting that fact on Slashdot would be a violation of the license and they could sue me for lost sales (but I could not sue them for lost data or a replacement BIOS).

    Moral of the story: if this goes into effect, never buy non-free software again.

  • As far as I can see, the UCITA, despite all the hype I've heard about it, changes nothing. Here are the major poison pills in it:
    -> Prohibition of reverse engineering.
    This changes nothing. Reverse engineering is already illegal here (the US) as far as I know, and de facto illegal just about anywhere. Even if there is no legal merit to an attack, anyone who successfully reverse engineers something can expect to be subjected to a barrage of legal harassment, court cases, and extreme negative publicity, and to incur either huge legal fees, huge penalties (if they lose), or both (references that come to mind: various video game emulators (N64, for example), DeCSS)
    -> Shrink-wrap licenses
    Again, as far as I know these are already binding; the only thing that saves us is that the megacorporations that make software don't bother leaning on individuals when leaning on other corporations is more profitable (since with most software it's almost physically impossible to simultaneously use the software in any useful way and obey the license agreement)
    If they might not be legally binding, see the note for reverse engineering -- I know I can't afford to get hit with a lawsuit, whether it has legal merit or not.
    -> The example given above -- buying Word and a book -- is true even today, without the UCITA.
    -> I don't think it's possible to return software even today. One of the points in the above article was that the terms of the license can be presented after the software was bought; this is already common practice. If you think this invalidates the license, see my note on shrink-wraps and lawsuits.
    -> Computer companies already charge ridiculous amounts for support or don't even bother. Computer programs are already shipped with piles of bugs (Win9x anyone)

    In sum, the UCITA is nothing other than a statement of existing laws and practices. That it sounds so terrible is more a reflection on the ethics and techniques of the proprietary software industry it covers than on the proposal itself.

    Daniel
  • ...and stop bitching about what your customers want! Either give them what they want or be an asshole about it, but don't bitch that "Something needs to be done!"

    Installing 100 copies when only one is licensed is ALREADY a copyright violation. Or did you mean, you want to shut your customers up?

    And you wonder why "the general public has no respect for software licenses or software companies".

    -Isaac
  • Sure, intellectual property is property. Someone had to create it, and at one time owned each part of it by virtue of sole unique possession (i.e. they thunk it).

    And I like the fundamentals of our intellectual property laws (gasp!). They exist to prevent secrecy by treating disclosed ideas and works equitably. We all benefit by encouraging people to express what they create. It moves us forward culturally, economically, and technologically. Sure, the implementation has the inevitable bugs, but the design is solid.

  • I hate to break it to you, but no idea is 100% original.

    Firstly, I do not understand this mention of a "100% original" criterion.

    Oh, sure. They just "thunk" it up. The idea for, say, Walt Disney's "Steamboat Willie" or Salman Rushdie's "The Satanic Verses" or U2's "The Streets Have No Name" just came out of nowhere.

    I hate to break it to you, but no idea is 100% original. Everyone uses ideas "thunk up" by others -- they change them, improve them, alter them to fit a particular need and (every once in a while) replace them with something new.

    There is no creativity (they couldn't have thunk it) without inspiration. It is unfair to discount expressions because of their relationship to the context they are created in.

  • Because the length of copyright protection has been continuously extended, almost nothing's gone into the public domain since World War II.

    Copyright protection is now for such a long period of time that the "limited monopoly for long enough to compensate the author/artist, then let it become public domain to encourage the advancement of the arts" model is completely broken.

  • So if Microsoft suddenly enforced this law in the US, and by accident one of the disabling emails went to a user in the UK, then Bill Gates or Ballmer would get an extradition notice because they are ultimately liable for Microsofts software.

    No, they're not personally liable. Liability is held by the incorporated legal entity "Microsoft". That's one of the functions of incorporation, in fact -- a corporation becomes its own legal "person", accountable for its own actions, independent of any of its members. More or less.

  • Hi, Andrew!

    I think on balance [UCITA] offers far more of use to the OSS community concerning enforceability of the interesting OSS license terms than it actually withholds from our use of non-OSS code.

    Frankly, I'm not sure UCITA offers much aid to enforcing the GPL. The GPL, and most other OSS licenses, differ in a key way from traditional shrinkwrap "agreements".

    Shrinkwraps state, "You must agree to this wide array of covenants and restrictions, or we forbid you from using this product." The GPL, on the other hand, states, "As a lawful posessor of this code, you use it in any way you like. But because it's copyrighted, you can't make or distribute copies without a license. We will grant you a license to make copies if you fulfill these conditions:..."

    Absent the UCITA, either shrinkwraps or the GPL (or both) may be found to be non-binding. If so, then default conditions of law apply. If the GPL is found to be non-binding, then copyright law by default precludes you from making and distributing copies. OTOH, if a shrinkwrap "agreement" is found to be non-binding, are we to presume the software can't be used at all?

    It is my firm belief that, in retail venues, Right to Use is concomitant with purchase. I think a software publisher would have an uphill battle arguing that a person who lawfully obtained a piece of software can't lawfully use it without an enforceable "agreement" in place.

    Schwab

  • A pure free market just brings about Darwinean competition - survival of the strongest and most brutal.

    That's not darwinism. Darwin wrote about the survival of the most adaptive species. Dinosaurs were strong and brutal, but died when Yucatan got puched and both oxygen and temperature levels dropped, while smaller creatures (including some dino relatives like the crocodile, turtle and rhinocheros).

    Apart from that: IIRC, the definition of a free market in the theory is that an infinite number of sources supply an infinite number of products, where the infinite number of customers choose freely. None of which even touches the real world. :-)

    It is time that we realized that a corporation is a fiction

    No, it's an abstract concept, like e.g. "family", "nation", etc.

  • What business would possibly purchase software that legally allowed the creator of the software to shut it down remotely at a whim.

    Many mainframe software packages are not sold, but rented on a monthly basis. You pay $500 a month to run UltraBase on your mainframe. The software vendor has a legitimate interest in being able to disable the software if you stop paying the monthly licensing fee. The question is whether the vendor must get a court order or can use some technical means to disable the software.

  • I agree. Years ago, I asked AT&T for information on some UNIX applications software that they were selling. They sent me the information and a legal contract that had to be signed and submitted with the order before they would ship the software. That seemed much more honest than the shrinkwrap licenses that are so popular today.
  • Apple used to have very big ROMs with lots of software (some of it quite obscure and undocumented) until the Power Mac (forgot which modle, I thinkg G3). These were too big for reverse engineering ;-)

    Nowadays, since Aplle switched to Open Firmware your only problem to build an Apple clone are the exclusive agreements between Apple/Motorolla/IBM. These agreements are now mostly dfropped: Since G4 IBM has decided to release a full MB design. As a result Apple clones are actually in the works.

    This means that Apple (being thy small MS) will most likely once again start putting a few megs of software into a ROM so that the reverse engineering effort becomes formbiddingly expensive.
  • and you all seem to have fallen for it.
    ________________________________
  • Most ordinary people I talk to think that when they buy a product, they are a PURCHASING a copy of the program, with full rights to do whatever they want with it. What they are really buying is a license, and the UCITA legitimizes this practice.

    Actually you are buying a copy of a program. The software vendors don't want you to think so. Federal law gives you certain rights as a purchaser of a copyrighted work and a state law can not take those rights away. I expect that if it ever comes to it, most of the egregous provisions like reverse engineering and bad-publicity clauses will be found to be unenforcable.
  • When I pay for my software, I am paying for my physical copy of it, not for the right to use it. That's how I see it. That's how the majority of Americans will see it.

    Bullshit. The average American dosn't see it that way today. I don't see it that way today. If you were a software producer and tried to make that case in court, you would be laughed out of the courtroom. The software is worthless without the right to use it. It would be fraudulent to charge for it.

    You in fact have the right to use software under ordinary Federal Copyright law. You do not need a license to use it.
  • This reply is a real non-sequitor. The Federal government can regulate interstate commerce under the "commerce clause" which you have so thoughtfully reproduced.

    UCITA is a state law. It can not regulate interstate commerce. That is usually taken to mean that as long as a law deals with out of state parites in the same way that it deals with instate parties, it is not considered a regulation of interstate commerge.

    Now, what was your point?
  • I'd like to see someone make this argument in court. Federal Copyright law gives you "Fair Use" rights. No state law can take those rights away. You do have the right to use software that you have purchased consistant with Federal Copyright law. The software vendors would like it to be otherwise, but it just isn't so. The legal fiction that you aren't purchasing a copy is just that -- a legal fiction.
  • There is no single test. This Copyright FAQ [aimnet.com] (though somewhat out of date) addresses most of the issues. Please note sections 2.8 and 3.7. There are several other links of interest on this page.
  • Actually, one can't use a contract to get around a Federal Law. For example, Federal Law requires certain stafty standards in the workplace. A union can not negotiate those standards away in exchange for benefits or pay.

    It is a well established matter of law that contract provisions "contrary to public policy" are unenforcable. I'm familiar with this in the context of insurance law. Insurance contracts, like EULAs, are "contracts of adhesion" -- you either accept the contract as offered or decline. You can not negotiate the terms. Insurance law requires that I offer a "nonforfeiture provision" (i.e cash value) on certain types of insurance contracts. It would be cheaper if I could offer you an insurance contract without the cash surrender benefit, but I can't legally do that. Even if I wrote a contract without such a benefit, you could claim it. The contract can not take away rights that you have under law.

    Similarly (though the law has not been tested in a case that I could site for you) I think that a strong case could be made that Copyright gives you certain rights and that a contract (and especially a contract of adhesion like an EULA) can not take away rights that you have by virtue of a Federal Law.

    Links? Michael Froomkin's page [miami.edu] has information and links to a lot of current Internet legal issues.
  • My point is the these provisions of UCITA conflict with Federal Law. They should be struck down as such.

    I agree that most people would think that they are enforcable because most beople think that all the provisions in current EULAs are enforcable. Whatcha gonna do?
  • Your "freedom of speech" example is not a good one because there is no specific Federal law declaring unlimited free speech rights. Even if you do sign an NDA, you can be held accountable for your speech, but you can't be prevented from speaking. "Prior restraint" has been held to be unconstitutional.

    Let's say that in the course of your work, you discover a situation which has implications for the physical safety of others (perhaps a bug in a medical device). You argue for complete and immediate disclosure of the bug, but the company with which you have contracted has you under NDA and refuses to ackoledge the bug. You chose to violate your NDA and make a public disclosure. There may be consequences of your speech, but you can't be locked up to prevent you from speaking.

    There is a case (ProCD v. Zeidenberg [emory.edu], 86 F.3d 1447 (7th Cir. 1996) ) which ruled that "shrinkwrap licenses" are valid contracts. What is necessary for a valid contract is a "meeting of the minds" i.e. the terms must be available and agreeded upon. One means of demonstrating a meeting of the minds is a signature, but it is not the only way. Behavior can constitute an acceptance of terms.

    The ruling was that shrinkwrap licenses are valid on their face. It is not a ruling that all terms in shrinkwrap licenses are equally valid and enforcable. The important part of the ruling is that terms of a shrinkwrap license that are "objectionable ongrounds applicable to contracts in general (for example, if they violate a rule of positive law, or if they are un-conscionable)" are unenforcable.
  • I don't believe that your comments are accurate for all nerds. I've run into a few competent programmers who've actually bought into leftist "Round Earth" theories.
  • My feelings about UCITA are that it imposes such horrifying terms on customers that many businesses will turn to open source software to protect themselves.

    I wish I could say that were true, but its not. The fact of the matter is, most businesses haven't even read the licensing agreements that exist in mass market software and have no idea the kinds of restrictions that already exist in the EULAs and such, enforceable or not. This law simply legitimatizes these existing gestapo (sp?) restrictions.

    If businesses were aware of the restrictions that already exist, they wouldn't buy the software. Either that or they are aware of them and they just don't care. (I find this hard to believe, though). Case in point: the Microsoft EULA restricts reverse engineering, the McAfee license doesn't allow for negative reviews. Yet, there is no shortage of companies that use Microsoft Office or McAfee VirusScan. Companies either don't know about these restrictions or they just don't care.

    Most consumers are just simply clueless. They don't read the licenses and don't care. Most ordinary people I talk to think that when they buy a product, they are a PURCHASING a copy of the program, with full rights to do whatever they want with it. What they are really buying is a license, and the UCITA legitimizes this practice.

  • Right now, yes. But if UCITA becomes law then this will no longer be the case.

    My guess is that if most (lay) people were to read the software licenses, they would actually think that they are enforceable.
  • I understand your point of view, but my own experience is that most people are not stupid. They ignore current licensing terms because they are unenforced and unenforceable.

    Well, bear in mind that Slashdot readers, are on average smarter than the general population. I hate to say it but most people are basically ignorant of anything technical and especially software licenses.

    I'm not saying that they're stupid, merely uninformed. Ask your average grandmother what a software license is and she'll probably have no clue.

  • I think you have missed a very important paradigm. I may be struck down by lightning for heresy, but the fact is that Free Software is trying to fit itself into the wrong paradigm.

    Free Software, except in the last year, has been created by only three classes of people: hobbyists, researchers and ideologues. But what is happening now is that these people are trying to do is fit Free Software into the commercial software paradigm. I am fully confident these two opposing forces will synthesize a new paradigm of software development.

    But in the meantime, both of these paradigms, which are based on the voluntary transactions of individuals, are attempting to use government power to ensure their culture's survival. The commercial paradigm is attempting to use government power (through UCITA) to enforce its way. It takes no small leap of the imagination to foretell the Free Software paradigm doing something similar. It should strike nobody by surprise when calls for banning closed-source software arrive. And already there have been calls for government funding of Free Software.

    Both sides need to relax and lighten up. A new paradigm is coming and it is for the marketplace of ideas to decide what it will be. There will be a way for developers to sell their software while letting it remain free.
  • The next step for the software giants would be threatening to sue discussion boards unless they remove negative posts about software. Microsoft could sue /. if someone posted benchmarks for SQLServer. Currently, it's unenforcable (though most of these sites lack the legal resources to oppose a big company). This law would make it enforcable. That would seriously damage our ability to pre-evaluate systems.

    They could also try to sue Linus if a driver showed up that they felt was the result of reverse engineering their windows drivers.
  • Okay, maybe this is over the top, but something needs to be changed.

    I work for a small floundering software comapany.
    We are not wealthy, in fact we barely scrape by each month. My 5 years here have taught me that the general public has no respect for software licenses or software companies. They think that everything should be free. They will call on the 800 number that we pay for, talk to a paid employee and yet they can't understand why we have to charge them for our software. sheesh.

    I just want to scream people call and demand a free upgrade for the software they bought 4 years ago. "Microsoft gives away free software, why don't you..."

    It makes me crazy when people call and tell me that they installed one disk on all 100 machines in their office and they really don't care what the license says. "Well, the comapny paid for the disk so they should be able to install it anywhere in the office...right..."

    So yeah... maybe this proposed license is over the top, but something needs to be changed.
  • UCITA handles these objections better than the status quo.

    First, you are not able to see the license until you pay for the software.

    True, UCITA does not require mass market licenses to be available, although it does require the existence of the mass market license to be disclosed. However,

    Second, most retailers have a no-refund policy for opened software. Don't agree with the license, too bad. They already have your money so their is not incentive for them to speed the refund process.

    UCITA fixes this. The contract isn't enforceable unless a return is permitted, together with reimbursement of reasonable expenses incurred and compensation for costs of getting back to the status quo. Under the status quo, there are no such guarantees. The critics don't focus too much on that kind of thing in their analysis, do they?
  • UCITA Section 209(b):


    (b) If a mass-market license or a copy of the license is not available in a manner permitting an opportunity to review by the licensee before the licensee becomes obligated to pay and the licensee does not agree, such as by manifesting assent, to the license after having an opportunity to review, the licensee is entitled to a return under Section 112 and, in addition, to:

    (1) reimbursement of any reasonable expenses incurred in complying with the licensor's instructions for returning or destroying the computer information or, in the absence of instructions, expenses incurred for return postage or similar reasonable expense in returning the computer information; and

    (2) compensation for any reasonable and foreseeable costs of restoring the licensee's information processing system to reverse changes in the system caused by the installation . . . .
  • Hi right back at you Leo!

    Absent the UCITA, either shrinkwraps or the GPL (or both) may be found to be non-binding. If so, then default conditions of law apply. If the GPL is found to be non-binding, then copyright law by default precludes you from making and distributing copies.

    Leo's point is salient, but only so far as it goes. The recipient of GPL'd code who is not bound by GPL is entitled to do all sorts of things with it, so long as he or she doesn't infringe the copyright in the work. This can include using the code to write a detailed specification for building a knock-off, and in many cases using large snippets or ideas drawn from the code for proprietary projects, so long as it can be justified as fair use.

    If GPL becomes binding under UCITA, things become far more interesting. The same hand that binds us under non-reverse-engineering provisions with proprietary code binds the OSS "thief" who would take open code proprietary.

    It all depends whether you buy RMS' argument that the GPL handcuffs are necessary to keep the software free. If you do, then UCITA helps (ironically from the point of view of most UCITA advocates) to enforce those tenets. If you do not, then it doesn't matter.
  • It is my firm belief that, in retail venues, Right to Use is concomitant with purchase. I think a software publisher would have an uphill battle arguing that a person who lawfully obtained a piece of software can't lawfully use it without an enforceable "agreement" in place.

    Belief doesn't equate with truth. At least under the cases I have read, it seems fairly clear that these "licensed copy, not sold goods" provisions have the effect their plain meaning announces.
  • I've got legislators on the lookout for it, and checked with the Attorney General. If they try to backdoor it, it has to come through one of the committees they're on. And as a longtime friend, they owe me big time if they don't even tell me when it comes through.

    But I would worry about Virginia, New Jersey, and Maryland. The corporate HQ concentration there makes it highly likely to be a State of first invokation.

  • Yeah, but

    No Jail Time = Cost Of Doing Business

    Until you make the Board of Directors and Execs do jail terms, it's meaningless. A cost of doing business.
  • Actually, that won't save you. Did you forget about Free Trade and NAFTA? You already bought in to our legal system if you buy US software.

    Sigh.

  • Exactly. I hold a series of copyrights to terms that are probably used in many modern gaming systems, on file at the Library of Congress (under my old double-hyphen name). If I chose to enforce those, I could probably ruin the modern gaming industry.

    UCITA can effectively allow various monopolies and quasi-monopolies to control many things under the guise of "consumer protection".

  • Next thing you know you'll be saying that Corporations should have to provide some public good (true until 1930) and should be liable for their actions (true until the 60s, 1965 I think).

    ;-)

  • In my day we had to write the assembler code by hand and compile it ourselves. Then we had to manufacture the floppy disks ourselves and mail them. And we had 8 inch floppies. None of this CD-ROM stuff.

    And we didn't have help desks. We didn't even have 1-800 numbers. And 1-888 numbers didn't exist. We dialed the phone manually, and it was a rotary phone. And since there was no voice mail and no call waiting, we had to hope they were in the office when we phoned. If they could afford an office. Or a phone.

    And if you wanted to download the patch, you had to connect at 110 or 300 baud.

    And we liked it ...
  • I've had extensive discussions with some of the Washington State Reps and Senators on this issue, including some of those on the Technology and Commerce committees (which have names I can't recall right now). I believe you are misstating the true impact of UCITA.

    A wolf in sheep's clothing, actually. Under UCITA, if it passes in Virginia and Texas, they could get a judge in Texas to allow a firm to get the back door access to a firm in Virginia, provided they did business there. And, with the Net, that's not hard to prove. You just have to shop around for a judge who gets elected in a city where this issue might mean a lot of cash to his reelection campaign.

    My extensive involvement in politics leads me to believe this will occur, regardless of all the "it can't happen here" statements of UCITA defenders. Just like the Roth IRA will be taxed by the time I retire. Politicians, and judges in many states, will do what works for them and come up with a fancy reason why it's ok.

    I'm not saying there aren't some good concepts in UCITA, I'm saying that the approved language is severely flawed in practice and implementation. These issues do need to be addressed, but not at the cost of consumers who are supposed to read pages of inserts in legalese with their bills which refer them to a web site that changes the terms of their contract which they haven't even read. It's like buying a house - when I did it, I read the contracts, which very few people do. And I found three substantial mistakes, by doing so, that could cause trouble down the road.

    Ignorance under the law means you lose and the lawyers on the other side win.

  • Not if there is an NDA agreement in one of the cluases. Many companies now exclude the right to review or benchmark the product. Since UCITA will be enforceable under contract law, they could just as easily stick in a 'can not reveal the terms of this agreement' clause.

    And which company would use that? They'd have to be a monopoly ...

  • But the contents of the license agreements will become widely known.


    Not if there is an NDA agreement in one of the cluases. Many companies now exclude the right to review or benchmark the product. Since UCITA will be enforceable under contract law, they could just as easily stick in a 'can not reveal the terms of this agreement' clause.

  • So if Microsoft suddenly enforced this law in the US, and by accident one of the disabling emails went to a user in the UK, then Bill Gates or Ballmer would get an extradition notice because they are ultimately liable for Microsofts software. The next time they came to the UK they would be arrested and thrown into Jail awaiting trial, which could take up to a year to occur. When found guilty of breaking the Computer Misuse Act (basically by knowingly hacking into a computer by having installed a backdoor into the software - altering the contents of the hard drive, and disabling software) they would go to jail and have a nice criminal record.

    Who needs BackOrifice? BackOrifice will become semi-legal under this new law! (sort of :-)) All software will become mini-backorifices in a way!


    ~~

  • One major difference between the typical EULA and the "I am not a lawyer" disclaimer is that the EULA seeks to remove rights you have always had, and the IANAL seeks to remind you that you never had the rights to begin with.

    Another major difference is that the IANAL disclaimer is made by someone who, by law, cannot dispense legal advice -- and is stressing that fact. A software company, on the otherhand, openly advertises it's services and products, and makes boldprint claims of what they do -- that the EULA tries to take away.

    If you were to take your Porche to the local Ford mechanic for repairs, and they said "We don't know Porche's all that well, our expertise is in Fords. I'd recommend going to the Porche dealership instead.", but agreed to try when you insisted, I don't think you'd have any recourse if they broke your car.

    But if the Porche dealership broke your car, then pointed to the fine print on the back of their invoice disclaiming all responsibility and all warrantees... A good lawyer would have a field-day with that.
  • Don't people realize? A pure free market just brings about Darwinean competition - survival of the strongest and most brutal. In a pure free market, Microsoft would have no checks on growth and control of the market. (Of course, they've had few or no checks so far, but that looks as if it's about to be rectified.)

    We need regulations so that those with power are obliged to use it for the good of all. This particular legislation is bullshit (an aphorism for "of negative value"), but the idea of legislation is sound.

    We need to establish goals (like, reward useful works, promote social and economic progress, etc.) then establish laws and rights to promote those goals. Every law or right should indicate which goal it promotes.

    Then we can examine the goals for fitness with the current culture, and re-examine all laws designed to meet those goals if the goals are found wanting. Laws are examined for their fitness to promote their goals, and changed if necessary.

    The problem with the laws now is that corporations have gained power and the current legal system and culture allows them to continue and increase that power. One bribed judge or jury in a precedential case can pollute the law for all time.

    It is time that we realized that a corporation is a fiction, and any law we make to promote their interests at the expense of human interests is bullshit. Laws and rights should be there to make people's lives better. While those who organize the production of massive amounts of goods (i.e. leaders of corps) should be rewarded well, we should not then allow them to take their rewards and use them as leverage to take wealth needed by the poor or those of modest means.

    Also, if the law is wrong, violate it! I am not a history buff, so someone correct me if I'm wrong... I believe Thomas Jefferson himself said that a juror who believed that the law the defendant broke was unsound, that juror is obligated to find the defendant not guilty. Now this is one of the guys responsible for making the US law in the first place! Civil disobedience to bad laws is not evil, it is your obligation! You shouldn't need an argument from authority to confirm this, it should be self-evident. Just because some group of other people tell you to do something bad doesn't mean you should do it. Whether the group calls themselves the government or not is immaterial.

    I guess my rant is over now. Ran out of steam.
  • why so much emphasis on the various 'nix flavors?

    This is because diffrent people like to do things diffrently and we generally consider a reasonable ammount of this to be a good thing (like GNOME vs. KDE) as it keeps development from stagnating (for both psychological (compotition) and technological (one project might write it's self into a corner) reasons).

    Why isn't this same sort of vigor and energy being put into applications that could shift the general user base over to linux?

    Well some of those applications you are talking about have a fundamentally bad design (microshit bloatware), i.e. they really should be collections of tools and not applications. The problem is figuring out how to get all the same features in a more forward thinking package.. which really is more work.

    The applicatins which are not fundamentally bloatware (CAD, Databases, Graphic Arts, ERP, etc.) are actually hard to write (example: you need to know some engenering to write the CAD package features). The best way to get these sorts of packages open sourced is to get a VC (venture capitalist) who is willing gamble on the idea that OSS will eventually kill the compitition. There is a very promissing CAD package which is currently on this road. I would expect to see an ERP package with some serious VC backing in the near future (the VCs will like the idea of giving away the source if they know that people will need to come pay the company to change it, like with ERP or CAD). I don't know if something like Director requires enough custimization to be a viable comersial OSS effort.


    Lots of people have been posting about how wonderful this would be for Linux and the GPL, but I would like to point out that any sort of erroding of our freedoms here could be a real problem with things like music and movies. Imagine, you start using ad blocking software only to have a cop show up at your door because a virus in the content of a movie you wantched detected it. What is good for Linux and the GPL is the scare software consumers with this legislation. Example: Tell your local CAD users about this shit.. and then point him to OpenCAD/CASE (name?). Result, the legislation fails and the CAD users have learned something about Linux and OpenCAD. Example: Push the common people to learn about OSS wordprocessors because they might someday need to use it to finnish a letter before they can renue there Word rental.

    This legislation creates fear in the hearts of closed source consumers once they understand it.. we should use that to evangalize.


    Jeff
  • I've had the most success with paper letters. And I've been writing to my legislators, off and on, for years. Sometimes I'll get a response to e-mail, but classic paper mail really fits the culture well.

    Did you know that quite a few legislatures require men to wear a coat and tie while the body is in session?

    A paper letter, spell-checked, with proper structure, fits well into that kind of culture.
  • In addition to writing your legislators, on paper, with good spelling and polite language, I would recommend talking to your purchasing department.

    If you've ever been asked which product to buy, or participated in an RFP, those are huge opportunities to influence the process. Calmly explain to purchasing all the bad things in UCITA. Try to get a standard clause in all your purchase contracts to get all vendors dealing with your company to waive UCITA.

    If you're dealing with vendor marketing, tell them you don't like UCITA, and products that don't come encumbered with it's trappings will rate higher in your evaluations.

    When dealing with your peers, enlighten them on UCITA, and get the word to spread.
  • For Immediate Release
    Contact: Skip Lockwood, 4CITE Coordinator, 202-257-7007
    Press Conference: January 7, 2000
    8:30-9:30 a.m.
    Virginia Capitol Building
    House Room 5 "The Press Room"
    Richmond, VA


    Business and Non-Profit Coalition Urges Caution during Consideration of Legislation Affecting Software Purchasing

    (Richmond, Virginia ? January 7, 2000) ? Fearing an erosion of the user rights of consumers and businesses, a coalition including Virginia
    business leaders and public information advocates today urged state lawmakers to cast a critical eye on a proposed new law on computer software and on-line services. The coalition, known as "For a
    Competitive Information and Technology Economy" or 4CITE, has been formed to oppose the Uniform Computer Information Transactions Act(UCITA).

    The Joint Committee on Technology and Science of the Virginia State Legislature (JCOTS) will expected to report on UCITA today. Even
    though a broad range of consumer and business groups expressed opposition to UCITA before the JCOTS advisory committee, the advisory committee on Tuesday of this week favorably recommended UCITA to the full committee. Several members of the advisory committee voted against the proposal.

    Opposition to the controversial proposal is mounting. 4CITE is a diverse coalition of pro-electronic commerce business and non-profit
    end-users and developers of computer information technology. "We support the development of high-quality computer and information technology and the growth of fair and competitive markets in technology licensing and electronic commerce. But UCITA is unbalanced, anti-quality and anti-competitive and will not promote these objectives. It provides no benefit to the Commonwealth of Virginia or its citizens, other than burdening the courts. We should think long and hard before tinkering with the engine of Virginia's economic growth," says 4CITE director Skip Lockwood.

    UCITA is controversial not only with users but also within the software industry itself. Numerous quality and software development associations have come out in opposition to UCITA. Additionally, alterations in the purchasing playing field deeply concern library and educational organizations. "The fact that you will not know until after you buy software that it comes "as is", like a used car, is just one of UCITA's many problems," said consumer advocate David McMahon.

    The Uniform Computer Information Transactions Act would grant broad new powers to software and information vendors at the expense of businesses and consumers. As currently drafted this legislation would:
    * Allow software and information vendors to shut down mission-critical software remotely, without court approval and without liability
    * Allow software vendors to avoid liability for damage caused by known defects
    * Allow software vendors to prohibit the transfer of software from one company to another, even in the course of a merger or acquisition
    * Allow software vendors to impede the development of innovative products
    * Allow software vendors to collect confidential information about businesses and consumers
    * Binds a user to terms disclosed only after the user has paid for the software and then grants software vendors the right to change terms of the contract unilaterally by e-mail
    * Curtail the use and circulation of public information
    * Deprive consumers of adequate legal remedies
    * Dramatically shifts the balance of existing contract law in favor of software vendors when contracting with businesses and consumers
    * Through "shrink-wrap" or click-on licenses, undermine libraries', abilities to preserve, make fair use of and lend information products.

    Virginia is not the only state that needs to be concerned with UCITA. It is anticipated that a version of UCITA will be introduced in several states in the U.S. over the next year. 4CITE will vigorously oppose UCITA wherever it is introduced.

    Members of 4CITE are:

    American Association of Law Libraries
    American Library Association
    Art Libraries Society of North America
    Association of Research Libraries
    Caterpillar Inc.
    Computer Professionals for Social Responsibility
    Digital Future Coalition
    Electronic Frontier Foundation
    Infoworld
    International Communications Association
    John Hancock Mutual Life Insurance Company
    Law Office of Cem Kaner
    McLane Inc.
    National Consumer Law Center
    National Humanities Alliance
    Principal Financial Group
    Prudential Insurance Company of America
    Satisfice, Inc.
    Society for Information Management
    Special Libraries Association
  • The Independent Computer Consultants Association represents independent CUSTOM programmers. After studying several versions of the UCITA proposal to let vendors shut down customers, they recommended:

    (1) UCITA should BAN "self-help" (sending a shut-down message to the customer's computer)

    (2) UCITA should allow a custom software developer to get an injunction against a customer (a court would shut down the customer, after hearing the facts) and require the customer to pay the developer's costs if the court granted the injunction. This makes the action affordable for the custom developer but protects the customer and the public (when you shut down a hospital's software, you don't just affect the hospital) from unreasonable shut downs.

    The Society for Information Management (representing large customers) also supported this proposal even though their members would end up paying the costs of some injunctions.

    The UCITA committee repeatedly rejected this proposal and variations of it.

    Another issue -- my core issue -- with the self help provision is that it creates a hole in the customer's security. There is now a way for a remote party to send a message that shuts down the customer's system. The vendor/developer will be liable if IT sends that message without authorization, but what if someone else figures out how to send such messages? (e.g., a disgruntled former employee or a cracker?) The vendor has no liability in this case, and a contract provision stating that the VENDOR will never use self-help doesn't protect the customer from third parties taking advantage of the built-in shutdown routine.

    UCITA encourages the adoption of this style of contract enforcement, and thus encourages the creation of new security risks for customers. There are better ways to protect developers' rights.
  • Good thinking, but the drafting committee walked through this idea with care, to make sure people couldn't do this.

    If you make a copy of a program (onto your disk or, in the 9th Circuit -- Washington, CA, etc -- into memory so you can run it) then EITHER

    (a) you are making a licensed copy (you agreed to the terms of the license)

    or (b) you are making a copy without permission, i.e. infringing the publisher's copyright.

    So, you get the rock or the hard place. Take your pick.
  • You would think that large non-software companies would hate UCITA, and some are fighting it, mainly insurance companies.

    UCITA looks like a precedent to several large companies. Chrysler (a car company) strongly backs UCITA, for example.

    Think about all those consumer protection rules that apply to traditional merchandise and then think how cool it would be (if you sold cars, for example), if you could get rid of them.

    The National Conference of Commissioners on Uniform State Laws (the people who brought you UCITA) are currently working on Article 2 of the Uniform Commercial Code (this is the Law of Sales in 49 of 50 of the United States). The Article 2 Revision Drafting Committee refused to adopt some of the shrinkwrap contracting terms into Article 2 last year. They were then treated so badly at the national meeting of NCCUSL annual meeting that the Reporter (senior author) and co-Reporter (second author) of the Article 2 revision resigned after about 12 years of work on the update. Several other members of the committee resigned and there is now a new, improved drafting committee working to revise the Law of Sales.

    UCITA is not just about software. It expresses a "post-consumerist" philosophy about law and economics, one that can be (and is being) applied in many contexts.
  • "Software publishers should be held responsible for gross negligence or for intentionally witholding essential information from the customer, but no more than that."

    Funny thing, but I proposed that exact idea. So did Ralph Nader. So did the Independent Computer Consultants Association, the Association for Computing Machinery and the Institute for Electrical and Electronic Engineers.

    The problem is, it holds software publishers accountable for gross negligence and for withholding essential information (we said, records of known defects) from customers. Several publishers don't want to be accountable for anything.
  • in The UK the Law lords decided a few years ago that many of the terms in software licences were in fact Illegal. before this the software coumpanies basically took the attitude that If you opened the box it was your own problem.

    But the law lords decided that the sale of software came under the sale of goods act and so the software companies should no longer be able to get away with selling you things that are unfit for their proposed use, or charging you to fix problems that they know about when they ship.
  • Given a choice between having software that can be remotely turned off on any pretext a licensor might wish to cite, and having stable software which legally cannot be taken from them, which would a prudent business choose? One imagines the latter.

    You would hope so, wouldn't you? You'd be wrong. In any large company, the majority of software purchases are not made for technical or financial reasons, they are made for political reasons. The software to buy is decided on by going for the software house that offers the best incentives to the *person* (not the company!) buying the software. I've experienced this a great deal, as I'm sure many people here have. $500,000 per-licence software bought without consultation or review by the people who will be using it, without review by the people who understand the requirements, but bought by someone who has the budget and the authority to make people use it and to cut off the alternatives.

    Only small companies and small groups make good decisions. Larger companies merely stumble along with the momentum created by many stupid decisions. If this law is passed, then the companies will respond not by changing their vendor, but by implementing more auditing, more processes and more forms to be completed. This is the nature of a medium/large company.

  • Everybody is saying that this is going to be a boon for Linux and OSS because people will move away from shrinkwrapped software. People get so caught up in thinking that Linux is the one true OS they forget that something like this is a bane to people who's living is dependent on the so-called 'shrinkwrapped software'

    Take me for example. I'm a musician. I have a USB MIDI interface. I use Cakewalk (sequencer) and I use a whole slew of DirectX, VST, and TDM plugins to aid in my creation. I have used linux before, infact, the box is sitting at my feet as I type this. If there was equivalent software for linux (drivers for the MIDI interface, and comprable sequencer, and comprable plugins) I'd fly over to Linux in no time flat. But since there isn't, I can't and Linux is forced to remain a hobby. And even if something like this was passed, I would still be forced to use shrinkwrapped software, because there is no viable alternative.

    What's good for the goose isn't always good for the gander. But this is bad news for everyone, especially people like me with no place else to turn.


    warning - due to inflation my .02 cents might be high than yours. be sure to convert wisely.
  • Maybe Im a pessimist, but I think you are fooling yourselves if you think the big, wealthy corporations are going to let open source cut their profit margins that much.
    The Information Age notwithstanding, most big, wealthy corporations would gain if all software became free tomorrow. Think of the amount of money that General Motors or Mobil spends on commercial software. Even some businesses supported by software make not a cent from sales; AOL gives it away in order to sell their services and content.
    Of course this insanely stupid proposal will probably be a benefit to OSS in the short term, but wont that very fact lead to anti-OSS legislation?
    That's utterly impossible in the USA. The First Amendment trumps "national security"; there is no way that an anti-OSS law could survive a free-speech court challenge. Besides, all the huge corporations whose lifesblood currently flows thorugh networks powered by Linux would have a lot to say about this before it ever got out of committee... which it probably wouldn't.
    --
  • In the meanwhile, don't buy a product with a license you don't like -- that is YOUR choice. If you open the license and decide you don't like it, return it -- that is YOUR choice.
    Given that:
    1. You can't see the license until you've already paid for the software and taken it home (and maybe already installed it), and
    2. You are not allowed to return the software after installing it,
    exactly how do you do what you propose? The software company doesn't care, they have your money and immunity from suit. Any negative consequences for them are months or years away, and in the mean time, you suffer. Not a good deal.
    --
  • You're actually raising a good point. It would mean that I (since I live in Canada) could reverse engineer the think legally and sell it, while an american company couldn't. It would basically mean it's an american law that shoots in the foot of americal software companies (not that it would be the first). Though of course as always, they'd try to impose the law to other countries (again Canada first) and I predict the same response as for the "anti-trading with Cuba" law (Helms-Burton or something). (As a reminder, the response was: "screw you")
  • Maybe Im a pessimist, but I think you are fooling yourselves if you think the big, wealthy corporations are going to let open source cut their profit margins that much.

    Of course this insanely stupid proposal will probably be a benefit to OSS in the short term, but wont that very fact lead to anti-OSS legislation?

    Lets face it, the big companies has a lot of money, lawyers and lobbyists, and as we know; politicians are up for sale. Of corse they will try to disguise it to be in "the interest of the nation", or industry, or even the consumers (Sic!).

    The primary function of laws is to protect the rich and powerful from the poor and powerless. It has always been thus.

    /Dervak

  • It seems to me that this is what Linux and other fair-play alternatives to closed source need to finally go mainstream. This law would let some intellectual property publishers to take advantage of consumers, but to behave badly is always voluntary. Not all consumers are stupid, and most of the smart ones will need worthwhile alternatives.

    I am in Spain, an European country. Although this law could be a problem in the USA, European politicians like to borrow American ideas (we are about to allow software patents, for instance). If some law is approved and suddenly it is legal for my competitors to make their customers feel robbed and betrayed, some of them will take advantage, but I will not. If we play fair, our customers will help us to win the war.
  • Licensors can exclude incidental and consequential damages even when an agreed remedy fails of its essential purpose.

    Ironically, the Badsoftware page has this disclaimer (at the bottom of the page):

    "The articles at this web site are not legal advice. They do not establish a lawyer/client relationship between me and you. I took care to ensure that they were well researched at the time that I wrote them, but the law changes quickly. By the time you read this material, it may be out of date. Also, the laws of the different States are not the same. These discussions might not apply to your circumstances. Please do not take legal action on the basis of what you read here, without consulting your own attorney."

    i.e. The material on the page may not fulfil its essential purpose.

    Now this doesn't sound all that different from the standard disclaimer of warranties found in all software licensing agreements does it?

    Software publishers should be held responsible for gross negligence or for intentionally witholding essential information from the customer, but no more than that. When I write a piece of software, I cannot guarantee that it will function in a certain way, even if that is the essential purpose of the software - software is simply too complex. e.g. if I write a piece of software for securing a system, I cannot guarantee that the system will now be uncrackable. Placing unreasonable demands on software developer will have a chilling effect on software produced in this country.
  • I have followed the development of the UCITA for several years with interest, prompted by the continuing coverage in InfoWorld [infoworld.com]. This article repeats many of the criticisms of the UCITA that have been aired elsewhere:


    • The new law allows software sellers to include various security measures (such as back doors) in their license agreements.
    • The new law allows sellers to incorporate all kinds of use restrictions in EULAs, and to make those EULAs binding based on something as simple as opening a disk envelope.
    • The new law does not require disclosure of known bugs, or provide any remedies (other than those provided by other consumer protection laws) when the end user discovers those bugs while using the software.

    The conclusion seems obvious: This is a BAD THING. But before we just snort in derision and click to the next SlashDot topic, let's look a little more closely.


    The UCITA addresses two markets:

    The first thing to recognize is that the UCITA is written to define rules for two different markets: the consumer (or mass) market, and the custom software market. The UCITA would apply if you went into Circuit City this afternoon and bought a copy of Leisure Suit Larry for Linux. It would also apply if your corporation hired a small boutique firm (like, say, mine) to create a distributed e-commerce logistics project linking raw material vendors, transportation partners, and corporate customers. One is a $29 transaction paid with a Visa card. The other is $200,000 or more of development work. As the UCITA has been discussed, all too often enthusiasts (both pro- and con-) have tended to blur the distinction--citing provisions meant for one circumstance as the kind of Really Bad Thing (TM) that could happen in the other.

    The Insidious Trap Door

    No better example exists than the Insidious Trap Door(tm) argument. Buy a copy of Leisure Suit Larry for Linux, goes the argument, and someday the developer can send electronic minions scurrying through your modem to disable the software (and copy the contents of your hard drive).


    Um, no. The UCITA gives a vendor the legal ability to include a provision permitting that in a contract that both buyer and seller sign. That means that a seller can try to include such a provision, but the buyer doesn't have to accept it. The provision is not for consumer software--if Leisure Suit Larry for Linux included a back door the entire world would hear about it in every review of the game. We'd all fuss and fume, and CmdrTaco would create a bitmap graphic for TrojanWare and tell us all about it.


    What that back door provision does is overturn a common way for custom software developers to make sure that they get paid. In the custom software business it is common for small projects to be billed in thirds: one-third at the time the contract is signed, one-third at the time the software is delivered, and one-third 30 days after delivery. However--it is all-too-common for customers to make the first payment, make the second payment, but stiff the developer for the third payment. If the developer is in a different state, the developer's only recourse is to sue in federal court. And you can't bring a civil action in federal court unless the actual damages you are claiming (not potential damages, or damage to your reputation, etc.) is greater than $50,000. If the total job was $45,000, an out-of-state customer can stiff you for the last $15,000 and there is precious little you can do about it. (Lawyers will suggest that there are other remedies--such as suing in the buyer's home state, etc.--but the long and short of it is that the client can stiff you, and you have no options.) The UCITA provides a legal form of defense for the developer for this circumstance: a Trojan.


    EGAD! A Trojan!
    Oh, relax. Years ago I worked for a small company that dominates the market for accounting and marketing software for book publishers. They sell on the thirds principle, and have on occasion had trouble getting that last third. Their software now checks the system date: if the last payment has not been made, at 75 days each operator is warned that "a system issue needs to be addressed. Have your supervisor contact us." At 90 days the operators are warned that "a serious software issue exists. Have your supervisor contact us." At 120 days the operators are prompted "your employer has not paid an outstanding invoice for more than 120 days. The system will not function until the outstanding invoices are paid."


    That was extremely effective--until Virginia banned the practice. All of a sudden it is a lot tougher to get paid by a client in Virginia--they know your only option is through the courts, which effectively means you're screwed. The UCITA lets my old employer put that Trojan back in, to make sure they get paid. (Truth in messaging: my company does not do that. We typically provide the source code to the client, and often have one or more of the client's programmers working with us.)



    The Good Side of the UCITA

    A couple of the elements of the UCITA that have not been highlighted enough are the "warranty of merchantibility" clause, and the "accidental click" clause. These are Good Things. The Warranty of Merchantibility is a hifalutin way of saying "lemon laws." If you buy a car in most states and it turns out to have all sorts of defects you can generally bring it back to the dealer and get your money back. The car you bought fundamentally does not function as an automobile--it is not suitable for the purpose for which it was sold. Back it goes. The UCITA gives you the same protection: buy a copy of Leisure Suit Larry for Linux and take it home. Open it up, install it, and discover that it only works on, say, LinuxOne. (Because of all the supersecret custom LinuxOne development, of course.) Well, if it only works on LinuxOne (or only works on KDE) then it isn't suitable for use on other Linux computers. Under the warranty of merchantibility you can take it back and get a refund.


    The "accidental click" clause lets you install an app, click on the "I Agree" button, and complete the install. And then say, "oh--I don't want this." and send it back. You'll have to read the fine print to see the time limit (you could not say, "oh--I don't want this" 90 days after you installed) but at least you can look at the software, and see if it installs, without losing all your rights.



    All in all, this is probably a good thing:

    All things considered, this is a good thing. Yes--in theory consumer software can now include stupid rules in the EULA. In practice software companies will discover that pissing off your customers is not a good business strategy. This will have a much bigger impact on the custom software marketplace, where small vendors will be able to negotiate reasonable contract provisions.
    The big losers in this are the lawyers--the UCITA spells out the rules of the game, so you don't need as much legal help to make up the rules as you go along.



    PS: For those who would object that Leisure Suit Larry for Linux should be Open Source or GPL'd, let me refer you to http://www.theresnosuchproduct.org. JM

  • .. thank god I live in Canada.

    Suffice it to say, this is just plain nasty. I suspect that IF this passes and becomes a de facto standard in the United States, then Canadians and other US Trade partners are going to be seeing government attempts to enforce similar legislation, assuming that the idiots are foolish enough to try and pass this thing in the first place. Obviously, software marketers are going to want to be able to sell software overseas and be able to enforce the same lucrative conditions that they have at home, and I bet they'll be pulling the strings in an attempt to get this happening.

    Since it does have to be approved at the state level, hopefully we can see some boycotting in action and some public awareness happening. If not, well, then, as everybody says, looks like GPL'ed software's gonna skyrocket. Thank goodness my latest GPL product, GNOME Armpit (ARMPIT: A rewritten mikmod-powered impulse tracker) is nearly done.
  • What business would possibly purchase software that legally allowed the creator of the software to shut it down remotely at a whim. That kind of clause would make go elsewhere if the developer put something so laughably ridiculous in thier license agreement. Open Source would certainly get a boost, as well as software companies that basically look at this an idiotic attempt by the larger companies to gain control. (damn, i'm in paranoid mode, sorry) After all, if you advertise "We won't shut your system down like *THEY* could", also putting an nda into the license agreement is pure lunacy. How does technical support help the client if by virtue of license agreement aren't allowed to talk about it. Or especially if someone else decided to help a friend navigate a specific program. Doing so under such an agreement would be tantamount to corporate espiage (sp?). Sure an nda makes perfect sense in beta software, in a controlled release environment. But releasing such an agreement to the general public would be like giving everybody a Ferarri and saying you cant drive it because someone might see it. I may be ignorant here, I might be makeing a mountain out of a mole hill here, is that what I *think* is going on here?
  • Software companies have been depending upon this for years and years. Do you think id software would have been built by doom and quake if just anyone could clone their game??? NO.

    Of course. And we all remember the lawsuits that id issued against all the Doom and Quake clones..oh no, hang on, were there any? Anyway, you seem to be referring to code theft, which is a rather specialised form of reverse engineering, and already accounted for in law. If someone does reverse engineer your software and steal either your code or your methodologies then these can both be offenses covered by prior statute, namely those covering copyright and patent. No need for extra protection.

    It is not a "bad" law. I guess free software people don't know much about commercial software, but all commercial software has had license agreements you click to accept for years and years. This is how they make money.

    I guess people who use commercial software don't always pay much attention to what they're clicking on. Agreed, the business model is usually to trade money for a right-to-use license, but the whole point this is that up until now, these licenses have had many clauses which were widely regarded as unenforceable. In fact, in legal circles, there is considerable doubt about the validity of mass-market (non-negotiated) licenses, full stop.

    This is a law that was a long time coming I guess, and it will let the makers of good software relax that a real law is backing up their license agreement that more or less said the exact same thing.

    So, let's get this right. You're happy to support a law that will

    • Let softies get away with producing shoddy, sub-functional or non-functional software, against which you have absolutely no chance of claiming any kind of compensation no matter what form of personal or financial injury you suffer due to the software's failure to perform.
    • Allow them to prevent reviews or benchmark tests of their products
    • Encourage proprietary lock-in strategies and lead us back to the dark ages of non-interoperability (clue: you know this funky Internet thing you're using? It only exists because of interoperability).
    ? I mean, really? If so, you're just the sort of citizen I require to help form my new police state: quiet, subservient, gullible...

    Plus a law will make the licensing for all products uniform, and let the consumer know exactly what they can and can't do.

    You know, I'd laugh if I didn't feel like crying. Ok, listen carefully, I'll only say it once. This law will let any software manufacturer put any clause they feel like in their licenses, and this is the kicker, change the terms of the license anytime they feel like it, after you've accepted the license.

    Wake up and smell the coffee.

  • In net time this little tagline is _old_ beyond belief. It's almost finished it's predictions.. 'cept for the encryptation one.. mind you if the nsa can just turn the software off when it wants to...

    "First they came for the hackers.
    But I never did anything illegal with my computer, so I didn't speak up.

    Then they came for the pornographers.
    But I thought there was too much smut on the internet anyway, so I didn't speak up.

    Then they came for the anonymous remailers.
    But a lot of nasty stuff gets sent from anon.penet.fi, so I didn't speak up.

    Then they came for the encryption users.
    But I could never figure out how to work PGP anyway, so I didn't speak up.

    Finally they came for me.
    And by that time there was no one left to speak up."
  • We will have to beef up the network security to keep crackers from deactivating the software...

    Looks like a few hundred hours of consulting fees from every business in the world...

    Life _is_ good. ;)
  • by Anonymous Coward on Thursday January 13, 2000 @09:07PM (#1373944)
    This stuff isn't property. The name "intellectual property" was invented by lawyers trying to create a permanent monopoly right out of a bargain made by the state for the good of the people.

    If the people don't like the bargain (and I don't) then it must be abolished. Increasing levels of piracy is a sure sign that the people, and therefore the state will soon end this bargain and return to the common law principles which prevailed prior to the introduction of Copyright.

    Moaning about the "artists need to protect their work", is missing the point. We have more artists than anyone can think of a use for, so why encourage more of them? And worse more Media Companies and Agents and other parasites who don't provide any value in a world where the means of distribution is in the hands of the people.

    Government protection for industries which have outlived their usefulness is wasteful and inevitably doomed to fail. If the music industry can't provide more value than my mate Dave with a CD Recorder, why am I paying them $10 more? It certainly isn't going to the "artist" who created the music...

    If you are an artist and want my money, ask for money - don't whore yourself to a huge megacorporation so that they can bully me into paying $5 on the cent for your work. Why would I respect someone who does that?

    PS Yeah, I write software, and my friends are in bands. I do not pirate
    software, but I want a new deal, and an end to the bad Copyright bargain.
  • by Anonymous Coward on Friday January 14, 2000 @12:27AM (#1373945)
    When they came for the warez kiddies, I did not stand up, because I don't copy software.
    When they came for the hackers, I did not stand up, because I don't reverse engineer software.
    When they came for the code kidz, I did not stand up, because I don't crack software.
    When they came for me, there was no one left to stand up.
  • by clasher ( 2351 ) <bkeffer&thecommandline,org> on Thursday January 13, 2000 @07:47PM (#1373946) Homepage
    This is not a good thing. Something like this only keeps technology from progressing. The software industry should (and perhaps someday will be) handled more as math and sciences are. Information should not be bogged down by licenses. What if math equations and scientific ideas could be patented and licensed. Society as a whole would not be as advanced as it is if I had to pay every time I wanted to add. Of course science is at times commercialized but it seems that people perceive science as something which must be free.

    What needs to be done is to sway people's notions of software towards that of a science. People must be convinced that software is like math, something which can help mankind only if it is not comlpetely restricted.
  • by Chas ( 5144 ) on Thursday January 13, 2000 @11:56PM (#1373947) Homepage Journal

    Doing nothing about it isn't an option.

    Giving up a freedom may seem easy. Gaining that freedom back, after it's gone is a complete bitch.

    Howsabout when everything is regulated to the point that you cannot do something you want or need to do without buckling down and submitting to such claptrap as UCITAS or something similar?

    Sure, YOU have the luxury of saying "I ain't gonna us it", but what about others who don't have the same luxury?

    I understand the sentiment. I'd dearly love to see these bastards stewing in their own juices. Unfortunately, the damage they'd do on the way down is unacceptable.

    Something like this needs to be FOUGHT. Not avoided.


    Chas - The one, the only.
    THANK GOD!!!

  • by trims ( 10010 ) on Thursday January 13, 2000 @08:11PM (#1373948) Homepage

    First, everyone remember that UCITA is not Federal legislation; it's a recommended addition to the UCC, which means that it must be passed at the state level.

    While this means that we haven't lost yet, it makes fighting the thing a real pain, as we have to do it at each and every state legislature.

    Back on track.... Cem did a dead-on critique of the proposal last May. I saved it, and everyone interested should read it, as it's very, very, good.

    Cem's critique of UCITA [mit.edu]

    UCITA sucks all over; it's one of the few pieces of legalese that I've seen that has absolutely, positively no redeeming qualities.

    -Erik

  • by Bryan Andersen ( 16514 ) on Thursday January 13, 2000 @08:34PM (#1373949) Homepage

    You write your representitives. Had written on paper is generally best, then typed letter and signed, then phone call. Lest best is email. Not sending a letter means you don't care and are ignoreable. Remember when you are writing this up, clearly state your opinion and support it. Also do it in a calm reasonable manner. Never use personal attacks either against your representitive or others. Who knows your representitive or one of the staff may like the perons you attacked and dis your letter.

    US House of representitives: clerkweb.house.gov [house.gov]

    MN Government: www.leg.state.mn.us/leg/legdir.htm [state.mn.us]

    Those are the two ones I have book marked. Can others fill in the rest or point to a site with them all indexed.

  • by Anomie-ous Cow-ard ( 18944 ) on Thursday January 13, 2000 @07:56PM (#1373950)
    Yes, posting on Slashdot is a good first step. But i highly doubt that even 5000 posts on Slashdot would influence many of the governmental people in charge of passing or rejecting this.

    Does anyone (EFF, ACLU, some other acronym, whoever) have a petition online against UTICA, clearly stating the many points in this article? Is there a list of people to contact, preferably with recommendations not to flame? i can't see how this could stand up in courts (IANAL), but it would certainly be easier and less expensive to combat this before it can become law.

    The big corporations behind this have the money, the lawyers, and the lobbyists to push their views. We have the Slashdot Effect, if we can only figure out how to use it.

    -----

  • by MarkKomus ( 71304 ) on Thursday January 13, 2000 @07:44PM (#1373951)
    I'd be interested to know, if such a bad law went into effect, would it still be legal to do the reverse engineering in another country, and then use the data gained from that to develop another proudct in the US itself, or if the product would even then be legal in the US.
  • by CaptainCarrot ( 84625 ) on Thursday January 13, 2000 @08:04PM (#1373952)
    If I understand the comparisons with other attempted restrictions on the sale of individual copies of mass-marketed information, the bill as drafted is not likely to pass muster in the courts. But it'll be awfully inconvenient in the meantime, especially, as someone already pointed out, to companies like Funcoland. I buy nearly all my games used off of eBay [ebay.com] or UGTZ [ugtz.com]. It takes so long for a case like this to get through the courts that these venues and commercial companies that sell used software may well be killed off in the interim.

    This appears to be just the latest part of an ongoing effort by software publishers. Obviously, constant vigilance is necessary.

  • by jmv ( 93421 ) on Thursday January 13, 2000 @08:03PM (#1373953) Homepage
    I think you can't find a better incensive for people to use OSS. First, it kills the "who's accountable is the software crashes" argument. And let's face it, piracy (call it what you want) is good for software vendors, as people copy the software at home, and then buy it at work. If it were totally impossible to copy software, much less people would be using MS Office right now.

    Now the choice will be:
    1) Pay a lot for a closed source without any guarantee that it works correctly, risk having it disabled from the outside because you weren't nice with the company. And even then, you're not even free to use it as you like.

    2) Download (or buy for $2) Open Source Software, do whatever you like with it (modifying it if you like) and then give it to your friends, your brother and your dog.

    I guess the next step to this law is having to call the vendor to ask permission to use the software when you need it... or paying per minute fees for use of the software. The more abuse from closed source software vendors, the more good it will do to OSS.
  • by Buaku ( 93539 ) on Thursday January 13, 2000 @10:43PM (#1373954)
    Talk about self destructive ideas. Let's take a look at what these laws would do.

    First off, these laws are passed on a state by state basis. If some states decide to not play ball, then things get very messy. For example, people will just reverse-engineer the product in one of the states that didn't join this stupidity. Or it would be done in other countries.

    If the laws were passed and then they tried to actually enforce them, there would be such a huge consumer backlash that it wouldn't even be funny. Just wait until people try to sell their used game at the local swap meet, bookstore, or whatever and get told it's against the law for them to sell something they bought. I can smell the anger already.

    Then of course there would be the movement to OSS based software. I for one do use a number of Microsoft products, and I'm an MCSE to boot. (Oh no! He's E-vil!) I like OSS and Linux, but I'm not rabid about it. However if something like this law went into effect, I WOULD become rabid about it. Hell, I'd start coding free stuff just to help bury the companies that were trying to take advantage of these laws.

    Then of course there are the big time consumers. The government and the corporations of the world. Most of them aren't going to waste time with stupid licensing either. They'll say 'screw you' to the software venders and code in-house, use GPL'd and OSS stuff, or get it from companies that don't succumb to the stupidity. Big companies and such don't care as much about the initial expense of a product as individual users do since they write it off of their taxes as an expense, but they do care greatly about security (backdoors), future costs (how often do they have to upgrade and such), quality of support, and things like liability concerns, which would be huge for these types of licenses.

    What it sounds like to me is that a few companies and some lawyers have decided that they can make a lot more money if these laws go into effect. Their greed and one sided view of things has blinded them to certain realities. It always amazes me the level of stupidity that such self-delusion can lead to. Just like Circuit City and their DIVX concept, they'll wind up salting their own ground.

  • by Anonymous Coward on Thursday January 13, 2000 @07:59PM (#1373955)
    In the US, minors (under age 18) cannot enter contracts (well they can, but they can bail out at any time and the other party has no recourse). So, when I need a copy of PhotoShop, Word, or whatever, I give money to my kids and they make the purchase and they install it on their computer, which they graciously allow me to use. No enforcable EULA's here! Tee hee!
  • by ewhac ( 5844 ) on Thursday January 13, 2000 @10:13PM (#1373956) Homepage Journal

    Mr. Kamer's article offers an excellent argument, complete with citations to various findings of law to back it up. I had no such background when I wrote my editorial, By Reading This Article, You Agree to Subscribe to This Magazine for 25 Years [best.com]. If you're interested in a philosophical (as opposed to legal) background into why shrinkwrap "licenses" are ethically indefensible and should never be taken seriously, I hope you might do me the privilege of reading it.

    Schwab

  • by SEE ( 7681 ) on Thursday January 13, 2000 @10:26PM (#1373957) Homepage
    Forget "other countries" -- you could do the reverse engineering in another state, or in Washington D.C., or in Puerto Rico, Guam, the Virgin Islands. UCTIA is a proposed standard for state laws, and it would only apply in states that pass UCTIA.

    Example: let's say that extracting iron from ore is illegal in Texas. That doesn't stop me from extracting iron from ore in Michigan and then offering my iron for sale in Kansas.
  • by True Dork ( 8000 ) on Thursday January 13, 2000 @08:01PM (#1373958) Homepage
    Lets see.... we have Colt, Ruger, Winchester, Mossberg, etc... Ow, let go.... OW, hey now... Um, that hurts... I dont wanna go for a ride... It was just a joke! I'm not armed! Really! OW!
  • by Aleatoric ( 10021 ) on Thursday January 13, 2000 @09:58PM (#1373959)
    Reverse engineering copy protection schemes for the sake of "compatibility" needs to be stopped. This loophole will always be able to be exploited because there always is some platform mainstream media will always leave out. This means that all schemes will be cracked, and with this loophole the crack could be legal. A new law is necessary. Copy protection schemes are necessary in order for artists and companies to protect their work in the age of high speed internet connections.

    This argument is seriously missing the point. You might as well argue that people should be prevented from driving to work because of the chance that someone will get drunk, drive, and kill someone.

    Basically, you want to punish all of the law-abiding citizens who are LEGALLY working towards compatibility for no other reason than to attempt to prevent a few from breaking the law.

    The fact that you clearly miss is that there are already laws in place to address piracy. Just as you don't punish every driver to stop the drunk, you also don't punish the law abiding that reverse-engineer to stop the pirate.

    The pirate is already breaking the law, and won't give a shit that he might have to break another one (your argument for outlawing reverse engineering), in order to further his goals. Your suggestion would only hurt those who actually OBEY the law, thus further engendering a greater amount of disrespect for the law.

    Your suggestion is no different than those who support claptrap like the CDA. In both cases, there already exist laws on the books to effectively address the criminal behaviour in question, and it is unnecessary (and IMHO, criminal) to punish or otherwise curtail the rights of people who engage in legal behaviour.

    If you are truly worried about piracy, address the piracy, don't go after the messenger.




  • by werdna ( 39029 ) on Friday January 14, 2000 @03:47AM (#1373960) Journal
    Cem's excellent, albeit one-sided critique raises serious points about industry practices. What he doesn't do, however, is to explain how UCITA is different from the present situation. Upon analysis, the answer is: "not much."

    Present shrink-wrap and click-wrap agreements either are or are not binding. Anti-reverse engineering provisions, and the other provisions, either are or are not preempted by the Copyright Act. All of Cem's parade of horribles provisions can and often are already written into commercial shrink- or click-wrap agreements. UCITA, enacted as state law, might change some uncertainty (there isn't much left) as to the former, but certainly not the latter (its still either preempted or it isn't). The courts presently treat licenses that say so as licenses of software, not sales of a copy.

    The creation of a contract through X-wrap agreements isn't completely settled, but the only Circuit Court case directly on point seems to have held them to be contracts, the only question remaining being whether particular provisions are enforceable under public policy, contract law and applicable federal law. UCITA would resolve any uncertainty left on this issue, but IMHO, UCITA is far better for OSS than the status quo in this regard.

    At the center of most OSS projects is the license. Never signed on paper, rarely even clicked for, the GPL or other OSS license. The hereditary provisions of GPL would be reinforced, not weakened by UCITA. While never tested, the status of GPL's "include-file-wrap" agreement would be reinforced, and given meaningful teeth. This would be better, not worse, for the OSS community.

    My suggestion is to read the UCITA carefully, and consider the arguments made on both sides. The software industry engages in a number of practices we all find questionable and wrong-headed, but a law that incidentally continues to permit enforceability of the same things presently permitted is not a bad thing for that reason.

    If the marketplace truly despises a term or practice, the industry will adapt, or competitors will exploit this. At the end of the day, things will change. Copy-protection, code-wheels and the like went the way of the ak in package products long ago for precisely that reason. If these provisions matter to customers, things will change. If they don't, they won't. In the meanwhile, don't buy a product with a license you don't like -- that is YOUR choice. If you open the license and decide you don't like it, return it -- that is YOUR choice. Instead, use the OSS alternatives, and enjoy true freedom. If there isn't an OSS alternative, write it yourself.

    On the other hand, consider the extent to which UCITA will strengthen the hand of those of us who are producing OSS software. While I am presently neither fan nor foe of UCITA (I also find it heavy handed in some ways), I think on balance it offers far more of use to the OSS community concerning enforceability of the interesting OSS license terms than it actually withholds from our use of non-OSS code. In practice, it doesn't really change much that the bad guys don't already do to us. On the other hand, it does give corporate lawyers further reason to counsel caution to their clients when asked how to sneak around, say, the GPL.

    This is a good thing.
  • by dsplat ( 73054 ) on Friday January 14, 2000 @06:09AM (#1373961)
    Okay, I'm not the first one to point out that UCITA certainly won't hurt open source. It doesn't effect, and can't effect our model of transactions where nothing is hidden. I would even argue that a shrink-wrapped packaging of open source software that tried to limit the rights of the purchaser in any of the ways that UCITA would allow would not be open source. It would undermine the reputation in the open source community of the company selling it.

    This brings me to my first point, which is best summarized by the word reputation, although it is broader than that. There is an interesting book that explores the value of reputation in ongoing relationships, Order Without Law by Robert C. Ellickson. The author explored the interaction of farmers and ranchers in Shasta County in situations involving both open and closed range laws. He discovered that the law made no difference. They lived by an iron-clad rule: neighbors don't sue neighbors. These were people who expected to have ongoing relationships with each other for years to follow. They settled their disputes by other means.

    David Friedman [best.com] also explores this in his upcoming book Law's Order: An Economic Account [best.com]. He cites examples of communities [best.com] that manage to achieve remarkable efficiencies through arbitration outside the courts and reputation. His commentary on the interaction of economics and law sheds a great deal of light on both subjects. For anyone interested in a thoroughly considered libertarian perspective on them that is not based on natural rights, I recommend his books. His web site has the complete contents of a couple of them along with selected chapters of others and many articles.

    So what does this have to do with UCITA? Yes, it will be possible for companies to create draconian license agreements. But there are limits set on how bad these can get and which conditions they can enforce. Companies that have created de facto standards will have more control than small upstarts. With market share comes the power to marginalize small customers and market segments. But the contents of the license agreements will become widely known. And they are part of the purchase price. Software that I can't resell used costs me more than the same software that I can get $10 for in a couple of years when I'm done with it.

    The little upstarts can undercut the market leaders even more effectively if they have the option of selling under a less restrictive license that doesn't hit them in the bottom line. They can sell at closer to the premium price and be more permissive in the use of their software. This already happens without the additional restrictions that UCITA makes possible.

    As for open source software, we have the most open license conditions short of public domain. If you don't want to live with the restrictions of the licenses on commercial software, you turn to open source. If the commercial licenses get more restrictive, that will make them less appealing. One of the fundamental concepts of economics is that people enter into transactions voluntarily because they expect to gain from them. The bottom line is that both parties to the sale must expect to be better off because of it. That sets an upper limit on the price and other conditions that the seller can set. And it sets a lower limit that the buyer can expect.

    Another fundamental concept of economics is that most of the interesting activity happens at the margin. Pretty much every value in the study of economics has a corresponding marginal value. It is essentially the slope of the curve for that value at the current point the economy is at. In the case of the relationship of supply and demand, I am talking about the marginal demand. It answers the question of how much the demand will rise or fall with a small change in the price. As I pointed out, the price isn't just the number that appears on your receipt. It is the aggregate of the value of all of the terms. How many customers an overly restrictive license will drive away depends on two things. The first is the customers' evaluation of the cost of the terms. The second is the customers' demand curve. The terms of the license are under the control of the supplier. Everything else is in the hands of the customers or the competition.

    UCITA is not a good thing. In fact, it may set conditions that violate the traditional idea of the conditions required to establish a valid contract. That is a legal issue I can't answer. But as I have pointed out, I think it may lack the teeth that some suppliers want and most detractors fear.
  • by bons ( 119581 ) on Thursday January 13, 2000 @08:22PM (#1373962) Homepage Journal
    The passing of this law could be in our favor.

    WHAT?

    Yes. That's right. This could be a "good thing".

    Take your finger off of the -1, troll and listen for a minute. Than mark me down all you want. I'll say my piece even if it is against Slashdot doctrine.

    The ability of these companies to write and enforce such bizarre procedures only makes it easier for us to choose software. In this age of the internet, where we know more about a product before it hits the store shelves than the manufacturer does, laws like these quickly become a moot point.

    If a software is not a sale, but it is, instead, a license, then it's something I can't give away for Christmas. Good enough for me.

    If I can't reverse engineer it, fine. Reverse engineering may be legal but you still have to go to court next week just to point that out. Meanwhile Apple steals a GUI from Xerox, has it stolen by Windows, and then yells at Stardock over a lookalike skin? Since when has the letter of the law even mattered? Etoy still doesn't have a web site and Nestle is still hawking baby formula. The world goes on.

    Put more restrictions on software. I just won't buy it. I'll stick to Linux or whoever else writes a reasonable sales/license agreement and smile.

    If software can be turned off from a remote location, it does not need to be installed. Companies who do this save me money, because I don't see the need to spend money to install a backdoor onto my PC.

    Honestly, it makes my life simpler. I don't need to worry about who has a better deal, Amazon or eToys or Nestle, because I won't buy their products.

    Why fight against stupidity? Do you really think that the companies we respect (such as Redhat) could keep our business if they did this? No. Obviously no. You may bring up things like DeCSS but be real, one of us will be watching Star Wars, Episode One this year and it's won't be on your DVD player. The big music producers who want copy protection aren't the label for my favorite bands. Most of my favorite bands have CD's with sticky labels.

    In short. Let them have their laws. I am not their customer. Their laws do not affect me.

    -----

  • by autechre ( 121980 ) on Thursday January 13, 2000 @07:56PM (#1373963) Homepage
    We're now installing Quark on the G3s that my school newspaper uses for production work. Each licensed copy of Quark comes with a "dongle", a little piece of plastic that goes between the keyboard and the Mac (sort of like an adaptor that doesn't actually adapt...)

    I've seen us buy 3 different OS revisions of MacOS in the past year, for each of the computers. I consider this a travesty...especially considering the very slight changes made between levels (which basically affected our operation not at all, except that it was needed for bug fixes and to keep compatibility with software, like Adobe Photoshop, of which we've also bought more than one revision in a year).

    If vendors can already charge you more money every few months for software that still doesn't do everything it's supposed to, imagine how bad things will be if they pass a law like this...then we'll have to pay every month.

    With Debian, if I want to use something, I apt-get it or compile it. If I hate it, I delete it. If I like it, I can use it as much as I want, and get bug fixes whenever they come out (much better for security than if I had to wait 2 months for our Purchasing Dept. to clear it!!!). If I have some spare time and feel skilled enough, I can even try to fix any problems with it, or add new features that I would find useful. If I need help, I go to my local newsgroup and have a solution quickly. All of this is free. There are no .5-increment-upgrade licenses to buy, no cheap plastic pieces to break or lose. And it works better than commercial junk!!! And there is none of this crap like "Our tech. support line is a 900 number, but if your product is still under warranty, you'll be refunded the charge". Gee, thanks HP...my school DOESN'T ALLOW DIALING 900 numbers (hmm, I wonder why), even with a long-distance code. Thank heavens your printer hasn't broken yet.

    I understand that there is still a need for extremely complex software like Quark, and that free software does not yet fill this niche. However, we have already seen what software companies will do when given an inch...we can't afford to give them 2. At least, as a student organization, WE can't afford to.
  • by Anonymous Coward on Thursday January 13, 2000 @07:45PM (#1373964)

    Your rights, such as they are, are outlined in the license agreement that you accept. If you do not accept the license agreement, you have no right to use the software. If you use it anyway, you are a felon. This crime is far worse than rape or murder, because it strikes at the heart of the system of natural incentives which drives our free economy. Any "rights" that the vendor chooses to grant you are gifts, pure and simple, and you certainly have not earned them. The vendor has sunk millions of dollars of capital into developing the product. They have every right to expect a return on this investment, and the fact they are generously allowing you to use the software at all is more than you probably deserve. Your role in this culture is to pay them for the work performed by their employees, who are damned lucky to have jobs (and almost certainly don't appreciate it). Pay up and shut up.

    These "rights" of the "consumer" are like the "rights" of women or animals; it's an absurdity on the face of it. Slashdot has no business wasting our time with this leftist garbage. It says up there "News for Nerds. Stuff that matters." Is that what this is? Decidedly not. Competent "nerds" (technical people) are by definition conservative Libertarians, for two reasons: First, they are productive individuals and the principle of rational self-interest proves that they will not support the socialists. Second, they are by definition intelligent and logical people (they work with logic all day, do they not?) and therefore they cannot be fooled by liberal myths and nonsense like so-called "heliocentric" cosmology, "evolution", or the redistribution of wealth (organized coercive parasitism). A leftist nerd is a contradiction in terms, and therefore cannot exist.


  • by Hrunting ( 2191 ) on Thursday January 13, 2000 @08:22PM (#1373965) Homepage
    First off, a lot of people are worried about what we as Slashdot veterans can do, and naturally, they're worried that we don't have the numbers or the influence to do anything. I don't think we really need to be too worried. I am willing to bet that most major corporations are not going to want to buy software that opens up their security systems. As much as software is needed, no company wants another company to shut it down, and they'll step up their lobbying efforts.

    Second, consumers will never be able to understand the idea that what they paid for is not theirs. When I pay for my software, I am paying for my physical copy of it, not for the right to use it. That's how I see it. That's how the majority of Americans will see it. Trying to convince them of any other way of seeing it will probably get you labeled as a Communist (not that Communism is bad; Americans just think it is).

    A lot of the talk of licensing is real interesting given the nature of software developments these days. Both Microsoft (as evidenced in their press release today) and Sun advocate going to a server-centric system, where you wouldn't buy a huge office bundle, but would rather get something akin to a connection to a server that would then serve this program to you. In that case, you really are buying permission to use the product. Transactions do become about licenses. The consumer really does lose quite a bit of control over the software that he is using. Right now, MS can't cut off my access to Office 2000, but in the future they could (provided they are still around).

    And finally, why stop at software? I mean, this could be used much the same way in hand-held devices. Rather than owning it, you lease it, and if you don't pay, they send a signal somehow and shut it down. I mean, that may actually be beneficial. Rather than paying $200 for a device, I pay like $2/mo. or something and when it stops being useful, I just stop paying and they shut it off. I don't own the now piece of junk and if someone else wants it, they can pick back up the fee. But I digress.

    But like I said, I don't see this bill as making it past the rest of big business unnoticed. This bill just isn't friendly to the lowly consumer; it's also not friendly to the big corporate consumer, and they carry just as much weight as the software industry.

  • by KurtP ( 64223 ) on Thursday January 13, 2000 @07:54PM (#1373966)
    My feelings about UCITA are that it imposes such horrifying terms on customers that many businesses will turn to open source software to protect themselves.

    Given a choice between having software that can be remotely turned off on any pretext a licensor might wish to cite, and having stable software which legally cannot be taken from them, which would a prudent business choose? One imagines the latter.

    It will only take a few cases of this sort of behavior to convince businesses to either turn to open source software or build their own software in house. Either way, commercial closed source houses will lose out.

    I can, however, imagine closed source vendors guaranteeing never to use the UCITA remedies available to them, as a part of their contract with customers. It may be the only way to keep customers if these laws take effect.
  • by Dinosaur Neil ( 86204 ) on Thursday January 13, 2000 @08:18PM (#1373967)
    When I was your age, back in the 90's, we had to ship finished code on the release date, and the help desk took the heat for any bugs that the users found. Then UCITA got passed and now you guys don't have a thing to worry about. I mean, you can ship stuff that doesn't even load, then plug a looped message into the help desk line saying, "Thank you for purchasing our product. We appreciate your money, but in buying our product, you have agreed to the terms of the license and therefore have no right to complain (see paragraph 432b, p58). Thanks, and have a nice day." Not only that, but the help desk call costs them as much as the product, so even if they do manage to return the software, they end up losing money. In my day, we had to actually listen to the users. And fix bugs instead of telling them to wait for the next release. Now they can't even give the software away, let alone re-sell it. You kids just have it too damn easy...

You are in a maze of little twisting passages, all different.

Working...