UCITA Stalled At State Level

OscarGunther writes "Four states have passed anti-UCITA laws and Massachusetts may soon become the fifth. Meanwhile, only two states have adopted the Uniform Computer Information Transactions Act, which gives software vendors all the benefits and none of the burdens of the consequences of publishing their software. The details can be found at ComputerWorld and an opinion piece by Frank Hayes can be found here."

what states have passed anti- UCITA acts?

[the_2nd_coming]

I hope a lot more pass those kind of laws...I mean if more than 2/3 of the states pass such laws there will be a bassis to build a constitutional amendment movement :-)

Re:what states have passed anti- UCITA acts?

[larry+bagina]

you do realize that congress must ratify an amendment before the states have an opportunity to vote on it, don't you?

Re:what states have passed anti- UCITA acts?

[the_2nd_coming]

yes......that is why I said

"will be a bassis to build a constitutional amendment MOVEMENT"

Re:what states have passed anti- UCITA acts?

[Planesdragon]

Nope.

The Congress, whenever two thirds of both Houses shall deem it necessary, shall propose Amendments to this Constitution, or, on the Application of the Legislatures of two thirds of the several States, shall call a Convention for proposing Amendments, which, in either Case, shall be valid to all Intents and Purposes, as Part of this Constitution, when ratified by the Legislatures of three fourths of the several States, or by Conventions in three fourths thereof, as the one or the other Mode of Ratification may be proposed by the Congress; Provided that no Amendment which may be made prior to the Year One thousand eight hundred and eight shall in any Manner affect the first and fourth Clauses in the Ninth Section of the first Article; and that no State, without its Consent, shall be deprived of its equal Suffrage in the Senate.

If enough of the states vote for a law (such as "no UCITA" or "Alcohol is legal") and want it to be The Law of the Land, Congress can be essentially left out of the picture.

Re:what states have passed anti- UCITA acts?

[jeffy124]

what states have? you ask? RTFA and find out for yourself.

Re:what states have passed anti- UCITA acts?

[agurkan]

why not try to be polite? is it to hard to quote?

The measures adopted by the four anti-UCITA states -- Iowa, North Carolina, West Virginia and, just last month, Vermont-- are called "bomb-shelter" legislation, intended to prevent a vendor from applying, for instance, Maryland's UCITA law provisions on residents in a bomb-shelter state.

Re:what states have passed anti- UCITA acts?

[nursedave]

stupidity is not a religion...

Then why do so damned many people worship at its alter? :)

Re:what states have passed anti- UCITA acts?

[mark2003]

Let me see if I understand this correctly - the UCITA act protects companies against liability, including, I'm sure, illegal acts arrising from use of their products?

Now if only that kid who was taken to the cleaners by the RIAA had protected himself under this act he would have been fine...

Oh, hang on, he's not a large corporation with the backing of politicians, he would still have been f*cked.

Re:what states have passed anti- UCITA acts?

You said "if more than 2/3 of the states pass such laws, there will be a basis to build a constitutional amendment movement."

Technically, we already have the precident that if more than 2/3 of the states pass similar-sounding but not identical versions of an amendment, they *call* it a constitutional amendment, and claim it passed.

But I think that only works if you're a cartel of banks. I'm not really sure.

Re:what states have passed anti- UCITA acts?

[EricWright]

Is it too hard to actually read the articles before posting in the forums? I guess if your sole aim in life is Fr1st p0st (or even first semi-on-topic post), maybe...

who cares?

[adamruck]

From the link...

Under UCITA, software vendors could booby-trap software so they could remotely disable it if a customer was suspected of violating the software license.

Hmm.. I might be worried about this .... if I used windows....

Re:who cares?

[the-build-chicken]

I worked for a company where a software company (I won't name, but lets just say it bundles installer software that can apparently be used to install your product anywhere ;) ) did this to us. They disabled our liscence...saying we only had a one machine liscence to use the product, and the install builder software had called back to the company supplying two different IP addresses...and thus, had been registered on two different computers.

I found this kind of suspect, because I knew for _sure_ it was only on our build system and that the originals were under lock and key and couldn't have been taken home...so I asked our build engineer to ring them back and ask what the two IP addresses were, so that we could isolate where it had been installed. The first address we were given was the address of the build machine...the second address...you guessed it...127.0.0.1.

We then had to explain to the guy that was handling our compaint why this didn't constitute a licence breach. Now, the serious side...you really want to give someone like this the power to pull the plug on your development system and kill your builds for however many days it takes to get through to someone with a brain? (by the way...the build box was linux...so you're not safe just by staying off windoze)

Re:who cares?

[LostCluster]

This kind of stupidity is usually the kind of dumbness that lawyers love. Anybody who knows what they're doing in the computer industry knows that 127.0.0.1 is the IP address of "localhost" and isn't a real address of another installation, but apparently this company didn't. In a fair world, that company would owe actual damages for lost productivity due to this mistake, and maybe even punitive damages because what they did was just that stupid.

But, in the tech industry we're establishing the tradition that software is always going to be buggy, and software providers are just always going to be making mistakes and we're just going to have to tolerate them when they happen if we want to have software. Microsoft seems to rely on all of the "you promise not to sue us..." clauses in their EULA on a daily basis, even though their standard EULA hasn't really been tested with the kind of lawsuits that show whether all of their anti-liablity clauses are in fact valid. This is why software publishers want UCITA passed, so that they're sure their anti-liabity clauses are in fact going to hold up.

Their worse nightmare is a law that's the exact inverse of UCITA, one that would give customers the right to hold their software vendors liable whenever they screw up... but wouldn't that be the kind of thing that'd force software vendors to test before they ship?

Re:who cares?

[SN74S181]

but wouldn't that be the kind of thing that'd force software vendors to test before they ship?

That would be the kind of thing that would force Linus to stop putting out new versions of the Linux source. And any other Free Software without a big corporate sponsor as well. The NO WARRANTY clause in GPL'd software would be null and void, and all software would have to be passed down from Cathederal-type development teams, through extensive testing, before it could be distributed.

Re:who cares?

[commodoresloat]

Yes, but UCITA basically turns those license agreements into law. At least without UCITA you have the option of contesting unreasonable license terms.

Re:who cares?

[JaredOfEuropa]

"They disabled our liscence...saying we only had a one machine liscence to use the product, and the install builder software had called back to the company supplying two different IP addresses...and thus, had been registered on two different computers."

A similar case has been brought before court. The software had reported to its publisher about (apparent) illegal copies being used, without the knowledge or consent of the client company. The court ruled that obtaining such information without permission constitutes a breach of privacy, and 'electronic trespassing', a criminal offense.

I've had my share of license issues, where a license server would get confused and release (for example) the C compiler for use, and we had to call the software company to get things fixed. License servers are a pain in the neck, and they are just one more reason to use Free, Open Source tools. I am not an idealist in favour of Free software, but rather a practical guy who will dump a product if it refuses to work too often

Re:who cares?

[cshark]

Well, many of the provisions of this law are already in practice in various forms. The most important parts of it have already been passed in other forms.

Windows Update has already started hijacking suspected pirated copies of office, and Adobe rutinely kills suspected illegal acrobat instalations. Personally, I think that software companies should be held responsible for damages such action causes, regardless as to the legality of the software running. And users need to stand up at let it be known that they won't take this sort of crap anymore.

Re:who cares?

[pmz]

A similar case has been brought before court. The software had reported to its publisher about (apparent) illegal copies being used, without the knowledge or consent of the client company. The court ruled that obtaining such information without permission constitutes a breach of privacy, and 'electronic trespassing', a criminal offense.

If only someone were brave enough to challenge the enforcability of EULAs. Then, those phone-home transmissions from Microsoft's software, such as Windows XP and Media Player, could be analyzed in court and, possibly, shown for the violation of consumer trust that they are. But, that would require courage...and money...lots of money...

I've had my share of license issues, where a license server would get confused and release (for example) the C compiler for use, ...

When license servers work, they work well, but I've seen lots of productivity lost due to license servers that crash or lose track of check-outs. It would probably be enough lost productivity to form a case against the license-server company.

Re:who cares?

[the_ghost226]

I can disable the SW if I Suspect? Hmmm, I think I shall become a vendor and suspect only people I don't like...

Re:who cares?

[cellocgw]

I can disable the SW if I Suspect? Hmmm, I think I shall become a vendor and suspect only people I don't like...
The Florida Republican party owns the copyright to this scam. Worked like a charm to keep minorities off the voter roles.

Re:who cares?

[the_ghost226]

So maybe they can sue M$ for copyright infringement; they deserve each other...

Re:who cares?

[milo_Gwalthny]

in the tech industry we're establishing the tradition that software is always going to be buggy...Microsoft seems to rely on all of the "you promise not to sue us..." clauses in their EULA

You know, I always wondered about this. I thought you could really only sue for negligence etc. if something happened that a reasonable person wouldn't expect. Since a reasonable person would expect Microsoft software to fold spindle and mutilate, how could you possibly sue them when it happens?

Hey, maybe that is their anti-liability strategy right there. And a darn effective one too...

UCITA... wha..?

[zoloto]

for some reason i pictured the village people doing their song. *shudder*

From the site:

According to opponents, UCITA sets default contract terms that favor software vendors and free them of liability for any software problems. Supporters say companies are free to negotiate terms and conditions, and they have attempted, unsuccessfully, to ameliorate concerns by removing some controversial provisions, such as "self-help," which would have allowed a vendor to disable a system during a dispute

looks like this was drafted by Microshaft, BSA, **AA's and our beloved government... oh wait.

You can also read from the following site:
EFF PAPER

You see, UCITA says that by default a software developer or distributor is completely liable for flaws in a program; but it also allows a shrink-wrap license to override the default. Sophisticated software companies that make proprietary software will use shrink-wrap licenses to avoid liability entirely. But amateurs, and self-employed contractors who develop software for others, will be often be shafted because they didn't know about this problem. And we free software developers won't have any reliable way to avoid the problem

Solution, lets remove shrink wrapped licencing period. That's like buying a car- THEN signing th e contract.

HEre's another one:

UCITA has another indirect consequence that would hamstring free software development in the long term--it gives proprietary software developers the power to prohibit reverse engineering. This would make it easy for them to establish secret file formats and protocols, which there would be no lawful way for us to figure out.

This is familliar. Doesn't it sound like an extention to the DMCA? Hmmm...

Re:UCITA... wha..?

[LostCluster]

The only simularity between UCITA and DMCA is that they both are industry-favoring-lobbist-written laws. DMCA is all about "thou shalt not copy!"... UCITA can basically be described as "Thou shall not sue the software vendor if anything goes wrong!"

Re:UCITA... wha..?

Solution, lets remove shrink wrapped licencing period. That's like buying a car- THEN signing th e contract.

Agreed. I wish articles critical of UCITA would stress this point more. Once you accept that software companies have a right to unilaterally change the terms of a sale that has already occurred, the battle is lost. We don't need new laws defining what EULA terms are and aren't acceptable. We need to apply basic contract law to EULAs and get them ruled 100% unenforceable. This is a complete no-brainer to me (no consideration=no contract, end of story), but I see people here even trying to argue on the software vendors' terms, which is hopeless.

Re:UCITA... wha..?

[shaitand]

Pretty sure he specifically meant the part of the DMCA that doesn't let us prove their security is no security at all and prevents us from reverse engineering copy protection systems. This extends that to we can't reverse engineer their shit entirely... who cares about the rest of it, that's the way is in reality now already.

Re:UCITA... wha..?

[Malcontent]

This is facinating. It's like that stupid "in soviet russia" jokes.

In the near future OSS software writers will be held liable and commercial software won't. Kinda flips that "there is no one to sue" argument doesn't it.

Re:UCITA... wha..?

[WNight]

Exactly. Shrink-wrap licenses violate standard contract law in many ways.

Not only is there no consideration (once they sell you the software they don't have anything to offer you, post sale, for agreeing to the contract) but the post-agreement changes to a contract have never been valid. Then there's the strong argument that shrinkwrap licenses may actually be criminal, as they attempt to prevent use of the legally purchased software until you agree to an extorive "contract".

They aren't worth the ink they're printed on. But, unfortunately, big businesses don't need a leg to stand on, they can tie you up in court for an eternity and are (for the same financial reasons) immune to charges of barratry.

Re:UCITA... wha..?

[schon]

"By continuing to reading my post, you agree with everything I'm saying."

Every software box I've seen includes a warning that the software is licensed and you must agree to it.

I realize you're a troll, but so what?

It's part of the original sales contract.

No, it's not.

Can you read the "contract" before you purchase it? Does the sales clerk make you aware of it?

No and no.

So how can you possibly agree to something you haven't read, and in fact can't read?

Now an example: the author of the parent post is a moron, and he must now prefix every conversaion he has with anyone he meets that he is a moron.

And since he's reading this, he agreed with my statement at the beginning of my post, I guess he is now doomed to tell people that he's a moron.

Re:UCITA... wha..?

[jcohen]

Shrink-wrap licenses could be found to be "contracts of adhesion" -- contracts whose terms cannot readily be negotiated by the person accepting them. Contracts of adhesion are legal -- you enter into one every time that you park your car and get a claim check -- but they can be found to be inequitable.

Lemons and Limes

[gmby]

We need lemon laws for software not limes for consumers!
Free the Code not the IP.
Feed the developer not the CEO.
Empower the consumers!
FreedomWare!

(sorry, getting carried away...)

Re:Lemons and Limes

FreedomWare!

More like: "Freedom? Where?"

address irresponsibility

[BWJones]

only two states have adopted the Uniform Computer Information Transactions Act, which gives software vendors all the benefits and none of the burdens of the consequences of publishing their software.

I've not followed this issue so I don't know which two states have adopted this, but I can guess one of them might be Washington state.

At any rate, one should hope that when one produces a product, they should have a sense of craftsmanship and ownership of that product and stand behind it. Now, I am not one who supports the litigiousness of our country right now, but if a software company writing software that controls the infusion rate of an insulin pump screws up and kills people, they should be held responsible. That is one of the checks against creating crappy or dangerous products. For instance, all of the recalls I had to endure for my Dodge pickup (ultimately the reason I bought a Toyota), were designed to protect the consumer against a faulty product. With all of the concepts of pervasive computing controlling aspects of our lives, we are going to have to hold software companies responsible for products they create that are going to be used in sensitive or critical applications.

Re:address irresponsibility

[Beryllium+Sphere(tm)]

>I've not followed this issue so I don't know which two states have adopted this, but I can guess one of them might be Washington state.

While that is indeed a logical guess, the article names the two as Virginia and Maryland.

Re:address irresponsibility

[miratrix]

That's the exact reason why there's a movement to create Software Engineering as a real Professional Engineering discipline. I for one would be glad to know that software systems that I depend my life on have a certified engineer behind it who has assumed technical and ethical responsibilities for it.

Re:address irresponsibility

[MsWillow]

No, thankfully, *not* Washington State. Try North Carolina and West Virginia, at least according to the American Library Association's web site

Re:address irresponsibility

[MourningBlade]

Would you skydive with a parachute pre-packed and sold to you by some anonymous guy in a back alley?

For the same reasons no one should use an insulin pump that isn't guaranteed by a company.

If no guarantee is required to sell insulin pumps and a fellow chooses an insulin pump that is not guaranteed and it fails, he has only himself to blame (financial matters aside).

The issue is that guaranteeing something is an expensive process, just like getting an SLA for service quality you already have is most likely going to cost quite a bit. The UCITA would have you believe that a guarantee is free: it comes with every piece of software. This is not --- and should not be --- the case: I can't afford to guarantee my work, but I do promise to label my releases by how confident I am in them.

Unless, of course, you were to pay me. A lot of money. Then I could hire someone to do an outside code audit as well as do my own internal beefing up of a version I am confident in. And I could build a testing environment for it. And prove the algorithms correct. And get a custom machine built for it. That's what it takes to "guarantee" software.

Re:address irresponsibility

[LostCluster]

You may relax, the two states who have passed this law aren Maryland and Virginia. However, the problem is that the UCITA would allow a certain Washington State corperation to put a choice-of-law clause into its EULA saying that any lawsuit based contract is to be judged by Maryland or Virginia law using a court in one of those two states, which effectively would give those state laws "longarm" power into other states. "Bomb shelter" laws need to be passed in non-UCITA states in order to prevent this practice.

Re:address irresponsibility

[WNight]

The courts are all about interpretting the word "reasonable". Nobody says a small, cheap, software product has to be flawless. It just can't contain any unreasonable flaws that due care and attention would have caught.

As in, if the customer types in a bizarre string into the zipcode box and it crashes, this is probably reasonable for cheap software. If you sell it and it turns out that it can't save documents...

If you buy a car there's an implicit guarantee that it will function as a car. No guarantee about how reliable it'll be (past a certain point) or if it'll perform as the looks would suggest, but it had better get your from point A to B. If it doesn't, you can sue the company to refund your money, plus pay for the time you wasted trying to get the lemon to work.

Why should software be any different? If you sell a product that doesn't even function as promised on the back of the jewel case, why isn't that fraud? Just because it's a CD and not a device isn't a compelling argument in my opinion.

Re:address irresponsibility

[jgerman]

No YOU may relax. I live in MD ;)

State by State breakdown

[Sparr0]

Taken from the American Library Association

UCITA has become law

• Maryland
• Virginia

"Bomb-shelter" has become law
What is UCITA "bomb-shelter" legislation? UCITA "bomb-shelter" legislation is defensive legislation needed to protect a state's residents from being subject to unfair and overreaching provisions in UCITA even if the act has never passed in their state. As of 2002, West Virginia, Iowa and North Carolina have passed this kind of legislation. "Bomb-shelter" legislation narrowly protect software licensees from choice of law provisions that make UCITA the governing law of the contract or from choice of forum provisions that might select another state unrelated to either the vendor or the licensee as the forum for settling a legal dispute over the contract. One proposed version (New York) stipulates that only the laws of the licensee's state (i.e. the state with the "bomb-shelter" law) will apply in determining whether the license's terms are enforceable.
See AFFECT's "bomb-shelter" section:

• North Carolina
• West Virginia

States to WATCH
This state is one to watch closely because some UCITA activity has been reported. This could mean that important pre-legislative activity has begun.
Things you can do:
Contact your state library association to find out how you can help them. Educate yourself about UCITA's effect on libraries by visiting the Impact section.

• Arizona
• Delaware
• Pennsylvania
• Texas
• Utah
• Wisconsin

No legislative activity reported
Things you can do:
Contact your state library association to find out how you can help.
Educate yourself about UCITA's effect on libraries.
Review the ALA Washington Office Online UCITA Tutorial.
Keep your eyes open for workshops in your area at ALA mid-winter and annual conferences.
Request a workshop if you don't see one listed in upcoming conferences.

• New York
• North Dakota
• Ohio
• Oregon
• Rhode Island
• South Carolina
• South Dakota
• Tennessee
• Washington
• Wyoming

Re:State by State breakdown

[FuzzyBad-Mofo]

What about Illinois? Anyone?

Re:State by State breakdown

[rot26]

What about Illinois? Anyone?

Anyone? Class? Does anyone know about Illinois? Class? Anyone?

Re:State by State breakdown

[LostCluster]

The goal of the UCITA proponents was to make UCITA part of the Universal Commercial Code... The UCC laws are the basic laws of business that are state laws that are exactly the same in all 50 states, so that a somebody writing a typical business contract written in Texas is certain that it holds water in Maine.

Well, that hasn't gone over well... some states have made it clear that they're never going adopt this law. So the fallback is to try to get this law passed in a handful of states, and then let contract-writers use a "choice of law" clause (You've seen those, they're the part that says that if you're going to sue, you have to sue in the contract-writer's favorite state and not yours...) to force UCITA's terms on consumers that way.

Well, that's not going well eitter.... Some states are adopting "Anti-UCITA Bomb Shelter" laws that affirmatively give the rights to consumers that UCITA tries to deny, and affirmatively gives that state's residents the right to sue in their home-state courts over the issues that UCITA tries to block, and effectively overpowering a choice-of-law contract clause with a state law. UCITA is powerless in any state that has a "bomb shelter law" on the books, which effectively means that UCITA's longarm powers to reach out of the states its passed in become voided.

If you're not a fan of what UCITA represents, it's important that your state not only reject UCITA when the lobbists come calling, but that they also pass a bomb shelter law to prevent Maryland or Virgina's UCTIA laws from being used via a choice-of-law clause in your state.

Re:State by State breakdown

[LostCluster]

Follow the hyperlink to http://www.ala.org/Content/NavigationMenu/Our_Asso ciation/Offices/ALA_Washington/Issues2/Copyright1/ UCITA/States.htm that the parent post all the way back there gave to see what has happened in all 50 states. Most of the states that weren't listed here have either had either no legislative activity friend-or-foe towards UCITA, or saw it introduced briefly after it first came out only to let it die unacted upon and never brought up again. Both Illinois and California fall into the latter category.

Why does UCITA matter?

[Creepy+Crawler]

Once software/data/network insurance comes out, the insurance companies will jack rates on insecure software, bad admins, and unsecured data.

Industry will regulate itself (unless monolopies are made....).

Re:Why does UCITA matter?

[antistuff]

And we all know that there are no monopolies in the software industry.

Re:Why does UCITA matter?

[LostCluster]

But this brings us to the reason why there's no such thing as software/data/network insurance...

When a company sells you fire insurance, they promise to pay you quickly your house ever burns down. However, the policy also says that when you make that claim to them, they aquire the right to sue anybody who's responsible for your house buring down... such as the arsonist who sets it ablase or the company that made the battery charger that caught on fire. There are some fires such as those caused by lightning strikes that nobody can control and the insurance company just has to run the risk for, but they also have the assurance that those who do the stupid things that cause preventable fires can be sued for all they're worth, therefore most companies design their products to make sure they're not going to burn houses down if they malfunction.

In order for there to be insurance to protect against losses from insecure software, there first has to be legal liability for putting out insecure software... UCITA is an attempt to put into law what's already in most EULAs, that no such liability will ever exist.

Re:Why does UCITA matter?

[Phroggy]

(unless monolopies are made....).

You just answered your own question. We already tried breaking Microsoft's monopoly and failed; it won't be possible to try again for many years.

UCITA is evil

Basically UCITA tries to say that software makers aren't liable for their software. Then it extends to also the platform its running on.
If UCITA passes some things that could be legal:
1.) If the winword box says it has a spell checker in it, but the program doesn't, you still can't return it.
2.) If you car has a computer the manufactor isn't responsible if it malfunctions. In fact some interpretations are that the manufactor isn't responsible for anything because it has a computer in it so they can do safety cts.

Here is some wonderful information about
UCITA

Re:UCITA is evil

[LostCluster]

Fortunately, lobbists haven't yet found a way to overpower our courts... a court who has a plantiff who is bringing in a car that fits all of the definition's of the state's lemon law is not going to let the car-maker claim that since the car has a computer processor that UCITA overrides the lemon law. When the legislators screw up and pass two laws that contradict each other, courts are there to sort out the mess and enforce only the one that makes more sense.

Re:UCITA is evil

[arkanes]

They will certainly attempt to use UCITA to do such a thing, however, much as they use the DMCA to protect things that have nothing to do with copyrights, so it's still a signifigant legal burden on you to get ANY sort of relief. And the courts are not neccesarily known for being sophisticated in this manner - especially if, as is the case under UCITA, the manufacturer gets to pick the court the case is tried in.

Re:A Faustian Bargain?

[Quarters]

(which was passed in Virginia, even though I wrote the governor telling him he was doing a bad, bad thing) Why didn't you write your representative? You know, someone who could've actually voted against it.

Re:A Faustian Bargain?

[skyryder12]

Because by the time I got wind of it, it had already passed the House, and was being sent to the Gov's desk. My bad, I know...

Re:A Faustian Bargain?

[Creepy+Crawler]

Unless ALL the members of the RIAA have purchased retail licenses, an audit... say of SONY would cost them a bunch.

MS could also just revoke user rights of ANY MS or MS related code. It's a lose-lose side for either.

Think of it as a non-agression pact.

Re:A Faustian Bargain?

[Quarters]

Ah,...that makes sense, then. At least you tried. (As did I, but the VA legislature just wasn't listening on that one).

Lack of liability etc.

[Pettifogger]

Everyone here seems to be bemoaning the provision of the UCITA that allows exemption from liability. Personally, I don't think it's such a bad thing. Think about it this way, if all airline companies were able to disclaim liability for accidents, maintenace, and everything else, do you think anyone would fly? It'll happen here, too. This will lead to software companies either making guarantees even though they're not required to in order to capture market share. Either that, or everyone will start going open source since you can tinker with it and it doesn't cost anything, anyway. Also, does anyone know of a car company that DOESN'T offer a warranty on a new car? Now, the last time I checked, there's no law saying that car companies HAVE to offer a warranty. They do it just to stay competitive with the others. In time, it will happen with software, too. And if it doesn't, open source is going to eat them alive. Both are fine with me.

On another note, I've stopped worrying about all the legislative garbage and contract trickery some large companies are spewing out. It does a fantastic job of convincing people that they are not looking to benefit the paying customer. It's going to kill them. Maybe not tomorrow, but if they don't ease up, everyone who doesn't hate them right now will. Just remember, whenever you try to corner the market and drive up prices, people will either use an alternative or stop using your product. Don't worry... they have plenty of rope to hang themselves with. They're just putting the finishing touches on the knot.

Re:Lack of liability etc.

[BlueWonder]

Also, does anyone know of a car company that DOESN'T offer a warranty on a new car? Now, the last time I checked, there's no law saying that car companies HAVE to offer a warranty.

What does warranty have to do with liability?

Imagine a car company offered you a car under the following conditions: We haven't really made sure that the wheels are properly attached to the car. Therefore, if one or more wheels fall off at speeds above 25 mph and this causes you injury or other damage, you agree not to sue us. Do you think this would hold up in court?

Re:Lack of liability etc.

[codegen]

Unfortunately competition doesn't work when most
of the industry moves together. Take banking
for example. I've watched the general decrease in
banking service and the general increase in
service charges over the past 25 years. Since
all of the banks (with a few small exceptions) have
moved together on this, there is little consumer
choice.

Re:Lack of liability etc.

[tkg]

Now, the last time I checked, there's no law saying that car companies HAVE to offer a warranty.

What do you suppose lemon laws are?

Re:Lack of liability etc.

[archen]

Software companies already make guarantees without following through. I recall having a conversation with a person who claimed that Linux wouldn't go anywhere because of lack of support, and no one claiming responsibility. Support is not an issue. You can pay Red Hat or Microsoft - either will offer support for money. But responsibility? If I have a Microsoft server that gets hacked, or have a critical application that dies because of a bad MS patch, what am I going to do? Yell at Microsoft? Maybe sue them? (heh). Microsoft already has no liability for the software they produce, and people don't seem to be aware of it in the least. People still think they actually *OWN* their copy of Windows. What the end result of all of this will be that people will be boned even more when something goes wrong and they become aware of the rights they never had.

we should be told who is doing this

[frovingslosh]

I worked for a company where a software company (I won't name, but lets just say it bundles installer software that can apparently be used to install your product anywhere ;) ) did this to us.

Not naming this company is pretty gutless and does a disservice to us all. And it's not only a 127.0.0.1 address (clearly the software's own fault) that might do this to you - if you're a small developer and have a provider that doesn't give you a dedicated IP address, but rather assigns one each time you connect, or even changes it every few months, then you are extremely likely to be caught by this foolishnes

Re:we should be told who is doing this

[the-build-chicken]

ok...I'll feed....w.r.t gutless...my god, could I have made it anymore obvious...be used to _install_ your product _anywhere_...hands up everyone that didn't understand that?!

Re:we should be told who is doing this

[WNight]

Well, I'd never heard of InstallAnywhere by Zero G, so it didn't stand out. But now (after a quick googling) I have, and my post of their unobfuscated name means that this discussion will get archived for an eternity on various search engines.

Whenever I have a complaint about a company I make sure to use search terms, (as a search engine looks for them; company name together, etc) so that my post will be found by others.

I don't need an installer now, but if I did, I wouldn't buy their product because I hate dealing with jerks who do things like remotely disable software. (Hell, jerks who write phone-home routines in the first place.)

Re:we should be told who is doing this

[ahfoo]

Phone-home was cool in the mid nineties. I was really proud of my first phone-home system. You couldn't just assume there was a network connection back then. That made it a lot more work and I must admit I never did find a surefire way to get around every proxy situation. I put all kinds of goodies in it: one-time disposable passwords, blowfish encryption --the works. I ended up with all these backdoors in my system that didn't show up till much later from researching all that security crap. But in the end, as soon as sales dropped all that junk went out the window. Sure was fun putting it together though. The good ol' days.
But hey, now we have a good start on a virtual socialist utopia. I'm not crying. It's all good. Who needs money if we can actually learn to share. Even though I had fun playing with proto-DRM back in the day, I agree that shit is evil and we're better off without it. The whole MS version of the software market is nothing but a pyramid scheme. I'm still getting paid for it, but it won't last and I'm glad.

Re:we should be told who is doing this

[Junior+J.+Junior+III]

Hey, he made it easy enough... just do a whois trace on 127.0.0.1 and you'll find out who he is!

who called this guy insightful?

[frovingslosh]

I've not followed this issue so I don't know which two states have adopted this, but I can guess...

You've not only not been following it, but you also don't bother to read the article before you post. But why bother, when people will just tell you and others will call you insightful.

Re:"Atlas Shrugged" becoming more likely.

[WNight]

Except that Rand had it backwards. It's the companies that are the leeches. They're trying to get laws passed that require people to purchase their services, like it or not.

Mandatory CD taxes, on the assumption that everyone is a criminal. (Hell, on the assumption that copyright violation is criminal...)

Laws like the UCITA that deny you any right to except a product to do what it's advertised to do. Hell, under the UCITA they could pretty well sell you an empty box and get away with it.

While there are some pretty stupid injury claims files by consumers, they rarely get all that much money. (The initial multi-million dollar judgements not only get reduced on appeal, but they include punative damages as well as the compensation payments.)

Businesses are also quite good at using a ton of public resources and not paying a lot for taxes. Hell, US law allows you to claim the 'average retail value' of a charitable donation... Microsoft donates hundreds of millions of dollars of licenses, literally for the cost to print them.

And then, if you're rich (as in, CEO of a business) you won't get punished for anything. Ken Lay won't get half the jail time of a clerk who embezles from 7-11, despite the fact that Ken Lay's crimes ruined thousands of people.

Yes, there are leeches out there, removing any incentive to work from the honest man. But it's not the average person doing this, it's thieves hiding behind the corporate shield.

Head is spinning...

[PovRayMan]

..DMCA CSS RIAA CBDTPA EFF UCITA SKYLAROV MPAA..

I'm spinning here... UCITA is something good.. right?

large users????

[kien]

"UCITA's opponents, which include library and consumer protection groups, a majority of state attorneys general and some large software users..."

As soon as I finish this Twinkie, I think I'll get offended. :D

--K.

Re:large users????

[pommiekiwifruit]

I seem to recall under US law you're allowed to kill people if you've eaten a Twinkie (whatever that is)... and not just by sitting on them.

Not exactly.

Federal law is superior to state law:
"[t]his Constitution, and the Laws of the United States ... shall be the supreme Law of the Land..." See U.S. Const. art. VI, cl. 2.

It doesn't matter how many states enact anti-UCITA laws because state laws are just that: state laws, unique to each state, and completely unrelated to each other; and if Congress were to enact a federal UCITA law, all of those state anti-UCITA laws would be invalid.

Also, if Congress were to even partially enact UCITA or even something similar to it, those state laws would be invalid as well. This is what is known as the "Dormant Commerce Clause." The Constitution gives Congress the ability to "regulate Commerce with foreign Nations, and among the several States..." See U.S. Const. art. I, Â 8, cl. 3.

The courts have held that since congress is given the sole authority to regulate interstate commerce, any state laws that conflict with federal ones regulating interstate commerce, or even state laws that attempt to regulate in an area of interstate commerce in which congress has expressed its desire to "occupy the field," are invalid.

What you're talking about are not state or federal laws, they're constitutional amendments; things which will change the actual text of the Constitution.

For that to occur, first, the amendment must be proposed. For Congress to do this, the amendment must be introduced in one house, then pass both houses with a two-thirds majority. For the states to propose amendments, two-thrids of the states must call for a constitutional convention. After proposal of an amendment, it must be ratified. See U.S. Const. art. V.

For ratification to occur, three-fourths of the states must ratify it. See id.

Since a supermajority is needed for ratification, it almost never happens, especially for something that the vast majority of people couldn't care less about (like stopping UCITA). The last time an amendment was successfully ratified was in 1992, the 27th amendment; which was proposed by the first Congress in 1789, and took a whopping 200 years to be ratified.

Re:Not exactly.

The 27th amendment forbids congress from voting itself a pay raise (it can only take affect in the next session)

Unfortunately, congress just passed a law that they get automatic, yearly pay raises, and the supreme court said it was ok

Strictly speaking, the 10th amendment (all powers not given to congress are reserved for the states or for the people) hasn't applied lately.

Re:Not exactly.

[rifter]

Unfortunately, congress just passed a law that they get automatic, yearly pay raises, and the supreme court said it was ok

As long as the pay raises were constant with inflation, I would be okay with that. Somehow I think that is probably not the case here :).

No, it won't happen.

[Surak]

There are two kinds of software users -- corporate and home users (hence the reason you typically see two kinds of software, such as Windows XP Professional vs. Windows XP Home, Red Hat Advanced Server vs. Red Hat Standard, Microsoft Office vs. Microsoft Works, etc.)

Home users don't read the warranty provisions of software products and don't care. Most software, including OSS, right now has an exclusion of warranty right in the click-wrap.

Corporate users, OTOH, tend to negotiate some sort of warranty provisions into their purchase agreements. This bypasses click-wrap and UCITA altogether.

The only people TRULY affected by UCITA are consumers and small businesses (SOHO) with no negotiating power. And all but the most educated consumers don't care. That's why they stick with Windows. How many Windows users have actually *READ* the EULA? I'd wager almost none. If they had and if they had understood it, many of them probably wouldn't have installed Windows or allowed it to be on their computer at all.

Example: My aunt was having a garage sale and was going to sell some of her old software she wasn't using, including Windows 95. I told her, "No, you can't legally sell your copy of Windows 95."

She said, "Sure I can."

I said, "No, you can't. Have you READ the EULA?"

"EULA? What's that?" she inquired.

"The End-User License Agreement. The thing you agreed to when you installed Windows. It says you can't sell or transfer the license to the software," I replied.

"No, it doesn't say that!"

"Yes it *does* say that."

Consumers are very clueless when it comes to what's in the EULA, including exclusion of warranty. They think that they can sue Microsoft is something goes wrong, and with UCITA they won't be able to for sure. But they won't know and won't care because most software consumers have never even heard of UCITA. That's the scary part.

Re:No, it won't happen.

[gillbates]

Actually, yes, she can - if she has an OEM copy. However, to be in compliance with the EULA, she has to "destroy all copies of the software product" - basically, she can sell it as long as she's not using it.

Even if she's got a manufacturer's copy, she can still sell that, provided she sells the computer along with it.

And I agree with the "clueless consumer". We bought the software, and this is the way most people think of it. And this is a good thing, because as long as the "clueless consumers" are the majority, it will be very hard for a company to win a lawsuit against a consumer for "breach of EULA". As long as people believe that "if you buy something, you own it", EULA's will be unenforceable in practice.

quote

[mlong]

Carlyle "Connie" Ring Jr., chairman of the NCCUSL's UCITA drafting committee, said proponents will continue to press for state-by-state adoption. He argued that companies need a uniform set of rules to screw consumers with, and if the states don't adopt these rules, Congress will

I made the quote more to the point...

Re:quote

[Tenebrous]

Consider the independent software developer whose client is in sunny California and whose home and home office are in down home Kentucky. The developer writes custom software for the client, makes changes to the project, delivers on or ahead of schedule, and then the unthinkable happensâ¦

The checksâ(TM) in the mail.

The client (now ex-client) has the source code, and refuses to pay. The client wonâ(TM)t pay because the client doesnâ(TM)t want to pay. The developer is a one man shop who now holds a piece of paper in the form of a contract that is completely worthless because there is no way to enforce it. The client knows this. The application is in production.

The answer? Something called a dead beat switch, which causes the software to deactivate. Of course, this particular procedure isnâ(TM)t legal, is it? According to most of what Iâ(TM)m reading here, the developer should simply turn his case over to the team of high profile attorneys he keeps on retainer, and whose diligent efforts will rectify this trivial injustice in about five years of litigation. Meantime, the developer changes careers to something involving a gun, a mask, and respectability.

Re:quote

[arkanes]

*pat pat* Your example has nothing to do with either UCITA or EULAs. Thanks for playing, though.

Oh, and if you're doing work for hire, dead beat switches are probably illegal anyway (at least one developer was sued for using one and lost) unless it's spelled out in your work contract (thats the thing that the developer has to pressure the client) that you'll be adding one. For extra credit, read up on how a work contract is different than an EULA and why UCITA provisions wouldn't affect work done under one.

The risk is accepted...

[PSaltyDS]

The risk is accepted by the users, and has been for some time.

In the analogy of home fire insurance you missed the fact that homebuilders are not being sued for building flamable houses. Such a house could be built, but is considered too costly and impractical. The builder might be sued for using overly flamable materials, but no one expects a realy nonflamable structure, even if it is built to all local building codes.

Is ther a non-extremist position available? Maybe software producers would be liable for not meeting enacted "building codes" that included things like reasonable, but not necesarily perfect, checks for buffer overflow protection.

An independant lab had to certify that the brand of sheetrock in your house or apartment resisted burnthrough for a certain amount of time to meet code. Lab-tested fire resistance is accepted because fire proof is generaly believed impractical. Software QA code could require independant certification of reasonable security, without the irrational demand for perfect fire-proof-ness.

People in white lab coats are the number one cause of cancer in labratory mice!

Re:"Atlas Shrugged" becoming more likely.

[Anonym0us+Cow+Herd]

I have observed that businesses that make a product that people want to buy, that charge a price people are willing to pay, that treat the customer well seem to do quite well.

AHEM....

[lildogie]

> I don't know which two states have adopted this,
> but I can guess one of them might be Washington state.

Both linked articles clearly and prominently report that the two states are Maryland and Virginia.

Are you a journalist?

Do Something! (If you live in Mass)

[rkent]

Hey, if you live in Mass, write your state representative already! Barely anyone does, so they'll probably even listen to you! I'm going to dump some information I found on the Mass.gov site, and you can use it to find your reps and write them.

First of all, I believe the matter under discussion is House 1622, Petition of Ronald Mariano relative to the interpretation of computer information agreement contracts. Though as you can see from the JCCL homepage, there's lots to choose from and I'm not shocked they didn't act at the hearing on June 2.

If you don't know who to write to, visit the Who are my elected officials? page and type in your addres. And be sure to pick the STATE reps, as they're listed alongside your US reps in a way that's less-than-clear (to me anyway).

I haven't cooked up a boilerplate letter or anything... I figure I'll just synthesize something from this article and the EFF page regarding UCITA. If anyone is more familiar than me with the Mass state legislature, and can let me know if House 1622 is actually what we want, please get in touch.

Re:The UCITA is an enemy to Free software

[Billly+Gates]

Lets play the devils advocate here.

We all heard about the arguments agaisnt the anti UCITA clause which will give vendors god like powers but lets look at this through another angle.

What about free or OSS software?

Do any of you know how extreme the UCITA is and why the anti measures are being adopted?

Under the UCITA, a developer is liable for their products. If some nut decides to install Linux kernel 2.5x for a mission critical server and it crashes causing thousands of dollars of lost revenue then Linus is held liable!

Or what about some asshole who wants to never work by suing people decides to install your product and then sues you if it doesn't work?

Corporations can afford lawyers. Individuals can not.

I welcome the anti-UCITA as it protects free software, innovation, and software corporations. Remember this was formed from lawyers lobbing the democratic party. They want to sue everyone who makes software so they can fill their pockets.

Yes I believe some of the clauses for this might be extreme but the UCITA is quite extreme in its own right.

We need some moderation in laws but right now its a game of who would you like to fight? Corporations or lawyers? I chose corporations.

If a corporation acts like an asshole then do not use their products and develop a free alternative. However a lawyer can do alot more damage to free software and could kill it. Meanwhile the price of regular commercial software will go through the roof to pay for these redicolous software. An EULA already gives these corporations godlike powers anyway.

Re:No!

[Billly+Gates]

No if this passes then free sofware is protected.

All the postings here have been pro UCITA. The UCITA makes all software makers including free software makers liable!

Yes these anti UCITA measures reak with corporate influence and are quite extreme but the original UCITA is extreme in its own right.

Microsoft could for example install Linux on something critical on purpose and then crash it and sue him for lost damages! The UCITA gives lawyers the power to do this. The anti UCITA measures from states like Massachusuets take power away from lawyers and to corporations.

I will email them and tell them I support the anti UCITA measures but would like some moderation in terms of corporations changing terms of the contract after purchase and some of the extra nasties with it.

Really its the lesser of two evils. If this is reformed then I am all for it.

Re:No!

[rkent]

Hey, I'm not quite sure what your perspective is, but I think it was pretty clear from the context, especially given that I referenced including material from the EFF, that I'm also against UCITA, and in favor of laws against it. Just for the record.

Re:A Faustian Bargain?

[ftzdomino]

I mean really, why hasn't the RIAA sued MS et al for making software that enables such piracy..

MS has the money to win the court battle which would most likely put all future court battles in danger. Once a precedence had been set that MS is not responsible it would be very hard to make future charges stick.

Why is everyone saying it's dead?

[Trelane,+the+Squire]

If I read the article right, it only needs to be passed in its model form in one state (it has passed in two) to be enforceable in all (through the clause that says the vendors choose the state in which they will be sued). They only had to get it passed in one, but we have to pass bomb shelter states in all fifty states to be safe. Am I missing something here? On a side note, it would be interesting to see the reaction of people if every piece of software was required by law to be shipped with a printed version of the eula in a booklet on the back of the package that could be opened and read. Sales would drop dramatically until they stopped putting all the crap in there (or maybe not... I guess there are enough that just wouldn't care.)

Please read what you quoted

[HiThere]

It's true that 2/3 of the states can call for a convention for proposing amendments, but adopting similar laws doesn't count as such a call...

And a very good thing, too. Such a convention could propose any amendments that it happened to feel like. I think that they wouldn't become active until approved by 3/4 of the states, but I'm not sure. No such convention has ever happened, so nobody knows either who the representatives at the convention would be, or what the limits on what it could get away with doing would be. (I.e., I think this convention is merely a short circuit around the legislature and the executive branches for the purpose of proposign constitutional ammendments, but I don't really know.)

But I think that it's quite fair to guess that they wouldn't represent *my* interests.

Re:Please read what you quoted

[Planesdragon]

No such convention has ever happened

Wrong. A convention happened for the repeal of Prohibition.

Re:"Atlas Shrugged" becoming more likely.

[adamy]

That would imply being able to read....

I would venture to say that Atlas won't shrug until there is somewhere elase to go. Why do you think there has been such a populist push to get into space?

Re:sig

[ikkonoishi]

Linux is to an OS what an engine is to a car Actually Linux is to an OS what a Buick is to a car.

Why Corporation Oppose UCITA

[daBuddha]

for the record, my mom works for a large company you would all recognize and has been working hard keeping UCITA from passing at the state level for over two years.

the reason she has organized with other like-minded people & organizations is not out of the goodness of her employer's heart, but because passage of UCITA would cost them MILLIONS of dollars annually

they are especially concerned & incensed at the notion of a software provider being able to install "kill-switches" and essentially control them at their discretion. As you can imagine, large organizations that rely on software for the functioning of their business (that is, just about every company these days) are *extremely* reluctant to put that kind of control in the hands others

especially those found to be predatory monpolists!

check out the AFFECT site: http://www.4cite.org/index.html

Re:sig

[jgerman]

Actually a Linux Distro is to an OS what a Buick is to a car. Linux is to an OS what Hurd is to an OS.