For the London Free Press – March 17, 2008

Read this on Canoe

In the United Kingdom, the National Consumer Council recently filed a complaint with the Office of Fair Trading stating that consumer software licences contain an imbalance of rights in favour of the manufacturer at the expense of the purchaser.

The complaint is about End User Licence Agreements, or EULAs. Anyone who has installed software onto their personal computer has likely entered into a EULA. This is an agreement between the software manufacturer and the purchaser who will use the software on their computer.

Usually the purchaser is bound to a EULA by way of a “click-wrap agreement,” where one must click an “I agree” icon to confirm they agree to the terms of the EULA that is presented. Click wraps are more prevalent than “shrink-wrap agreements” that are worded to bind when one opens the package.

The complaint states that EULAs can often be unfair because “consumers can’t have a clue what they’re signing up to when some terms and conditions run to 10 or more pages.”

It is also about the customer not seeing the EULA until after the software is purchased which “. . . means that consumers are unable to make informed decisions before they buy a product, yet are being forced to take on an unknown level of legal responsibility.”

The complaint names a total of 17 companies, including Microsoft, Adobe and Symantec.

It seems odd that this complaint would be raised now, since EULAs have been used for many years. And one-sided “contracts of adhesion” have been around far longer.

For example, when you buy a ticket to an event or to park in a private parking lot, you have entered into a similar agreement. The terms of these agreements are also only available after you have made your purchase, as they are usually printed on the ticket.

While is it true that the purchaser is unable to review click-wrap and shrink-wrap agreements until after they have purchased the software, it is unlikely that even when given the chance, purchasers would bother to read the agreement. Purchasers usually accept the terms without reading them and continue with the software installation.

Even if consumers did take the time to read the agreement, it would be rare for someone to decide they did not want to buy the product on those terms.

In any form of agreement where there is an inequality of bargaining power, especially when consumers are involved, there is indeed room for abuse within the agreements.

That’s why in most jurisdictions consumer protection laws will limit what terms these agreements can include. For example, in Ontario the law states that any term that requires arbitration instead of a class action will not be enforced.

And courts are not inclined to enforce provisions that they consider unreasonable or unexpected in that type of agreement.

While EULAs are often not as simple, short, and elegant as they should be, that’s more of a drafting issue than a content issue. The probable outcome of the complaint is that vendors will continue to bind consumers to EULAs, provided the agreements don’t cross the line into unusual provisions.

That’s the title of an article in the latest McLean Report, a regular newsletter of the Info-Tech Research Group. The article has some good discussion on the workings of software escrow, and some benefits and pitfalls.

The article starts off with this explanation:

In software escrow, organizations engage an independent escrow agent to store and protect source code and related intellectual assets of a vendor. If a “trigger event” specified in the escrow agreement occurs, organizations can then obtain these assets from the agent.

Escrow generally protects against trigger events like bankruptcy, ceased operations, and competitor takeovers. In these scenarios, the vendor may cease to support applications the customer depends on, so escrow allows the customer access to the source code to facilitate continued use of those applications.

The McLean Report is only available by paid subscription, but the article is reproduced here with their permission.

Read the article

Go to the Info-Tech web site

PC Mag has an article entitled Don’t Trust the Servers that talks about the dangers of putting your data at the mercy of the servers of another. The second page of the article is the bit that rings true for me.

ASP/ Apps on Tap/ Software as a Service models have great advantages to users, and have been growing in popularity. One thing that has always bothered me though, is what happens if the service is suddenly not available for some reason – such as the vendor going out of business. If that service is a critical one for your business, it could be a disaster.

There are ways to deal with that however, such as arranging for a local copy of the data. The right solution will vary in the circumstances.

I have always thought this issue has held back the popularity of such services for the business market. On the other hand, many users don’t even consider this. I am helping a potential user of such a product negotiate an agreement with an asp at the moment. As part of its diligence, my client talked to other users of the service – none of whom had even considered the issue!

To put it in perspective, take a look at this quote from the article, where the author speculates the sales pitch if ASP’s were the norm first, then desktop apps came along.

You can image the advertising push. “Now control your own data!” “Faster processing power now.” “Cheaper!” “Everything at your fingertips.” “No need to worry about network outages.” “Faster, cheaper, more reliable.” On and on. I can almost hear the marketing types brag about how much better “shrink wrap” software is than the flaky online apps. The best line for the emergence of the desktop computer in a reverse timeline would be “It’s about time!”

Read the PCMag article

SCO is the company that has sued IBM and others claiming that Linux uses UNIX source code that belongs to SCO.

The judge hearing the case recently ruled on several summary judgment motions, including a decision that Novell owns the Unix copyrights, not SCO. While the case is not over yet, that is a fundamental decision against SCO, and good news for all Linux users. Novell has publicly stated that they have no intention of taking any actions regarding Linux.

For more detail and commentary, see the Groklaw blog post of August 10, and subsequent entries.

I recently wrote articles talking about the need to create a culture of privacy, and some counter arguments to the “what’s the problem if you’ve got nothing to hide” comment on being watched. Slashdot has pointed to a couple of articles relevant to those topics.

The first is a paper called ‘I’ve Got Nothing to Hide’ and Other Misunderstandings of Privacy by Professor Daniel J. Solove of the George Washington University Law School.

The second is an article in Scientific American called Privacy Isn’t Dead, or At Least It Shouldn’t Be where Carnegie Mellon computer scientist Latanya Sweeney states that computer scientists should be trained to consider the privacy, user, and social side of what they do.

That’s the title of an article in the latest McLean Report, a regular newsletter of the Info-Tech Research Group. I suspect most law firms will upgrade to Vista at the time of their next hardware refresh – not before.

Personally, I think the recently announced Microsoft Office Communications Suite that provides unified messaging has the potential to have a greater impact on law office productivity than Vista.

The McLean Report is only available by paid subscription, but the article is reproduced here with their permission.

Read the Info-Tech article

Go to the Info-Tech web site

Read a ZDNet article on Microsoft Office Communications Suite

David Canton – for the London Free Press – March 3, 2007

Read this on Canoe

A recent Information Week article criticized software licenses, saying they contain so many ridiculous provisions they will soon attract litigation similar to patent enforcement litigation.

That’s not likely to happen in my view, but licenses do often contain onerous or ridiculous provisions.

Almost everyone has been presented with a End User License Agreement (EULA –often pronounced YOO-lah). They are also known as click-wrap agreements. It is almost impossible to use a computer without eventually being asked to click the “I agree” button. They are a contract between the producer of software or a service and its user.

Some feel EULAs have gotten out of control. Few people read them. Even if one did not like what they read, the only choice is to not install or use the product. Some EULAs have contained language where you agree to let them install spyware on your computer, or delete any file they want on your hard-drive.

So are such provisions actually binding?The fact is that click wrap like agreements have been around forever. Every time you buy a concert ticket, park in a lot or attend a sports event you are agreeing to things you have not likely read.

These one-sided agreements are called contracts of adhesion. All of these things come with terms and conditions you accept merely by entering the stadium or putting money into the parking meter.

There is a line of “ticket cases” where the courts decided such agreements are binding, so long as reasonable efforts were made to bring them to the user’s attention and the terms are reasonable. The courts recognize this type of agreement is necessary for modern life, but, at the same time, their one-sided nature is open to abuse.

The courts and legislation in various jurisdictions have made clear the act of clicking “I agree” is sufficient to be bound by the contract, just as if one had signed it.

The courts will not, however, enforce provisions they deem to be unexpected or unusual. Provisions that purport to allow the software vendor to use your computer to send spam or where you consent to infecting your computer with a virus would clearly not be enforceable.

Courts also have found vendors liable for damages where the courts felt the vendor was incompetent, despite the usual EULA clauses saying vendors are not liable for anything.

The click-wrap agreement is under no danger or becoming the next form of nuisance lawsuit. The courts simply won’t enforce any parts of them that are unreasonable. Of course, the definition of unreasonable is always subject to interpretation.

David Canton – for the London Free Press – January 17, 2007

Read this on Canoe

Software distributors continue to play hardball and crack down on copyright infringements and users of unlicensed software.

Symantec recently filed a lawsuit against eight companies, including ANYI, SILI and their affiliates who allegedly run a global counterfeit distribution operation focused primarily in the U.S. and Canada.

Symantec alleges the parties participated in trademark infringement, copyright infringement, fraud, unfair competition and false advertising, and is seeking damages in excess of $15 million in lost profits.

The company warns that “aside from the financial loss incurred by this activity, counterfeit software can also damage a user’s operating system due to faulty code or cause a user’s system to be wracked with security vulnerabilities.”

Payless Shoesource Inc. and discount clothing chain Burlington Coat Factory Warehouse Corp. have decided to pay about $425,000 in settlement of claims they had used unlicensed software.

The Business Software Alliance, an industry trade group that polices software licences, received reports on Payless and Burlington through their online reporting system where they offer rewards up to $200,000.

As part of the settlement, Payless and Burlington agreed to delete unlicensed software, purchase replacement software and improve their software management practices.

Both the Symantec lawsuit and the Payless and Burlington settlements show it can be more expensive to illegally copy and use software than to obtain and use it legally.

Yet a study by the Canadian Alliance Against Software Theft states Canada’s software piracy rate is 36 per cent. The United States rate is 21 per cent, the United Kingdom’s is 27 per cent and Sweden’s is 26 per cent.

One difficulty with lowering the software piracy rate was revealed in a recent study showing only 15 per cent of Canadians feel very confident they would be able to tell the difference between legal and illegal commercial software.

To recognize legitimate and illegitimate software:

* Check the price. Beware of “too good to be true” prices.

* Make sure you receive a licence. It is a standard in the software industry that legal pieces of software come with a licence.

* Look for documentation. The package should contain the original media, manuals, instructions and registration cards.

* Use caution when purchasing from unknown entities advertising on an online auction or classified ad.

In order to protect your computer, business and legal liabilities, ensure your business or organization uses legally purchased software in the right quantities.

Slashdot refers to an article that details a lawsuit between a Wisconsin State Trooper and his employer over the ownership of software the officer wrote. The software streamlines the writng of traffic tickets. Seems that the software works so well that it has commercial value. The officer says he developed it on his own time. His employer says he developed it while at work under the direction of his employer.

While the tests for who rightly owns such software are not that difficult in theory – in practice it comes down to the facts. But facts, as we all know, are subject to proof, interpretation and spin. And of course one’s perception of the facts and issues worth fighting over increase when something becomes valuable.

This kind of fight is common, but can be easily avoided if a written arrangement is entered into up front that clearly states who owns the product, what resources are to be used to develop it, and who gets to use it.

Read the Slashdot post

Read the Milwaukee Sentinal Journal article

CNET has a new website at webware.com to cover browser based online applications.

As they put it: There’s a fundamental shift underway in how people use computers and the Internet. Every day, more real utility is being delivered over the Web. Full applications can now be run in a browser, accessible from any computer, and software is no longer required for many applications. Software is becoming Webware.

Take a look if you are curious about what webware is all about, or want to see examples of webware apps.