UCITA drafters don't go far enough for Red Hat
Warranty sticking point
The group that drafted the controversial UCITA legislation has approved a handful of changes designed to address concerns raised by Open Source advocates, but those changes may not go far enough to win the approval of Red Hat's lawyer.
The National Conference of Commissioners on Uniform State Laws approved several changes to its Uniform Computer Information Transactions Act, which is supposed to be a model for state legislatures to consider.
Among the changes approved by the NCCUSL last week were some that addressed concerns voiced by the Open Source and Free Software communities:
- A state's consumer protection law now trumps UCITA.
- Software contract terms that prohibit criticism of that product are unenforceable.
- A software contract may not prohibit reverse engineering that is done for the purposes of making a piece of software work with other software.
- Open Source software is exempt from UCITA when that software is not sold for a profit.
But that last change doesn't go far enough, says Carol Kunze, a lawyer working for Red Hat on UCITA issues. Before the commission's meeting, Kunze wrote a letter asking the group to kill UCITA altogether. Red Hat and other Open Source companies have long objected to UCITA's requirement that Open Source software provide warranties to customers.
Kunze says the new changes stop short of exempting Open Source software a customer has purchased from carrying a warranty. And software distributed for free would still be required under UCITA to carry a warranty if there's a charge for installation services or an accompanying maintenance contract.
The bottom line, says Kunze, is that any Open Source programmers trying to make money from their software would have to carry up-front warranty disclaimers saying there are no implied warranties beyond those that are granted, like proprietary companies do in their click-wrap agreements. "Open Source/Free Software would have to adopt the proprietary practice of having an upfront agreement with the user, something that many Open Source/Free Software programmers don't want to do, if only to disclaim the implied warranties," Kunze says.
Kunze also worries about the combination of UCITA with the laws in several states that prohibit warranty disclaimers. "Should a state adopt UCITA, but amend it by disallowing warranty disclaimers for consumers, Open Source/free software may be forced to carry mandatory warranties," she says. "I am reminded of Bruce Perens' statement in Open Sources: Voices from the Open Source Revolution (1999): 'If free-software authors lose the right to disclaim all warranties and find themselves getting sued over the performance of the programs they've written, they'll stop contributing free software to the world.'"
Commission officials say some of the changes in the UCITA model bill were prompted by the many concerns expressed by Open Source and Free Software advocates. But Carlyle "Connie" Ring, chairman of the UCITA drafting committee, says the changes are a good compromise for the Open Source community. "No one comes out at 100%," Ring says. "We all give a little bit."
Ring clarifies that the new UCITA would exempt from warranty an Open Source product that was sold for the cost of the media it was on, such as a $3 Linux CD set. But a Red Hat boxed set selling at Wal-Mart for $60 would fall under UCITA's warranty provisions.
"If you're packaging that as a commercial product, then you're in the business that every other software purveyor is in," Ring says. In Ring's way of thinking, you then should abide by the same warranty rules as the rest of the industry.
Ring predicts the software warranty debate could go two ways: through state legislatures working on legislation such as the commission has recommended, or through the U.S. Congress. Ring doubts that Congress would exempt commercial software from carrying warranty disclaimers.
Acknowledgment of GPL, reverse engineering
Kunze is also interested in a couple of other changes to the UCITA model legislation. One is an acknowledgment that a notice license -- such as the GPL or BSD licenses -- is not governed by UCITA, as opposed to contractual licenses. She says while this acknowledgment doesn't really change the existing law, it may be useful in helping people understand licenses such as the GPL.
Kunze is more concerned about the reverse engineering provision in UCITA, which, like the warranty change, may not be of much help to Free Software programmers. The change to allow reverse engineering for interoperability purposes basically follows the Digital Millennium Copyright Act's language, she says, in requiring that reverse-engineered information must not have been "readily available" to the programmer.
So what's that mean? "'Readily available' may mean that an attempt must first be made to obtain a license for the information," she says. "What's more, it's not clear whether conditions on the information, such as payment, may be imposed. Given that Open Source/Free Software does not generate license income, any required payment may put this option out of reach. Any benefit from this reverse engineering clause may prove elusive."
The original UCITA model legislation was the first proposed by the National Conference of Commissioners on Uniform State Laws that the American Bar Association threatened to oppose, says John McCabe, legislative director for the NCCUSL. The changes to UCITA will now go back to the ABA for approval in mid-2003.
Meanwhile, the NCCUSL will pitch the new UCITA language to state legislatures across the United States, including to the two states that have already passed UCITA laws, Maryland and Virginia. Ring says his group will recommend that the two states adopt the changes they haven't already addressed.
But Red Hat's Kunze predicts UCITA will continue to be opposed by consumer groups in states where it's considered. "Given that the recent changes still do not satisfy its opponents, it's not clear whether UCITA will now be successful in getting adopted in other states, particularly with the added charge that it would force Open Source/Free Software to adopt proprietary practices in having agreements with users," she says.
Sponsored: Today’s most dangerous security threats