![[LWN Logo]](/images/lwn.banner.gif)
Date: Wed, 12 Jan 2000 06:03:10 -0800 (PST)
From: Phil Agre <pagre@alpha.oac.ucla.edu>
To: "Red Rock Eater News Service" <rre@lists.gseis.ucla.edu>
Subject: [RRE]Uniform Computer Information Transactions Act
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
This message was forwarded through the Red Rock Eater News Service (RRE).
Send any replies to the original author, listed in the From: field below.
You are welcome to send the message along to others but please do not use
the "redirect" option. For information about RRE, including instructions
for (un)subscribing, see http://dlis.gseis.ucla.edu/people/pagre/rre.html
or send a message to requests@lists.gseis.ucla.edu with Subject: info rre
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Date: Tue, 11 Jan 2000 19:27:42 -0800
From: Cem Kaner <kaner@kaner.com>
Subject: UCITA -- response to lobbyists
[...]
The August 30th, 1999 issue of the National Law Journal carried an
article favoring the Uniform Computer Information Transactions Act. I
protested to the Journal about the bias of the article and was invited
to write a response, but the inviting Editor left the Journal shortly
thereafter, and my response was never published. The claims made in
that article, which was written by the Chairman of the UCITA drafting
committee and two of his colleagues, are being (and will continue to
be) repeated to legislators who are considering the Act. Perhaps your
readers will find this rebuttal of interest.
I grant permission to any reader to recirculate or publish this
article, so long as it is attributed to me and published in its
entirety (including endnotes). If you are recirculating or publishing
it, please let me know.
-- Cem Kaner, kaner@kaner.com
THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT
In the August 30th, 1999 issue of the National Law Journal, Carlyle
C. Ring, H. Lane Kneedler and Gail D. Jaspen presented the proposed
Uniform Computer Information Transactions Act ("Uniform law for
computer info transactions is offered"). Mr. Ring chaired the
drafting committee that wrote UCITA.
UCITA is a proposed law that will govern all transactions involving
computer software, electronic databases (such as WestLaw), downloaded
books, and some entertainment products. It can also apply to
computers and some other goods if their manufacturers put an
appropriate notice in the product packaging.
Although the Ring et al. article reported years of work on UCITA as
a proposed Article 2B addition to the UCC, it failed to mention that
the UCC is a joint project between the American Law Institute (ALI)
and the National Conference of Commissioners on Uniform State Laws
(NCCUSL). It failed to mention that the ALI called for "fundamental
revision" of the draft in May, 1998 (1) and withdrew from the project
in April, 1999, effectively killing 2B as a UCC project. Thereafter,
NCCUSL renamed the project as UCITA and went forward alone. The ALI
members of the Article 2B drafting committee refused to join the UCITA
drafting committee. (2)
Although authors Ring, Kneedler, and Jaspen acknowledged that UCITA
is a controversial proposal, they listed only its supporters and not
such opponents as the Attorneys-General of 24 states, the Bureaus of
Competition, Consumer Protection, and Policy Planning of the United
States Federal Trade Commission, the leading software developers'
professional societies (such as the Association for Computing
Machinery, the Institute of Electrical and Electronics Engineers,
and the American Society for Quality, Software Division), software
trade groups representing small developers (the Independent Computer
Consultants Association, the Free software Foundation), the five main
library associations, leading intellectual property experts (including
the American Intellectual Property Law Association, Committee of
Copyright and Literary Property of the Association of the Bar of the
City of New York, and fifty intellectual property law professors),
other copyright industry associations (such as the Motion Picture
Association of America, the National Association of Broadcasters, and
the Newspaper Association of America), and every consumer advocacy
group that has looked at the bill. (3)
UCITA will have profound effects on intellectual property rights and
the quality and security of computer software.
INTELLECTUAL PROPERTY
Under UCITA, almost all software-related transactions will be
licensing transactions. When a consumer buys a copy of Microsoft Word
and a copy of a book about the program, the software transaction would
be a license while the book transaction is a sale, even if the two
items were side by side, the customer bought them both from the same
cashier, and the software license was not available to the customer
until after she paid for the product and took it away. Under UCITA
102(a)(42) a transaction can be a license even if the licensee is
given title to the transferred copy.
This is a shift from long-established treatment of intellectual
property in the mass market. To see the history of this issue in
copyright law, shepardize Jewelers' Mercantile Agency v. Jewelers'
Pub. Co., 155 N.Y. 241 (1898) (rejected the fiction of a lease
offered to all comers that restricted transfer of the book and use of
information in it); Bobbs-Merrill Co. v. Straus, 210 U.S. 339 (1908)
(rejected a restrictive notice on a book that prohibited the buyer
from reselling the book for less than a minimum price. Under the
first sale doctrine, publisher lost its property interest in an
individual copy of a book once it sold that copy. The restrictive
notice could not transform a sale into a license); RCA Mfg. Co. v.
Whiteman, 114 F.2d 86 (2d Cir. 1940) (Licensing language on record
albums could not convert a mass-market sale into a license.) For
patent law, look at the doctrine of exhaustion, starting with Motion
Picture Patents Co. v. Universal Film Manufacturing Co. 243 U.S. 502
(1917).
According to authors Ring, Kneedler, and Jaspen, "UCITA is intended
neither to avoid nor to contradict the large body of existing federal
intellectual property law." Others vigorously disagree. For example,
the American Intellectual Property Law Association (4) protested to
NCCUSL that UCITA "eliminates the 'first sale' doctrine" (which allows
the owner of a copy to sell it or give it away). Under UCITA 503(2),
"a term prohibiting transfer of a party's interest is enforceable, and
a transfer made in violation of that term is a breach of contract and
is ineffective." A vendor who puts a no-transfer clause in the license
achieves a market-wide restriction -- equivalent to elimination of the
first sale doctrine. By allowing vendors to enforce such restrictions
in the mass-market, UCITA allows them to evade the federal balancing
of private and public rights in intellectual property.(5)
Reverse engineering is another example of the intellectual property
reach of UCITA. Reverse engineering is a normal engineering
practice.(6) Clauses barring reverse engineering have been enforced
in negotiated licenses, but not in mass market cases.(7) Some
software publishers want to ban reverse engineering in the mass
market. Despite authors Ring, Kneedler, and Jaspen's claim of UCITA's
neutrality on this issue, UCITA makes contractual use restrictions
(no-reverse-engineering is a use restriction) prima facie enforceable.
Individual courts might rule that such a restriction is invalid
under federal law or against public policy, but it will take several
expensive court cases before software developers will know whether
they can still lawfully reverse engineer mass-market software in the
face of a shrink-wrapped contract term that claims that they cannot.
The AIPLA letter noted that "The President of . . . [NCCUSL], Gene
Lebrun, wrote . . . that it is 'expressly stated in Section 2B-105
[that] Article 2B does not displace or change intellectual property
law.' . . . We are extremely concerned that the proposed UCITA draft
is not consistent with . . . the assurance of President Lebrun."
UCITA Reporter Ray Nimmer complained of "distortions" in the debate
on UCITA, identifying as a "misrepresentation" "that UCITA allows
licensors to prevent licensees from commenting about the products.
This allegation makes nice copy and superficial impact, but is simply
untrue. You can scroll through the UCITA draft and will not find any
such provision." (8) Opponents quickly point to UCITA section 102(a)
(20), which defines "contractual use restriction" as "an enforceable
restriction created by contract which concerns the use or disclosure
of, or access to licensed information or informational rights,
including a limitation on scope or manner of use." Section 307(b)
states that "If a license expressly limits use of the information
or informational rights, use in any other manner is a breach of
contract." Under the statute's own definition, a nondisclosure
clause is a contractual use restriction. Under Section 307(b), such
a restriction is enforceable.
These provisions may keep vital information from the marketplace.
Consider the following restrictions, downloaded (July 20, 1999) from
www.mcafee.com, the website for VirusScan, a mass-market software
product, on July 20, 1999.
"The customer shall not disclose the results of any
benchmark test to any third party without McAfee's
prior written approval."
"The customers will not publish reviews of the
product without prior consent from McAfee."
Clauses like these are enforceable in traditional, negotiated
licenses, and they are used to block magazine reviews.(9) UCITA
arguably extends the enforceability of such clauses even in mass
market products. Perhaps they will eventually be found to conflict
with public policy but until then, the plain language of UCITA will
have a chilling effect on criticism of mass-market products.
SOFTWARE SECURITY
UCITA section 816 allows software vendors to place disabling codes in
software and to activate them remotely (such as by sending an e-mail)
to shut down a customer's use of the product.
Such disabling codes create a hole in the customer's system security.
UCITA section 816 remedies for wrongful use of such codes are probably
not triggered if the software is shut down accidentally or by a third
party (such as a cracker who learns the code or a disgruntled former
employee of the vendor).
Self-help was portrayed in the UCITA meetings as something essential
to protect the interests of small licensors. However, the only group
attending the UCITA meetings that represents only small licensors,
the Independent Computer Consultants Association, urged NCCUSL to
reject self-help. It recommended that licensors be protected without
creating the disabling code security risk to customers by statutory
authorization for recovery of attorney fees by licensors who obtain
an injunction to terminate misuse of the software. This proposal was
repeatedly rejected.
CONSUMER PROTECTION
UCITA is hostile to customers of all sizes. It validates post-payment
presentation of material terms and permits licensors to put in a form
contract a term that allows them to keep changing terms. Licensors
can exclude incidental and consequential damages even when an
agreed remedy fails of its essential purpose. The drafters rejected
proposals from the software engineering professional societies
(ACM, IEEE, and ICCA) to allow customers to recover damages caused
by defects that were known to the licensor but not documented or
disclosed to the licensee. Instead, the standard form exclusion of
incidental damages allows the licensor to charge a support fee (such
as $5 per minute on the telephone) when a consumer calls to complain
about a defect that was known by the licensor when it licensed the
software. Software products are often sold in the mass market with
hundreds or thousands of known defects. (10) For additional detailed
notes on consumer impact of UCITA, see the articles in the note. (11)
Authors Ring, Kneedler, and Jaspen say that "UCITA alters no
state laws relating to the applicability of consumer protection to
databases, consumer services or software." In contrast, 24 Attorneys
General and the Administrator of the Georgia Fair Business Practices
Act said that UCITA's "rules deviate substantially from long
established norms of consumer expectations. We are concerned that
these deviations will invite overreaching that will ultimately
interfere with the full realization of the potential of e-commerce in
our states." (12)
The Attorneys General also said that UCITA's "prefatory note and
reporter's comments incorrectly present the proposed statute as
balanced and as leaving 'in place basic consumer protection laws'
and 'adding new consumer and licensee protections that extend current
law.' . . . [I]n instances in which provisions are described as new
consumer protections, such as the contract formation and modification
provisions discussed below, consumers actually have fewer rights
than they do under present law. . . . NCCUSL . . . should revise
the explanatory materials accompanying the statute to scrupulously
identify the instances in which the policy choices embodied in
the statute either extend or resolve controversies in current law
and to clearly explain whether such extension or resolution favors
sellers/licensors or buyers/licensees."
NOTES
(1) Jean Braucher, "Why UCITA, Like UCC Article 2B, is Premature
and Unsound", UCC Bulletin, July 1999,
www.2BGuide.com/docs/0499jb.html.
(2) (www.2BGuide.com/docs/50799dad.html).
(3) See www.badsoftware.com/oppose.htm and www.2bguide.com.
(4) Letter to NCCUSL, July 16, 1999.
(5) Robert P. Merges, "Intellectual Property and the Costs of
Commercial Exchange: A Review Essay," 93 Mich. L. Rev. 1570, 1613,
1995; Mark A. Lemley, "Beyond Preemption: The Law and Policy
of Intellectual Property Licensing," 87 Cal. L. Rev. 111,1999,
http://papers.ssrn.com/paper.taf?abstract_id=3D98655.
(6) Cem Kaner, Article 2B and Reverse Engineering, UCC Bulletin,
November, 1998, 1, www.badsoftware.com/reverse.htm.
(7) Sega Enterprises Ltd. v. Accolade, Inc., 977 F.2d 1510 (9th
Cir. 1992); Vault Corp. v. Quaid Software Ltd., 847 F.2d 255 (5th
Cir. 1988). "Correcting Some Myths About UCITA",
http://www.2bguide.com/docs/rne.html
(8) "The Test That Wasn't" August 1999 PC Magazine 29. According
to that article, Oracle "formally declined to let us [PC Magazine]
publish any benchmark test results."
(9) Cem Kaner & David Pels, Bad Software: What To Do When Software
Fails.
(10) Federal Trade Commission letter www.ftc.gov/be/v990010.htm;
Steven Chow (a member of the UCITA drafting committee) "Proposed
Uniform Computer Information Transactions Act: Bad For Commerce
And Innovation" www.2bguide.com/docs/citopp.html; Cem Kaner,
"Comments on Article 2B" (section-by-section analysis) October 1998,
www.badsoftware.com/kanerncc.htm; "Bad Software: Who is Liable"
(analyzes software economics and UCC 2B) May 1998,
www.badsoftware.com/asqcirc.htm; and
(11) "Article 2B - Report from the November 13-15, 1998 Meeting",
www.badsoftware.com/uccnov98.htm.
(12) Letter to NCCUSL, www.badsoftware.com/aglet1.htm and
www.badsoftware.com/aglet2.htm.
_______________________________________________________________________
Cem Kaner, J.D., Ph.D.
P.O. Box 1200, Santa Clara, CA 95052
http://www.kaner.com
http://www.badsoftware.com
Author (with Falk & Nguyen) of TESTING COMPUTER SOFTWARE (2nd Ed, VNR)
Author (with David Pels) of BAD SOFTWARE (Wiley, 1998)
This e-mail communication should not be interpreted as legal advice
or a legal opinion. The transmission of this e-mail communication
does not create an attorney-client relationship between me and you.
Do not act or rely upon law-related information in this communication
without seeking the advice of an attorney. Finally, nothing in this
message should be interpreted as a "digital signature" or "electronic
signature" that can create binding commercial transactions.