Consumer friendly FTC may demand software works to spec

UCITA outflanked? Good grief, this is Communism...

  • alert
  • submit to reddit

Choosing a cloud hosting partner with confidence

Analysis Consumers may soon get a better deal for packaged software, and be able to buy it instead of licensing it under onerous terms. Despite the strong lobbying efforts of US packaged software publishers, the US Federal Trading Commission (FTC) could well come out on the side of the consumer.

The restrictions associated with software licensing have produced something of a consumer backlash, because outright sales give consumers far more rights, and this view may have found some sympathy at the FTC. Against all expectations, it now looks as though the controversial Uniform Computer Information Transactions Act (UCITA - a so-called model law intended for enactment by every state, the pre-cursor of which was called Article 2B of the Uniform Commercial Code) may not be rubber stamped by many state legislatures.

There is also the possibility that if state implementation is delayed or the provisions in UCITA are modified, this could provide a reason for federal authorities to step in and do some harmonisation at the federal level - sweeping away UCITA in the process.

Why should software be different?
The FTC has decided it wants to investigate why software is treated differently from other consumer products and made available under restrictive licenses, thereby making it possible to disclaim implied warranty protection. It recently held a public forum to examine high-tech warranty issues. Although the FTC did not get its concerns addressed when it submitted comments to the National Conference of Commissioners on Uniform State Laws (NCCUSL - the body responsible for developing UCITA), it has certainly managed to gain centre stage now.

The FTC introduced into the discussion the Magnuson-Moss Act, which should apply to consumer software sales. This gives consumers some important rights - for example warranties must be available for review prior to purchase, and not inside the shrink-wrapped box. Warranty is a key issue, because if software is deemed to be tangible goods (and the arguments as to why it should not be so regarded suit only software publishers) then the Act says that implied warranties cannot be disclaimed, meaning that if a software vendor makes a claim in an advertisement or interview that there is some functionality in a package, it should be there and it should work.

It doesn't take a great leap to come to the realisation that this is dangerous stuff: if software has reasonably to do what it claims to do, there will be many unhappy vendors but some much happier users. It could also preclude the premature release of software with many known, serious bugs. At the moment, UCITA makes it possible for software publishers to disclaim any implied warranties.

Maryland, home of the licence agreement?
So far, UCITA is only in force in Maryland (from 1 October), but it is now possible for software publishers to draw up their licences under Maryland law, and reap the one-sided benefits of UCITA. Although it has been passed in Virginia, it will not be in force until next July after an impact review - assuming this is not negative. It is known that Virginia's enthusiasm was driven by a hope that software vendors might set up shop in the state if it was an early mover. Delaware, DC, Hawaii, Illinois, New Jersey and Oklahoma are currently considering UCITA in their state legislatures.

UCITA is state law and it is being used to restrict provisions in federal copyright law. From a user perspective, it is the end of consumer rights for shrink-wrapped software (or click-wrapped, if obtained online). UCITA makes it legal for consumers to be denied sight of a software licence before paying for it - despite the "conspicuous" disclosure of material terms for pre-sale review provision - by allowing users to return the software after reviewing the licence terms. In practice, it is very difficult to obtain a refund, since the dealer usually claims that the software publisher should be approached, and vice versa. Even so, the licensor or supplier must pay the costs incurred in returning software, according to UCITA.

The anti-UCITA submissions to the FTC are diverse and articulate. The IEEE said that it was concerned that what should be a sale was transferred into a licensing transaction that potentially permitted the enforcement of onerous, burdensome and unreasonable contract provisions that could include the prohibition of criticism of the software and limitations in selling or disposing of the software.

Federal "fair use" law and statutory copyright law that allowed reverse engineering for the development of interoperable software and security testing was undermined. Warranties were disclaimed and software defects known prior to sale did not have to be disclosed to the buyer, or fixed, and users could be prohibited from identifying problems. Software publishers could also make it expensive and burdensome for purchasers to protect their rights. Finally, remote disablement of the software could be triggered innocently - through a so-called backdoor provision. Users have no recourse whatsoever against software vendors for either known or unknown bugs.

It's all your fault

Cem Kaner, the author of Bad software, noted that in the good old days, Apple's Orchard magazine encouraged customers to reverse engineer and modify Apple ][ system software. Kaner also pointed out that software publishers usually waive any technical support fee for bug work-arounds - but only if a customer insists. One of the more iniquitous requirements by Microsoft in its MSN membership agreement is that it reserves the right to change the agreement without notice by posting details online, and that users are responsible for regularly reviewing such information or it would be assumed that continued use meant acceptance of the new conditions.

Just as bad was a CompuServe reference to Terms of Service that were not to be found on the Web site. Kaner also draws attention to the software publisher's desire to bring software outside consumer protection law, so that there can be no market in used software; publicity can be controlled; and there can be no remedies or warranties.

Richard Stallman, the GNU GPL pioneer, draws attention to the fact that Microsoft Word stores users' data in secret formats designed to make it difficult for other programs to access the same data. He also notes Microsoft's sensitivity in the click-wrap licence to Microsoft Agent that prohibits anyone from using "the character animation data and image files to disparage Microsoft, its products or services".

Software publishers are a bit shy about coming forward to defend UCITA, and tend to work through trade associations like the Washington Software Alliance (global sponsors: Preston, Gates, Ellis - Bill's Dad's law firm no less). The WSA made some very contorted arguments in favour of UCITA, suggesting that requiring warranties on packaged software would threaten the vibrancy of the US economy, and make it hard for small software companies to survive. The WSA soon gets to the heart of its global sponsor's concerns: "The open source... software movement is one of the major sources of competition to the Microsoft operating system" and sets about castigating Red Hat's licence which, after all "gives you legal permission to copy, distribute and/or modify the library".

The SIIA tries to make the case for software being different and hints at licensing not being a one-off charge. Its argument that the open source movement disclaims warranties, and the implication that so should the publishers of proprietary software, is fickle, as it well knows. Those offering source code to the public domain free of charge have a reasonable right to expect not to be sued for doing so, but consumers who pay for a proprietary product should have a right to expect it to work reasonably - which is just what UCITA doesn't guarantee. Most wicked of the SIIA however is the implication that "all interested parties" agreed the final text of UCITA: user comment was not canvassed by NCCUSL. Claiming that UCITA preserves "bargaining flexibility" is quite simply untrue.

You're already a subscriber

Mark Bohannon, general counsel of the SIIA remarked that there is no one-time sale, and that the user enters into "an ongoing subscription relationship" which sounds suspiciously like the death toll for once-only payments for software and a herald for annual licensing fees (.NET anyone?) for software. It is a canard for the SIIA to claim that this is necessary for ASPs, since their situation is quite different from a consumer sale, or a normal business sale come to that. UCITA artificially makes software different from the purchase of books.

It will not be known for some time whether the FTC decides to act over UCITA, but if it does, federal law can pre-empt state law and so give consumers a fairer deal. At present, UCITA protects bad software companies that are concerned that they could be made responsible for buggy software. A big lobbying effort is being organised by the major software publishers (and NASDAQ, which no doubt sees the writing on the wall if there is accountability). Consumer organisations are organising opposition, and are getting significant support from major software users like Caterpillar and Prudential Insurance.

The international implications of this domestic US law are considerable, because US-based software publishers try to inflict essentially the same legal agreement throughout the world. It will be interesting to see if the European Commission decides to play a role in looking after European consumer interests. ®

Related stories:
Virginia passes controversial software licensing law
MS-backed US law could destroy consumer rights to redress

Providing a secure and efficient Helpdesk

More from The Register

next story
Preview redux: Microsoft ships new Windows 10 build with 7,000 changes
Latest bleeding-edge bits borrow Action Center from Windows Phone
Google opens Inbox – email for people too thick to handle email
Print this article out and give it to someone tech-y if you get stuck
Microsoft promises Windows 10 will mean two-factor auth for all
Sneak peek at security features Redmond's baking into new OS
UNIX greybeards threaten Debian fork over systemd plan
'Veteran Unix Admins' fear desktop emphasis is betraying open source
Entity Framework goes 'code first' as Microsoft pulls visual design tool
Visual Studio database diagramming's out the window
Google+ goes TITSUP. But WHO knew? How long? Anyone ... Hello ...
Wobbly Gmail, Contacts, Calendar on the other hand ...
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
prev story


Choosing cloud Backup services
Demystify how you can address your data protection needs in your small- to medium-sized business and select the best online backup service to meet your needs.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.