Would you open a can of soup with these warnings on it such as “As is” or “May contain viruses!” or “If you sue us, the most you can get is what you paid for this can of soup”? Then why would people want to place software in their computers with these and other egregious warnings buried in the arcane legal agreements to which individual and business computer users must click “I accept” if they wish to install some of the most well known software packages on the market today?
Rick Barry, Arlington, Virginia-based independent consultant and principal of Barry Associates, raised and answered that question during a lively debate on the Uniform Computer Information Transactions Act (UCITA) at the Virginia Internet Technology 2000 conference in Williamsburg, VA. The conference ran from 19 to 21 September, 2000.
Rick Barry was representing the Computer Professionals for Social Responsibility
(CPSR), a non-profit, public interest organization that addresses benefits and
risks to society resulting from the use of computers. He told
attendees: “The reason is that
software customers today have little choice. Unfair warnings are on all the ‘soup cans’ and there are very
limited if any realistic choices among software ‘soup’ vendors,” he said.
Barry said: “The reality is that if any of us were hungry enough and if all of the soup cans had the same kinds of warnings, we’d probably all drink the soup. Luckily for us, the food industry is regulated. But the software and data publishing industries are not regulated – at least not yet – so they can and do get away with such legal agreements. In a great many cases, purchasers don’t even see these agreements until the product is about to be installed in their computers. To make matters worse, Virginia, through UCITA, is about to legitimize what these industries are already getting away with.”
UCITA was enacted during the last Virginia legislative session with a proviso that it would not become law until July 1, 2000, so that the public would have an opportunity by December 2000 to decide on its merits – what opponents of the legislation refer to as the “ready-shoot-aim” method of legislation in an attempt by Virginia to be the first state to pass the legislation and by so doing become the friendliest to the industry, Barry said.
Other states have shied away from the law or passed laws declaring that it does not apply in their states. A Virginia Legislature Joint Committee on Technology and Science, under Delegate Joe May is preparing recommendations to the Legislature to go ahead with UCITA.
The Virginia Internet Technology 2000 conference debate was chaired by Mr. Svein J.Lassen, Managing Partner, Jones, Blechman, Woltz & Kelly, PC, of Newport News and Williamsburg. Speakers favoring UCITA were:
Speaking in opposition to the legislation were:
In his presentation, Rick Barry cited several license agreements from well-known products, such as:
“(To the maximum extent permitted by applicable law, Microsoft and its suppliers provide to you the OS components, and any (if any) support services related to the OS components (“Support Services”) AS IS AND WITH ALL FAULTS … )
Microsoft … disclaim all warranties and conditions … express, implied or statutory including merchantability, fitness for a particular purpose, lack of viruses, accuracy or completeness of responses, results, workmanlike effort and lack or negligence ... the entire risk arising out of use or performance of the OS … and any support services remains with you.” (Emphasis supplied.)
“AOL'S entire liability and your exclusive remedy with respect to use of the service and the software shall be the replacement of any software found to be defective.”
“In no event will Netscape be liable for any damages in excess of the amount Netscape received from you for a license to the software, even if Netscape shall have been informed of the possibility of such damages.”
Citing a Journal of Computer and Information Law paper (volume 18, #2, Winter 1999/2000) “Software Engineering and UCITA,” by Cem Kaner, J.D., Ph.D., Rick Barry noted that a McAfee Virus Scan license includes the term:
“The customer shall not disclose the results of any bench-mark test to any third party without Network Associates’ prior written approval.”
Barry said that this provision could be used to prevent consumers or consumer magazines from publishing reviews of the product. UCITA section 307 (b) would specifically legalize that practice: “If a license expressly limits use of the information or informational rights, use in any other manner is a breach of contract.”
Citing the same Kaner paper, Barry highlighted a license provision in an Intel Photo Album applet product:
“Licensee agrees that all works of authorship, inventions, improvements, developments making use of the Applet or any portion of the Applet, solely or in collaboration with others, as well as all patents, copyrights, trade secrets, trademarks, and other intellectual property rights therein and thereto (collectively, 'Developments'), are the sole property of Intel."
This provision would give Intel rights to the ownership of any content developed using this software, Barry said. The license further stated:
“Intel may revise these terms at any time by updating this posting. You should visit this page from time to time to review the then-current terms because they are binding on you.”
Barry warned that this provision placed the burden on the consumer to know when an accepted license agreement was changed. Not doing so could place the business or individual consumer in violation of the license and subject to the penalties shown in the license. This could be thousands of dollars. He said that this current practice would be further emblazoned in the law with UCITA.
In another provision, its so-called “self-help” provision, UCITA would permit software companies to go into computers without prior notice if they thought the user was in violation of the license, without court order, and disable its software.
As further evidence that software companies are preparing to take advantage of such provisions, Barry cited license terms reported by readers of computer weekly InfoWorld to columnist Ed Foster. Although subsequently changed after Foster queried the software companies about their purposes, they included such provisions as:
"Right to Audit:
In light of the nature of this License Agreement, [large company name deleted] reserves the right for it or its independent auditors to inspect your records from time to time in order to assure compliance with the terms of this License Agreement."
"You agree, if purchasing by credit card or chargecard, that you permanently and irrevocably waive any and all right to cause a ‘chargeback' (that is, a disputed, reversed or contested charge) against this purchase for any reason whatsoever against Company or other reseller of this license, effective as soon as you open the envelope containing the program disk or otherwise install or use the Software. You agree that, if you institute such a 'chargeback', it constitutes a material violation of this license, and agree to pay the minimum amount of FIVE THOUSAND DOLLARS ($5,000.00) to Company (or the party selling you this license), as liquidated damages and not as a penalty, in addition to the amount of the chargeback, and all costs of such chargeback instituted against the seller of this license. You expressly confess, in the event of such a 'chargeback', that such chargeback constitutes fraud and confess such fraud. You agree to pay all costs incurred by company or the seller of this license in collecting these amounts."
Barry quoted a recent study by Jean Braucher, Roger Henderson Professor of Law, University of Arizona, who visited Web sites of the top 100 PC software companies, by volume of revenue. The study showed that 87.5% chose not to make pre-transaction disclosure of the terms of their licenses, an indicator of the prevalence of the practice of delayed disclosure.
Barry contrasted current practice with the benchmark for business self governance, the Council of Better Business Bureau guidelines for on-line business practices that state:
1) It should be clear, accurate, and easy to find and understand;
2) It should be readily accessible online and can appear via a noticeable and descriptive hyperlink or other similarly effective mechanism;
3) It should be presented such that customers can access and maintain an adequate record, and
4) it should be accessible prior to the consummation of the transaction.”(Emphasis provided.)
According to Barry, Virginia legislators who had replied to a letter he had written outlining numerous issues with UCITA, see http://www.cpsr.org/program/UCITA/barry_ucita.html, failed to address the substance of any of the issues. Rather, it stated simply that UCITA was necessary to provide business with a common way of doing electronic business in all states. Efforts are being made in some other states to pass the same law.
Barry said that legitimate need was no defense for a poor law that ignored the pleas of numerous opponents of the bill including 24 state attorneys general, all consumer advocacy groups that had taken a position on the act, numerous professional associations of computer professionals such as the Society of Information Management (SIM), representing largely CIOs, and other professional organizations representing among others software engineers such as IEEE and ACM.
He said that the "choice of forum" provision for UCITA provides that a licensor can dictate in what state the license agreement will be deemed to have taken place, even if different from that of the licensor or licensee, clearly to be a state most friendly to the software and data publishers and least so to the consumer. Barry cautioned that this provision, often not noticed, is at least in part responsible for what Press reaction there has been on this subject to be treated as a local state issue when in fact it makes it a serious national public policy issue.
Barry urged business leaders to ensure that the laws for electronic commerce are not only in their business interests but also socially responsible. He urged the media to assist in elevating the awareness of citizens and business leaders to the serious problems with UCITA and to make the issues sufficiently well known that elected officials will fully understand their accountability to the voters – that “they won’t be able to say they didn’t know the gun was loaded.” In February, 2000, Virginia voted unanimously in the Senate and nearly so in the House of Delegates to make this Virginia law by July 1,2000, unless it is changed or dropped before the end of calendar year 2000. Rick Barry’s presentation can be viewed at UCITA02.html.