Slashdot Mirror
Richard Stallman on UCITA
Andy Tai writes "In this LinuxToday article, Richard Stallman writes about why the Free Software community must resist UCITA. Worth a read." UCITA, you'll remember, is the legislation being pushed in state governments which would make "click-wrap" license agreements enforceable, allow software manufacturers to ban reverse engineering and criticism of their software, etc.
NOTE: This doesn't mean we shouldn't fight it, if no one fights it then it MAY go through.
I don't know about you, but sometimes it's good to let laws like this go through so that they can be shot down by the courts. Don't get me wrong, I'm not in favor of excessive litigation, but some things definitely need to be tried in court. The deCSS thing is one of those things. This may well be another. Personally, I'm glad that the CDA was actually passed and then erased by the courts. What's the old saying, something like, "The undefined is the most dangerous?" If companies aren't explicitly told that they can't do this, they may very well do it.
IANAL, so they may already be told they can't do this. But if there's currently no legal basis one way or the other, I'd take a court decision over a law any day. Court precedents do a lot more to help you in present day America, with its highly litigious environment, than actual laws do.
UCITA is dead in the water, and here's why:
You're a manager at a large corporation. You employ thousands of people, some very experienced, others that you're just beginning to train.
Let me tell you what you can't afford. You can't afford the liability of any of your thousands of employees having the ability to commit the company as a whole to damn near anything. It's one thing to be liable if an employee pirates something. It's something completely different if you have to have your very expensive lawyers evaluate every single software EULA that any piss-ant department might be exposing your company to.
A mandate to only use standard EULAs is the end result from corporations, and suddenly most software companies have no chance of defeating Microsoft(whose EULA has to be accepted) or Open Source Software(whose licenses are standardized and non-threatening by default.)
Lets not forget that benchmarking restrictions apply just as strongly within a company--oops, now your managers aren't allowed to ask your engineers which database server would best fit your business's needs. More importantly, lets not forget that using a given piece of code could suddenly obligate your entire company to a full disclosure on how that code is being used--running a database on MSSQL? Oops, maybe in the next revision they'll say they have a right to retrieve "performance metrics" and "critical statistics" automatically...oh, don't try to firewall them, they'll remotely disable your server anyway...
And it'll all be legal. Violations of personal privacy pale in all sorts of aspects to the vitriolic reaction against violations of corporate privacy.
Now, nobody's stupid. This isn't going to happen, folks. UCITA's going nowhere, because it's just too much risk to too many people with far too much money.
The only reason this is even a topic of discussion is because more lawyers see a fountain of money flowing from the lawsuits than they see a fiduciary duty to their retained corporate clients to disclose the tremendous amount of legal risk such an ill-advised bill would create.
Never in the history of law has an unlimited amount of liability been enforceable in a unidirectional contract negotation! The fact that such a bill got thoroughly rejected in the United States Congress should say more than a little about the advisability of such a dangerous standard of liability.
Yours Truly,
Dan Kaminsky
DoxPara Research
http://www.doxpara.com
There is something that bears mentioning:
Overall, corporate interests should be antithetical to UCITA.
Imagine how lovely it would be for an insurance company to live with the fear that their entire WAN can be knocked out of operation by an irate software company. No more billing until they pay up whatever is disputed. And how just swell they must feel knowing that UCITA's proposed disabling codes could be hijacked by a disgruntled employee of some software company. Gee, won't they love to see that happen to their actuarial software.
Pretty much any financial firm, be it a thrift of some kind or a brokerage, or anything, should find UCITA to be nauseating. For a bank the thought that their software writers could be protected from a liability even if they know that there are backdoors in the ATM protocols or what-have-ye.
Then there are the airlines, also, very much a WAN-dependant industry with little in the way of a fallback if they lose their software.
Why am I saying this?
Because a well directed effort could get insurance-industry-dominate Connecticut and the state of New York not just to ditch UCITA, but to pass a "you gotta be kidding" type resolution.
Although UCITA passing would not mean that a company would have the audacity to try to use a UCITA-endorsed contract in dealing with a large software customer like a bank, it is still in the interests of many corporations in the US to lobby to give UCITA a well-deserved smackdown.
Richard, Eric, Bruce, and everybody else on the soap box - step down for a moment and look around. Our message is going nowhere. People see the software, they use the software.. but they aren't terribly interested in whether they have to pay for it or not. "Does it work? Great, I'll take one."
We've been patting ourselves on the back long enough now. The honeymoon is over - let's knuckle down and start talking to the press. We need to boil these issues down to 1 page press releases, fliers, websites - and we need to make this accessible to the average consumer. We need to get them up in arms. I don't care how - make it a controversy. Invite RMS, ESR and the board of MPAA directors to a Jerry Springer show and let them throw chairs at each other - BUT MAKE IT HAPPEN. Turn this thing on it's head - it sounds like just another holy war now to the media - what's the interest? Put a spin on it - make it controversial. GET US A SPOT ON 60 MINUTES!
Stallman has talked about this before. It's a serious issue that must be fought, tooth and nail, with lobbying and with civil disobedience, if necessary.
Many people are going to say that RMS is a crackpot or a communist. If he were a crackpot, he would talk for hours about this stuff, but never produce anything. Instead, he's slaved over keyboards for years, destroying his wrists to build free software for all of us to share.
Some people here have never actually read anything by RMS, and they don't understand why he, and many others, think that proprietary software is bad. I recommend http://www.gnu.org/philosophy/philosophy.html as a starting place.
Become a FSF associate member before the low #s are used
The e-mail I'm going to write to my state senater:
"By reading this e-mail, you agree to vote against any and all bills endowing "click-wrap" license agreements enforcable"
The cake is a pie
I found out that ProFTP has been sending nastygrams to ISPs under the DMCA holding their users accountable for not registering their software. (I always get these mixed up, could be FTPPro... find out for yourself. It was on Bugtraq a while ago.)
The UCITA will take this despicable process to the next level. Make no mistake - we are at war with these people. UCITA must not be allowed to pass for the same reason that the offending parts of the DMCA need to be overturned. They're going too far.
If you can't figure out how to mail me, don't.
For linux tips: http://www.linuxtipsblog.com