Return to Bad Software: What To Do When Software Fails.


 

A Bad Law for Bad Software

Conference on the Impact of Article 2B of the UCC on the

Future of Transactions in Information and Electronic Commerce

UC Berkeley, Center for Law & Technology, April 25, 1998

Copyright (c) 1998, Cem Kaner. All rights reserved.

 


 


These are my speaker's notes. The actual speech different slightly. The following remarks were accompanied by four handouts:

Summary

This talk makes two points:

1.This bill is so biased against small customers that it will become a public embarrassment for ALI (the American Law Institute) and NCCUSL (National Conference of Commissioners on Uniform State Laws) if it reaches the legislatures.


2. In its zeal to protect the worst software publishers from consequences arising from their worst products, Article 2B will change the economics of mass market software publishing as a whole. The effect will be increasing pressure on publishers, especially mid-size publishers, to ship product prematurely. And let the customers eat the cost. This is bad policy and it will damage our industry severely over the long term.

________________________________________________

I favor the adoption of a uniform law for software. I've invested a huge amount of time and money over the past 2.5 years trying to improve 2B so that it could become a uniform law for software. My legal client base is dominated by small developers and authors. My technical client base includes several large publishers. I live in this industry and I want laws that will do well by it.

I've made ongoing attempts to propose or to broker compromises to strengthen this bill. Another speaker referred critically to attempts to turn Article 2B into a "Uniform Consumer Code." Before you form a judgment, please read Todd Paglia's and my paper on the consumer position. (Paglia represents Ralph Nader's Consumer Protect on Technology.) These points are hardly extremist demands. It has taken me a tremendous amount of work with the consumer protection community to come up with a balanced set of proposals--characterizing them as extremist doesn't help the negotiations go forward.

A speaker earlier today talked at length about the need for a more apppropriate implied warranty of merchantability. I agree. Bob Gomulkiewicz (Microsoft's lawyer) and I worked together on the warranty of merchantability. Our goal was to write something that consumers could support and that Microsoft would actually be willing to offer.

We succeeded.

It wasn't easy. It took a long time. I don't know about Bob's efforts with his constituency. I worked with mine on it, on and off, over a period of one and a half years.

Now, when I say we succeed, I mean that Bob and I came up with a proposal that we both signed and that we jointly submitted to the Article 2B drafting committee nearly a year ago.

You can find a modified version of our proposal--and I don't think that either of us did the modifying--in the March 1998 Article 2B draft, in the Reporter's Notes to the Implied Warranty of Merchantability.

The Committee finally considered that proposal last month. I corrected the revision in the discussion. The Committee chose not to vote on the proposal, even in the face of repeated advice that if they left the current implied warranty alone, no sane software publisher would provide it.

The Committee chose not to vote on that compromise. It chose not to vote on another compromise (Paglia/Nader's motion on documentation, which the Software Publishers Association was willing to live with), and it has chosen to not vote on, or to reject, several other proposals that I and others have made in the spirit of compromise and accommodation for all sides.

People at this conference have asked whether consumer advocates have attended the Drafting Committee meetings. Yes we have. And we have succeeded in getting some of the worst pieces of 2B out.!er But in terms of positive changes to balance out the major shifts from Article 2 to Article 2B, we have achieved nothing. My average is 0.000, even on compromise proposals. I don't know of a way to make progress with this Committee.

I'd love to expand on that, but I've set aside the next 7 minutes for law and economics, in particular about the economics of defective software.

Software publishers are under constant pressure to ship products quickly, whether they're any good or not. One of the pressure factors is the problem of path dependence, all those network effects. The first company to market with an idea is the one most likely to become dominant. Later products in the same category, such as the fifth or sixth on the scene, are unlikely to catch any measurable market share even if they're much better. That creates a constant risk vs. risk tradeoff.

Against this pressure to ship early is the risk of shipping a product with serious defects, and of facing serious costs associated with the defects. The quality control community calls these external failure costs--the costs associated with putting a defective product into your customer's hands.

The economics of quality are driven by a balance of costs of investment in making a good product against the risk of external failure costs.

Article 2B drives external failure costs down, independently of product quality. It keeps these costs low even when quality declines. That distorts the risk/benefit analysis because you have less pressure to improve the product.

Let's look at these costs more carefully:

External failure costs can be categorized as (see Appendix B):
Customer support costs
Lost sales
Legal costs.


On the customer support side, we find that software publishers can charge for support. $3 per minute is a common charge. Suppose that a publisher ships a product with hundreds of known bugs -- this is common. They don't document them. They include the 2B-permitted warranty disclaimers and damage limitations.

Now suppose that you pay $50 for this program, that you get bit by some of these known bugs, and you lose time and money as a result. Eventually you call for support. You pay $3 per minute, eventually racking up $100 in support charges. Eventually the publisher agrees to give you a refund. You get $50. Congratulations. You still lose the $100 because these are excluded incidental expenses. Even if the publisher knew about the defect when it sold the software, you will have to pay for the support for this defect.

Not many statutes invite companies to make a profit center out of their defects. 2B is special.

I've repeatedly proposed a rule that doesn't allow companies to exclude incidental expenses (such as the cost of making phone calls for support) that are caused by genuine defects. The proposal has gone nowhere.

Now let's consider lost sales by looking at a couple of competition examples.

First, Article 2B lets publishers hide their terms inside the box. It lets the online seller wait until after you've downloaded the software and paid for it and started installing it. So when you buy it, you don't know it'll cost you $3 a minute for support. Or that someone else charges $2.

One of the publisher's lawyers told us yesterday that the product people buy is not the software. Nope. Instead, he said, "the product is the license." When software customers go shopping for a word processor, they aren't shopping for a product that will do things for them, they're shopping for a bundle of rights. OK, if the product is the license, then we should understand that 2B puts software publishers in the business of selling grab bags. You never know what you're going to get until after you buy it. And you don't know what's in the competing grab bags. For a law that relies on competition to police the market, you'd think it would foster free disclosure of information, not help publishers prevent it.

One of the publisher's lawyers said that they want customers to know the terms of software licenses. Of course they do. That's why they tell you those terms very precisely. But they only tell you after the sale, when it is nearly impossible to check the terms of competing licenses.

You'd think that the federal Magnuson-Moss Warranty Improvement Act would require publishers to reveal their warranties and other significant terms before the sale, at least for consumer goods. But under 2B, the customer only buys a license, not goods. Mag-Moss and many of the state-level consumer protection statutes, apply specifically to sales of goods. Publisher's lawyers will therefore argue that it doesn't apply to software. Courts routinely find that packaged software is goods today. But that goes away under 2B. We've all heard that Article 2B doesn't override any consumer protection laws. And it doesn't. Any consumer protection laws that used to apply to sales of licenses will still apply to licenses. Any consumer protection laws that apply to sales of goods will still apply to goods--we just take software out of the list of goods, which is where the most famous consumer protection laws apply. If this isn't what's intended in 2B, and I've been repeatedly told that it is not what's intended, we can fix it easily enough by saying in the statute that packaged software is intended to be treated as "goods" for the purpose of consumer protection laws. Paglia and I have made that proposal. It has gotten nowhere.

Publishers also get to create use restrictions. 2B's definition of contractual use restrictions includes nondisclosure agreements. Let's look at nondisclosure terms from a significant and reputable publisher.
"The customer shall not disclose the results of any benchmark test to any third party without McAfee's prior written approval."
"The customers will not publish reviews of the product without prior consent from McAfee."
How do you get competition if information doesn't and can't flow freely in the market? If you don't have this type of information flow, how many sales will a company lose because of bad software?

Today, such clauses seem ludicrous. One of 2B's proponents told us that clauses like this would be entirely unenforceable, and that federal courts would stike them from contracts. But isn't that what used to be said about the post-sale warranty disclaimer, that the customer couldn't see before the sale? Who would have thought that this could be called "conspicuous" and would be binding? No court has ever said that a company could get away with this and many have rejected it. But 2B makes this black letter law. These licenses are full of ludicrous terms and 2B has given effect to a remarkable number of them. The justification for this is "common practice in the industry." So how many licenses like McAfee's will it take before mass-market nondisclosure terms are validated as common practice in the industry?

Fair use restrictions should be banned from the start, not permitted under 2B unless a federal court declares them unenforceable. And remember,

TO GET THESE TERMS DECLARED UNENFORCEABLE, THE CONSUMER HAS TO SPEND A FORTUNE IN COURT.

Federal rules are based on the U.S. Constitution, which allows Congress to create patent and copyright rights in order to promote the development of the arts and sciences. There is a balance between the property rights of the artists and inventors and the purpose behind creating those rights, which is to encourage the development of intellectual material that can be used by all of us.

Article 2B calls itself "neutral" on these issues of conflict between aggressive licensing practice and federal intellectual property law. But it creates a presumption that restrictive clauses are valid. It resets customer rights to zero and says, "Hey, we're neutral. If you can win your rights back in federal court, you just go ahead."

Some people say that "unconscionability" will protect consumers from these and many other abuses. The Article 2 drafting committee looked at the actual use of unconscionability in UCC cases since 1980. They found that about 12 contracts that had been declared unconscionable. This doctrine is not actively enforced. Surely a judge will find it hard to declare practices unconscionable that are widespread and specifically authorized by statute.

And again remember -- unconscionability is a judicial remedy. You want something declared unconscionable, you go to court. That's not cheap, it's not fast, and it's fact specific. We heard an excellent idea yesterday--a new and broader version of unconscionability. Contract clauses would sort themselves into three bins--green bins (approved and valid), red bins (courts will routinely strike them from the contract or cancel the contract) and yellow bins (not yet settled). I like the idea and I like the thinking behind it. But it will take years--and much worse, it requires the steady accumulation of precedent setting court decisions. Gateway 2000 v. Hill teaches us that some courts will enforce compulsory arbitration clauses in mass market licenses even when the arbitration costs are excessive and the cause of action involves widespread public interest (in this case, alleged consumer fraud). How will be assured of the steady pace of development of the common law that would be required to make this new unconscionability provision fair?

And this takes us to the final area of concern as far as external failure costs--legal expense. 2B drops Article 2's notion of the minimum adequate remedy and it drops Article 2's statement of policy that courts should administer remedies liberally to put the nonbreaching party in the position it would have been in had the other party performed its duties under the contract. This policy is abandoned in favor of a stated policy of freedom (for the seller) of contract. 2B lets publishers declare that customers are entitled to no damages--just a rescission (refund in which you return the merchandise). 2B lets publishers choose their forum (where they can be sued) in ways that make it way too expensive to bring a suit. There is new limiting language on the choice of forum in 2B but don't be fooled by it--it comes directly from a line of cases starting with Carnival Cruise Lines v. Shute --all of them cases that made consumers travel across the country or out of the country to sue.

In creating a new law for software, Article 2B is stepping into territory that involves passionate debates in every software company during almost every software release. When can we ship? What is our minimum quality to ship? How much do we have to invest in processes to improve quality and customer satisfaction? Article 2B is putting its position into these debates, in a fundamentally important way, without considering the effects on good practice in good companies. The results will not be favorable.




Appendix A

Consumer Issues and Article 2B

Cem Kaner & Todd Paglia

ORIGINAL DRAFT SENT TO ALI, DECEMBER 5, 1997

I am submitting this to the ALI on behalf of Todd Paglia of Ralph Nader's Consumer Project on Technology and myself.

It is our understanding that the ALI is interested in hearing a short list of proposed changes to Article 2B that would make it more palatable to consumers and small business customers. We are submitting this prioritized list in that spirit.

We are deeply concerned about Article 2B. We believe that it is seriously flawed, and that little has been done to correct its biases despite strong and detailed opposition from consumer and small business representatives. Our concerns run deeper than the 12 items listed in this memo. We are, for example, fundamentally in opposition to the position taken by the drafting committee that it is desirable to simultaneously recognize the validity and respectability of adhesion contracts and to declare that they should be completely unregulated on the grounds of freedom (for the drafter) of contract. We believe that the committee is giving software publishers significantly more power to set their terms than they have under current law, and we see no public interest in support of this.

Here is our list.

1. Consequential damages

Article 2B makes it easy for the mass-market software publisher to escape liability for incidental and consequential damages. We understand the policy tradeoffs inherent in this, but protest that this is outrageous in an adhesion contract when it is applied to a defect that was known to the licensor at the time of sale or was not known only because of gross negligence on the part of the licensor.

Depending on the balance of the rest of the draft, we are willing to consider a reversal of the default rule for consequentials, eliminating them (unless provided for in the contract) except when the damage was caused by a known defect or a defect that was not known only because of gross negligence on the part of the licensor.

We are also willing to see a cap on these non-excludable consequential damages in the mass-market. Kaner has suggested a maximum per license of $500 or five times the license fee, whichever is greater. This will probably not fully compensate the customer, but it will provide a needed incentive for publishers to fix their more serious defects.

We are also willing to see an exclusion of consequentials for a known defect if, at or before the time of contracting, the licensor supplies to the licensee a record that:

When dealing with an industry that ships products with known defects as a matter of course, customers should at least be given a fair chance to mitigate their losses.

2. Choice of forum

The effect of Article 2B will be to provide small customers with no forum for their disputes with a publisher.

We recommend that if (a) the contract is mass-market and (b) the amount in controversy is within the customer's home state's small claims court jurisdictional limit, then the customer can bring an action in his home state or, if he cannot obtain personal jurisdiction over the defendant in his home state, then anywhere where he can obtain jurisdiction over the defendant. The adhesion contract can specify a choice of forum, and it will be enforced if the amount in controversy (aggregated over all plaintiffs, in a class action suit) is greater than the small claims court jurisdictional limit.

3. Express warranty

Statements, descriptions or affirmations of fact in the hard copy or online documentation or on the packaging or in other statements made by the publisher to the public at large should be express warranties, whether or not the licensee was aware of their content at the time of contracting.

Our rationale for including statements made to the public at large is that these are restated in trade publications that circulate widely to the general public. They become part of the basis of the bargain in fact, but the chain from the public statement through the magazine to the customer is too hard to prove.

4. Intellectual property

Mass market licenses should not be allowed to include prohibitions against reverse engineering, decompilation, and other similar use restrictions. Nor should they be allowed to declare the observable behavior of the product a trade secret and they should not be able to impose restrictions that conflict with the first sale doctrine.

We agree that a publisher can and should be able to impose restrictions in a license that go beyond those available to a seller of goods (books or merchandise containing patented technology) but it !should not be allowed to do so in adhesion-contract-based transactions conducted in the mass market. We propose:

A term restricting the use of a mass-market product is not valid in a mass-market license unless it (a) would be an enforceable term in a contract for the sale of the product or (b) is a conspicuous restriction on the number of times the product can be used, the length of time that the product is licensed for, or the number of people who can simultaneously use the product.

5. Incidental damages

Many of the incidental damages involved in mass-market software are imposed by the publisher or as a consequence of delays created by the publisher. For example, the Software Support Professionals Association reports that it takes, on average, 30 minutes for a customer to reach an appropriate person to ask about a problem with a software product. Most of the rest of the time is spent sitting on hold, burning through long distance charges. Many publishers now charge complaining customers a fee per minute or per call and some charge the fee even if the customer is reporting or complaining about a defect that was known to the publisher at the time of the sale.

A mass-market publisher should not be able to exclude incidental expenses that are incurred in reporting the defect, in returning the defective product, or in seeking support from the publisher for the defect or its consequences.

6. Consumer protection

Under the Magnuson-Moss Warranty Improvement Act and the associated FTC regulations, customers are entitled to see the warranty of any goods sold for $15 or more. As the Software Publishers Association's own Model PC Software License Agreement (and Explanatory Comments) states (p. 35), "It is reasonable to assume that software purchased for home computer use would be covered by the Act."

Yet software customers are rarely able to see the warranties provided with software until after the sale. This makes it difficult for individuals and reporters to compare the extent to which competing companies will stand behind their products. Article 2B characterizes mass-market sales of software as licenses, which might not be covered by the Magnuson-Moss Act, and blesses the practice of refusing to allow customers to see the contracts until after the sale is complete.

Warranty rules and other consumer protections should be the same for mass market software products and goods. Article 2B should explicitly state that, for purposes of state statutes and other state law concerning contracts for consumer goods, and for purposes of all other consumer protection statutes of the state, a mass market license is a "good." Also, Article 2B should state that the provisions of the Magnuson-Moss Act apply to mass market software, to the extent that other state law does not cover the same area.

7. Material breach

A breach should be considered material if it would be material under the Restatement of Contracts or if the breach caused or may cause substantial harm to the aggrieved party, including imposing costs that exceed the contract value.

8. Mitigation of damages

2B-707 requires the customer to maintain backup systems just in case of breach of contract by the software publisher. The customer cannot recover compensation for losses that could have been avoided if the customer regularly backed up her data.

There are many ways that any prudent person can protect herself against the possibility of breach of contract by any other party. The point of a contract, though, is that it lays out the duty of the publisher to not breach. The customer should not have to spend time, effort and money on defensive steps, before a breach, to minimize the damages that will be incurred if the publisher should happen to breach.

It is frequently reported that individuals and small businesses rarely back up their hard disks. At a Law Practice Management session at the August 1997 ABA meeting in San Francisco, only half the attendees reported that they backed up their hard disks. This might not be wise on their part but it is the current situation. Why should the law grant contract-breaching publishers a special deal by requiring a higher standard of self-protective care from customers than customers currently afford themselves today?

The requirement in 2B-707 that customers must back up their data should be struck.

9. Internet rules

Customers who purchase a product or license over the Internet or through some other electronic transaction shall have the same rights as if they purchased or licensed it by any other means.

10. Electronic Commerce--attribution

2b-116(a) unfairly allocates risk of loss onto customers. If the security of the customer's computer is compromised, then messages can be sent that appear to be coming from the customer but do not. The customer has to prove non-negligence to avoid paying for all of the losses caused by the ensuing fraudulent transactions. The overall security of the system, however, is heavily under control of the other parties (see Kaner, Article 2B is Fundamentally Unfair to Mass Market Software Customers, submitted to ALI for the October meeting and available at http://www.badsoftware.com/ali.htm). This risk allocation is inappropriate for this emerging technology. Kaner recommends that the presumption that a message came from the apparent sender be very weak, a bursting bubble.

A more traditional consumer requirement would be a limit on consumer liability, to $50 or $100.

11. Electronic commerce - risk of error

2B-117's restriction to consumers is too narrow. The problem is that user errors are heavily determined by the designer of the system, and the system design is fully under the control of the seller. Computer systems are not fully familiar to the average customer, whether that person is a consumer, a lawyer, or another non-software-merchant.

2B should provide the seller with reliance damages in the event of an error by the customer, but should otherwise allow the mistake-making customer to escape liability.

12. Arbitration clause

A compulsory arbitration clause in a mass market license should not be binding if the dispute involves fraud or defects that could threaten the health or safety of customers or the general public.

A compulsory arbitration clause in a mass-market license should not be binding unless it provides for arbitration in the home state of the customer.

Yours truly,

Cem Kaner signing on behalf of himself and Todd Paglia, Esq.




Appendix B

Article 2B and Quality/Cost Analysis

Presented at The Impact of Article 2B conference, Berkeley, CA, April, 1998.

This summarizes Bad Software-Who is Liable?, provided in your conference materials.

Businesses spend fortunes on quality-related costs. Traditionally, quality engineers categorize these:

Note that these are all costs of the seller. There are also externalized costs, costs paid by the customer and not by the seller. Customer costs are partially and indirectly reflected when they bounce back as external failure costs.

External failure costs include:

Article 2B is a multi-pronged assault on external failure costs. It drives these costs way down in mass-market cases, and keeps them low even when quality declines. This reduces the economic pressure on software publishers to improve their products, resulting, I believe, in a weaker domestic industry over the long term. And, of course, in crummier products. The table on the next page provides examples of the costs that are driven down. Article 2B authorizes these measures, and in this world of you-can't-see-the-terms-until-after-you-buy-it contracting, we should expect to routinely see terms like these.

For more details on 2B and mass-market customers:

CUSTOMER SUPPORT
LOST SALES LEGAL RISKS
Reduce net support costs and obligations Reduce effects of competition Reduce probability and cost of lawsuits
  • Charge customers for all calls for support, even for defects. No refund for these calls even if the customer returns the software. 2B-703(a)(2) allows refund of purchase price after return of the software as the sole remedy.
  • No implied warranties. 2B -406 allows post-sale disclaimer with no opportunity pre-sale for customer to discover the disclaimer. CAPS make the post-sale disclaimer "conspicuous."
  • Goods-based consumer protection laws (such as Magnuson-Moss and California's Song-Beverly Act) become inapplicable because their scope is goods and 2B transactions are transactions in an intangible (a license to use IP).
  • No duty to mass-market customers or consumers (only to big customers) to cure defects. 2B-605.
  • Lesser right to a refund. (Perfect tender rule available only to mass market. 2B material breach definition is much more publisher-friendly than Restatement's. 2B-109.)
  • No pre-sale disclosure of terms, so there's no competition on quality-related promises. 2B-208.
  • License agreements prohibit disclosure of details of the product, including banning writing magazine reviews without publisher's permission. Some publishers already have such terms, though they probably don't work in mass-market today. 2B-102(12) includes nondisclosure in "contractual use restrictions", which are deemed as OK in contracts.
  • No reverse engineering (harder to compete, and harder to do 3rd party maintenance). (Use restriction.)
  • No reverse engineering for interoperability, to make two products compatible. (Use restriction.)
  • Seller chooses its favorite state or country, for its choice of law. 2B-107.
  • Seller chooses its favorite forum. 2B-108 (but choice can't be "unfair & unjust" as term is used in Carnival Cruise Lines.)
  • No damages. Rescission is the only remedy, and rescission doesn't include repayment of fees for "support" (such as the call to ask for a refund.) 2B-703(a)(2)
  • Eliminates the concept of the "minimum adequate remedy" which was an influential comment in Article 2.
  • Eliminates the Article 2 policy section saying that aggrieved party should be entitled to full recovery.
  • There are, of course, no damage limitations available to mass market customer with respect to vendor's recovery from the customer. Vendor is exclusive definer of what constitutes a breach on the customer's part.

 


Return to Bad Software: What To Do When Software Fails.

The articles at this web site are not legal advice. They do not establish a lawyer/client relationship between me and you. I took care to ensure that they were well researched at the time that I wrote them, but the law changes quickly. By the time you read this material, it may be out of date. Also, the laws of the different States are not the same. These discussions might not apply to your circumstances. Please do not take legal action on the basis of what you read here, without consulting your own attorney.
Questions or problems regarding this web site should be directed to Cem Kaner, kaner@kaner.com.
Last modified:January 29, 1999. Copyright © 1998, Cem Kaner. All rights reserved.