Personal tools

shenk.html

CPSR Newsletter 17, 2
Volume 17, Number 2 The CPSR Newsletter Fall 1999

Notes on "Software at the Crossroads" by Carol Shenk
cshenk@speakeasy.org

In Friday's final session, "Software at the Crossroads: Open-Source Software and the Uniform Computer Information Transactions Act (UCITA)," panelists Cem Kaner, Barbara Simons, Peter Neumann, and Richard Stallman discussed many potential impacts of UCITA on software developers, publishers, and consumers.

Attorney, author, and technical and management consultant Cem Kaner [ www.kaner.com ], [ www.badsoftware.com ] provided a tutorial on UCITA [ http://www.cpsr.org/conferences/annmtg99/kaner/index.htm ]. Kaner explained that UCITA would replace the Uniform Commercial Code in governing contracts that involve software, and it has yet to be adopted by any U.S. state. It is widely opposed by professional organizations, including ACM and IEEE.

Kaner began with two main points about UCITA: one, that it is "designed primarily to make it harder for customers to hold software publishers and large custom software developers accountable for defects in their products," and two, that "UCITA protects the big kids," promising "some very unpleasant surprises for independent software developers."

Kaner described how UCITA would hurt consumers by taking software "outside of the scope of traditional consumer protection laws." UCITA defines the purchase of packaged software as the purchase of a license to use the intellectual property contained in the product, not as the purchase of goods. Thus laws applying to the sale of goods would not apply to software.

Software manufacturers would be allowed to enforce "shrinkwrapped" disclaimers and use restrictions, which customers are unable to see before purchasing and opening the product.

Kaner stated that these changes to the regulation of software sales would reduce competition on the terms of contracts, thus protecting larger companies. "[Customers] are going to go to the best advertisers and the best known, because they've got no reason to choose something that's not established."

UCITA also "crosses out the notion of minimum adequate remedy," and, Kaner said, UCITA is to his knowledge "the only American law that allows sellers to profit from their known defects." Even with a material breach in terms of a license contract, the consumer may not have the right to cancel that contract.

Small software developers and publishers would lose their competitiveness due to use-restrictions made enforceable for mass-market products under UCITA. Kaner gave the example of a mass-market virus-scanner's license contract, which prohibits the disclosure of any benchmarks about the product and which prohibits users from writing product reviews without the company's permission. Kaner asked, "How do you prove your product's better, if the customers of the other product can't write magazine reviews without the other product manufacturer's permission? It turns into a war of advertising. Guess who loses?"

An important issue for open-source and free-software developers is restriction on reverse-engineering. A ban on reverse engineering would appear to be enforceable under UCITA for mass-market products, though Federal Court decisions could overrule that ban. Still, Kaner explained, "that means people are going to have to go through a lot of very expensive lawsuits over a very long time before law-abiding engineers know that they can be within the law and do reverse-engineering."

Kaner then discussed how custom software developers could also suffer under UCITA, as it brings services under the requirements of goods law. Smaller developers who might currently work under relatively loose agreements with their clients would be forced to provide warranties for their services. Kaner said that larger companies "get around this by routinely disclaiming all warranties...." But, "in contracts where it's human to human, it doesn't work....In a 25K contract if you put in a warranty disclaimer...customers won't sign them." Kaner later referred jokingly to UCITA as the "Full Employment Act for Lawyers," because of the difficulties this law would create in contract negotiations, especially for smaller companies.

Finally, Kaner described UCITA as "the Copyright Act on steroids," because it gives publishers more rights, while "freeing them the Constitutional restrictions of the Copyright Act," including the principles of fair use and first sale, as well as the notion that the protections are intended to encourage the development of useful arts and sciences.

Barbara Simons, President of the Association of Computing Machinery [ www.acm.org ], emphasized that restrictions on reverse engineering are also included in the recently passed Digital Millennium Copyright Act. She described this act and UCITA as part of a "suite" of legislation, which includes pending Federal legislation related to intellectual property and copyrights [ www.acm.org/usacm/copyright/ ].

"The fact is that the movie industry, the record industry, large publishers, and large creators of software are really scared about digitizing on the Net and people's ability to copy things....So there's a move to get all kinds of laws and restrictions passed, and unfortunately they are being rather successful," Simons stated.

Simons expressed serious concern about the development of secure systems if reverse-engineering is made illegal: "What do you do in a computer security class but teach people how to break into systems?" Simons' article, "Melissa's Message" (Communications, June 1999), about the impact of UCITA and related laws on the development of secure systems, is available on the ACM website. (Ed.:

Peter Neumann, Principal Scientist in the Computer Science Lab at SRI International, described the advantages of open-source software and free software over commercial products. He focused on the strength of modularity and interoperability within open-source and free software systems. "Commercial proprietary software has very little robustness. It's falling apart by itself," Neumann said.

He explained that the weakness of a "monolithic" code such as Windows NT is that it is proprietary, unmodifiable, and "basically un-reverse-engineerable. ...if you are trying to create a life-critical or mission-critical system, it is an absolute disaster."

Richard Stallman, founder of the GNU project [ www.gnu.org ], furthered Neumann's argument for the open-source and free-software movements. Stallman explained that UCITA's prohibition on reverse engineering would limit open-source and free-software developers, by preventing them from creating products that interoperate with proprietary or commercial ones.

Stallman closed by stating that he is working with companies involved in the free software and open source movements to set up an organization to oppose UCITA and related laws. Announcements will be posted on the GNU website.

Panelists responded to audience questions, bringing up more potential impacts of UCITA. Kaner warned that UCITA could amount to the "privatization of the public domain," as anything, even a document of public record, that is downloaded from the Internet may be subject to a vendor's license restriction on use.

Audience members and panelists expressed frustration that, in Simons' words, "these things are going on and most members of our community don't know about it, let alone the general public, who feel even less qualified to pass judgment on what's happening."

Panelists encouraged all members of the computing community to become educated and involved in these important trade and copyright issues. Because UCITA has not been adopted by any state, there is still opportunity to influence the implementation of this trade law.

What's inside...

© Computer Professionals for Social Responsibility
P.O. Box 717
Palo Alto, CA 94302-0717
Tel. (415) 322-3778
Fax (415) 322-3798
webmaster@cpsr.org

the end [ top ] Newsletter Index
Archived CPSR Information
Created before October 2004
Announcements

Sign up for CPSR announcements emails

Chapters

International Chapters -

> Canada
> Japan
> Peru
> Spain
          more...

USA Chapters -

> Chicago, IL
> Pittsburgh, PA
> San Francisco Bay Area
> Seattle, WA
more...
Why did you join CPSR?

I want to be part of the solution. I think CPSR is working to guide society in the proper creation and use of technology.