Wares wars

The powers that be push for a software consumer nonprotection act.

MY NAME IS BILL. I run a company that creates software. You probably use some of my software, but you might not like me. You may dislike me so much you use my software to write flaming anti-Bill screeds, or to put up an anti-Bill Web site, or to create software to compete against mine. I might not like it, but there's not much I can do to stop you.

Give me a few months.

UCITA (the Uniform Computer Information Transactions Act) proposes to "standardize" the rights and responsibilities software and electronic-information companies have to consumers and vice versa. It's an amendment to the Uniform Commercial Code, which is the main body of law governing commerce in these United States. It's supported by many of the largest software, hardware, and Net-related companies in America. It's designed to change the relationship between companies and consumers forever. You're naive if you think this is good news.

UCITA defines the legal relationship between people who create software and people who use it. The original version was drafted over the last half-decade by the American Law Institute (ALI) and the National Conference of Commissioners on Uniform State Laws (NCCUSL). It's up for vote in all 50 state legislatures, and last week Virginia was first over the wall as Governor James Gillmore signed it into law.

ONE OF THE PROBLEMS with selling software is that it's never really sold to consumers, as the Uniform Commercial Code understands it. What you buy when you buy software is a license to install Program X on your computer for your use. You aren't allowed to go around making copies for all your friends, and you can't stick a new label on it and sell it as your own creation.

The UCITA Not Allowed list is considerably longer. For instance, UCITA forces you to actually read the license or the user agreement on a Web site; clicking the "I Agree" button really does bind you to the terms of the interminable prose above it, even if that prose says you'll undergo voluntary sterilization for the privilege of using the product.

It isn't just contracts that concern some software developers who oppose UCITA. Its supporters sneer at the concept of "fair use," which covers much of what you-the-consumer are allowed to do with software once you've licensed it. Perhaps you've discovered an uncharted feature (UCITA also protects companies from the legal consequences of crappy documentation, by the way) and you'd like to take that part of the software apart to see how it works. That's reverse engineering, and that's prohibited too—a critical issue for developers, who often can only discover what code like Windows 2000 is really doing by examining it in this way.

Worse, UCITA gives the software company the right to truly screw with you if they're annoyed. The concept of electronic self-help is the H-Bomb of UCITA, allowing the company to disrupt or disable your mission-critical software if they don't like what you're doing with it. Say you buy e-mail software from CodeDoodz Corp., and they include a clause in the license that says you have to write any e-mail you send with its software in ALL CAPS. You don't. CodeDoodz finds out. CodeDoodz has the legal right to crawl up your modem line and blow away your copy of CodeDoodzMail—taking your mail archives with it. What, didn't you read the contract? (Before you say you did, don't forget to check your inbox, since under UCITA companies can unilaterally change the contract and inform you via e-mail. Too bad yours is all deleted.) Self-help cannot be negotiated out of the license (as if the software company was willing to negotiate with you!)—troubling, especially when you remember that although your mission-critical software might be e-mail, your local hospital probably has a different standard.

Right now plenty of licensing agreements are bundled into boxes of software that claim that by opening the box you accept the licensing agreement, even though you can't read the agreement till you open the box. UCITA formalizes the legality of such agreements. And it gets worse; the biggest companies are indemnified from most kinds of liability, even when they know they're putting out crap—in most cases, companies would only be liable for the purchase price of the buggy software. Ralph Nader's head should be spinning 360 degrees at the thought.

It is. UCITA's opposition coalition is both broad and deep. Nader's there with his Consumer Project on Technology. The Washington and California state attorneys general oppose it, as do 24 of their colleagues. Industry groups such as Computer Professionals for Social Responsibility have spoken out against the bill as part of 4CITE, a broad coalition of consumers and developers; the IEEE (Institute of Electrical and Electronics Engineers) opposes it, as do librarians, newspaper and magazine publishers, the National Writers, a constellation of consumer advocacy groups, and the Federal Trade Commission. Even the MPAA (Motion Picture Association of America), currently reviled online due to overzealous copyright protection, opposes the bill.

UCITA supporters take a dim view of the opposition, particularly those nasty Linux folk: One pro-UCITA site says, ominously, "Its supporters should get a lawyer before they hurt themselves." Many Linux developers are concerned that increasing legal liabilities will squelch the open-source movement (surely not a factor in Microsoft's support?), and the already embattled shareware community could also feel a big chill.

WHO ELSE IS HARMED? How about the First Amendment? Say I (no, I'm not Bill anymore; that was a literary device) decide to write about my experiences with BeWare, new software from CodeDoodz. I test the software only to find that it has about 63,000 bugs, including one that shot fire out of my monitor and killed my cat. Under UCITA, CodeDoodz isn't responsible for telling you about those bugs or for paying for the vet bills. Sounds like it's up to me to catch as many as I can and alert you, the reading public.

Wrong! The licensing agreement forbids me to publish testing-based evaluations of BeWare without prior approval from CodeDoodz. I call to tell them I'm planning to review the software; they demand that I send a copy of the review for approval. I refuse. They tell me they'll sue me for violating the licensing agreement if I run the article. I can't review BeWare for you, unless of course Seattle Weekly feels like establishing some legal precedents.

So much for the First Amendment, and good luck with your own copy of BeWare. Hide your cat.

This kind of pressure is already very real: PC Magazine, one of the computer-journalism world's 800-pound gorillas, was forced last year to not publish benchmarks of their tests on Oracle's database software. UCITA strengthens the talons of Oracle and its ilk; odds are good that such restrictions on a free press would be thrown out of court eventually, but that kind of thing costs money that even large publishers don't necessarily have.

Is it too late? No, but things are moving fast. In Virginia, outrage over the bill didn't induce Governor Gillmore to veto it, but it won't go into effect until mid-2001; in the meantime, a House-Senate joint committee is studying the law's effects on information transactions. (One would think that would have happened first, but UCITA has been, as they say, a rush order.) The states now reviewing UCITA are Hawaii, Illinois, Maryland, and Oklahoma; down in Olympia, Microsoft has heavily lobbied for its passage. Just think—if UCITA passes, such companies might never have to lobby again. All they'll have to do is pull the plug.

 
comments powered by Disqus