SAN MATEO (07/03/2000) - If your company is based anywhere near the Potomac, it's time you learned the new rules that UCITA (Uniform Computer Information Transactions Act) will force you to play by when contracting with local software developers and consultants. Otherwise you'll be in danger of falling into one of many pitfalls the law has set for software procurement professionals of even the largest corporations.
UCITA's main threat to all software customers is blanket endorsement of shrinkwrap/clickwrap licenses. But it even poses dangers to IT organizations when applied to negotiated contracts. If the contract you sign is silent on any of the many sticking points, you could find yourself stuck with UCITA's default rules that so strongly favor the software licensor over the licensee.
A version of UCITA becomes the law in Maryland on Oct. 1, 2000 and in Virginia on July 1, 2001. With the exception of Oklahoma (home state of the executive director of the National Council of Commissioners on Uniform State Laws, the organization that drafted UCITA), the only other places where the proposed law has gotten very far are Delaware and the District of Columbia. So the closer you are to the Potomac -- or perhaps to the headquarters of the Business Software Alliance -- the more likely you are soon to find yourself living with UCITA.
I could devote a year's worth of columns to the dangers UCITA poses to IT organizations and still not touch on everything, so I'm just going to try to cover the major points that require consideration in your contracts with local developers. And let me make it clear that I don't think small developers and consultants in Maryland and Virginia are gleefully rubbing their hands in anticipation of how UCITA will let them cheat you. In fact, as the few who've studied it are beginning to realize, UCITA has some pitfalls for them as well, particularly when they are licensing their technology to software publishers.
(Many of the things UCITA specially allows licensors to do with end-user customers are prohibited when licensing to a publisher.) But you don't want to wait for the day you find yourself in a dispute with one of your local vendors for you both to discover that you inadvertently gave away the store.
Top on the list of problem areas is remote disabling of software. If you don't know by now why you should be worried about the security risks posed by UCITA's electronic self-help provision, you haven't been paying attention. An issue that I haven't discussed, however, is a related provision that allows software publishers to include "automatic restraints" in their software to prevent use of the product after the contract terminates. What's the difference between these restraints and the backdoors or time bombs authorized for electronic self help? Hard to say, except their use is apparently not subject to the safeguards restricting electronic self help. In fact, UCITA itself and the committee reporter's official comments specifically condone their use even in circumstances where the contract neither authorizes their existence in the software nor establishes a date for terminating the license.
Another area where UCITA changes the rules is when and why you can reject a defective product. In any software transaction involving a negotiated contract, it eliminates the long-established "perfect tender" rule that allows customers to inspect a product upon delivery and reject it for any defects that do not conform to the requirements of the contract. Under UCITA you must instead prove that the defect represents a material breach of the contract, making it much harder to reject something before becoming obligated to pay for it. Product vendors also have a number of loopholes through which they can easily disavow earlier promises for what their software will do. A demonstration of product features, for example, does not constitute an express warranty that those features will be in the final version of the software.
UCITA also allows vendors to change the terms of their contracts arbitrarily and with no notice. Examples I've previously discussed of the sneakwrap terms UCITA endorses mostly have been about online services, but the same rules can apply to any continuing contractual relationship if you're not careful. Because UCITA gives so much weight to unread click-through agreements, it creates the possibility that an actual signed contract can be completely modified at a later date by impatient staffers clicking OK so they can get on with installing the software. The law also provides an almost laughable array of situations in which one can be deemed in receipt of a notification even though one did not in fact get it.
Those are just a few of the problem areas in UCITA, and hopefully this short list of horrors has gotten your attention. Next week we'll discuss what you need to do to start protecting yourself and your company.
Got a complaint about how a vendor is treating you? Write to Ed Foster, InfoWorld's reader advocate, at email@example.com.