This article by Stuart L. Adams, Jr. appeared in the 

Louisville Computer News

 

A Quiet Little War

The Potential Impact of the Uniform Computer Information Transactions Act on Commerce

(July 1999)

A war has been going on for several years, which you may not have heard of unless you are a lawyer or someone in one of the industries which closely monitors attempts to regulate commerce. A major landmark in the war may occur in July. For many years, an organization named the National Conference of Commissioners on Uniform State Laws (NCCUSL) has been involved in drafting a revision of the Uniform Commercial Code Section 2B, which would have had serious impact on e-commerce, software licenses and other transactions. It should be noted that many states essentially rubber stamp the "uniform laws" which come out of the NCCUSL, so any proposed new uniform state law has great national importance.

The partner of the NCCUSL on drafting changes to the UCC is the American Law Institute (ALI) (too many initials already?). Largely based on fears raised by many industries which were protesting language found in early drafts of the UCC 2B, the ALI decided to put off a vote on the revisions at its annual meeting this year, effectively making it improbable anything would be done at all this year.

Unlike UCC changes, proposed uniform state laws only need the approval of the NCCUSL, without requiring ratification by the ALI. After years of debate, innumerable drafts and lobbying by many industry groups, the NCCUSL simply decided to do an end run around the ALI and replace the UCC revision with something called the Uniform Computer Information Transactions Act or UCITA. (The initials just get worse)

WHAT DOES THE UCITA MEAN TO ME?

The UCITA is scheduled to come to a vote at the meeting of the NCCUSL in July. After years of fighting the 2B revision the industry and consumer groups find they may be trapped or shut out of the fight, as this new law moves past their roadblocks. Many have considered the Internet a sort of "Wild West," which remained an unregulated frontier partially because traditional laws on commerce simply were so antiquated in scope (since most "cyber issues" did not yet exist when thy were drafted) that they had little or no application to e-commerce or to software licenses and transactions such as "shrink wrap" agreements.

Even the President of the NCCUSL, Fred Miller, is quoted by InfoWorld as saying that the name change from UCC 2B to the UCITA is merely an "intermediate step" until commercial practice is sufficiently mature for a real consensus on what the laws should be. Meanwhile, the new proposed law could be ready for state legislatures around the country as early as next year. Here are some reported highlights, with a little topspin. The UCITA could:

Give vendors the right to repossess software by disabling it remotely;

Make the terms of shrink wrap licenses more enforceable;

Prevent the purchaser of software from easily transferring the license to another party without vendor approval;

Allow vendors of software to disclaim warranties;

Criminalize reverse engineering

WILL YOUR VENDOR BE AN UNWELCOME VISITOR?

A recent draft of the law allows vendors to remotely disable software they sell if they feel the customer has violated the license agreement. This is a self-help remedy which some, such as Barry Kantar, a member of the Society of Information Managers (SIM), say is Draconian. SIM has long been opposed both to the 2B revision and now is opposed to the UCITA.

Many say the market has been the disciplinarian in the past and has done an adequate job. The nature of the fear of such self-help could be seen in a ten year old case involving Revlon. A decade ago, a Santa Clara, California company by the name of Logisticon shut down Revlon Group’s systems by phone when it felt it had reached an impasse in resolving a dispute of what it considered an overdue final $180,000 payment on a $1,200,000 contract for warehouse management software. Revlon, in a suit filed later, claimed this self-help had shut it down for three days. The case was settled out of court and the agreement reached included a provision that the parties would not divulge the terms of the settlement, but the example stuck in the minds of those involved in such transactions.

One of the fears being expressed is that the new law will encourage vendors to build in trap doors and time bombs into their software, which could be used as a tool for extortion. Arguably, these software tools could also be used by hackers to destroy a business remotely. Do we need more tools for hacker?

NON-TRANSFERABILITY OF SOFTWARE LICENSES?

Another provision of the proposed law would give vendors greater ability to "police" the transfer of a license to its software when a customer wanted to, for instance, sell its company to another party, and as part of that transaction, give the new company the same rights, or licenses, that it had purchased from the vendor. This is pretty common in the sale of a business, and typically is not difficult. With a large software-automated company, having hundreds or thousands of licenses to hundreds of programs, this is a big deal.

The current state of the law would typically allow the vendor to enforce its rights, but the new law is frightening to many parties. Fears are being expressed by many that the UCITA could substantially increase the cost of mergers and acquisitions, thus putting a chill on commerce.

MORE BUGS?

Another fear expressed by many is that the new law will now allow vendors to reneg on their warranties. Bugs in software and premature releases are already a major headache. The new law could make this worse and arguably lower software standards.

Are any of these fears justified? The proposed law is on a fast track to receive a vote in July. If passed, it could be playing in a state near you soon. We’ll see what happens and will feel the results for years of the law trying to catch up to technology. That needs to happen, because current law are often inadequate, but it remains to be seen if this process and this proposed "model" law are the answer. Perhaps we need both a new process and a new law.