Would you open
a can of soup with these warnings on it such as “As is” or “May contain viruses!”
or “If you sue us, the most you can get is what you paid for this can of
soup”? Then why would people want to
place software in their computers with these and other egregious warnings
buried in the arcane legal agreements to which individual and business computer
users must click “I accept” if they wish to install some of the most well known
software packages on the market today?
Rick Barry, Arlington,
Virginia-based independent consultant and principal of Barry Associates, raised
and answered that question during a lively debate on the Uniform Computer
Information Transactions Act (UCITA) at the Virginia Internet Technology 2000
conference in Williamsburg, VA. The
conference ran from 19 to 21 September, 2000.
Rick Barry was representing the Computer Professionals for Social Responsibility
(CPSR), a non-profit, public interest organization that addresses benefits and
risks to society resulting from the use of computers. He told
attendees: “The reason is that
software customers today have little choice. Unfair warnings are on all the ‘soup cans’ and there are very
limited if any realistic choices among software ‘soup’ vendors,” he said.
Barry said: “The
reality is that if any of us were hungry enough and if all of the soup cans had
the same kinds of warnings, we’d probably all drink the soup. Luckily for
us, the food industry is regulated. But the software and data publishing
industries are not regulated – at least not yet – so they can and do get away
with such legal agreements. In a great many cases, purchasers don’t even
see these agreements until the product is about to be installed in their
computers. To make matters worse, Virginia, through UCITA, is about to
legitimize what these industries are already getting away with.”
UCITA was enacted
during the last Virginia legislative session with a proviso that it would not
become law until July 1, 2000, so that the public would have an opportunity by
December 2000 to decide on its merits – what opponents of the legislation refer
to as the “ready-shoot-aim” method of legislation in an attempt by Virginia to
be the first state to pass the legislation and by so doing become the
friendliest to the industry, Barry said.
Other states have
shied away from the law or passed laws declaring that it does not apply in
their states. A Virginia Legislature Joint Committee on Technology and
Science, under Delegate Joe May is preparing recommendations to the Legislature
to go ahead with UCITA.
The Virginia
Internet Technology 2000 conference debate was chaired by Mr. Svein J.Lassen, Managing Partner,
Jones, Blechman, Woltz & Kelly, PC, of Newport News and Williamsburg.
Speakers favoring UCITA were:
Speaking in
opposition to the legislation were:
In his
presentation, Rick Barry cited several license agreements from well-known
products, such as:
“(To the maximum extent permitted by applicable law, Microsoft and its suppliers provide to you the OS components, and any (if any) support services related to the OS components (“Support Services”) AS IS AND WITH ALL FAULTS … )
Microsoft … disclaim all warranties and conditions … express, implied or statutory including merchantability, fitness for a particular purpose, lack of viruses, accuracy or completeness of responses, results, workmanlike effort and lack or negligence ... the entire risk arising out of use or performance of the OS … and any support services remains with you.” (Emphasis supplied.)
“AOL'S entire liability and your exclusive remedy with respect to use of the service and the software shall be the replacement of any software found to be defective.”
“In no event will Netscape be liable for any damages in excess of the amount Netscape received from you for a license to the software, even if Netscape shall have been informed of the possibility of such damages.”
Citing a Journal
of Computer and Information Law paper
(volume 18, #2, Winter 1999/2000)
“Software Engineering and UCITA,” by Cem Kaner, J.D., Ph.D., Rick
Barry noted that a McAfee Virus Scan license includes the term:
“The customer shall not disclose the results of any bench-mark test to any third party without Network Associates’ prior written approval.”
Barry said that
this provision could be used to prevent consumers or consumer magazines from
publishing reviews of the product. UCITA section 307 (b) would
specifically legalize that practice: “If a license expressly limits use of the
information or informational rights, use in any other manner is a breach of
contract.”
Citing the same
Kaner paper, Barry highlighted a license provision in an Intel Photo Album
applet product:
“Licensee agrees that all works of authorship, inventions, improvements, developments making use of the Applet or any portion of the Applet, solely or in collaboration with others, as well as all patents, copyrights, trade secrets, trademarks, and other intellectual property rights therein and thereto (collectively, 'Developments'), are the sole property of Intel."
This provision
would give Intel rights to the ownership of any content developed using this
software, Barry said. The license
further stated:
“Intel may revise these terms at any time by updating this posting. You should visit this page from time to time to review the then-current terms because they are binding on you.”
Barry warned that
this provision placed the burden on the consumer to know when an accepted
license agreement was changed. Not doing so could place the business or
individual consumer in violation of the license and subject to the penalties
shown in the license. This could be thousands of dollars. He said that
this current practice would be further emblazoned in the law with UCITA.
In another
provision, its so-called “self-help” provision, UCITA would permit software
companies to go into computers without prior notice if they thought the user
was in violation of the license, without court order, and disable its software.
As further evidence that software companies are preparing to
take advantage of such provisions, Barry cited license terms reported by
readers of computer weekly InfoWorld to columnist Ed Foster. Although subsequently changed after Foster
queried the software companies about their purposes, they included such
provisions as:
"Right to Audit:
In light of the nature of this License Agreement, [large company name deleted] reserves the right for it or its independent auditors to inspect your records from time to time in order to assure compliance with the terms of this License Agreement."
And:
"You agree, if purchasing by credit card or chargecard, that you permanently and irrevocably waive any and all right to cause a ‘chargeback' (that is, a disputed, reversed or contested charge) against this purchase for any reason whatsoever against Company or other reseller of this license, effective as soon as you open the envelope containing the program disk or otherwise install or use the Software. You agree that, if you institute such a 'chargeback', it constitutes a material violation of this license, and agree to pay the minimum amount of FIVE THOUSAND DOLLARS ($5,000.00) to Company (or the party selling you this license), as liquidated damages and not as a penalty, in addition to the amount of the chargeback, and all costs of such chargeback instituted against the seller of this license. You expressly confess, in the event of such a 'chargeback', that such chargeback constitutes fraud and confess such fraud. You agree to pay all costs incurred by company or the seller of this license in collecting these amounts."
Barry quoted a
recent study by Jean Braucher,
Roger Henderson Professor of Law, University of Arizona, who visited Web sites
of the top 100 PC software companies, by volume of revenue. The study showed
that 87.5% chose not to make pre-transaction disclosure of the terms of their
licenses, an indicator of the prevalence of the practice of delayed
disclosure.
Barry contrasted
current practice with the benchmark for business self governance, the Council
of Better Business Bureau guidelines for on-line business practices that state:
1) It should be clear, accurate, and easy to find and understand;
2) It should be readily accessible online and can appear via a noticeable and descriptive hyperlink or other similarly effective mechanism;
3) It should be presented such that customers can access and maintain an adequate record, and
4) it should be accessible prior to the consummation of the transaction.”(Emphasis provided.)
According to
Barry, Virginia legislators who had replied to a letter he had written
outlining numerous issues with UCITA, see http://www.cpsr.org/program/UCITA/barry_ucita.html,
failed to address the substance of any of the issues. Rather, it stated simply
that UCITA was necessary to provide business with a common way of doing
electronic business in all states. Efforts are being made in some other states
to pass the same law.
Barry said that
legitimate need was no defense for a poor law that ignored the pleas of
numerous opponents of the bill including 24 state attorneys general, all
consumer advocacy groups that had taken a position on the act, numerous
professional associations of computer professionals such as the Society of Information Management (SIM),
representing largely CIOs, and other professional organizations representing
among others software engineers such as IEEE
and ACM.
He said that the
"choice of forum" provision for UCITA provides that a licensor can
dictate in what state the license agreement will be deemed to have taken place,
even if different from that of the licensor or licensee, clearly to be a state
most friendly to the software and data publishers and least so to the
consumer. Barry cautioned that this
provision, often not noticed, is at least in part responsible for what Press
reaction there has been on this subject to be treated as a local state issue
when in fact it makes it a serious national public policy issue.
Barry urged
business leaders to ensure that the laws for electronic commerce are not only
in their business interests but also socially responsible. He urged the
media to assist in elevating the awareness of citizens and business leaders to
the serious problems with UCITA and to make the issues sufficiently well known
that elected officials will fully understand their accountability to the voters
– that “they won’t be able to say they didn’t know the gun was loaded.”
In February, 2000, Virginia voted unanimously in the Senate and
nearly so in the House of Delegates to make this Virginia law by July 1,2000,
unless it is changed or dropped before the end of calendar year 2000. Rick Barry’s presentation can be viewed at UCITA02.html.