Upgradinging of the firmware, totally legal? Ackk. You can do whatever you want with your CD-R drive and it would be totally legal- you have first sale rights. I will be scared if we live in a country where people even have to wonder if modifying their own hardware is "totally legal" or not.
Don't count on it. The hardware itself isn't protected by copyright law, and you can rearrange circuitry and tweak resistors all you want. Firmware code, however, is software (installed on the chips of the drive) and is probably licensed just like all other software, under a contract that supplants the user's first sale rights. I'm willing to bet that at least some of those companies have click-through licenses telling you what drives you can and can't install the firmware on.
I haven't investigated the sites mentioned in the post, as I'm completely satisfied with my CD-RW. But if that firmware is distributed under a restrictive license, the submitting AC's "totally legal" is totally false. Check the licenses.
As a practical matter, I doubt there's a way they can tell. But the fact that it'd be awfully hard to get caught doesn't make it legal.
On a non-legal note, it strikes me as a little economically weird for hardware companies to try to fool with firmware and equipment prices this way. If the drives indeed all use identical equipment, why not just sell them all as high-speed drives for an average price, underpricing the competition on the high-speed drives? Is this a form of price discrimination? On the other hand, maybe there are slight differences in the equipment (in which case it might be described as "overclocking" rather than a mere "firmware update"), suggesting that updaters risk burning something out.
This is a worthwhile discussion either way, but I'd like to add that I think that it is highly unlikely that the bill mentioned in the article will pass through Congress. First, the FCC objects. Second, the bill contravenes the policy goals of the Telecommuncations Act of 1996 (pro-competitive deregulation), and would represent a major shift in Federal policy which most policymakers are probably not ready to make. Universal service is an important Federal communications goal, but this bill is anachronistic in the current regulatory system; it represents the "old-fashioned," monopolistic way of doing things. So striking a change is not likely, not at this stage.
The question is still wide open, of course, whether the goals of the 1996 Act are being achieved and whether there are better ways of structuring network control that we could use to achieve them.
The way a court will address a game modification matter is going to be a really complicated and touchy matter. The copyright issues involved are far from resolved. Not only are there different international standards (Europe is much more protective of copyright than is the U.S.), but the U.S. has not resolved differing interpretations of the law among its courts.
Copyright in characters usually depends upon how well defined and delineated the characters are. The more personality and distinctiveness ("originality") you give a character, the more likely it is that the character will be protected by copyright. At its extreme, this standard let the movie studio owning the James Bond movie character sue Honda for a commercial which depicted unnamed Bond-like characters doing Bond-like things. (That case came from a district court in the Ninth Circuit, which is very copyright-friendly.)
That standard, however, was developed for use in books and films. It's unclear how delineated a computer game character can be. However, the character-and-storyline rationale supported the decision in the Micro Star v. Formgen case, from the U.S. Court of Appeals for the Ninth Circuit. In that case, the 9th Circuit held that Micro Star's distribution of map files for Duke Nukem 3D infringed Formgen's Duke Nukem copyright. Personally, I think the case went too far, especially since Formgen had distributed a map editor to users along with the game. (The court, if I recall correctly, implied a license for users to design their own levels and maybe even trade them, but not for Micro Star to compile and resell them. But that might have been my copyright class filling in a gap in the court's reasoning.) The Ninth Circuit said that Formgen's characters were distinctive enough that distributing files which put the characters into new scenarios infringed Formgen's copyright. Rather than get into the mechanics of the game, the court seemed (to me) most interested in preserving (perhaps extending) a general rule of copyright: The author of a story (including, now, a story in the form of an interactive game), if it is adequately distinctive (and the bar is apparently pretty low in the 9th Circuit), generally has the exclusive right to write, develop, or license sequels.
Another case which deals with the use of characters in surroundings where their authors did not originally put them is Disney v. Air Pirates, from the same Court of Appeals in 1978. Air Pirates wrote a magazine which depicted Disney characters such as Mickey Mouse involved in all sorts of decadent activities (drug smuggling, etc.). Disney won the copyright infringement case because its clearly delineated characters were copied by someone else. It helps that the characters were in graphic form, and so copying was easily recognizable. Disney's characters are more delineated than the characters of most computer games, but I would not be shocked if, under this standard, many computer game characters would be easily infringed.
The issue of supplanting the characters in a given game with different characters in the same game engine and surroundings, or supplanting the capabilities given to the characters in the game with different capabilities, has not yet arisen in the courts. But it seems that it would be easy to infringe, and that at least in the Ninth Circuit it would be quite possible for the plaintiff to win. (I can't predict what would happen if the case went to the Supreme Court.)
The Ninth Circuit is an important court for us to consider, because it covers the west coast of the U.S. Its jurisdiction thus includes not only Hollywood (which is why it's had so many copyright cases), but also all of the west coast software developers.
Fair use:
Fair use is determined by weighing four statutorily defined factors: (1) The purpose and character of the use, (2) the nature of the copyrighted work, (3) the amount and substantiality of the portion taken, relative to the whole copyrighted work, and (4) the effect of the use on the potential market for the work. No one factor is dispositive -- courts must weigh them all.
I don't have time even for a halfway full discussion of fair use, but I'll talk briefly about the four factors.
Purpose and Character of the Use: Commercial uses are accorded less worthiness than are noncommercial uses. Uses which change the ideas expressed in a copyrighted work get more benefit than do uses which don't change the ideas. Copying for purposes with specially recognized benefits (parody, book/music reviews, etc.) gets a little more benefit even if done for a commercial purpose, but the copier may copy only so much as is absolutely necessary to make his or her point, and no more. Air Pirates did not get a fair use defense for the idea of "parody of drug use" because there was no reason for them to choose the Disney characters in particular. That the Disney characters seemed better or funnier for the purpose was not a good enough reason.
The Nature of the Copyrighted Work: Having not seen fair use defenses in software copyright cases before, I don't know how the court would look at this factor here. This inquiry seems to me to be a question preliminary to the fourth factor, which asks what the effect of copying is likely to be on the market for the original. It can also be read more broadly, as an instruction to the court to "remember to find out what it's dealing with" in each case.
Amount and substantiality of the portion taken: If you take the "core material" from a work and reproduce it without really changing the idea conveyed, that's more offensive to copyright than if you copy a few snippets. The Nation magazine may have only copied a few thousand words from Gerald Ford's rather long memoirs, but they copied the thing in the book everyone was most interested in: his thoughts on his decision to pardon Richard Nixon. They lost their fair use defense. While it seems to me that this would lean in favor of a mod maker or at least neutrally, because not much is usually taken, I can't say anything for sure.
Effect on the Market for the Original Work: We all know that a mod maker's reproduction of characters is generally not going to deprive the characters' authors of any of the market for their original work. It might even help. But it's going to depend on the way the copying was done in the individual case. If you make a mod that uses characters from an isolinear game in a first-person-shooter, this would probably run in your favor. If you take the characters from a not-so-wonderfully-designed first-person shooter, port them into Q3, and design levels to resemble the poorly-designed game only better, this factor is going to hurt you. Note that the plaintiffs do not have to prove actual damage to their market-- they only have to show potential damage to swing this factor their way.
Notice, most of all, that fair use is a defense that is applied from case to case. It is a weighing of factors based on the facts of each case. So, you don't know for sure that you've got a fair use defense in a given case unless it's been tried in court.
The moral of the story (in my non-lawyerly opinion): if you want to avoid trouble, the safe route is probably to try to get a license from the people who created the character to use it in the context you want to use it in. The fact that you may not be selling the mods for a profit might help a bit in a fair use defense, but it does not preclude a finding of infringement. Copying from a copyrighted work and giving the copies away for free is just as illegal as selling copies.
I'm still not a lawyer. If you think you're going to run into this sort of trouble, you need to find one.
The replies comment, very correctly, that there is a difference between interexchange settlement rates (which apply to all long distance phone calls) and the scheme AT&T proposes. Those differences are why we are willing to tolerate regulation of phone billing in a way that we are not willing to tolerate it in an intermediary's meddling in sales transactions by parties on each end of a digital connection. My first paragraph above was to point out an idiosyncracy. The important issues are in the second and third paragraphs: do they plan to exert industry pressure through shady dealings?
If they want to set up arrangements for special broadband services to merchants who are willing to pay for these sorts of things, they can try it. Internet sales are ruthlessly competitive, and merchants will only get involved with such arrangements if there is truly something for them to gain from it. Merchants will seek to avoid passing any such costs on to the consumer, because they will be more easily undersold by merchants who have other providers. I hope, though, that AT&T doesn't try to accomplish this by changing the market and pushing the three or four other carriers in AT&T's position to do the same thing.
If they try to reach parties with whom they do not have direct business arrangements (e.g. by telling an ISP connected to their backbone to get into this sort of arrangements with that ISP's merchant customers), I hope those ISPs defect to other backbone providers. If they try to change the business model for all backbone services by getting other companies with big fibre networks to do the same thing, then I hope that (a) the other companies refuse, and pick up AT&T's lost customers, or (b) the ears of antitrust prosecuting attorneys nationwide perk up.
I can say for my own part that as a law student who is beginning to study telecommunications and who aims at getting into public service, I expect to keep paying careful attention to these sorts of things.
Hey, it's just like the phone company takes a cut every time you phone in an order from a catalog... oh wait, they don't.
Sure they do -- someone's paying for that 800 number. The business you call pays for it. A lot. And the interexchange (i.e. backbone) carrier that takes the call gets a chunk of that money from the carrier who provides that 800 number to the business -- though that's a cut of the phone call, not a direct cut from the order.
However, I do not think we want to see the sort of rate system established in internet transactions that exists for telephone calls, nor do we want a set of elaborate contractual schemes where backbone providers require local providers to require contracts from merchants to cooperate with this sort of thing. I am curious to know how AT&T plans to enforce this sort of fee. It seems the plan must refer only to internet merchants who are themselves AT&T customers (as with the merchants and providers on the PocketNet service). They can't just walk up to a merchant who has no direct contractual relationship with them and start demanding money. But it seems to me that that is an awfully good way to send those merchants over to WorldCom, Sprint, or other broadband providers. Is AT&T planning to put pressure on every local network provider connected to its backbone so that the endusers pay settlement-rate-like fees for every transaction that passes over its backbone? Do they want their broadband services to tank like their long distance services are?
I don't like the idea of the charge. To accomplish what they want to, they'd probably have to get other backbone providers to do the same thing (which would be anticompetitive, and would start raising antitrust issues). If they want to get at every transaction, they'd have to get deals from those who connect to their backbone to get deals in turn from their subscribers. The whole thing smells a little odd.
"Patent pending," as far as I am aware, does not mean anything until the patent is granted. If no patent is granted (by reason of prior art, for example), the words are meaningless. Until the patent is granted, the words are relatively meaningless -- a patent which hasn't been granted can't be enforced yet.
If I remember, I'll ask my IP prof. tomorrow.
All that the Supreme Court did was let the state court ruling stand, without comment. This could be for any reason -- the court might have decided that there was simply no time for the Supreme Court to deal with it, or that the case wasn't as important as others. There are thousands of petitions to the Supreme Court a year, and only a few hundred cases are heard each year. Hundreds of cases are dismissed like this even if the court thinks they may have merits, because of lack of resources.
The court's denial of certiorari is not a ruling. It is not a holding that other courts, state or federal, must follow. The New York ruling is precedential in New York and somewhat persuasive elsewhere, but what the Supreme Court said means practically nothing for suits brought anywhere other than New York. The issue is completely open to being heard (and ruled to the contrary) by the Supreme Court at a later date, and courts outside of New York are perfectly free to find opposite of New York's holding.
--Tim Hadley Student, University of Minnesota Law School
I think you're also looking for Article I, Section 10, Clause 2:
No State shall, without the Consent of the Congress, lay any Imposts or Duties on Imports or Exports, except what may be absolutely necessary for executing its inspection Laws: and the net Produce of all Duties and Imposts on Imports or Exports, shall be for the use of the Treasury of the United Staetes, and all such Laws shall be subject to the Revision and the Controul of the Congress.
What's important to note is that none of these apply to an in-state sales and use tax. An in-state sales and use tax is considered a tax upon the purchaser, not a tax on the merchant. It's different from a tariff because a tariff differentiates between in-state goods and import goods, while a sales and use tax, if applied evenly to all goods sold to residents of the states, is constitutional. See Henneford v. Silas Mason Co., 300 U.S. 577 (1937) (Supreme Court holds it legitimate for Washington to charge a use tax on incoming goods sold to residents that was equal to the in-state sales tax, when the state did not double-charge both sales and use taxes.), Tyler Pipe Industries, Inc. v. Washington State Department of Revenue, 483 U.S. 232 (1987) (requiring that the system work so as to guarantee that the tax burden on incoming goods and goods in the state be equal.)
The Supreme Court has held, however, that unless Congress grants States the power to collect use taxes from out of state merchants (rather than the state residents), the states do not have the power to do so because of the burden to interstate commerce. See Quill Corp. v. North Dakota, 504 U.S. 298 (1992). Quill also held that if Congress gave permission to the states to collect their sales and use taxes from out-of-state merchants, it would not be unconstitutional under the Due Process clause to do so. I don't know what code provisions currently apply, though I just cite-checked Quill and it hasn't been overruled. So, what states may do in this situation depends upon what Congress has decided. If mail-order businesses can currently be assessed by the states for use taxes, then Congress has probably allowed it through some provision or other. An interesting question is whether the President has any say in the matter. I'm not so sure that he does, but I wouldn't know. The U.S. Code seems to be the place to search for provisions.
Wish I could say more, but I'm out of time for researching.
The usual disclaimer: I am not a lawyer. I've only got the research training.
A sales/use tax on incoming goods merchanted to a purchaser in a state is considered a use tax on the resident of the state, not a tax on the out-of-state merchant.
I'm not a lawyer, and I don't have time to fully analyze a situation where I don't know enough of the controlling law. As a law student, however, I feel compelled to say:
Don't do anything you think might get you in trouble until you've consulted a lawyer. When you do, remember that the lawyer will look for ways for you to accomplish what you want, but in the end the lawyer may turn out to be wrong. There is an element of risk here.
The EFF may be able to point you in the direction of people who can help, or even provide a bit of help. But you should not, in any case, rely on what you have heard here. There are quite a few smart people posting here, but you should not rely on any lay advice. Even if some of them are attorneys, you are not in an attorney-client relationship with them, and should not rely on their advice.
Even a preliminary consultation in this case might cost a few hundred dollars. That'll be a lot cheaper than tens of thousands, though.
Sure they would. They do all the time for "behemoths" that happen to have monopolies.
Antitrust law is not tort law. The question of liability for the manufacturing of exploitable software is distinctively in tort and contract law. There are different distinctions for different questions. As a matter of tort law, where large corporations, small corporations, private organizations, and individuals are all involved in a kind of work, we will not distinguish between then when making a rule of liability which specially applies to that kind of work. We will talk about what can happen when there is an exploitable program. We will talk about the nature of programming, and what happens when people go around cracking programs. We won't talk about who's doing the programming, because in a sense, everyone is doing it, and we're going to treat them the same.
Creating this rule would go against the standard rule about what happens when a third party intervenes. (A thought -- I wonder what happens if a safe on which there was no warranty was broken into and uninsured valuables stolen. Gotta look that up and see if it's ever been decided.) Any home security system that relies on a telephone line to call the security service can be subverted by disconnecting the phone line. They conveniently don't mention that in the ads. Yet suppose I don't want to make the kind of investment required to get a more secure system? Do I get to hold the manufacturer liable when a crook cuts the line and breaks in?
The points in the above comment about the incentives Microsoft has -- or doesn't have -- to better its product are well put, but how does it answer the question the courts will ask, "Who will pay for incidental damage when software can be exploited and is exploited?" You want to establish that Microsoft had an especially significant duty to amend its software. Tort law tends to recognize that having notice of a risk can create a duty; relying on that notion, however, doesn't separate MS from the maintainers of net-tools, were something to go wrong there. But there's nothing about the ability to leverage the marketing of a software product creating a greater duty to ensure its security than that borne by other manufacturers.
Might be going somewhere with that... Unfortunately, I'm getting way too tired to think about this anymore. Besides, I'm on my break. I thought I was getting away from this stuff after my torts test last Thursday.:-) Maybe later.
I still worry that if we made MS or other major corporations liable for this sort of thing, but not smaller manufacturers or GPL software, that would encourage the monopoly. Right now one reason the PHB's go with Microsoft because it lulls them into a sense of safety with its bigness. They assume that a huge corporation must be doing things right. Well, finding MS liable in this cases would justify that reassurance by saying, "you go with MS, and you're insured against its failures, while if you go with NotSoHuge, you have to cover your own behind." Just another thought.
G'night...
Disclaimer #1: I don't like MS, I just want us to look at this carefully. Disclaimer #2: I'm not a lawyer.
I'll keep playing "devil's advocate" (as I'm no fan of MS) here for a while, as I think as a matter of law they would not be liable here -- at least not for more than a fraction of the costs. We might say that I also know about the risk involved with macros. I can turn off MS Word macros and ActiveX controls. I cannot keep the spilt gasoline away from my property when the railroad spills it. I therefore can protect myself a lot better here.
The decision in the case I mentioned wasn't so much based on the time delay as upon the fact that the intervening act was intentional. On the other hand, one of the catches here is that we're dealing with foreseeable kinds of intentional intervening acts. That seems to be part of what makes this so sticky, and different from the case I mentioned above. But are we going to make a company liable for a newly invented exploit if that particular exploit was not foreseeable based on a reasonable standard of programming?
Thanks for making me think of that... Unfortunately, I'm also starting to get pretty far away from what I know. I know a few people I can ask, though, and when I get back to school in January, I will try to remember to ask.
In the rent example, under common law, you can be held liable for the extent of the agreement -- you are held liable for what the property owner had a right to expect from the agreement. On the other hand, the property owner has to mitigate his or her damages if you move out. If the property owner does not make a reasonable effort to get replacement tenants, she cannot collect. If she does, though, she can collect for the time the property was vacant.
That is beside the point. That's all I know from my class on the common law of contracts, and every state has its own statutes as to what restrictions are placed on tenants and lessors.
In all likelihood, there is no good reason for you to sue if your credit card gets into someone else's hands through a failure in electronic commerce software. Your credit card agreement probably stipulates (I think it's required by law) that you are liable up to only a limited amount in fraudulent purchases (in my case, it's $50 -- hardly enough to start thinking "lawsuit," though someone might be able to make a state class action out of it if it happened).
Even the contracts matter aside, there is the question of whether it is good tort policy to shift this liability to a producer when as a rule software producers will not be able to cover that kind of loss (MS is the exception, not the rule, but it will be treated under the rule), and such a decision would run against the rule that an intentional intervening act by a third party, exploiting another's negligence, relieves the negligent party of liability.
The strongest argument I've seen yet in this particular thread for making a rule to handle the exception that is Microsoft is at this comment. I'm trying to come up with a way to formulate the rule in legal terms, though, and I can't quite do it.
Nowadays, most products liability suits are brought under strict liability claims, and its is a legal standard which is well entrenched. M$ would have a much better chance and being sued successfully under strict liability because they have a better ability to bear the financial costs of the damages than their consumers. GPL'ed products are probably safe on this account, because their prodcuers are often no better able to absorb the financial impact of a faulty product that those using it.
Most products liability suits are also personal injury claims, and are brought under circumstances where poor manufacturing results in a product which is inherently dangerous when used for its intended purpose. Asbestos is dangerous to people. The Melissa virus was dangerous to data, and for a certain relatively brief span of time, slowed down electronic communications. The courts are not going to treat your data and your lungs according to the same rule. Strict liability is a tool to make something that has served or does serve a useful purpose (e.g. blasting for a roadway or a subway) pay its own way when something goes awry. It's a tool to open wide the doors to liability, and to do that here would have, I think, a nasty chilling effect on the industry. I haven't heard yet of a products liability claim that arose just because a product failed for an industrial use -- though there might be a contracts claim. But don't listen to me, I haven't studied it yet. Don't even listen to me too much on the stuff I have studied.
I'm still wondering how, in terms of what I quoted above, we distinguish in terms acceptable to use in a legal rule between MS and the less financially solvent maker of some other piece of software. IANAL, but my readings of torts cases as a student show me that while courts do tend to allocate risk based on who is able to compensate, they will only do so if, on the whole, one group is generally better able to compensate for that sort of injury. Courts make such decisions where things work "as a rule," because they operate by applying rules. MS is able to compensate for data- and security- threatening mistakes, and GPL authors are not, but that alone is not going to be a good enough reason, especially when there is a third party's intentional intervening act, as in the case of a virus creator or cracker.
I think it was Bruce Perens who pointed out that users of open-source software can check the code, and he might have been onto something. However, the vast majority of users of open-source software -- including myself -- are not able to make that kind of close analysis of the software they use, and would have to hire professional "code-checkers." I know some C and some C++, but if the coder didn't find the buffer overflow risk, I probably can't either, certainly not in a large application for networked enterprise use. These "code checkers" would have to be programmers who, we may presume, would then shoulder the liability. I sure don't want to be that guy, and I don't think anyone else would want that liability either. You'd have to pay someone a lot to take that liability, and at that point, IS departments would just say, "okay, then, we'll go with MS." And that's not even the 'little guy' running his home business.
Here are two more reasons we might not want to allocate this risk to Microsoft: First, if purchasers know that they are "insured" if they go with the corporate behemoth's software, but are "uninsured" if they go with open-source software, you know what they'll do. Second, there would be a chilling effect on anyone trying to build a business on software manufacturing. While that would certainly cool off this crazy string of IPOs, it would probably discourage anyone from assembling lots of capital, because then they'd suddenly be open to liability.
I still think that the ability to pay, in and of itself, will not be sufficient for a court to rule that a software producer is liable for damage to data (not persons) arising from exploitable programming, especially when there had to be a third party to make use of the exploit. Courts will not rule that "Only big software producers" will be liable. (Where would we draw the line of "bigness," among all those other concerns?)
I don't think a court would find that Microsoft or open source authors should be held liable due to negligent software design.
First, a court would have to find that there was negligence. That is to say, that there was a standard of care that applied in the situation, that the standard of care was breached, and that the breached caused damage both in fact and in terms of "proximate" cause. Second, there is the fact that this would be products liability, which has some of its own rules. I don't know them very well, though I am familiar with a rule which holds that one can generally disclaim the merchantability of a product for certain kidns of uses, unless the product can be made unusually dangerous (usually construed as physically dangerous to a person) in its intended use by negligent manufacturing.
I don't have time to write about all of these elements, and you don't want to read it all anyway. I want to note, though, that in most cases where the negligence of one party creates a dangerous situation, and another party discovers it and intentionally exploits it to bring about the danger that was risked, the connection of "legal cause" between the negligence and the damage is understood to be broken.
An example which comes up in casebooks is a case where a railroad company spilled gasoline all over the place. The question presented was whether the railroad was liable for damage from the ensuing fire when someone threw a match on it -- there was testimony to show that he had intentionally thrown the match. The appellate court in the case held that the railroad would not be liable if the other defendant had intentionally thrown the match. The rationale (at least according to my torts professor) is that if someone exploits a dangerous situation before the negligent party finds out about it and has a chance to clean it up, we shift the liabiltity over to him and take it off the negligent party.
Now, we can all think of how there are similarities and difference in a software situation, where the parties know that the person using the software is relying on it to get the job done. On the other hand, there are the issues of warranty disclaimer and the defenses to liability. I think one of the reasons courts are unlikely to find Microsoft liable in this situation, even going past the defenses it would have available, is that they would have to apply it to all small companies and open source programmers to that kind of liability, and no one can insure against it. The courts will look for the best ways to spread these losses around so that they are manageable. Microsoft might be able to spread those kinds of losses around, by insuring itself and raising software prices (yes, I say that in all seriousness), so it will be tempting to assign liability there, but the individual or group who writes a shareware or open source network program and leaves in an opportunity for a buffer overflow cannot, and would go bankrupt quickly, leaving only a few people compensated and countless more uncompensated. The courts will not create an otherwise-unjustified double standard between the behemoth and the little guy when the only difference between them is that one is a behemoth and one is a little guy.
For these reasons, I expect that the person or company who accepts the licensing agreement and its disclaimers, even for mission-critical operations, will have to self-insure against its failure when there is no warranty, and will have to self-insure against the security risks involved in using such software.
In parting, here's my own little disclaimer: I am not a lawyer, just a student, so you should not rely on anything I have said for any purpose other than as something to think about.
I would like to see the precedents for these cases. If you can find them on Findlaw, or even just give me reporter cites (I've got free LEXIS and Westlaw access as a student, so I can find 'em myself), I'd appreciate it. My email address is above, though obviously part of it has to be taken out to email me.
I don't think that the court would find that there is a gross differential in bargaining power here. I either buy the software and install it, or I don't. With the GPL, the software is often free -- a court in a contracts case would have a hard time even finding consideration there for the exchange of the software, much less an assumption by the distributor of an obligation of its merchantability.
I heard of a decision that went one way or another on the validity of shrink-wrap licenses, though I don't know if it was an appellate court (the only ones that count as precedent) or just some district court. Maybe I'll run a search tomorrow.
Take care to note that this case has to do only with liability for defamation for certain kinds of electronic posts in the State of New York. It is persuasive authority in other states in other such cases, but it is not binding in other states.
The court points out that it has not touched on federal law. It may be a bit persuasive on how to deal with these issues in such cases, but this case should not be read as having any effect on cases in federal law. It has none. Even if it had come up in the case, it would be a federal question, for determination by the federal courts.
That's almost like saying, "if they didn't want me to distribute copies of this book, they wouldn't have printed it in the first place," or even, "if they didn't want me to copy this game for all my friends, they wouldn't have put it on a disk in the first place."
Books and the periodical press are about the free exchange of ideas and information, too. That's why we have a freedom of speech and press clause in the First Amendment -- that was around a long time before the Internet. But books, press, and webpages all fall within the scope of the copyright law.
Under the US Copyright law, even the "fair use" of copyrighted materials may be limited depending upon "the effect of the use upon the potential market for or value of the copyrighted work." 17 U.S.C. 107. Publishing it here deprives them of income for their work -- income that they don't even take out of the person who goes there and uses it for free. Explain how that's fair.
Hm. Well, as far as the floodgates are concerned, a broad class action suit or two would in theory limit the number of claims that would reach the courts to those few. At least, I would think.
First of, I am not yet a lawyer. I'm a brand-new first year law student, though, and this article and some of the comments I've seen got me digging. Here's what I've learned in the last 20 minutes on the US Library of Congress web site:
1. I don't know if the US is a Berne convention nation, but it doesn't matter. According to the US Copyright Code, 17 USC S.101-104 (available as Circular 92 from the copyright office), unpublished works in general are protected, and published works such as Murray's are protected, "if, on the date of first publication, one or more of the authors is a national or a domicilary of the United States...." [17 USC S.104(b)(1)]. 2. However, there are numerous rules which appear to place a statute of limitations on suits to enforce the copyright. A lawyer could tell you whether the limitations have or have not run. 3. According to Circular 1, "Before an infringement suit may be filed in court, registration is necessary for works of U.S. origin." And, "If made before or within 5 years of publication, registration will establish prima facie [on the face of it, sufficient so long as another party doesn't have a good rebuttal] evidence in court of the validity of the copyright and of the facts stated in the certificate." (US Library of Congress Copyright Office, Circular 1, page 7) (PDF circ01.pdf) It looks to me like if anyone's expecting to have to enforce a copyright gained under 17 USC 104(b)(1), she or he had better register it right away.
And there's a whole heck of a lot more info out there too, and a whole Title of the United States Code (Title 17). Good place to start is that Library of Congress website and/or a lawyer.
I'm not saying that Murray necessarily wants to enforce this or put that kind of effort in, though a bark letter might be a nice idea. Any attorneys out there, especially in Murray's state (wherever that may be) who'd like to do this for free? If it were three years from now, I'd do it.
I think I heard something in the spring and summer about appellate court rulings holding online providers responsible for their material...
Don't quote me on any of this. I am not a lawyer; I have just begun my study of law. I have passed no tests, and the only two licenses I have are an amateur radio license and a driver's licence, which certainly don't allow anyone to practice law. No one who is not a lawyer may give legal advice. This should NOT be construed as legal advice. I am a lay person reporting the information I think I have found in 30 minutes of web research. I COULD BE WRONG.
I think the disclaimers give me away.:)
The curious should grab some of those pdfs from the Library of Congress and/or contact their attorneys.
From http://www.apple.com/quicktime/developers/qtjava/s dk/index.html :
"In order to use the QuickTime for Java libraries, you must have both QuickTime 3 (including QuickTime for Java) and a Java Runtime Environment installed."
I think in the US it really depends on where one goes. According to some friends' reports, the state schools around here and some private schools are a lot like big high schools in terms of social environment. However, I'm at a private school in the midwestern U.S., and I've been really relieved to find that it ain't necessarily always so. Of course, a disproportionate number of people here were the sidelined geeks in high school, so we're sensitive to this kind of thing and take more time to find out who people are. I see much, much fewer snap judgments.
Who's to say the Metalab maintainers aren't full of it as well? The reason they present is a joke, there's a link underneath titled "Good for today only - April 1, 1999" that goes to a gif of a page of what appears to be (somewhat poor) cyrillic handwriting. I can't read it, but I bet it's something along the line of "april fool...".
It depends upon the state. States and the federal government are free to regulate this sort of things to a certain degree. This is why we have things like the minimum wage, OSHA safety regulations, et cetera. In this case what is needed is a state law, because the federal government can only pass commercial laws that it can justify by its constitutional power over interstate commerce (which really has a very broad interpretation in the case law). The states' powers, if I am correctly informed, are a fair deal more broad. That's why they can get away with this in Texas but not in California, if we're right.
The point is that in the lease contract examples above, the contract is void if the contract specifies something which is a violation of law. Because Texas has no law forbidding this kind of contract, the contract is legal and binding in Texas. At least, so it seems thus far.
Slashdot Mirror
Upgradinging of the firmware, totally legal? Ackk. You can do whatever you want with your CD-R drive and it would be totally legal- you have first sale rights. I will be scared if we live in a country where people even have to wonder if modifying their own hardware is "totally legal" or not.
Don't count on it. The hardware itself isn't protected by copyright law, and you can rearrange circuitry and tweak resistors all you want. Firmware code, however, is software (installed on the chips of the drive) and is probably licensed just like all other software, under a contract that supplants the user's first sale rights. I'm willing to bet that at least some of those companies have click-through licenses telling you what drives you can and can't install the firmware on.
I haven't investigated the sites mentioned in the post, as I'm completely satisfied with my CD-RW. But if that firmware is distributed under a restrictive license, the submitting AC's "totally legal" is totally false. Check the licenses.
As a practical matter, I doubt there's a way they can tell. But the fact that it'd be awfully hard to get caught doesn't make it legal.
On a non-legal note, it strikes me as a little economically weird for hardware companies to try to fool with firmware and equipment prices this way. If the drives indeed all use identical equipment, why not just sell them all as high-speed drives for an average price, underpricing the competition on the high-speed drives? Is this a form of price discrimination? On the other hand, maybe there are slight differences in the equipment (in which case it might be described as "overclocking" rather than a mere "firmware update"), suggesting that updaters risk burning something out.
That's more than enough thoughts for one post.
This is a worthwhile discussion either way, but I'd like to add that I think that it is highly unlikely that the bill mentioned in the article will pass through Congress. First, the FCC objects. Second, the bill contravenes the policy goals of the Telecommuncations Act of 1996 (pro-competitive deregulation), and would represent a major shift in Federal policy which most policymakers are probably not ready to make. Universal service is an important Federal communications goal, but this bill is anachronistic in the current regulatory system; it represents the "old-fashioned," monopolistic way of doing things. So striking a change is not likely, not at this stage.
The question is still wide open, of course, whether the goals of the 1996 Act are being achieved and whether there are better ways of structuring network control that we could use to achieve them.
The way a court will address a game modification matter is going to be a really complicated and touchy matter. The copyright issues involved are far from resolved. Not only are there different international standards (Europe is much more protective of copyright than is the U.S.), but the U.S. has not resolved differing interpretations of the law among its courts.
Copyright in characters usually depends upon how well defined and delineated the characters are. The more personality and distinctiveness ("originality") you give a character, the more likely it is that the character will be protected by copyright. At its extreme, this standard let the movie studio owning the James Bond movie character sue Honda for a commercial which depicted unnamed Bond-like characters doing Bond-like things. (That case came from a district court in the Ninth Circuit, which is very copyright-friendly.)
That standard, however, was developed for use in books and films. It's unclear how delineated a computer game character can be. However, the character-and-storyline rationale supported the decision in the Micro Star v. Formgen case, from the U.S. Court of Appeals for the Ninth Circuit. In that case, the 9th Circuit held that Micro Star's distribution of map files for Duke Nukem 3D infringed Formgen's Duke Nukem copyright. Personally, I think the case went too far, especially since Formgen had distributed a map editor to users along with the game. (The court, if I recall correctly, implied a license for users to design their own levels and maybe even trade them, but not for Micro Star to compile and resell them. But that might have been my copyright class filling in a gap in the court's reasoning.) The Ninth Circuit said that Formgen's characters were distinctive enough that distributing files which put the characters into new scenarios infringed Formgen's copyright. Rather than get into the mechanics of the game, the court seemed (to me) most interested in preserving (perhaps extending) a general rule of copyright: The author of a story (including, now, a story in the form of an interactive game), if it is adequately distinctive (and the bar is apparently pretty low in the 9th Circuit), generally has the exclusive right to write, develop, or license sequels.
Another case which deals with the use of characters in surroundings where their authors did not originally put them is Disney v. Air Pirates, from the same Court of Appeals in 1978. Air Pirates wrote a magazine which depicted Disney characters such as Mickey Mouse involved in all sorts of decadent activities (drug smuggling, etc.). Disney won the copyright infringement case because its clearly delineated characters were copied by someone else. It helps that the characters were in graphic form, and so copying was easily recognizable. Disney's characters are more delineated than the characters of most computer games, but I would not be shocked if, under this standard, many computer game characters would be easily infringed.
The issue of supplanting the characters in a given game with different characters in the same game engine and surroundings, or supplanting the capabilities given to the characters in the game with different capabilities, has not yet arisen in the courts. But it seems that it would be easy to infringe, and that at least in the Ninth Circuit it would be quite possible for the plaintiff to win. (I can't predict what would happen if the case went to the Supreme Court.) The Ninth Circuit is an important court for us to consider, because it covers the west coast of the U.S. Its jurisdiction thus includes not only Hollywood (which is why it's had so many copyright cases), but also all of the west coast software developers.
Fair use:
Fair use is determined by weighing four statutorily defined factors:
(1) The purpose and character of the use,
(2) the nature of the copyrighted work,
(3) the amount and substantiality of the portion taken, relative to the whole copyrighted work, and
(4) the effect of the use on the potential market for the work.
No one factor is dispositive -- courts must weigh them all.
I don't have time even for a halfway full discussion of fair use, but I'll talk briefly about the four factors.
Purpose and Character of the Use: Commercial uses are accorded less worthiness than are noncommercial uses. Uses which change the ideas expressed in a copyrighted work get more benefit than do uses which don't change the ideas. Copying for purposes with specially recognized benefits (parody, book/music reviews, etc.) gets a little more benefit even if done for a commercial purpose, but the copier may copy only so much as is absolutely necessary to make his or her point, and no more. Air Pirates did not get a fair use defense for the idea of "parody of drug use" because there was no reason for them to choose the Disney characters in particular. That the Disney characters seemed better or funnier for the purpose was not a good enough reason.
The Nature of the Copyrighted Work: Having not seen fair use defenses in software copyright cases before, I don't know how the court would look at this factor here. This inquiry seems to me to be a question preliminary to the fourth factor, which asks what the effect of copying is likely to be on the market for the original. It can also be read more broadly, as an instruction to the court to "remember to find out what it's dealing with" in each case.
Amount and substantiality of the portion taken: If you take the "core material" from a work and reproduce it without really changing the idea conveyed, that's more offensive to copyright than if you copy a few snippets. The Nation magazine may have only copied a few thousand words from Gerald Ford's rather long memoirs, but they copied the thing in the book everyone was most interested in: his thoughts on his decision to pardon Richard Nixon. They lost their fair use defense. While it seems to me that this would lean in favor of a mod maker or at least neutrally, because not much is usually taken, I can't say anything for sure.
Effect on the Market for the Original Work: We all know that a mod maker's reproduction of characters is generally not going to deprive the characters' authors of any of the market for their original work. It might even help. But it's going to depend on the way the copying was done in the individual case. If you make a mod that uses characters from an isolinear game in a first-person-shooter, this would probably run in your favor. If you take the characters from a not-so-wonderfully-designed first-person shooter, port them into Q3, and design levels to resemble the poorly-designed game only better, this factor is going to hurt you. Note that the plaintiffs do not have to prove actual damage to their market-- they only have to show potential damage to swing this factor their way.
Notice, most of all, that fair use is a defense that is applied from case to case. It is a weighing of factors based on the facts of each case. So, you don't know for sure that you've got a fair use defense in a given case unless it's been tried in court.
The moral of the story (in my non-lawyerly opinion): if you want to avoid trouble, the safe route is probably to try to get a license from the people who created the character to use it in the context you want to use it in. The fact that you may not be selling the mods for a profit might help a bit in a fair use defense, but it does not preclude a finding of infringement. Copying from a copyrighted work and giving the copies away for free is just as illegal as selling copies.
I'm still not a lawyer. If you think you're going to run into this sort of trouble, you need to find one.
If they want to set up arrangements for special broadband services to merchants who are willing to pay for these sorts of things, they can try it. Internet sales are ruthlessly competitive, and merchants will only get involved with such arrangements if there is truly something for them to gain from it. Merchants will seek to avoid passing any such costs on to the consumer, because they will be more easily undersold by merchants who have other providers. I hope, though, that AT&T doesn't try to accomplish this by changing the market and pushing the three or four other carriers in AT&T's position to do the same thing.
If they try to reach parties with whom they do not have direct business arrangements (e.g. by telling an ISP connected to their backbone to get into this sort of arrangements with that ISP's merchant customers), I hope those ISPs defect to other backbone providers. If they try to change the business model for all backbone services by getting other companies with big fibre networks to do the same thing, then I hope that (a) the other companies refuse, and pick up AT&T's lost customers, or (b) the ears of antitrust prosecuting attorneys nationwide perk up.
I can say for my own part that as a law student who is beginning to study telecommunications and who aims at getting into public service, I expect to keep paying careful attention to these sorts of things.
Sure they do -- someone's paying for that 800 number. The business you call pays for it. A lot. And the interexchange (i.e. backbone) carrier that takes the call gets a chunk of that money from the carrier who provides that 800 number to the business -- though that's a cut of the phone call, not a direct cut from the order.
However, I do not think we want to see the sort of rate system established in internet transactions that exists for telephone calls, nor do we want a set of elaborate contractual schemes where backbone providers require local providers to require contracts from merchants to cooperate with this sort of thing. I am curious to know how AT&T plans to enforce this sort of fee. It seems the plan must refer only to internet merchants who are themselves AT&T customers (as with the merchants and providers on the PocketNet service). They can't just walk up to a merchant who has no direct contractual relationship with them and start demanding money. But it seems to me that that is an awfully good way to send those merchants over to WorldCom, Sprint, or other broadband providers. Is AT&T planning to put pressure on every local network provider connected to its backbone so that the endusers pay settlement-rate-like fees for every transaction that passes over its backbone? Do they want their broadband services to tank like their long distance services are?
I don't like the idea of the charge. To accomplish what they want to, they'd probably have to get other backbone providers to do the same thing (which would be anticompetitive, and would start raising antitrust issues). If they want to get at every transaction, they'd have to get deals from those who connect to their backbone to get deals in turn from their subscribers. The whole thing smells a little odd.
Hm.
"Patent pending," as far as I am aware, does not mean anything until the patent is granted. If no patent is granted (by reason of prior art, for example), the words are meaningless. Until the patent is granted, the words are relatively meaningless -- a patent which hasn't been granted can't be enforced yet. If I remember, I'll ask my IP prof. tomorrow.
The court's denial of certiorari is not a ruling. It is not a holding that other courts, state or federal, must follow. The New York ruling is precedential in New York and somewhat persuasive elsewhere, but what the Supreme Court said means practically nothing for suits brought anywhere other than New York. The issue is completely open to being heard (and ruled to the contrary) by the Supreme Court at a later date, and courts outside of New York are perfectly free to find opposite of New York's holding.
--Tim Hadley
Student, University of Minnesota Law School
No State shall, without the Consent of the Congress, lay any Imposts or Duties on Imports or Exports, except what may be absolutely necessary for executing its inspection Laws: and the net Produce of all Duties and Imposts on Imports or Exports, shall be for the use of the Treasury of the United Staetes, and all such Laws shall be subject to the Revision and the Controul of the Congress.
What's important to note is that none of these apply to an in-state sales and use tax. An in-state sales and use tax is considered a tax upon the purchaser, not a tax on the merchant. It's different from a tariff because a tariff differentiates between in-state goods and import goods, while a sales and use tax, if applied evenly to all goods sold to residents of the states, is constitutional. See Henneford v. Silas Mason Co., 300 U.S. 577 (1937) (Supreme Court holds it legitimate for Washington to charge a use tax on incoming goods sold to residents that was equal to the in-state sales tax, when the state did not double-charge both sales and use taxes.), Tyler Pipe Industries, Inc. v. Washington State Department of Revenue, 483 U.S. 232 (1987) (requiring that the system work so as to guarantee that the tax burden on incoming goods and goods in the state be equal.)
The Supreme Court has held, however, that unless Congress grants States the power to collect use taxes from out of state merchants (rather than the state residents), the states do not have the power to do so because of the burden to interstate commerce. See Quill Corp. v. North Dakota, 504 U.S. 298 (1992). Quill also held that if Congress gave permission to the states to collect their sales and use taxes from out-of-state merchants, it would not be unconstitutional under the Due Process clause to do so. I don't know what code provisions currently apply, though I just cite-checked Quill and it hasn't been overruled. So, what states may do in this situation depends upon what Congress has decided. If mail-order businesses can currently be assessed by the states for use taxes, then Congress has probably allowed it through some provision or other. An interesting question is whether the President has any say in the matter. I'm not so sure that he does, but I wouldn't know. The U.S. Code seems to be the place to search for provisions.
Wish I could say more, but I'm out of time for researching.
The usual disclaimer: I am not a lawyer. I've only got the research training.
A sales/use tax on incoming goods merchanted to a purchaser in a state is considered a use tax on the resident of the state, not a tax on the out-of-state merchant.
Don't do anything you think might get you in trouble until you've consulted a lawyer. When you do, remember that the lawyer will look for ways for you to accomplish what you want, but in the end the lawyer may turn out to be wrong. There is an element of risk here.
The EFF may be able to point you in the direction of people who can help, or even provide a bit of help. But you should not, in any case, rely on what you have heard here. There are quite a few smart people posting here, but you should not rely on any lay advice. Even if some of them are attorneys, you are not in an attorney-client relationship with them, and should not rely on their advice.
Even a preliminary consultation in this case might cost a few hundred dollars. That'll be a lot cheaper than tens of thousands, though.
-TH
Student, University of Minnesota Law School
1. It would still be illegal for anyone else to release/share copies of the software, if it violated patents.
2. What is open source if you can't distribute it openly?
Antitrust law is not tort law. The question of liability for the manufacturing of exploitable software is distinctively in tort and contract law. There are different distinctions for different questions. As a matter of tort law, where large corporations, small corporations, private organizations, and individuals are all involved in a kind of work, we will not distinguish between then when making a rule of liability which specially applies to that kind of work. We will talk about what can happen when there is an exploitable program. We will talk about the nature of programming, and what happens when people go around cracking programs. We won't talk about who's doing the programming, because in a sense, everyone is doing it, and we're going to treat them the same.
Creating this rule would go against the standard rule about what happens when a third party intervenes. (A thought -- I wonder what happens if a safe on which there was no warranty was broken into and uninsured valuables stolen. Gotta look that up and see if it's ever been decided.) Any home security system that relies on a telephone line to call the security service can be subverted by disconnecting the phone line. They conveniently don't mention that in the ads. Yet suppose I don't want to make the kind of investment required to get a more secure system? Do I get to hold the manufacturer liable when a crook cuts the line and breaks in?
The points in the above comment about the incentives Microsoft has -- or doesn't have -- to better its product are well put, but how does it answer the question the courts will ask, "Who will pay for incidental damage when software can be exploited and is exploited?" You want to establish that Microsoft had an especially significant duty to amend its software. Tort law tends to recognize that having notice of a risk can create a duty; relying on that notion, however, doesn't separate MS from the maintainers of net-tools, were something to go wrong there. But there's nothing about the ability to leverage the marketing of a software product creating a greater duty to ensure its security than that borne by other manufacturers.
Might be going somewhere with that... Unfortunately, I'm getting way too tired to think about this anymore. Besides, I'm on my break. I thought I was getting away from this stuff after my torts test last Thursday. :-) Maybe later.
I still worry that if we made MS or other major corporations liable for this sort of thing, but not smaller manufacturers or GPL software, that would encourage the monopoly. Right now one reason the PHB's go with Microsoft because it lulls them into a sense of safety with its bigness. They assume that a huge corporation must be doing things right. Well, finding MS liable in this cases would justify that reassurance by saying, "you go with MS, and you're insured against its failures, while if you go with NotSoHuge, you have to cover your own behind." Just another thought.
G'night...
Disclaimer #1: I don't like MS, I just want us to look at this carefully. Disclaimer #2: I'm not a lawyer.
The decision in the case I mentioned wasn't so much based on the time delay as upon the fact that the intervening act was intentional. On the other hand, one of the catches here is that we're dealing with foreseeable kinds of intentional intervening acts. That seems to be part of what makes this so sticky, and different from the case I mentioned above. But are we going to make a company liable for a newly invented exploit if that particular exploit was not foreseeable based on a reasonable standard of programming?
Thanks for making me think of that... Unfortunately, I'm also starting to get pretty far away from what I know. I know a few people I can ask, though, and when I get back to school in January, I will try to remember to ask.
Still not a lawyer.
That is beside the point. That's all I know from my class on the common law of contracts, and every state has its own statutes as to what restrictions are placed on tenants and lessors.
In all likelihood, there is no good reason for you to sue if your credit card gets into someone else's hands through a failure in electronic commerce software. Your credit card agreement probably stipulates (I think it's required by law) that you are liable up to only a limited amount in fraudulent purchases (in my case, it's $50 -- hardly enough to start thinking "lawsuit," though someone might be able to make a state class action out of it if it happened).
Even the contracts matter aside, there is the question of whether it is good tort policy to shift this liability to a producer when as a rule software producers will not be able to cover that kind of loss (MS is the exception, not the rule, but it will be treated under the rule), and such a decision would run against the rule that an intentional intervening act by a third party, exploiting another's negligence, relieves the negligent party of liability.
The strongest argument I've seen yet in this particular thread for making a rule to handle the exception that is Microsoft is at this comment. I'm trying to come up with a way to formulate the rule in legal terms, though, and I can't quite do it.
Still not a lawyer.
Most products liability suits are also personal injury claims, and are brought under circumstances where poor manufacturing results in a product which is inherently dangerous when used for its intended purpose. Asbestos is dangerous to people. The Melissa virus was dangerous to data, and for a certain relatively brief span of time, slowed down electronic communications. The courts are not going to treat your data and your lungs according to the same rule. Strict liability is a tool to make something that has served or does serve a useful purpose (e.g. blasting for a roadway or a subway) pay its own way when something goes awry. It's a tool to open wide the doors to liability, and to do that here would have, I think, a nasty chilling effect on the industry. I haven't heard yet of a products liability claim that arose just because a product failed for an industrial use -- though there might be a contracts claim. But don't listen to me, I haven't studied it yet. Don't even listen to me too much on the stuff I have studied.
I'm still wondering how, in terms of what I quoted above, we distinguish in terms acceptable to use in a legal rule between MS and the less financially solvent maker of some other piece of software. IANAL, but my readings of torts cases as a student show me that while courts do tend to allocate risk based on who is able to compensate, they will only do so if, on the whole, one group is generally better able to compensate for that sort of injury. Courts make such decisions where things work "as a rule," because they operate by applying rules. MS is able to compensate for data- and security- threatening mistakes, and GPL authors are not, but that alone is not going to be a good enough reason, especially when there is a third party's intentional intervening act, as in the case of a virus creator or cracker.
I think it was Bruce Perens who pointed out that users of open-source software can check the code, and he might have been onto something. However, the vast majority of users of open-source software -- including myself -- are not able to make that kind of close analysis of the software they use, and would have to hire professional "code-checkers." I know some C and some C++, but if the coder didn't find the buffer overflow risk, I probably can't either, certainly not in a large application for networked enterprise use. These "code checkers" would have to be programmers who, we may presume, would then shoulder the liability. I sure don't want to be that guy, and I don't think anyone else would want that liability either. You'd have to pay someone a lot to take that liability, and at that point, IS departments would just say, "okay, then, we'll go with MS." And that's not even the 'little guy' running his home business.
Here are two more reasons we might not want to allocate this risk to Microsoft: First, if purchasers know that they are "insured" if they go with the corporate behemoth's software, but are "uninsured" if they go with open-source software, you know what they'll do. Second, there would be a chilling effect on anyone trying to build a business on software manufacturing. While that would certainly cool off this crazy string of IPOs, it would probably discourage anyone from assembling lots of capital, because then they'd suddenly be open to liability.
I still think that the ability to pay, in and of itself, will not be sufficient for a court to rule that a software producer is liable for damage to data (not persons) arising from exploitable programming, especially when there had to be a third party to make use of the exploit. Courts will not rule that "Only big software producers" will be liable. (Where would we draw the line of "bigness," among all those other concerns?)
First, a court would have to find that there was negligence. That is to say, that there was a standard of care that applied in the situation, that the standard of care was breached, and that the breached caused damage both in fact and in terms of "proximate" cause. Second, there is the fact that this would be products liability, which has some of its own rules. I don't know them very well, though I am familiar with a rule which holds that one can generally disclaim the merchantability of a product for certain kidns of uses, unless the product can be made unusually dangerous (usually construed as physically dangerous to a person) in its intended use by negligent manufacturing.
I don't have time to write about all of these elements, and you don't want to read it all anyway. I want to note, though, that in most cases where the negligence of one party creates a dangerous situation, and another party discovers it and intentionally exploits it to bring about the danger that was risked, the connection of "legal cause" between the negligence and the damage is understood to be broken.
An example which comes up in casebooks is a case where a railroad company spilled gasoline all over the place. The question presented was whether the railroad was liable for damage from the ensuing fire when someone threw a match on it -- there was testimony to show that he had intentionally thrown the match. The appellate court in the case held that the railroad would not be liable if the other defendant had intentionally thrown the match. The rationale (at least according to my torts professor) is that if someone exploits a dangerous situation before the negligent party finds out about it and has a chance to clean it up, we shift the liabiltity over to him and take it off the negligent party.
Now, we can all think of how there are similarities and difference in a software situation, where the parties know that the person using the software is relying on it to get the job done. On the other hand, there are the issues of warranty disclaimer and the defenses to liability. I think one of the reasons courts are unlikely to find Microsoft liable in this situation, even going past the defenses it would have available, is that they would have to apply it to all small companies and open source programmers to that kind of liability, and no one can insure against it. The courts will look for the best ways to spread these losses around so that they are manageable. Microsoft might be able to spread those kinds of losses around, by insuring itself and raising software prices (yes, I say that in all seriousness), so it will be tempting to assign liability there, but the individual or group who writes a shareware or open source network program and leaves in an opportunity for a buffer overflow cannot, and would go bankrupt quickly, leaving only a few people compensated and countless more uncompensated. The courts will not create an otherwise-unjustified double standard between the behemoth and the little guy when the only difference between them is that one is a behemoth and one is a little guy.
For these reasons, I expect that the person or company who accepts the licensing agreement and its disclaimers, even for mission-critical operations, will have to self-insure against its failure when there is no warranty, and will have to self-insure against the security risks involved in using such software.
In parting, here's my own little disclaimer: I am not a lawyer, just a student, so you should not rely on anything I have said for any purpose other than as something to think about.
I don't think that the court would find that there is a gross differential in bargaining power here. I either buy the software and install it, or I don't. With the GPL, the software is often free -- a court in a contracts case would have a hard time even finding consideration there for the exchange of the software, much less an assumption by the distributor of an obligation of its merchantability.
I heard of a decision that went one way or another on the validity of shrink-wrap licenses, though I don't know if it was an appellate court (the only ones that count as precedent) or just some district court. Maybe I'll run a search tomorrow.
The court points out that it has not touched on federal law. It may be a bit persuasive on how to deal with these issues in such cases, but this case should not be read as having any effect on cases in federal law. It has none. Even if it had come up in the case, it would be a federal question, for determination by the federal courts.
That's almost like saying, "if they didn't want me to distribute copies of this book, they wouldn't have printed it in the first place," or even, "if they didn't want me to copy this game for all my friends, they wouldn't have put it on a disk in the first place."
Books and the periodical press are about the free exchange of ideas and information, too. That's why we have a freedom of speech and press clause in the First Amendment -- that was around a long time before the Internet. But books, press, and webpages all fall within the scope of the copyright law.
Under the US Copyright law, even the "fair use" of copyrighted materials may be limited depending upon "the effect of the use upon the potential market for or value of the copyrighted work." 17 U.S.C. 107. Publishing it here deprives them of income for their work -- income that they don't even take out of the person who goes there and uses it for free. Explain how that's fair.
Hm. Well, as far as the floodgates are concerned, a broad class action suit or two would in theory limit the number of claims that would reach the courts to those few. At least, I would think.
1. I don't know if the US is a Berne convention nation, but it doesn't matter. According to the US Copyright Code, 17 USC S.101-104 (available as Circular 92 from the copyright office), unpublished works in general are protected, and published works such as Murray's are protected, "if, on the date of first publication, one or more of the authors is a national or a domicilary of the United States...." [17 USC S.104(b)(1)].
2. However, there are numerous rules which appear to place a statute of limitations on suits to enforce the copyright. A lawyer could tell you whether the limitations have or have not run.
3. According to Circular 1, "Before an infringement suit may be filed in court, registration is necessary for works of U.S. origin." And, "If made before or within 5 years of publication, registration will establish prima facie [on the face of it, sufficient so long as another party doesn't have a good rebuttal] evidence in court of the validity of the copyright and of the facts stated in the certificate." (US Library of Congress Copyright Office, Circular 1, page 7) (PDF circ01.pdf) It looks to me like if anyone's expecting to have to enforce a copyright gained under 17 USC 104(b)(1), she or he had better register it right away.
And there's a whole heck of a lot more info out there too, and a whole Title of the United States Code (Title 17). Good place to start is that Library of Congress website and/or a lawyer.
I'm not saying that Murray necessarily wants to enforce this or put that kind of effort in, though a bark letter might be a nice idea. Any attorneys out there, especially in Murray's state (wherever that may be) who'd like to do this for free? If it were three years from now, I'd do it.
I think I heard something in the spring and summer about appellate court rulings holding online providers responsible for their material...
Don't quote me on any of this. I am not a lawyer; I have just begun my study of law. I have passed no tests, and the only two licenses I have are an amateur radio license and a driver's licence, which certainly don't allow anyone to practice law. No one who is not a lawyer may give legal advice. This should NOT be construed as legal advice. I am a lay person reporting the information I think I have found in 30 minutes of web research. I COULD BE WRONG.
I think the disclaimers give me away. :)
The curious should grab some of those pdfs from the Library of Congress and/or contact their attorneys.
From http://www.apple.com/quicktime/developers/qtjava/s dk/index.html :
"In order to use the QuickTime for Java libraries, you must have both QuickTime 3 (including QuickTime for Java) and a Java Runtime Environment installed."
So, QT for Java requires QuickTime. No dice.
I think in the US it really depends on where one goes. According to some friends' reports, the state schools around here and some private schools are a lot like big high schools in terms of social environment. However, I'm at a private school in the midwestern U.S., and I've been really relieved to find that it ain't necessarily always so. Of course, a disproportionate number of people here were the sidelined geeks in high school, so we're sensitive to this kind of thing and take more time to find out who people are. I see much, much fewer snap judgments.
Who's to say the Metalab maintainers aren't full of it as well? The reason they present is a joke, there's a link underneath titled "Good for today only - April 1, 1999" that goes to a gif of a page of what appears to be (somewhat poor) cyrillic handwriting. I can't read it, but I bet it's something along the line of "april fool...".
The point is that in the lease contract examples above, the contract is void if the contract specifies something which is a violation of law. Because Texas has no law forbidding this kind of contract, the contract is legal and binding in Texas. At least, so it seems thus far.