| From: IEEE To: FTC.SERIUS("software-comments@ftc.gov") Date: Mon, Sep 11, 2000 5:45 PM Subject: High-Tech Warranty Project -- Comment, P994413. 11 Sept. 2000 Donald S. Clark RE: High-Tech Warranty Project -- Comment, P994413 I am writing on behalf of the Institute of Electrical and Electronics Engineers - United States of America to provide information to the Federal Trade Commission in response to your notice (P994413) concerning warranty protection for high-tech products and services. IEEE is the world's largest technical professional association with approximately 350,000 members worldwide. IEEE-USA promotes the careers and public policy interests of the nearly 230,000 electrical, electronics, and computer engineers who are U.S. members of the IEEE. At the present time, we are not prepared to comment in detail on each of the questions outlined in the FTC's public notice. However, we are concerned about the implications of the proposed state model Uniform Computer Information Transactions Act (UCITA) and its implications for consumers, business users of technology, software contractors/programmers, and high-tech business in general. Our concerns are outlined in greater detail in our position statement entitled "Opposing Adoption of the Uniform Computer Information Transactions Act (UCITA) by the States," a copy of which is appended below and which can also be retrieved on-line at http://www.ieeeusa.org/forum/POSITIONS/ucita.html. Because of our concerns, IEEE-USA is currently engaged in an effort to educate and inform our members throughout the U.S. on UCITA and its implications. To that end, we have collected a wide variety of resources on-line at the IEEE-USA UCITA Grassroots webpage (http://www.ieeeusa.org/grassroots/ucita), including a downloadable grassroots information kit (http://www.ieeeusa.org/grassroots/ucita/ucitakit.pdf) that may be of use to FTC's deliberations. One of the resources collected therein is the article Cem Kaner, J.D., Ph.D., Software Engineering and UCITA (328Kb PDF), originally published in the Journal of Computer and Information Law, Vol. 18, #2, Winter 1999/2000 and reprinted here with the author's permission (http://www.ieeeusa.org/grassroots/ucita/kaner.pdf). IEEE-USA encourages the FTC to carefully evaluate UCITA and its implications for Federal consumer protection and intellectual property laws. We would be pleased to assist the FTC in exploring the implications of UCITA for consumers and innovators in the technical community. Please contact me at 202-785-0017 or c.brantley@ieee.org if we can be of any service or assistance in this regard. Sincerely, Chris J. Brantley The Institute of Electrical and Electronics Engineers - United States of America (IEEE-USA) OPPOSING ADOPTION OF THE UNIFORM COMPUTER INFORMATION TRANSACTIONS ACT (UCITA) BY THE STATES Approved By the IEEE-USA Board of Directors (Feb. 2000) On behalf of The Institute of Electrical and Electronics Engineers - United States of America (IEEE-USA) and its nearly 240,000 U.S. members who are electrical, electronics, computer and software engineers, we wish to reiterate to the state legislatures the concerns regarding the Uniform Computer Information Transactions Act (UCITA) that we previously expressed to the National Council of Commissioners on Uniform State Laws (NCCUSL). We believe UCITA should be rejected by the states. UCITA would have a widespread, complex impact including: (a) its interaction with the existing statutes, principles, and interpretations of Federal intellectual property law; (b) the provisions currently found in "shrink wrap" and "click-through" software agreements -- many of them questionable or unenforceable under current law -- that UCITA seeks to make enforceable; and (c) UCITA's effect on existing business practices and reasonable purchaser expectations. Into the existing and evolving legal and business situation, UCITA would inject an ironclad statutory framework that is very easy to abuse to the serious detriment of consumers, large business users, and small business users of computer software, software developers, computer consultants and the general public. Many organizations, including 24 state Attorneys General, the staffs of the Bureau of Competition, Bureau of Consumer Protection, and Policy Planning Office of the Federal Trade Commission, professional and trade associations, consumer groups, the American Law Institute (originally NCCUSL's partner in drafting UCITA), and others have expressed opposition or concern regarding UCITA. In some cases the concerns of these organizations parallel ours, and in other cases they raise additional issues. Our concerns are in the following areas: 1. By changing what would otherwise be considered a sale into a licensing transaction, UCITA permits software publishers to enforce contract provisions that may be onerous, burdensome or unreasonable, and places on the purchaser the burden and cost of proving that these provisions are unconscionable or "against fundamental public policy." Examples of these provisions include prohibitions against public criticism of the software and limitations on purchasers' rights to sell or dispose of software. The first provision prohibits the reviews, comparisons, and benchmark testing that are critical for an informed, competitive marketplace. The second issue could legally complicate transactions including corporate mergers/acquisitions, sales of small businesses, the operation of businesses dealing in second-hand software, and even yard sales. 2. UCITA would undermine the protections provided by Federal intellectual property law and upset the carefully achieved balance between owners and purchasers of intellectual property. For example, one major protection is that "fair use" case law and statutory copyright law permit "reverse engineering" for certain important purposes, such as development of compatible (interoperable) software products and information security testing. Reverse engineering is the examination of software to identify and analyze its internal elements. Current shrink-wrap agreements often contain strict provisions forbidding reverse engineering. By making these provisions enforceable, UCITA would stifle innovation and competition in the software industry, and would straightjacket efforts of users to provide information security protection for their systems. 3. UCITA allows software publishers to disclaim warranties and consequential damages even for software defects known to the publisher prior to sale, undisclosed to the buyer, and having damages that can be reasonably foreseen. For example, under UCITA a software publisher could not only prohibit publication of information on security vulnerabilities that users identify but could avoid responsibility for fixing these vulnerabilities. 4. By legalizing the choices of law and forum often included in software agreements, especially shrink-wrap and click-through, UCITA would allow software publishers to make expensive and burdensome any efforts by purchasers to protect their rights. This includes issues that for a sale would be handled in local small-claims courts. 5. The "self-help" provisions of UCITA would allow software publishers to embed security vulnerabilities and other functions in their software that facilitate "denial-of-service" attacks (remote disablement or destruction of the software) while avoiding liability for accidental triggering of the attacks or exploitation of these functions by malicious intruders. We urge the state legislatures to reject UCITA. This statement was developed by the Committee on Communications and Information Policy and the Intellectual Property Committee of The Institute of Electrical and Electronics Engineers - United States of America (IEEE-USA), and represents the considered judgment of a group of U.S. IEEE members with expertise in the subject field. The IEEE-USA promotes the careers and public-policy interests of the nearly 240,000 electrical, electronics, computer and software engineers who are U.S. members of the IEEE. The Institute of Electrical and Electronics Engineers - United States of America |