CIOs Worried About UCITA 158
NeXuSnine pointed out that CIOs of major companies are
starting to fight UCITA.
Personally, I like the argument floated by UCITA's supporters:
"Large businesses, theoretically, should be able to negotiate contracts with vendors that protect and exclude provisions they don't want." In other words, these UCITA supporters knew small businesses and individuals would get screwed, but they figured big companies wouldn't mind because they write their own rules anyway. Now, even some big businesses are worried UCITA goes too far.
Re:It's about time big business realized... (Score:1)
And to think that on nearly any Unix, a user can remotely log into the box, issue su and give the root password, and remotely shut down the entire box....
Horrible. Simply horrible.
Re:Maybe big business is good for something (Score:1)
Wages for some programmers, with certain skills and in certain locations, are high and rising fast. Many others are not that lucky.
It is not illegal for programmers to organize or join unions in the USA.
Re:It's about time big business realized... (Score:1)
The fun part about it is, that no act, no law, no death sentence, is going to stop the random malicious hacker, whether by accident, or on purpose, or for hire by a competitor, or government, to kill a business.
Its a rotten law. Period.
You know, I'm starting to not care at all. (Score:1)
If the US wants to mess up their high tech future then that's fine with me. Soon companies will patent things like hover cars, then when someone actually invents one, they will be sued. Someone will patent holodecks, transporters, and other such things that are not possible yet, but with such a general patent that they can suck blood from whoever tries to develop things further.
Oh great, now we have to add more restrictions and close up something that has made most of its damn progress by being open.
These people can't see that I guess. Well, when they are paying $100 a month to use their time-bombed Windows 20xx, stuck to one manufacturer who invented something because reverse engineering is illegal and all other companies have to pay royalties to the first making their products more expensive, and limited only to commercial dotcom companies for websites because free speech on the Internet has all but been eliminated, I guess we can say "I told you so." Because at the moment, it seems these people won't listen to reason.
Oh, did you know, next week all DVDs will have hidden software that will scan for DeCSS(no, not the webpage CSS tag remover), and a secret police squad will bust into your home, take away your computers and brainwash you.
Yeah yeah, I'm being extreme, but this is where its all leading. But as I said, I'm beginning to wonder if I should care at all. If no one listens, why shout?
Re:It's about time big business realized... (Score:1)
Dude. x3270. Use it. Love it.
Re:How are people in other countries affected? (Score:1)
legislation (Score:1)
Agreed. IBM is cool. (Score:1)
Re:Maybe big business is good for something (Score:1)
Re:You can't shut me up. (Score:1)
No, but the credibility of someone who claims to be an authority on a topic because they looked over the shoulder of another person is minimal.
Re:Nonsense (Score:1)
Well of course there is no cartel provision- the question is whether UCITA provides incentives to cartelize.
I personally don't see this as happening at all, as the primary characteristic of cartel markets are strongly oligopolistic suppliers with opportunities for collusion. Of course software doesn't really fit this description, and since barriers to entry for IT solutions are relatively low, cartels aren't something that I would be concerned about as an IT manager.
OK, you are a lawyer so riddle me this:
There is a beast called a contract, and there is a beast called a transaction. Transactions have implied contracts ( implied warranties of merchantability, etc. ).
I have always respected the contract, but more and more, we are shifting limitations of use into an implicite contract of transaction.
UCITA supports the concept of taking my rights away without my signiture. (of course, VHS tapes are sold under implicite license as well and I don't really have a problem with this). I guess my real beef is that EULA's are very difficult to understand, and people are losing their rights without fully understanding what they are giving up. To my mind, this is transaction by misdirection (fraud?).
Of course, I'm talking about "little rights" above, and not natural rights, but still- how can you support this?
Re:What are you talking about? (Score:1)
Many years ago someone in high office was asked to explain why people vote. After much consideration he distilled it to an "Enlightened Self Interests".
The representation Jamaicans have in some parts of the US comes from the huge numbers of Jamaican with dual Citizenship living in some communities. Our interests generally don't stray far from what Black Americans want so it's not noticed as a "Jamaican Lobby". It's there though.
There are 2 aspects to this law. One is what parts of the license can be enforced in court and the other is what technical changes can be made to the actual code.
A license which is only acceptable under UCITA will be unenforceable in Jamaican court and you would have a hard time prosecuting a Jamaican for violating it here. Therefore the 1st aspect isn't such a great concern.
A "remote shutdown" backdoor is another matter. If there is some way to get it to work over significant distances ( say between washington and Virginia ) then It can also be made to work here. This would give an american company the right to hide behind the Virginia courts and enforce UCITA in places where it is clearly illegal.
Remember Noriaga ? He was violating american law but Panama didn't seam to mind. The US sent the troops in and dragged him to trial in a US court then sent him to an American prison.
Most laws become international by default.
What are you talking about? (Score:1)
Huh? Maybe I'm missing something here, but these are state-wide laws. They don't apply to other US states, let alone to other countries. This isn't the WTO.
Again, maybe there's something I'm not aware of, but reading the UCITA resources at badsoftware.com doesn't suggest there's any international issue here.
Re:What are you talking about? (Score:1)
There's a difference between de facto and de jure and this is a good example. No laws don't "apply" in other countries but as the original post makes clear, they will still have an effect.
Yes, but all three of the posts I quoted are clearly talking about making law de jure. Of course legislation in one country or state potentially affects people living elsewhere. Just like environmental policy in the Caribbean affects the water I drink. But you don't see Jamaica offering me representation in their government, like the original poster feels he's being unfairly denied in the Virginia legislature.
Re:Slashdot Effect, or What Song is This? (Score:1)
So, tell us what tune to use next time. And, btw, are you going to archive these brain droppings somewhere?
Re:Slashdot Effect (Score:1)
Yeah, I know, you've never kippled.
Re:What really worries me about this (Score:1)
Bill G's new job (Score:1)
Great opportunity for Open Source!!!! (Score:1)
[Sales voice-over pitch]
How can you know that your vendor isn't setting you up for UCITA extortion later?
Don't buy software without the source code.
I say let those who would try this idiocy try to spread it far and wide. It will just hasten their demise.
Re:What About Software Retailers? (Score:1)
If the retailers can easily opt out of the return clause, we have a situation where software companies can take your money, try to force a ridiculous clickthru EULA on you, and refuse to give a refund when you don't agree. Yow! One wonders if this has any chances of passing in consumer rights states (California, midwest).
--
Re:How would UCITA affect open source? (Score:1)
However, if all desktop software is given a more restrictive license, there realy isn't that much that people can do about. Linux can't step into to Windows' space yet... As a mattr of fact projects like WINE will probably get wiped off the map relatively quickly... So many other projects, like GPG, FreeVMWare, StarOffice, Koffice, etc... would all be forced to relocate out of the country or be abandoned... They'ed no longer have meanst o provide compatibility... Or even if they did, individual users might use that software, but large companies won't want to run the risk of using "illegal" software to manage their operations
Re:Current SW Licences (Score:1)
Why should a company who might be completely satisfied with their software and only want to upgrade their hardware have to repurchase their software all over again?!? I mean, I understand that Microsoft doesn't want people to buy 1 CD and install it across the corporation, but what real justification (besides profit margins) can Microsoft have for disallowing the transferance of a software license from one machine to another, supposing the first one is headed to the scrapyard or something like that?
Re:Who's pushing this law to begin with? (Score:1)
MICROSOFT - How will you be legally screwed today?
--
Current SW Licences (Score:1)
--
Re:Maybe big business is good for something (Score:1)
Unfortunately for you, don't think that the current shortage in skilled IT people will last forever... The money we get in that field is so hyped that many people who would have completely ignored this subject two or three years ago are now following courses and will soon enter the market. And companies are now training people from other backgrounds themselves to save on wages.
If you don't understand what I mean, please read this [geocities.com]
Re:How to kill UCITA the Corprate Way (Score:1)
Would that be poetic justice?
-B
Not a federal law (Score:1)
[ c h a d   o k e r e ] [dhs.org]
What about the rest of the world? (Score:1)
Well, I suppose that my employer would get upset and launch a suit against the vendor if the vendor didn't turn our software back on after we complained nicely... but would they win?
IANAL, so I'm not sure but it strikes me that Canadians and Canadian companies aren't covered by the same legislation, excepting international copyright law. Wouldn't this make UCITA a dangerous tool for vendors to use? Any time software ends up outside the US they'll be liable for damages from their time bombs, etc. Does anyone with more knowledge have a take on this?
Re:It's about time big business realized... (Score:1)
--
Re:Current SW Licences (Score:1)
Re:Current SW Licences (Score:1)
I am currently working on a letter to my Maryland Representatives stating some of my objections to UCITA. I would like to include some real life examples of abusive contract terms so I am asking slashdotters for help.
I need some pointers to the more outrageous licensing restrictions. Any help will be appreciated.
80 - 100 hours of work, or of presence? (Score:1)
scary stuff (Score:1)
1. Put code in their software that checks that
you are using it according to thier software
agreement.
2. Put code in that allows them to terminate the
use of the software if you are not using
it as per their agreemment.
3. Disallows any "reverse engineering".
Then it would seem to me that that software company could force you to upload every thing you do with that software and everything related to
you do with the software (check to make sure the other computers on the network are not interferring with the software etc.) and because they do not have to show you their code they would'nt even have to tell you they are doing it.
This would probably be an extreme view but companies tend to push laws to the limit and I am sure some will try it.
and we were worried about the goverment wanting to be big brother...
You can't shut me up. (Score:1)
> Under UCITA, a software company can make it an actionable breach
> of contract to say anything they don't like about their product.
Maybe that holds for the dumb sucka that actually opened the shrinkwrap, or clicked on the "I agree" button in the EULA dialog box. But whoever they are, they can't stop me from publicly proclaiming that their shitty software sucks, because I didn't buy it, or install it, or agree to any contract. All I did was look over some other guy's shoulder while he muttered curses as he wrestled with that big bag of bugs. And I ain't gonna tell you whose shoulder either, and you can't make me.
Yours WDK - WKiernan@concentric.net
...another card-carrying ACLU member...The ACLU [aclu.org] is your friend!
Re:You can't shut me up. (Score:2)
The point is, only the guy who installs software has "assented" to the EULA. The next guy who sits down at the console would seem to be legally immune. This is a lapse, I suppose, on the part of those anal-compulsive types who dream up all that legal rubbish.
Actually, Office 2K require users who log in to Windows to "sign" the EULA if they have not done so already. And whilst trying to work around that is still possible, it won't be for anyone who wishes to maintain a credible profile.
Did you know that the NT Server EULA now prohibits benchmark testing without prior approval by the Microsoft Corporation? I guess it's Mindcraft or no craft at all.
This has existed for quite some time, and most database vendors have similar clauses in their licensing. The difference is that under UCITA they will be legally enforcable - probably by the FBI or similar if the DCMA cases we've seen recently are any indication.
3rd world. (Score:2)
Not all of them and not immediately but it will come. What dose a little country like Jamaica or Trinidad do when American corporations with a wage bill beyond our GDP backed by Uncle Sam starts to brutalize our people under an unjust law that isn't even ours.
The Caribbean population in New York is probably big enough to push against this sort of thing but what about other states ?
What really worries me about this (Score:2)
BTW I don't know why articles about UCITA always refer to it being backed by 'large software companies'? Is there any other company involved besides M$$??
Re:What are you talking about? (Score:2)
From the original post: It's bad enough that Americans get to petition elected officials to vote down this law. Here we don't get to comment on it because we have no elected reps in the US. That makes sense until you realize that this law if passed would be enforced in 3rd world countries.
No, state laws are not even enforced in other states, let alone in other countries. Just like your country's laws don't apply to me and why I don't get representation in the Trinidad government.
Not all of them and not immediately but it will come. What dose a little country like Jamaica or Trinidad do when American corporations with a wage bill beyond our GDP backed by Uncle Sam starts to brutalize our people under an unjust law that isn't even ours.
What do you mean, "it will come"? Either Virginia law applies in foreign countries or it doesn't. (Answer: it doesn't and it won't.)
From bendude: Don't you remember that whole DVD bust thing a few months ago. US (almost) Laws being enforced in lesser countries.
No, that was Norwegian law being imposed in Norway.
From JDax, an argument hanging on the idea that: What company could easily "move their headquarters" (on paper) from one of those states in the Pacific Northwest, to Virginia?
Doesn't matter -- the issue is where the customer is, not where this company is based. And even it did, it wouldn't affect other countries.
By the way, I think UCITA is outrageous -- a view shared, incidentally, by the Federal Trade Commission [ftc.gov]. But the idea that it's enforceable in other countries is absurd.
Re:How would UCITA affect open source? (Score:2)
This is the most common UCITA misunderstanding. It's not about closed or open source software. UCITA makes a distinction between software that is distributed under a shrink-wrap license and all other software.
Shrink-wrap distribution (and *only* SW-dist) is allowed to waiver all responsibilities, while other distribution (e.g. Internet downloads) automatically mean full responsibility for the author(s).
This would be a disaster for open source. The fundamentals of the open source development model (ESR's bazaar) *are* to release early and often and to release unfinished software to create an "itch" to improve it.
It's understandable many people associate the UCITA with open and closed source, but I wish more people would realize that's not what it's about and that that is exactly the reason it's so scary. UCITA does not only screw consumer rights, but also developer rights.
Re:UCITA hurts software companies, too (Score:2)
if they don't have it, they'll make you so miserable you'll sell to them. under utica, this is pretty damn easy.
Lea
Re:It's about time big business realized... (Score:2)
IIRC, you're required to have client licenses for the number of users, whether they're using IBM's program or anything else.
Those Linux 3270 or 5250 users are supposed to be licensed to.
Of course CIOs are fighting UCITA (Score:2)
Re:your sig (Score:2)
Your .sig wins the prize! (Score:2)
> The same thing we every night Tux. Try to take over the world!
That's great. I wonder what percentage of geeks are closet P&B fans?
--
Re:Maybe big business is good for something (Score:2)
Further, providing signing bonuses, pool tables, etc. in exchange for 80 - 100 hour weeks doesn't usually [sometimes in retrospect] seem such a bargain.
Re:How are people in other countries affected? (Score:2)
I think the same argument applies here -- UCITA or no, if many other countries prohibit the sale of backdoored software a la UCITA, software manufacturers won't avail themselves of their new-found U.S. rights. Hit them where they pay attention -- in the wallet.
Re:Proprietary software is about lock-in (Score:2)
So even if reading were illegal, that is if reverse engineering restrictions were valid, a company that needed to use hundreds of patents potentially freely available to them if they were to agree to that sort of Option of the Open Patent License, would probably find it cheaper agree to one of those Options rather than both attempt to use legal means to hide their product from the eyes of their customers and license all the patents they need.
As long as there's a way to opt-out of the patent system and UCITA restrictions among agreeing participants, I'm guessing that most companies will find it cheaper to opt-out of those restrictions when possible when faced with the alternative of endlessly charging each other for red tape.
(International legal reform getting rid of these sorts of restrictions on reading and thinking would be a much better answer, but I think convincing businesses to save money and increase stability and growth might be an easier solution for the short term.)
Nonsense (Score:2)
Please identify the cartel provision? Of course there isn't one. UCITA is just contract law, for gosh sake, and contracts is the least cartel-centric area of law there is. To the contrary, it promotes competition.
I the market really, truly cares about a provision, then a competitor will enter the market and offer the provision, thereby breaking the cartel.
The market forces will assure that overreaching can't happen -- certainly not at the level of large corporate license negotiation. Even where it does happen, nothing in UCITA makes it more or less likely to happen -- self-help provisions can be found in contracts today.
COMPETITION will determine which provisions for software are meaningfully applicable to consumers in relevant markets, just as COMPETITION led to the abandonment of the copy-protection "cartel" in the 80's.
A natural response to the pitch (Score:2)
Easy. RTFC.
How would that be different? (Score:2)
If the market really, truly cares about the provision, they'll soon be out of business. If the market doesn't care, then, you're just whining about the results of free enterprise.
In any case UCITA isn't necessary for these things to happen, and it won't be sufficient to make them happen.
Re:Does it Apply Abroad? Probably, Yes. (Score:2)
I'm really not sure what uncertainty about this point Cem Kaner's remarks, cited in the article, was addressing. Cem?
How is UCITA different from Status Quo? (Score:2)
For years, I have found overreaching vendors who seek such provisions in their agreements (or vendors who give notice that their software permits them to engage in self-help in their documentation, without a specific estoppel provision). To permit this is mindloss for the buyer in many cases of course, but might be acceptable in others. It seems to me PRECISELY the sort of thing that can be (and presently is) hashed out in a routine negotiation.
UCITA didn't introduce the practice, and isn't necessary for the practice to exist.
I have negotiated hundreds of license agreements, and have found that the size of a corporation has precious little to do with the "clout" of a negotiation -- the bottom line is typically whether a vendor has meaningful competition for a particular piece of software.
And usually, the deciding factor for terms such as these in a negotiation has more to do with whether there is a competitor with a product at a comparable price. I have found that many clients don't give a hoot about self-help (intending to pay their bills), if it means they can get the software for a few thousand dollars less a year. (In practice, the denial of service frequently provides equivalent clout to internal self-help).
In other cases, the client would be nuts to permit self-help before making his initial deposit. Particular factors determine what makes sense, and what does not.
In short, the provision comes up with some frequency in non-UCITA scenarios, and I see no reason why UCITA will or should change the dynamic in any meaningful way for negotiated software licenses.
There are many good reasons to quibble with UCITA (and, BTW, if I were king, I wouldn't have the self-help provisions in it), but this just doesn't seem to be the big deal the article suggests.
On the choice of law issue discussed in the article, I'm not sure what Cem was talking about -- my experience is that courts fairly routinely honor choice of law contract provisions -- indeed, even those specifying choice of law using international traties, such as UNCITRAL's terms, or the law of other countries. However, I'll confess that I haven't researched the question recently, and would love to see some more detailed discussion on these points.
But the issue does raise one important point. There are very few things that cannot be written in or out of a contract. In most U.S. jurisdictions, the limits are basically federal preemption, the implied duty of good faith, and unconcionability. (There are a few others) UCITA, implemented as state law, cannot modify federal preemption, does not modify the duty of good faith, and I don't believe substantially modifies the unconcionability standards. Thus, the only question concerning bargaining clout is the clout the parties had prior to UCITA. I don't see it tilting the balance one way or the other in a negotiated agreement -- at least in the sense that is the subject of the captioned article.
Re:Maybe big business is good for something (Score:2)
There is nothing good about taking away all consumer rights; the fact that the UCITA takes these away from individuals and big business alike should be a clue that something stinks. It's a disaster for large businesses and small, and sets a terrible, terrible legal precedent in trying to enforce contracts that are "agreed to" before they are seen.
How would UCITA affect open source? (Score:2)
Disclaimer: This post should not be construed to mean I support UCITA. I think it is doomed to the spectacular failure it so richly deserves. In any free market for mission critical software, a vendor explicitly waiving UCITA's stupid provisions will have a huge advantage of any rivals retaining the right to "cut you off". I think the business supporters of this legislation are amazingly shortsighted.
Re:If *I* Were CIO (Score:2)
I agree - the canonical example of this (Microsoft) has been doing this for years, purely on a pricing scale basis. If they suddenly get the legal RIGHT to enforce whatever shrinkwrap they want, don't you think they will grab it with both hands?
But my real concern would be that the legislation could trigger an even greater decline in the quality of shrinkwrapped software.
Yep - if you are not allowed to claim for faulty software costing your business billions, not allowed to even TELL anyone it has done so, and not even entitled to have a set of terms you can sign (as they can vary the terms of your licence at any time) why should they care about software testing? It's not as if the total dismal failure of a firm due to their software's miswritten routines dropping the firm into legal hot water can even be reported...
--
Re:Maybe big business is good for something (Score:2)
--GnrcMan--
Re:Maybe big business is good for something (Score:2)
Reagan didn't pass that law. ATC's are federal employees. When you get hired as a federal employee you must swear a bunch of things, including not commiting treason and not striking. As far as I remember, those laws were in place before Reagan. The ATCs were fired because it was literally illegal for them to strike. Still is, though IIRC Clinton pardoned the original ATCs.
--GnrcMan--
Re:You can't shut me up. (Score:2)
The point is, only the guy who installs software has "assented" to the EULA. The next guy who sits down at the console would seem to be legally immune. This is a lapse, I suppose, on the part of those anal-compulsive types who dream up all that legal rubbish. The obvious response is that users would have to click through a EULA dialog box every time they load the program. Also, they'd have to include verbiage that would prohibit user "A", who started the program and clicked through the EULA, from leaving his desk to go to the rest room, during which lapse an unauthorized, non-EULA-assenting user "B" might sit down at the console and perform God only knows what kinds of nefarious, EULA-violating offenses. But even that wouldn't stop me from reporting on what I witnessed watching over the contractually-bound user's shoulder.
By the way, just last Friday I went through the install for Windows NT Server v.4.0 on my company's new Accounting server. Unlike probably 99%+ of the people who run the NT install program, and to the considerable annoyance of the head of Accounting who was eager to get it over with, I actually read the entire OEM EULA, rather than just holding down the "Page Down" key until it beeps and then hitting "F8". Well, here's yet another reason why the Microsoft lawyers all need to be hanged. Did you know that the NT Server EULA now prohibits benchmark testing without prior approval by the Microsoft Corporation? I guess it's Mindcraft or no craft at all.
Yours WDK - WKiernan@concentric.net
My letter to Reynolds Metals (Score:2)
It should be right out in the open. Otherwise you can expect losses in your company's stock value from wasted dollars on forced services from
companies you are dependent on. Also there needs to be an offensive. Some sort trilateral deadlock scheme needs to be setup between vendors distributors and buyers much like the separation of powers in the US Constitution.
You could choose to ignore this since I'm not an experienced investor.
However, in the long run I believe this is very dangerous.
Thank you.
Incidentally I came upon your site from a news site called slashdot.org. I followed the link to the article at Computerworld.com. I then typed Reynolds Metals in the location box of Netscape 4.7 for Unix (SuSE Linux Operating System Distribution specifically). Netscpae did a keyword search which led me to your site.
For word of mouth use the net. For product visibility to the general public use a mall. It works.
Early adopter bonus (Score:2)
Assume you have a bunch of people living in a flood plain. Joe's Dam Company comes by and says, hey, everyone, if we built a dam across the river, it wouldn't cost that much, and you would be able to stop worrying about getting flooded. Let's assume he's right. Let's further assume that it's worth $250 to each resident to not have to worry about getting flooded, and it would cost $100 per resident to build the dam.
The dam will never get built.
You see, from each residents point of view, the dam will get built if enough people agree to contribute to building it. But everyone, not just the people who pay for the dam, will benefit from it. So, if some resident just says, I'm not paying, he isn't statistically going to make a difference in whether the damn gets built. The dam will either get built, or not get built. If he contributes, he's out $100 dollars. This is the problem of free riders.
How does this apply to UCITA? The dam represents reasonable laws as opposed to the UCITA. The free rider is the state that wants to attract software publishers by passing UCITA. If a state were to adopt the UCITA, it might attract software vendors, all other things equal. So all the states have an incentive to be the first on their block to adopt UCITA. The whole gain (from a state's perspective) of the UCITA is in their control. The damage caused by UCITA, that is, it being adopted nation-wide, is only partially under their control. They must assume that UCITA will eventually become law, and therefore, they must pass it first, to attract the software vendors.
Of course, this assumes that if, for example, Virginia has passed UCITA, and I, in California, buy software from a Virginia company, then I am bound by Virginia law. Well, the license agreement will no doubt say that it is governed by the laws of the state of Virginia, and the laws of the state of Virginia say that it applies. But I'm in California, where a shrink wrap agreement has no force, so the clause that says it's covered by Virginia law isn't relevant. So if it's valid, then it's valid; but if it's not valid, then it's not valid.
IANAL, of course, and the rulings of courts generally have no connection to reality, or logic. I'm seriously considering moving as soon as I have a little money saved up (and am out of school) to some other country where the politicians can actually be influenced by logic and the laws are written by economists, not by corporate lawyers.
--Kevin
Re:Does it Apply Abroad? Probably, Yes. (Score:2)
Ok then. Say I live in Israel, and decide not to abide by the UCITA. The software company decides to take legal action, summoning me to X court in Virginia. What the hell do I care? *I* just don't go, and they can't do anything. The US has no power to arrest me outside of the US, let alone summon me to court there.
Re:UCITA good for GPL? (Score:2)
I do, too! (Score:2)
I believe the UCITA will kill all commercial software within 5 years, leaving nothing but GPLed code anywhere on the planet. I can only hope that the companies pushing for it don't realize what they've done until it's far too late.
Negotiation of contracts (Score:2)
That is utter bullshit. Anything sold to large numbers of buyers isn't usually open to negotiation. You have no power to negotiate shrink-wrapped software licenses, period. Sounds like some legislators need to take a look around the real world.
When there is such an imbalance of negotiating power, this would suggest that you need some pretty firm legislation to protect the small buyers and limit the powers of the sellers, and not the other way round.....
Re:UCITA hurts software companies, too (Score:2)
On the other hand, you may be right. I never said it hurts ALL software companies:-)
what the hell is the UCITA (Score:2)
Re:What are you talking about? (Score:2)
Re:How are people in other countries affected? (Score:2)
However it is a precedent and I wouldn't be supprised if the UK or EU use this template for modelling there own laws.
Does it Apply Abroad? Probably, Yes. (Score:2)
Forum selection and choice-of-law clauses in tend to be enforced in contracts, even if the parties have no power to negotiate. See Carnial Cruise Lines v. Schute, 499 U.S. 585 (1990); The Bremen v. Zapata Offshore, 407 U.S. 1 (1972).
Presumably, most vendors will include such clauses in their contracts, seeking to channel disputes into jurisdictions where UCITA has pased (California and Washington will be big battle-states, Virginia has already passed it, subject to an implementation delay). The really smart vendors will set up an industry-favorable arbitration forum and insert a clause that says "all disputes will be arbitrated before [Industry Forum] under the law of [pick a UCITA state].
Hate to rain on your parade, but just because you are in England (or Canada, or Indonesia) does not mean you get to avoid this statute. Just ask all the Names from the United States who had to litigate their claims against Lloyd's of London in English courts.
Eric C. Grimm
CyberBrief, PLC
Ann Arbor. Michigan
Eric.Grimm@CyberBrief.net
What About Software Retailers? (Score:2)
It will kill it. (Score:3)
Not only does UCITA make a direct attack on free software, by given the weight of law to any attempts by a company to frustrate hackers who try to reverse engineer protocol and file format capabilities, it provides a tool to prevent proponents of free software even discussing its advantages.
Under UCITA, a software company can make it an actionable breach of contract to say anything they don't like about their product. One of the reasons that free software has become more and more popular is that it has moved beyond being interesting to people who want to hack on source code or who care about freedom as a political concept; people are now using free software because proponents of Linux, *BSD, Apache, etc, have managed to convince people that free products can do the job better than non-free ones.
Consider: if UCITA had existed, Larry Wall might have found himself violating a license arrangement in developing Perl by including sh, awk, and sed features in the language. And even if he didn't, he wouldn't have been able to tell people about the virtues of Perl unless owners of the awk code had been prepared to allow him to explain that Perl is like awk, only better.
Likewise, how do you explain that Linux+Apache works better as a high-volume web server than Windows 95 + Personal Web Server? Microsoft could claim that the latter was suitable to run an ecommerce site with - and no-one who actually used the software would be able to disagree without being targeted for legal action. Oh, and a sudden inability to use the machine Windows was on.
Or, for a more concrete example, when it became apparent an early Service Pack for NT (1 or 2, I forget now) was corrupting NTFS volumes under certain circumstances, Microsoft refused to admit there was a problem. It was only after mainly Internet based lobbying and discussion of real world use of the SP that Microsoft were eventually forced to admit there was a mistake and correct it. Free software advocates can cite this as an example of why not to put data at the mercy of a closed-source company. Under UCITA, Microsoft could have sued anyone who claimed that the Service Pack was faulty, ignored the problem, and prevented anyone thereafter using it as PR. Sure, a bunch of people would have lost their data, but they're only customers.
Erk!! (Score:3)
Microsoft could intentionally take a piece of software I wrote, use it in some improper manner or figure out some way that my program can be made to fail on their machines, and then SUE ME FOR DAMAGES???
Ack!!! Stallman is right. This is a very serious problem! It's not even a question of whether joe blow could sue me if he wanted to- this apparently gives blanket permission for anyone or anyTHING, up to and including MS, to sue free software developers anytime they feel 'damaged'! It's a weapon, plain and simple.
At least things aren't going to change much if you are already resigned to being a _criminal_... in fact this makes the definition of 'criminal' potentially ridiculous and not commonsense at all. Instead of "What was your crime?" "I reverse engineered somebody's program" which is vaguely criminal-seeming, it could be "I wrote a text editor and gave it away for free and Microsoft deployed it on 600 desktops and upgraded a dll and my text editor broke so they are suing me for $50,000 in damages." To which the average person would say, "Huh??"
This is _messed_ _up_. When you read RMS on the matter, don't think solely in terms of end-users, individuals, potentially being able to sue free software authors and win. The worse problem is that it makes it possible for a Microsoft to set up a situation where somebody's software breaks in well-documented and accounted-for circumstances, then take that information and sue the developer under UCITA, obliterating them. Yes, this would be both cynical and blatantly using the legal system as a game and a weapon. Yes, it'd be unprecedented evilness. But lord, would it be effective and profitable to just shut down anybody giving away software by creating situations where their stuff failed and 'caused harm' and then suing.
Ack! This is almost too messed up to imagine. I have to wonder if the legal system itself, juries, judges would rebel at following through on the implications of all this. Surely in order to act on legislation of such evilness, human beings have to be convinced that it is in fact both 'the law' and just? There might be cases of "Your honor, in accordance with UCITA we find the defendant Guilty, as we were directed to do. We fine him One Cent..."
Patents? (Score:3)
After all, for every large software publisher like Microsoft or Lucent who benefit from software patents, there are a dozen equally large software users who lose out from the market distortion and lack of competition that software patents cause.
Re:It's about time big business realized... (Score:3)
Our emulator works best, but it's free with the mainframe so no problem. If you need a couple extra CDs for it, we'll give you those free too. We'll even pay for the shipping.
They'll work on any PC.
If they don't work on a specific kind of PC, call us and we'll figure out how to make it work.
You should upgrade some of your PCs. The emulator won't give you good results on something that slow.
Buying new PCs from us? You have to specifically request monitors, we don't sell PCs with the monitor included, it's *ALWAYS* a seperate item, except on the PS/1.
Are you sure that was IBM you were dealing with? Your assertions run completely contrary to all my dealings with them.
Of course, perhaps your dealings were in a market size I'm not used to. I've only dealt with IBM in companies ranging from half a dozen employees to the Fortune 50 corp I work for now.
Re:How would UCITA affect open source? (Score:3)
The UCITA: Perfect for a scam! (Score:3)
Just follow these simple steps:
Oh, damn, Microsoft have beaten me to it....
--
Maybe big business is good for something (Score:3)
We need big business to be alive.
This is the step in the right direction to ensure the survivial of big corporations. Sure there's some companies like AOL who want to screw others, but without big business you'd probably still be working at a factory for minimum wage. And you'd have trouble making a good enough living to even own a house.
As far as I can say, this is the best thing business is doing right now.
(note to moderators: this is not flamebait)
Re:What About Software Retailers? (Score:3)
UCITA + Digital Millenium Copyright Act. (Score:3)
The UCITA and the DMCA seem to interact tightly.
UCITA's "self help" provision says companies can write code that they can turn off if there's a dispute - by remote control or time-bombs - before the dispute is resolved in court.
DMCA makes it a felony to defeat such software "protection" schemes.
Discovery in the court case of the original dispute would expose the defeat of the protection scheme, even if it hadn't already been obvious from the continued operation of the company.
So the software purchasers are totally at the mercy of the software vendors.
And the software vendors don't need to announce the protection schemes. So there's no way to tell if they're there without reverse-engineering (which is almost certainly banned by the license under the UCITA and may be a crime under the DMCA), or finding out when the software stops working - at which point you're a felon if you even try to turn it back on to keep your business running.
Nasty.
Who's pushing this law to begin with? (Score:3)
Humor: _Dilbert_ on UCITA (Score:3)
Re:How are people in other countries affected? (Score:3)
However it is a precedent and I wouldn't be supprised if the UK or EU use this template for modelling there own laws.
I'm not entirely sure if I remember this correctly but I believe that the High Court over here in the UK ruled that end-user license agreements were not valid and had not power in law, so something like the UCITA as it stands could not become law over here. Of course they could still try to get the rest of it passed...
This helps virus writters (Score:3)
Molog
So Linus, what are we doing tonight?
Oh how history repeats itself. (Score:3)
David
I like the UCITA! (Score:3)
I can pirate software, then include it in my program. How would anyone know, unless they decompile portions of code? But that won't be allowed under the "click wrap" agreement!
[sarcism mode off]
Re:How are people in other countries affected? (Score:3)
Their clout enforcing intellectual property issues is astounding--here in Canada it looks like we will be required to extend the duration of patent rights in conformity with the WTO (read US), which will rapidly inflate our drug expenses.
I can't even imagine what the precedent is assumed to be... there certainly isn't one outside software (imagine renting a car whose engine cuts out on the highway because you exceeded the allowed mileage, or the company didn't like your monitored driving habits).
I think we're looking at the revival of intellectual serfdom, where one cannot buy anything to generate their own profit, but rather is required to rent at an arbitrary and changing price fixed by the intellectual nobility. I'm surprised software companies haven't already thought of software-for-shares arrangements already. Welcome the new economy.
Re:Great opportunity for Open Source!!!! (Score:3)
I know that many folks here already know the issue. For everyone else....
www.gnu.org/philosophy/ucita.html [gnu.org]
From the article: "You see, UCITA says that by default a software developer or distributor is completely liable for flaws in a program; but it also allows a shrink-wrap license to override the default. Sophisticated software companies that make proprietary software will use shrink-wrap licenses to avoid liability entirely. But amateurs, and self-employed contractors who develop software for others, will be often be shafted because they didn't know about this problem. And we free software developers won't have any reliable way to avoid the problem"
Here's a summary of the point: Free software can't avoid the increased, default, liability because a shrink-wrapped licence can't be applied to something that isn't shrink-wrapped!
That means that if you write something, and include a licence in a text file that says "no warranty", the "no warranty" licence doesn't apply -- you're still liable even if you never make a cent!
There are numerous other reasons why this -- to grab a quote from Ghostbusters -- is "A bad thing" for free software.
Come to think of it, the UCITA probably applies to Shareware, "free" programs from various web sites, and other non-shrink-wrapped commercial software, too. There's another angle...
UCITA: Call to Hackers; Legal Question (Score:3)
1. UCITA allows for the "self help feature" to be installed in software. How many people think MS has allready hidden this feature deep in win2k in anticipation of UCITA passing? What would happen if some clever hackers were to start actively searching for it and documented how it could be exploited. How would major corporations react to find that such a security hole had intentionaly been inserted in win2k and they were not notified? I would love to see some hackers start looking for such a backdoor in order to educate people on how they had been scammed. This assuming of course, that MS really was dumb enough to jump the gun on installing a backdoor. I for one, would be willing to bet my first born that they are.
2. UCITA has a clause stating that "neither party is entitled to the source code". Now if someone uses GPL'ed code and then re-releases it under UCITA without the source, will they get away with it? The infamous "embrace and extend"? Most people argue that the GPL will supercede UCITA, and I agree that it should. What bothers me is that the GPL has never been tested. The GPL falls into the same trap as the EULA in that it is questionable in its ability to be enforced. How certain is the open source community that the GPL will hold water if tested in court against the UCITA?
Here's what you need to do (Score:4)
"There's an effort to get all 50 states to pass legislation called UCITA that removes the last vestige of liability from software vendors. It also makes it legal for them to insert back-doors into the software that, hypothetically, only they would be able to use to shut down your software if they feel that you've violated your license.
What I need you to do is a) ask yourself if you are comfortable with the current no-warantee nature of software let-alone new laws to further limit liability b) think about the damage that will be caused when the "hackers" figure out how to remotely shut down your software and c) start thinking about what our company should be doing to either support or oppose this law."
That's it. No frills. No "evil empire" scenario. Just present it in terms that they will understand and cannot afford to ignore. Anyone who can keep a business running will recognize the danger, here.
First Born Children and Root Beer (Score:4)
Great Anti-UCITA site - http://www.badsoftware.com (Score:4)
Plenty of excellent resources and arguments.
How to kill UCITA the Corprate Way (Score:4)
It's about time big business realized... (Score:4)
Thanks for buying our mainframe
The PC's are another story. We have been sold the worst chunks of hardware I can imagine. These motherboards are designed to never have a single component upgraded, so they're useless to anyone who gets our old ones. (Our last batch had microchannel...) At this point we could always get smart and say no and keep using the current system. However, when the vendor, under UTICA, can turn your system off, you are really at his mercy.
The frightening thing is that if a vendor can turn you off from a remote location, so can a hacker...
I wait for the day when a company's major competitor signs an exclusive contract with a vendor and the vendor turns off that client's software...:)
-----
Re:Maybe big business is good for something (Score:4)
Proprietary software is about lock-in (Score:5)
Given the existence of subtle dependencies in software the achievement of lock-in has historically been surprisingly easy. The main problem is that after being burned so many times in one area customers are eager to run to anything resembling an open standard. The second problem is that given the reproducibility of software it is very easy for customers to not stick to the limits you want to enforce. Not surprisingly many of these limits have to do squeezing every penny, and more of them have to do with discouraging the existence of an open standard.
What UCITA is about is achieving through law more than can be achieved technologically. Of particular concern to the open source movement (which of course is an ultimate form of open standard) are the conditions meant to discourage open standards. For instance draconian prohibitions on reverse-engineering. Of particular concern to any CIO with a brain is...pretty much everything.
I wish the CIOs all of the best.
Ben
Re:How are people in other countries affected? (Score:5)
The NCCUSL needs oversight and/or investigation. (Score:5)
This organization seems to be a multi-state collection of regulators (i.e. members of state executive branches) acting as a national legislature. They debate in private (or at least with zero press coverage) and are heavily lobied. They construct the text of proposed laws and submit them to the state legislatures simultaneously.
So the general public goes from nothing to a bunch of identical bills simultaneously submitted in state legislators all over the country. And if they want to oppose them, or even modify them, they have a war on dozens of fronts, against a very organized group that has almost achieved its objective. They almost certainly lose in several states, after which the proposed legislation, in its original form, becomes a de-facto national standard. So they can't even modify a line.
Such laws are pervasive as federal laws. But they draw power their power from the several states, which are not as limited by the federal constitution. And there's no central place to repeal these laws - you have to get ALL the states to go along simultaneously.
I think that, at a minimum, the organization needs some serious sunlight - in the form of investigation and exposure to press - or alternative press - coverage of their operations and deliberations. (At least that way people could find out earlier when their ox is about to be gored, and maybe have a chance to head off bad legislation when it's in the formative stages.)
Beyond that, there's the question of whether it's proper for state executive branches to participate in the crafting of multi-state legislation. Is it intrusion on another branch's prerogatives? Is this one of the powers that is supposed to be reserved to the Federal government? Are "sunshine laws" violated?
This kind of coup is hardly unprecedented: It's is how we got a federal constitution in the first place: The Continental Congress set up a committee to propose some amendments to the Articles of Confederation (their "constitution"). The Federalists took over the committee, drafted the US Constitution, and bypassed the Continental Congress, submitting it to the states directly. It had a "bootloading" provision that when more than a fixed number of the states adopted it, it started, the adopters were detached from the Continental Congress (leaving it without a quorum) and attached to the Federation, and the rest of the states were out in the cold unless they signed up, too. (The Bill of Rights was the result of a rear-guard holding action by the Anti-Federalists, an allegedly minor concession they won in return for surrendering in a battle they were already losing.)
If *I* Were CIO (Score:5)
If I were the CIO of a large company, I would be worried that my negotiating position would be much weaker with UCITA. After all, it pretty much creates a legal software cartel. Why would any member of this cartel break ranks and give me what I want, when I wouldn't be able to get it from any other vendor? But my real concern would be that the legislation could trigger an even greater decline in the quality of shrinkwrapped software.
On the other hand, if the measure passes and vendors make full use of it, the drive to all-Open Source could become unstoppable.
UCITA hurts software companies, too (Score:5)
The company I am a developer for, a MAJOR ERP vendor, ships many many different applications with each new release. We certify each release with a subset of 3rd-party software, including:
- The operating system (Windows plus a dozen or so Unixes, Mainframe OS's etc.)
- The middleware product
- Certain office suites which integrate with our stuff
- Reporting tools such as Crystal
- Web servers (the first two that popped into your head, for example)
- etc.
The list goes on and on. More importantly, we also BUILD our software with a bunch of 3rd-party products, which provide everything from the middleware API to the STL we use.
Now imagine how screwed we'd be if we couldn't count on support contracts and liability contracts from any of those vendors? The quality of our product would become a random quantity based on how charitable those 3rd-party vendors were feeling today. And we'd be forced to ship this crap to our customers, passing the joy on to them. Sure, we'd be somewhat legally protected from the wrath of our customers by the UCITA, but just because they couldn't sue us doesn't mean they have to buy from us. They'd probably go back to developing everything in-house or buying only from vendors who provide 100% of the functionality from a single site. As of today, I doubt there is a single vendor who can claim THAT.
Even big companies don't have leverge (Score:5)
The article comments that big companies should have enough leverage to negotiate non-UCITA contracts if they don't like UCITA's provisions. A very interesting quote from one software purchaser gives the lie to that statement:
IOW, software companies naturally have a dominant negotiating position with corporate customers because of migration costs. If that's really true, why do companies need UCITA? You've got me.
Of course this is exactly the argument that ESR uses to show that businesses need free/open source software. If you get mission critical software from a sole source vendor, they already have your balls in a vise. All UCITA does is to make that a bit more explicit.