Date: Fri, 11 Feb 2000
Subject: Dear Northern Virginia and Other Legislators Involved in the UCITA Legislation

I write both as a long-time citizen of VA (Arlington since 1960), where I currently conduct an information management and technology consulting business www.rbarry.com, and as the Mid-Atlantic Director (NY to WV) of the Computer Professionals for Social Responsibility www.cpsr.org, a national, non-profit, public interest organization that addresses societal benefits/risks resulting from the use of computers, financed principally by individual member dues. I would like to share some serious concerns, from both consumer and business perspectives, about the Uniform Computer Information Transaction Act, better known as "UCITA". It was approved by NCCUSL in 1999 following a highly contentious drafting process that resulted in the American Law Institute removing itself from the process for the first time in 50 years. Like the companion Uniform Electronic Transaction Act, which also has consumer issues, UCITA is being promoted in all states with the noble purpose of unifying e-commerce legislation. However, as the model was drafted to please elements of the software industry, it has provisions that are inimical to consumers and business users as well as to some parts of the software industry itself, particularly small developers.

Among those who have submitted letters registering opposition to UCITA or stating serious concerns from the consumer perspective are: 24 State Attorneys General; Federal Trade Commission senior staff; Consumer Federation of America; Consumers Union; Consumer Project on Technology; U.S. Public Interest Research Group; 45 professors of contracts and commercial law (also stating objections from the perspective of business customers); Members of the Working Group on Consumer Protection of the American Bar Association (Business Law Section, Committee on the Law of Cyberspace, Subcommittee on Electronic Commerce) and many (non-software) businesses who rely upon software products, including I understand, Reynolds. No group that takes the consumer perspective has endorsed UCITA.

Space requires that I only list 10 main reasons to be concerned about UCITA. My purpose is to give you enough questions that need to be addressed to consider putting some brakes on the legislative process until you have a true understanding of what you would be buying for your citizen and business constituents before UCITA becomes law; and to warn those of you who may be unaware that there appears to be a competition between MD and VA to be the first state in the country to pass this legislation, partly on the rather high-schoolish belief that the "winner" will attract more technology firms. For reasons better known to its promoters, UCITA is mistakenly being put forth as consumer-oriented legislation. It is not.

UCITA would:

• redefine most software sales as licensing agreements, giving software makers the power to set terms forbidding the future sale or even donation of the material.
• establish the egregious 'agreement to accept electronic notice': e-mail could serve as formal legal notice of changes in contract terms, service cut-off warnings, etc., without evidence it reached the individual.
• consider disclosure "conspicuous" even if buried in boilerplate license text or on enclosed leaflets in shrink-wrapped boxes and before consumers open them.
• allocate significant risks to consumers in the event of unauthorized transactions.
• expand powers of contracts to limit rights of fair use (contract terms barring quotation, criticism, reverse engineering to fix bugs or build new interoperable products) including permitting software makers to block the publishing of reviews of their product."We already see software licenses that purport to ban publication of critical articles," states University of Arizona law professor Jean Braucher. "UCITA would increase this chill."
• permit vendors to enter one's computer and render software useless.
• grant licensors the right to invade personal and business privacy/confidentiality by collecting data from use of their software, including possibly privileged legal/medical information.
• provide for no incidental/consequential damages, even with known defects;
• proscribe transfer of computers and software complicating corporate mergers.
• through nondisclosure clauses in software packages permit software makers to block the publishing of reviews of their product.
• validate post-transaction terms, on grounds of their use in other industries (airlines, insurance). But those are regulated industries, subject to international treaties or state insurance commission review.

I encourage you to read the LATimes article, Friday, February 4, 2000, "Makers Aim to Dilute Consumer Rights: Technology: Companies push legislation at state level that would dramatically alter contract law in their favor". I would urge you to read the more comprehensive analysis of UCITA, by Jean Braucher, Roger Henderson Professor of Law, Univ. of Ariz in the process of being posted at http://www.cpsr.org/program/UCITA/braucher.html. Please share this information.

Sincerely,

Richard E. Barry
Mid-Atlantic Director, CPSR