Slashdot Mirror

When you "purchase" software, what do you get? Increasingly, the answer is: nothing. Nothing tangible; no rights; and no resale value. This rant is spurred by Microsoft's changes to its distribution policy for all future editions of Windows. No longer will you receive a CD which is capable of installing the operating system with your new computer - Original Equipment Manufacturers are forbidden to ship you one, even though you just paid ~$100 for the software, and even though the change makes customers less than happy. Meanwhile, Adobe's chairman has the gall to tell us it's our own fault. I take a look at the future of software licensing.

MS's most recent abuses of its customers are just the latest in a series of increasing restrictions. OEM's are no longer permitted to include full-capability Windows disks with new machines - instead, what you'll get is either a disk image on your hard drive or an image on a "recovery CD". The "recovery CD" must be crippled so that it won't run on any hardware except that specific machine.

So what you bought is either some extra bits on your hard drive (sure hope you didn't want to use the full capacity of the drive; sure hope your disk doesn't fail) or a nearly-useless CD which is solely capable of restoring your PC to its original state - you'll have to backup and restore all of your data, reinstall all other software, re-change all settings you've customized, etc., if you ever use that CD. But you're a Microsoft customer [motto: "Your time isn't worth a bucket of warm spit to us"], so get used to it.

If you did something foolish, like swap in a new hard drive, or a new motherboard, well, I'm sorry, but you've lost any ability to restore your Microsoft operating system. And naturally, of course, you won't be able to copy it to another computer - even if you delete it from the first one. You can't sell it, you can't lend it, hell, you can barely use it yourself. Office 2000 with its forced registration procedure is much the same, and we're now getting submissions about this from people who didn't catch stories last year about it. Office 2000 binds itself to your system with the registration in exactly the same way as the "Recovery" CDs must be bound by the OEM to the system they ship.

The main effect of this will be to eliminate the concept of "used software". Software vendors like this; they can sell more retail copies if there's no aftermarket.

Generally, copyrighted works are governed by what is known as the "first sale" doctrine. This means that once the copyright owner has sold the item the first time, they lose all control over it - it can be resold without limitation. This matter originally came up when a book publisher was trying to prevent Macy's from selling books at a discount price. Essentially, the publisher (Scribner and Sons, still in business today) had a nice scheme going where it set "minimum" prices for its books. In fact, the scheme is practically identical to the scheme that music publishers have going today, and that software publishers like Microsoft are now moving to.

A brief quote from one of the cases:

The appellant is the owner of the copyright upon 'The Castaway,' obtained on the 18th day of May, 1904, in conformity to the copyright statutes of the United States. Printed immediately below the copyright notice, on the page in the book following the title page, is inserted the following notice:

The price of this book at retail is $1 net. No dealer is licensed to sell it at a less price, and a sale at a less price will be treated as an infringement of the copyright.

The Bobbs-Merrill Company.

I know what you're thinking. You're thinking, "That sounds just like a shrinkwrap license on software! Or it sounds like what the giants of the music industry [Sony, Time-Warner, MCA, Polygram, Bertelsmann and EMI Music] do with their 'Minimum Advertised Price' policies, which has resulted in a class-action suit and an ongoing FTC investigation!" Am I right?

So how did the Court look at this particular issue?

What does the statute mean in granting 'the sole right of vending the same?' Was it intended to create a right which would permit the holder of the copyright to fasten, by notice [210 U.S. 339, 350] in a book or upon one of the articles mentioned within the statute, a restriction upon the subsequent alienation [transfer of property] of the subject-matter of copyright after the owner had parted with the title to one who had acquired full dominion over it and had given a satisfactory price for it? It is not denied that one who has sold a copyrighted article, without restriction, has parted with all right to control the sale of it. The purchaser of a book, once sold by authority of the owner of the copyright, may sell it again, although he could not publish a new edition of it.

Software publishers have this in mind. So they don't actually "sell" anything at all. If you make a contract to license something, the terms can be anything that a court doesn't regard as "unconscionable" - whatever the other party demands. So in fact copyright has almost nothing to do with the "sale" of commercial software products - companies could just as easily license to you software written by, say, the Federal Government (which would be in the public domain) They don't need copyright at all, since the contract alone is sufficient to bind your permitted activities, if the courts say a binding contract has been created.

The idea here is to get away from copyright, because copyright has all those nasty exceptions carved out by the legal system such as the "first sale" doctrine. But if you license something rather than sell it... and if you can cripple it with technology so that regardless of what the law says, the product can't be resold... ahhh, then you're in business!

Why have courts permitted software licensing to usurp copyright? Why do book-title-page-licenses not bind you but back-of-a-software-box-licenses do? Why doesn't the purchase of a copyrighted piece of software entitle you to do just about anything with it except sell copies, just like the purchase of a book does? It's a long story, but basically, I think it's because the first cases to hit the court system looked a lot like standard corporate contract disputes rather than mass-market sales. Individuals have only started purchasing software at retail within the last ten years or so. And now that people have caught on that this is a Bad Thing, we get laws like UCITA, designed to expressly legitimize these sorts of licenses. Remember that UCITA applies to software-hardware combinations as well, so your next PC might have a license agreement applying to the hardware.

But back to what started this rant. Microsoft's licensing. Microsoft has wanted for some years to move to a rental system, where not only do you not actually purchase anything for them, you get to pay for nothing every year. (In fact, they delayed the announcement of it so it wouldn't overlap with the anti-trust decision - might look bad to be simultaneously losing an anti-trust suit and announcing how you were going to get millions of people to rent software from you.) That way they can extract truly maximal profits from their operating system - raise the rents when it seems appropriate, cut sweetheart rental deals with some companies and viciously expensive ones with others, depending on whether or not you testified for the DOJ...

Microsoft has a couple of goals here, you see. Getting shrinkwrap licenses validated by the legal system allows them to control pricing in much the same manner as Scribner and Sons' attempt at book-wrap licensing. And building protective technological measures into their software, such as the OEM system-lock for the operating system or Office 2000's single-system registration procedure, allows them to get around the first sale doctrine - you could sell the item, copyright law says you can, but you can't sell it, because the software won't work for anyone else.

At a minimum, you could donate it to a charity or school when you're no longer using it and get a tax break. But that Windows 2000 Recovery CD or an already-registered Office 2000 CD are just coasters. Microsoft, of course, can cheerfully continue to donate software licenses and take tax write-offs for the full retail price of the software, a strategy which saves them hundreds of millions of dollars in taxes every year at a cost to them of approximately zero. And don't you dare to try to circumvent those controls in order to exercise your legal right to resell the software - that's a violation of the Digital Millennium Copyright Act, I doubt you want to spend five years in prison.

In a non-monopoly marketplace, the fact these two products are worth a lot less to you than their predecessors would force a reduction in price. Instead, Microsoft raised the prices on both. Lawyers have considered the interplay of contract, copyright, and technological restrictions - here's a paper, here's another - but the time is long past for this issue to be considered by the public.

And that's why the threats of Adobe chairman Warnock are the last straw. Microsoft and all the other familiar names in commercial software have been increasing their restrictions for years. It doesn't have anything to do with piracy; we're

"...going to have a piece of music that will only play on one Walkman. [We're] going to have a piece of software that will only work on one machine. It will provide enormous inconvenience."

regardless of what the fictitious figures of the Business Software Alliance say about copyright infringement. Listen to what Warnock is saying: if only we evil customers didn't make copies of software, Microsoft wouldn't force computer manufacturers to cripple the Windows installed on their machines. Yeah, right. Tell me another one, John.

But Warnock is absolutely right: it's a failure of the general population that is responsible for this licensing mess we're in. The failure is: insufficient regulation of the software industry.

If you buy a car, you are almost certainly protected by state "lemon laws". They were enacted to prevent the abuses that were extremely common, and so you acquired certain minimum rights in the purchase transaction which cannot be waived: if the car breaks down all the time, you can return it and get a refund plus your expenses paid. No matter what the sales contract says. Similarly there are restrictions on just how small the fine print can be, how egregious the interest rate can be, etc. The laws have had a salutory effect on auto sales - dealers are much less likely to try to cheat customers, and manufacturers have incentives to build better-quality cars. It is, in fact, a win-win situation - even though auto manufacturers screamed that laws like these would put them out of business in a week.

We haven't got anything of the sort with software purchases. And like Adobe's chairman just told us, the race to the bottom - who can have the most restrictive licensing, who can gouge the customer the most - is in full swing. It took a long time to get lemon laws enacted across the country, many years of abuses and horror stories, many years of opposition by the automobile manufacturers doing exactly what the software manufacturers are doing now: dumping buckets of cash into Congress. Are we going to learn from our experiences of the past and put some restraints on these abusive restrictions? Are we going to makes software sales into sales, and make software companies stand behind their products? We are, no doubt about it; abuses like these will only be stood for so long. The question is only this: How long will we stand for it?

What do you mean I don't own my software?
Adobe software is owned by Adobe. When you purchase software, you purchase a license to use the application. The use of the software must be in compliance with the End User License Agreement that is included with the software. Misuse of software is punishable by Federal Copyright Law.

-- from http://www.adobe.com/aboutadobe/antipiracy/main.html

We can fix that, Adobe.

iritant writes "CNN reports here that The Supremes have once again rejected congressional attempts to protect us from ourselves. Ruling in favor of Playboy, they agreed with the lower court who said that since there were less draconian ways to protect children, Congress could not limit hours or specify blocking methods of cable channels. This is clearly relevant to the Internet, as this decision may keep Congress from causing content providers much grief. The scary part is that it was only 5-4, with a peculiar split of Thomas in the majority and Scalia and Breyer in the minority. Scalia's opinion was particularly appalling, since he claimed that protection was allowed, not just for children, but for adults. The thought police are coming. Here is the decision. " It's actually quite an interesting decision. Congress was attempting to ban sexually-explicit cable channels during daytime hours, using the excuse that even though they were scrambled for non-subscribers, the scrambling wasn't 100% perfect and kiddies could still turn on the scrambled channels. It's not directly applicable to the internet, but it's related to many other free speech cases in its use of the least restrictive means test - although Congress might have an interest in coming between kids and porn, so too does Playboy have a right to speak, and since individual subscribers could, if they wished, contact the cable company and have the Playboy channel entirely blocked, that that would be a way of accomplishing the goal of keeping kids from porn without entirely banning the Playboy channel.

Honza Jirousek asks: "The issue of signing copyright for patches to GNU software or even whole new GPL-ed programs to the FSF came up several times in various dicussions, last time in recent cphack threads and in this Wired article on the same topic. Some indicate this may even be a requirement for accepting larger patches for some GNU programs, such as emacs. I never managed to find more specific information on that. Can someone explain this practice and point to more information? I understand the positive effects of this (FSF being better positioned to defend the copyleft, possibility to change the licence to newer versions of GPL etc), but I can also see an interesting side-effect - in some cases it effectively puts the FSF in the privileged position of sole copyright holder, who can re-license the code. This is similar to special provisions of 'original author' in licences such as NPL, often criticized exactly for this. Or am I getting it wrong? Contrast this to programs such as Linux kernel, where the copyright is so distributed, that re-licensing will never be possible." (Read on...)

Pay particular mention to the mention of section 17 U.S.C. 205e of the U.S. Copyright Laws. What does it actually do to the protections offered by the GPL and should we be worried?

KyDaran was one of several people who wrote about findings in UniSci regarding two studies released in the April issue of the American Psychological Association's (APA) Journal of Personality and Social Psychology. The studies show a relationship between violent and aggressive behavior and video game playing. Check out the full journal study for yourself.

mwillis was the first of those who deluged us with this story: Robin Williams is set to sing the South Park song "Blame Canada" at the Oscars. There's been some...discussion as to who would actually sing the song (I just can't understand why Anne Murray ^[?] refused *grin) but it appears Williams will be the man of the hour. I might even watch this time.

We were going to run this even before Ledge Kindred submitted it. Cem Kaner of Badsoftware.com has written a nice piece detailing the problems with UCITA, the new law which is being proposed across the United States and which will have terrible effects on the rights of software consumers.

A bit of background for readers unfamiliar with the process: The Uniform Commercial Code is a body of law which is enacted, pretty much identically, in all 50 states. The object is to have a similar business environment for the basics of commerce, so that neither buyers or sellers are blindsided. If the law is fair, both buyers and sellers benefit from uniform expectations about basic commercial transactions.

But of course, laws evolve. The Uniform Computer Information Transactions Act began its life as an amendment to the UCC, but it was so unbalanced in favor of software companies that one of the initial sponsoring organizations dropped out, and it could no longer be considered a UCC amendment. Yet it lives on.

UCITA legitimizes heinous license restrictions in software, actively promoting the worst software practices. Should it pass, the very concept of "used software" (video games, etc.) will disappear, since that can and will be prohibited by licensing terms. Better sell your Funcoland stock. Badsoftware.com has many more examples of how UCITA legitimizes things that big software companies only dream of today, such as prohibiting reverse engineering or even criticism of their products.

As you read this, UCITA is being pressed in states across the country, starting with those where the software industry giants have the most highly-paid lobbyists. Virginia appears to be one of the lead states, and is considering the bill right now in committee. By this time next year, UCITA is likely to be the law of the land. This may seem to be somewhat dry reading, but if you ever use non-GPL software or purchase a computer in the future, this is what you can look forward to. -- Michael Sims, michael @ slashdot.org

Cem Kaner writes:

The August 30th, 1999 issue of the National Law Journal carried an article favoring the Uniform Computer Information Transactions Act. I protested to the Journal about the bias of the article and was invited to write a response, but the inviting Editor left the Journal shortly thereafter, and my response was never published. The claims made in that article, which was written by the Chairman of the UCITA drafting committee and two of his colleagues, are being (and will continue to be) repeated to legislators who are considering the Act. Perhaps your readers will find this rebuttal of interest.

[Editor's note: the pro-UCITA article referenced above is available at http://test01.ljextra.com/na.archive.html/99/08/1999_0822_61.html.]

I grant permission to any reader to recirculate or publish this article, so long as it is attributed to me and published in its entirety (including endnotes). If you are recirculating or publishing it, please let me know.

THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT

In the August 30th, 1999 issue of the National Law Journal, Carlyle C. Ring, H. Lane Kneedler and Gail D. Jaspen presented the proposed Uniform Computer Information Transactions Act ("Uniform law for computer info transactions is offered"). Mr. Ring chaired the drafting committee that wrote UCITA.

UCITA is a proposed law that will govern all transactions involving computer software, electronic databases (such as WestLaw), downloaded books, and some entertainment products. It can also apply to computers and some other goods if their manufacturers put an appropriate notice in the product packaging.

Although the Ring et al. article reported years of work on UCITA as a proposed Article 2B addition to the UCC, it failed to mention that the UCC is a joint project between the American Law Institute (ALI) and the National Conference of Commissioners on Uniform State Laws (NCCUSL). It failed to mention that the ALI called for "fundamental revision" of the draft in May, 1998 (1) and withdrew from the project in April, 1999, effectively killing 2B as a UCC project. Thereafter, NCCUSL renamed the project as UCITA and went forward alone. The ALI members of the Article 2B drafting committee refused to join the UCITA drafting committee. (2)

Although authors Ring, Kneedler, and Jaspen acknowledged that UCITA is a controversial proposal, they listed only its supporters and not such opponents as the Attorneys-General of 24 states, the Bureaus of Competition, Consumer Protection, and Policy Planning of the United States Federal Trade Commission, the leading software developers' professional societies (such as the Association for Computing Machinery, the Institute of Electrical and Electronics Engineers, and the American Society for Quality, Software Division), software trade groups representing small developers (the Independent Computer Consultants Association, the Free software Foundation), the five main library associations, leading intellectual property experts (including the American Intellectual Property Law Association, Committee of Copyright and Literary Property of the Association of the Bar of the City of New York, and fifty intellectual property law professors), other copyright industry associations (such as the Motion Picture Association of America, the National Association of Broadcasters, and the Newspaper Association of America), and every consumer advocacy group that has looked at the bill. (3)

UCITA will have profound effects on intellectual property rights and the quality and security of computer software.

INTELLECTUAL PROPERTY

Under UCITA, almost all software-related transactions will be licensing transactions. When a consumer buys a copy of Microsoft Word and a copy of a book about the program, the software transaction would be a license while the book transaction is a sale, even if the two items were side by side, the customer bought them both from the same cashier, and the software license was not available to the customer until after she paid for the product and took it away. Under UCITA 102(a)(42) a transaction can be a license even if the licensee is given title to the transferred copy.

This is a shift from long-established treatment of intellectual property in the mass market. To see the history of this issue in copyright law, shepardize Jewelers' Mercantile Agency v. Jewelers' Pub. Co., 155 N.Y. 241 (1898) (rejected the fiction of a lease offered to all comers that restricted transfer of the book and use of information in it); Bobbs-Merrill Co. v. Straus, 210 U.S. 339 (1908) (rejected a restrictive notice on a book that prohibited the buyer from reselling the book for less than a minimum price. Under the first sale doctrine, publisher lost its property interest in an individual copy of a book once it sold that copy. The restrictive notice could not transform a sale into a license); RCA Mfg. Co. v. Whiteman, 114 F.2d 86 (2d Cir. 1940) (Licensing language on record albums could not convert a mass-market sale into a license.) For patent law, look at the doctrine of exhaustion, starting with Motion Picture Patents Co. v. Universal Film Manufacturing Co. 243 U.S. 502 (1917).

According to authors Ring, Kneedler, and Jaspen, "UCITA is intended neither to avoid nor to contradict the large body of existing federal intellectual property law." Others vigorously disagree. For example, the American Intellectual Property Law Association (4) protested to NCCUSL that UCITA "eliminates the 'first sale' doctrine" (which allows the owner of a copy to sell it or give it away). Under UCITA 503(2), "a term prohibiting transfer of a party's interest is enforceable, and a transfer made in violation of that term is a breach of contract and is ineffective." A vendor who puts a no-transfer clause in the license achieves a market-wide restriction -- equivalent to elimination of the first sale doctrine. By allowing vendors to enforce such restrictions in the mass-market, UCITA allows them to evade the federal balancing of private and public rights in intellectual property.(5)

Reverse engineering is another example of the intellectual property reach of UCITA. Reverse engineering is a normal engineering practice.(6) Clauses barring reverse engineering have been enforced in negotiated licenses, but not in mass market cases.(7) Some software publishers want to ban reverse engineering in the mass market. Despite authors Ring, Kneedler, and Jaspen's claim of UCITA's neutrality on this issue, UCITA makes contractual use restrictions (no-reverse-engineering is a use restriction) prima facie enforceable. Individual courts might rule that such a restriction is invalid under federal law or against public policy, but it will take several expensive court cases before software developers will know whether they can still lawfully reverse engineer mass-market software in the face of a shrink-wrapped contract term that claims that they cannot.

The AIPLA letter noted that "The President of . . . [NCCUSL], Gene Lebrun, wrote . . . that it is 'expressly stated in Section 2B-105 [that] Article 2B does not displace or change intellectual property law.' . . . We are extremely concerned that the proposed UCITA draft is not consistent with . . . the assurance of President Lebrun." UCITA Reporter Ray Nimmer complained of "distortions" in the debate on UCITA, identifying as a "misrepresentation" "that UCITA allows licensors to prevent licensees from commenting about the products. This allegation makes nice copy and superficial impact, but is simply untrue. You can scroll through the UCITA draft and will not find any such provision." (8) Opponents quickly point to UCITA section 102(a) (20), which defines "contractual use restriction" as "an enforceable restriction created by contract which concerns the use or disclosure of, or access to licensed information or informational rights, including a limitation on scope or manner of use." Section 307(b) states that "If a license expressly limits use of the information or informational rights, use in any other manner is a breach of contract." Under the statute's own definition, a nondisclosure clause is a contractual use restriction. Under Section 307(b), such a restriction is enforceable.

These provisions may keep vital information from the marketplace. Consider the following restrictions, downloaded (July 20, 1999) from www.mcafee.com, the website for VirusScan, a mass-market software product, on July 20, 1999.

"The customer shall not disclose the results of any benchmark test to any third party without McAfee's prior written approval."

"The customers will not publish reviews of the product without prior consent from McAfee."

Clauses like these are enforceable in traditional, negotiated licenses, and they are used to block magazine reviews.(9) UCITA arguably extends the enforceability of such clauses even in mass market products. Perhaps they will eventually be found to conflict with public policy but until then, the plain language of UCITA will have a chilling effect on criticism of mass-market products.

SOFTWARE SECURITY

UCITA section 816 allows software vendors to place disabling codes in software and to activate them remotely (such as by sending an e-mail) to shut down a customer's use of the product.

Such disabling codes create a hole in the customer's system security. UCITA section 816 remedies for wrongful use of such codes are probably not triggered if the software is shut down accidentally or by a third party (such as a cracker who learns the code or a disgruntled former employee of the vendor).

Self-help was portrayed in the UCITA meetings as something essential to protect the interests of small licensors. However, the only group attending the UCITA meetings that represents only small licensors, the Independent Computer Consultants Association, urged NCCUSL to reject self-help. It recommended that licensors be protected without creating the disabling code security risk to customers by statutory authorization for recovery of attorney fees by licensors who obtain an injunction to terminate misuse of the software. This proposal was repeatedly rejected.

CONSUMER PROTECTION

UCITA is hostile to customers of all sizes. It validates post-payment presentation of material terms and permits licensors to put in a form contract a term that allows them to keep changing terms. Licensors can exclude incidental and consequential damages even when an agreed remedy fails of its essential purpose. The drafters rejected proposals from the software engineering professional societies (ACM, IEEE, and ICCA) to allow customers to recover damages caused by defects that were known to the licensor but not documented or disclosed to the licensee. Instead, the standard form exclusion of incidental damages allows the licensor to charge a support fee (such as $5 per minute on the telephone) when a consumer calls to complain about a defect that was known by the licensor when it licensed the software. Software products are often sold in the mass market with hundreds or thousands of known defects. (10) For additional detailed notes on consumer impact of UCITA, see the articles in the note. (11)

Authors Ring, Kneedler, and Jaspen say that "UCITA alters no state laws relating to the applicability of consumer protection to databases, consumer services or software." In contrast, 24 Attorneys General and the Administrator of the Georgia Fair Business Practices Act said that UCITA's "rules deviate substantially from long established norms of consumer expectations. We are concerned that these deviations will invite overreaching that will ultimately interfere with the full realization of the potential of e-commerce in our states." (12)

The Attorneys General also said that UCITA's "prefatory note and reporter's comments incorrectly present the proposed statute as balanced and as leaving 'in place basic consumer protection laws' and 'adding new consumer and licensee protections that extend current law.' . . . [I]n instances in which provisions are described as new consumer protections, such as the contract formation and modification provisions discussed below, consumers actually have fewer rights than they do under present law. . . . NCCUSL . . . should revise the explanatory materials accompanying the statute to scrupulously identify the instances in which the policy choices embodied in the statute either extend or resolve controversies in current law and to clearly explain whether such extension or resolution favors sellers/licensors or buyers/licensees."

NOTES

(1) Jean Braucher, "Why UCITA, Like UCC Article 2B, is Premature and Unsound", UCC Bulletin, July 1999, www.2BGuide.com/docs/0499jb.html.

(2) (www.2BGuide.com/docs/50799dad.html).

(3) See www.badsoftware.com/oppose.htm and www.2bguide.com.

(4) Letter to NCCUSL, July 16, 1999.

(5) Robert P. Merges, "Intellectual Property and the Costs of Commercial Exchange: A Review Essay," 93 Mich. L. Rev. 1570, 1613, 1995; Mark A. Lemley, "Beyond Preemption: The Law and Policy of Intellectual Property Licensing," 87 Cal. L. Rev. 111,1999, http://papers.ssrn.com/paper.taf?abstract_id=3D98655.

(6) Cem Kaner, Article 2B and Reverse Engineering, UCC Bulletin, November, 1998, 1, www.badsoftware.com/reverse.htm.

(7) Sega Enterprises Ltd. v. Accolade, Inc., 977 F.2d 1510 (9th Cir. 1992); Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th Cir. 1988). "Correcting Some Myths About UCITA", http://www.2bguide.com/docs/rne.html

(8) "The Test That Wasn't" August 1999 PC Magazine 29. According to that article, Oracle "formally declined to let us [PC Magazine] publish any benchmark test results."

(9) Cem Kaner & David Pels, Bad Software: What To Do When Software Fails.

(10) Federal Trade Commission letter www.ftc.gov/be/v990010.htm; Steven Chow (a member of the UCITA drafting committee) "Proposed Uniform Computer Information Transactions Act: Bad For Commerce And Innovation" www.2bguide.com/docs/citopp.html; Cem Kaner, "Comments on Article 2B" (section-by-section analysis) October 1998, www.badsoftware.com/kanerncc.htm; "Bad Software: Who is Liable" (analyzes software economics and UCC 2B) May 1998, www.badsoftware.com/asqcirc.htm; and

(11) "Article 2B - Report from the November 13-15, 1998 Meeting", www.badsoftware.com/uccnov98.htm.

(12) Letter to NCCUSL, www.badsoftware.com/aglet1.htm and www.badsoftware.com/aglet2.htm.

On November 10th 1999, Ramsey Electronics of Victor, New York, was raided by the United States Customs Service for allegedly manufacturing and distributing 'Electronic Surreptitious Intercept Devices' as defined by Title 18 USC, Section 2512. We spoke to both Ramsey Electronics President John Ramsey and Joel Violanti, the federal prosecutor on the case, to find out exactly what happened, and why. (Click below for more.)

The Raid

On the morning of November 10th, radio equipment manufacturer Ramsey Electronics was raided by the United States Customs Service by officers with a search warrant. In addition to building radio testing equipment, Ramsey Electronics is also a well-known vendor of electronic hobby kits used by organizations like the Boy Scouts of America. Like an action movie drug-bust, agents moved in at 10 a.m. to search and seize over $30,000 worth of Ramsey Electronics inventory. Company President John Ramsey offered this play-by-play of that morning's events:

They had already been here almost an hour when I walked in. I [had been] at the bank. When I came back in, I saw my controller, Ed VanVoorhis and his face was white as a ghost. There were these two guys wearing suits standing on each side of him. He told me that these guys were from the government and they were here with a search warrant. Then the agents took over; they pretty much bullied me down the hallway and into my office. I went to go sit at my desk, and they said 'No. you sit over here,' pointing to a couch in my office. The two of them proceeded to rattle off a lot of mumble jumble like Title 18 USC Section 2512 and other numbers, flashing badges and being surrealistically intimidating. I'm looking at my accountant. I have never seem him like this. The [agents] are verbally batting me back and forth, and I'm like, 'Hey, what's going on?' They proceeded to tell me that they were executing a search warrant to find goods that were in violation of section 2512, and they shove this four or five page search warrant in my face.

They said that they were here to find stuff that violated section 2512 and I said, 'Like our wireless FM mic kits?' The one [agent] gave me his card, and I noticed that he was from Buffalo, an hour and a half away. I said, 'you two guys came all the way here from Buffalo?' and he said, 'No. There's seven of us.' Then he said, 'If you don't cooperate with us, we'll shut you down. We'll lock the doors, send all the employees home, we'll go through all of your inventory, records, customer lists and computers. We'll go through your computers bit-by-bit. We have experts that do that, and we don't care if it takes months.' I was escorted out to the production and shipping areas, which they had pretty much commandeered. All the doors had 8 1/2 x 11 pieces of paper taped on them with a large handwritten letter on them - like A, B and C. There was a fellow wearing a photographers vest snapping pictures everywhere; we later counted 5 empty film cans in the trash!

About five hours after they arrived, they staged all of the official US government boxes near the back loading dock. They took a huge van and backed it up to my loading dock, and proceeded to load it with my goods. I walked over to the boxes to verify what they were taking; obviously, they would want me to confirm their counts and amounts. I was stunned! They wouldn't let me see what was in the boxes! I have no idea what they took. I went over to look in them, and they told me to get away. They told me they'd give me an inventory sheet. I said, 'That's my stuff and I should be able to check it.' Special Agent Craig Healy turned to me and said 'You can trust us.'"

After they had finished loading the van, they presented me with the inventory sheet, a simple handwritten sheet with no names, titles or signatures. There's nothing indicating who it was from on it. I looked at one of the sheets quickly and noticed the very first part number wasn't one of ours and the second item number listed was for a kit that had no function or bearing on their search warrant. They agreed to fish those two items out of the van and sure enough, neither item was correct. One of them said words to the effect of, 'gee, we must have picked up the wrong box from your shelf.' They corrected their mistakes, asked for a recommendation for a good local restaurant and were on their way...

After they left, employees told me that they surrounded the building, watching all the entrances while they entered along with a New York state trooper for back-up. This show of force, while maybe necessary for raiding an underground drug lab, was hardly necessary. Our building is located in a typical suburban office park and our showroom is open to all.

What's incredible is that two of the agents were here a week earlier, pretending to be customers! This 'recon' obviously would have shown them that no force would be needed, let alone seven agents on a three hour travel time round trip. What's especially aggravating was that during the earlier visit they tried to lead one of my technical people into saying something they wanted to hear. Questions were posed like 'if we placed one of these little kits across the street in that building - for instance - could we hear it over here?' Our technician assured them that although the units work great for model rockets, toy cars and such, they really weren't suited for transmitting out of a building. Steel construction, reinforcing rod and the like limits range. They then asked if they could boost the power to do the job. Our fellow once again reiterated that the kits were hobby stuff and that what they wanted couldn't be found here. After the raid, my technician told me that they were here last week, playing 'customer' and how they had left unsatisfied.

So, where do we sit now? I have a Federal Small Business Innovation Grant underway that uses our little FM-5 wireless mike to transmit muscle sensor data to a nearby computer system. The doctors who are partners in the grant specified the FM-5 due to its small size; present technology uses a six pound transmitter that straps to the back of a child. Tough to do on a forty pound kid. The research is on walking disorders on crippled kids. Now what? Shall we violate their interpretation of the law and work with the doctors and the SBIR people? How about all the schools, scout troops and hobbyists who use our kits? We're not talking big money here. The kits amount to a small portion of our business, but what will these folks do now?

I have personally received mail from many who say that they are now graduate engineers as a direct result of one of our little kits sparking their interest in electronics. I guess the mobsters, terrorists and kidnappers don't feel the need to write, huh?

The Aftermath - and the Feds

The raid on Ramsey Electronics has caused quite a stir online, in Ramsey's own discussion forum as well as the submission queue here at Slashdot. People have gotten into intense discussions about freedom of information, freedom of speech, and the importance of using modern electronics in the field of education. At first glance, the raid may look like a cavalcade of constitutional rights issues, but Joel Violanti, the attorney prosecuting this case for the United States Customs Service, disagrees. Here's his take on the Ramsey raid:

Slashdot:
What happened, Joel?

Violanti:
On November 10th, there were approximately 13 search warrants issued in New York City and Rochester, New York and Austin, Texas against companies believed to be in the business of selling electronic surreptitious intercept devices, in violation of federal law. Ramsey Electronics was one of those companies.

Slashdot:
Apparently, Ramsey's been selling this equipment for a very long time. Why did the raid occur last year?

Violanti:
If something's illegal, it's illegal.

Slashdot:
Is there any reason that Ramsey Electronics wasn't raided earlier?

Violanti:
Sometimes you can only act upon things when you're informed of them. There's a task force in New York City that's been investigating this for a few years now. They've been shutting down companies or preventing companies from selling these things, and they've been taking several criminal pleas because of this. These people have been pleading guilty in Federal court. San Francisco now has a task force. Other cities are joining in, trying to stop the manufacture and distribution of this equipment.

Slashdot:
Where does it stop? It seems like I could build something like this on my own, and then be just as guilty.

Violanti:
The statute prohibits people from manufacturing and distributing these devices, knowing they've been shipped through the mail.

Slashdot:
Where does the government draw the line at surreptitious use, as opposed to educational use?

Violanti:
I don't know how to answer that. Use is use. If you place a device in a clock, and you put that clock on the wall, and you monitor someone's conversation that you're not a part of, I think that surreptitious use speaks for itself. Clock, smoke detector, or picture frame, you're taking that device out of its primary use in order to secretly intercept someone else's conversation. We're not necessarily looking for kits or components. We're looking for items like clocks, smoke detectors and picture frames.

Mr. Violanti made it clear that the US Customs Service was not in any way attempting to 'crack down' on the hobbyist or educational use of electronic devices. The emphasis remains on specific items that fall under the category of surreptitious use. The specific items the feds were apparently looking for in the Ramsey raid were things like microphones and video cameras mounted inside smoke detectors or alarm clocks, effectively masquerading as something they weren't.

Despite Mr. Violanti's reasuurances, the Ramsey Electronics raid still leaves questions for innocent geeks who like to tinker with assorted electronic parts. What if, for instance, you build an alarm clock that will sense motion when it goes off, and will keep going off if it doesn't sense you getting out of bed and stops when you do? What if you rig your smoke detector with a video or audio system so that rescue workers can make sure your family gets out of your house safely in the event of a fire?

There are many uses for 'surveillance technology' other than listening in on boring conversations.

But even if you made these devices with the most innocent purposes in mind, and sold them through the U.S. Mail to people as innocent as yourself, it looks like the Federal Government would feel justified in taking them away from you just in case one of your customers decided to use one of your gadgets to break the law in some way.

It's a scary thought, isn't it?

singularity writes "According to Nugget's plan at Distributed.net, some users have lost their team affiliation. I checked mine, and sure enough I needed to join team Slashdot again. As always, you can join Slashdot.org's team after you have contributed your first blocks and have your password. "

The AP wire reports that the Washington State Supreme Court has decided that police may record transcripts of online chat without court permission. The Fourth Amendment requires G-men to have such permission to tap phone calls, but apparently we shouldn't have the same expectation of privacy in a chat room.

mark juncosa asks: "It is a mystery to me how Nintendo's Duck Hunt gun works. I have thought about it for a long time and have not been able to come up with any kind of good solution." Come to think of it, I wouldn't mind knowing this one myself. On a guess, I'd say that the system is entirely active and all the work being done by the gun and the TV remaining the display device that it always has been. Am I close? Or completely off base?

"The FCC order will require telecommunications companies to provide six of nine new surveillance capabilities that have been on the 'wish list' of the Justice Department and the Federal Bureau of Investigation," according to a story in this morning's Washington Post. Telcos have until next June 30 to implement the new E-Z-Wiretap(tm) rules, which do not yet cover data packets (and therefore Internet telephony) but the FCC is now working on how to tap into them, too. This is the long-dreaded implementation of the 1994 Communications Assistance for Law Enforcement Act. Read it and weep, m'friends.

st. augustine writes "Worried that the NSA already knows how to crack PGP? Someone calling themselves Hardened Criminal Software has a one-time pad package called HardEncrypt that could be the answer to your paranoia. The sci.crypt Snake Oil FAQ teaches us to beware of one-time pad claims, but it looks like Hardened Criminal has done their homework. No bogus bit-stream algorithms or pseudo-random number generators. And it's open-source, so everyone can bang on it and fix any problems. I'd try it myself, but I'm outside the US, and the Bernstein decision doesn't apply in New York. :-)"

John writes "CNN is reporting on study by a software trade group which seems to claim that schools aren't spending enough on software. This begs a few questions. One of them is, what sorts of software is useful for schools? (Other than Oregon Trail, of course!) " *sigh* How do you explain that money doesn't enumerate all value?

Vadim Grinshpun writes "Loki Entertainment has posted screenshots of the Linux version of Civilization:Call To Power. Looks like beta testers have also been selected--half-randomly, half based on experience and hardware. " The website doesn't seem to be responding atm, but Hemos is on the list. He is happy.

Dan Wineman writes "Here are instructions for enabling your Pilot to sense gravity and acceleration. You need a steady hand with a soldering iron, and it definitely voids anything resembling a warranty, but imagine the possibilities! There's already an Oxyd clone (like 2-D Marble Madness) that supports it, and I suppose a pedometer application might be doable. Remember, never ask a geek "why"; just nod your head and back away slowly... "

Amoeba Protozoa has the first Quickie for the day: The Linux Image Montage Project needs logos to create a montage poster. If you have a Linux related logo, send it to them. mazeone sent us a link to the always excellent NTK which has a great note about Bruce Perens at the start, (And yes, I read NTK too ;) And now a whole bunch of fun little links that have been building up: PopeClayton sent us a link to a Homer Simpson Fortune File. cpfeifer sent us a link to another O'Reily Book Parody. Zibalatz sent us a link to a MacBeth Star Wars Parody. rpm sent us a link to the Magic Nipple. It predicts the future. Sorta. Now we have a few more Porn Parody sites: desertAngel sent us Amish Porn and Gambit32 sent us telephone sex. Both are hilarious. The Only Anonymous Coward sent us a link to an emergency Security Alert: apparently a dangerous bug was found in GNU acronym. An anonymous reader sent us an important page: a Guide to Babes for Geeks. Follow these to the letter. Oh wait, most of us probably already do. That might explain my social life anyway.

shanelenagh wrote in with good news at Yahoo: Sun will be supporting Linux on their machines soon. I hope this means more Linux ports! On a similar note, the JDK 1.2 was recently released. Update: Chris Gori sent us a link to the actual article. Seems as thugh it won't be too end-usery. A funny quote at the end, as well.

Alexey Nogin writes "Many people fear that AOL would kill Mozilla. To give them some hope, I wanted to mention that AOL has its own Open Source project - TIK - AOL Instant Messenger Tcl/Tk client. "

Andrew Nicholas Leonard writes "Jamie Zawinski has an article over at Mozilla.org discussing the Netscape/AOL merger. Worth a read. " The gist of it is that Mozilla will continue as normal because Netscape != Mozilla.org.

Dan Wineman (not to mention about 20 other people!) writes "According to the latest Be Developer Letter, BeOS Release 4 for Intel will switch from the PE binary format and Metrowerks tools to ELF and egcs, unfortunately breaking binary compatibility. No continued support for the old format is planned, but at least we get a symbolic debugger... " Looks like they are going with the GNU libraries, as well. I, for one, am certainly glad to hear it. Sounds like an example of a corporate adoption of free software gone well, since it should make for faster, more efficent programs, while reducing Be's business costs.

Alfred Landrum sent us this news.com story where you can read about the latest developments in Divx (the incompatible version of DVD that will splinter the market, confuse the customers, make sure that neither format ever becomes cost effective, cause sterility, global warming, deforestation, and increase the number of unwed mothers). Basically, the format isn't dead yet.

Alfred Landrum sent us this article and says "Around 50 NSA hackers gained crazy access to DOD computers across the country, as part of a security test.

Andrew Chai writes "Starcraft is a new game by Blizzard that is extremely popular. But if you try to play on Blizzard's battle.net server with an invalid CD-Key Starcraft will send your real email address and name without ever asking you or giving you any indication this is happening. It does this by pulling your info from other programs registry entries. Read this URL. Found this news on www.warezregulator.com "

Yaron Minsky wrote in to remind us about The Seti Project and to give everyone this link where you can read about the Distributed SETI project. I haven't mentioned this in several months, so the executive summary is that a distributed network of computers run screen savers that process noise sampled from space, and search for signs of extraterrestrials(sp?) Its like Distributed.net for Carl Sagen fans.

Paul A. Houle wrote to tell everyone to go to The java lobby and join the discussions related to Sun officially supporting the Linux JDK port. It seems like that should happen soon considering at the rate Linux is going, it will outnumber Solaris soon.