|Cem Kaner, Ph.D., J.D.||P.O. Box 1200|
|Law Office of Cem Kaner||Santa Clara, CA 95052|
Article 2B will cover all transactions in Information (a broadly defined term that includes software). It also provides some rules for electronic commerce. My primary interest in Article 2B is that it will define the law of software quality. This statute will define the legal ground rules under which we develop, sell, and support software.
At the July meeting of NCCUSL, the July 1996 draft of Article 2B was criticized for a perceived lack of consumer protection. I think the problem is broader-the draft fundamentally favors licensors (such as software publishers) at the expense of licensees (customers, who may or may not be consumers). Where both entities are large businesses who will negotiate for the terms they want anyway, it doesn't matter. Where the licensee is an individual or a small business, I think there are serious problems.
I believe that this proposed statute, if enacted, would harm the software industry. I believe that it reduces the accountability of licensors to their customers, and therefore blesses a lowering of concern for quality in the American software marketplace. The rest of the world is driving toward higher software standards and tighter control of their software development processes. Over the long term, we risk losing yet another key American industry.
Ray Nimmer, the Reporter of the 2B committee, wrote a new draft of Article 2B on September 4. It makes several changes from the July (and previous) versions, but I think that the main issues are still unresolved, or resolved in favor of licensors.
I hope that this series of memos will clarify the issues and stir up some interest among counsel who represent customers.
One prefatory note. Even though I write bluntly about the Article 2B draft, I have tremendous respect for the drafting committee, especially and including Ray Nimmer. Nimmer's book, The Law of Computer Technology, is the first book that I turn to when researching almost any computer law question. He is a remarkable author and researcher and a decent and thoughtful person.
In the next memo, I'll provide a long list of specific issues that I think need to be addressed. The rest of this memo uses a few examples to illustrate the point that the Article as a whole is biased against customers.
Article 2B rejects the perfect tender rule and adopts the notion of material vs. substantial performance. An aggrieved party doesn't have the right to cancel a contract unless the breach is material.
Here is the definition of substantial performance in the July and September drafts.
Here is the July draft definition of a material breach:
Look closely at (c), which defines a material breach by enumeration. (Some attorneys will argue that a breach is not material if it is not in the enumerated list.) Now consider the software publisher and the customer of the publisher.
(The publisher is allowed to impose a duty of confidentiality in the license agreement, and therefore the customer might have confidential data of the publisher. The publisher has no confidential data of the customer.)
The customer is in breach by making more backup copies of the software than are allowed by the license, by violating the publisher's copyright, etc. The publisher has no intellectual property that is owned by the customer.
The customer didn't pay the license fee and is in breach.
If so, why aren't these (or any others) listed? Why, across several drafts of Article 2B, were these not included in the list of material breaches? What does it tell us about the underlying thought processes when, in draft after draft, only breaches by customers are included in a list of "material" breaches?
The September draft revised this language, as follows:
This is slightly better. The language "substantially deprived of the benefit" might cover a broader range of cases than "substantial harm to the interests of the aggrieved party".
But the enumerated list is still quite limited. "Express performance standards" (as Ray Nimmer explained to me at the Minneapolis meeting) means terms that occur specifically in the contract. In the mass-market software case, the licensor generally disclaims all performance standards (no warranties, express or implied, etc.) except for a promise that the disks themselves are non-defective. At this point, there is still nothing in the statute that defines a licensor-side material breach in a mass-market contract.
The current Article 2 requires that some terms in a contract be conspicuous. For example, if you won't promise that your merchandise is fit for its ordinary purposes, you have to say so conspicuously.
Article 2 case law has consistently held that disclaimers of implied warranties must be conspicuous at the time of, or before the time of, the sale. In software, we see this principle adhered to in Step-Saver Data Systems, Inc. v. Wyse Technology and The Software Link, Inc., 939 F.2d 91 (3rd Cir., 1991), Arizona Retail Systems, Inc. v. The Software Link, 831 F. Supp. 759, (D. Ariz., 1993) and Tandy Corp. v. McCrimmon 414 S.E.2d (Ga. Ct. App., 1991). There are also non-software cases. Here is Clark & Smith's summary from The Law of Product Warranties (1984; supplemented 1994) p. 8-18:
For those of us who lack X-Ray eyes, a disclaimer that is packaged inside of a box is non-visible and therefore inconspicuous at the time of sale.
Article 2B changes this. In previous drafts of Article 2B, the Reporter's Notes explicitly stated that Article 2B would "overrule" the Step-Saver decision. The replacement is the combination of "manifest assent" (2B-112) and "opportunity to review" (2B-113).
The shrink-wrap disclaimer of warranties becomes binding on the customer when the customer "manifests assent" to the disclaimer. In the case of a retail purchase, the sequence is as follows:
One of the core tenets of consumer protection is the notion of informed choice. Critical information about a product is made available to the consumer before the sale so the consumer is in a position to understand the relative benefits from competing products. The conspicuousness clause makes sure that the customer (not just a consumer in Article 2 -- any customer) becomes aware of particularly oppressive terms (such as a seller's refusal to guarantee that its product is fit for its normal purposes) before the sale.
It seems to me that the requirement of "conspicuousness" has become largely meaningless under this scheme. The customer doesn't learn of the must-be-conspicuous term until after the purchase decision has been made and the customer is trying to use the product. At this point, the customer will probably not ask for a refund. We have replaced an information-transmission requirement with a formality.
Based on my discussions with individual Committee members and based on the discussions at the drafting Committee meetings, I am convinced that a majority of the Committee:
Here is the definition of manifest assent. It rests partially on an "opportunity to review" which is satisfied if you can return the software for a refund after seeing the license.
In the section on conspicuousness, above, I traced the steps involved in obtaining manifest assent. The installation program displays a term and, to complete installation of the already-paid-for-and-delivered software, the customer clicks "OK".
What about the customer who brings the software back to the office, gives it to her secretary, and says "Use this new program." The secretary installs the program on his computer, clicking on "OK" as required. Does the "OK" of the secretary bind the employer? I assume so. (If not, I have some good advice for software customers . . . .)
Now, here is what a publisher can do with manifest assent.
So a term in a mass-market license (which the customer sees after paying for and taking delivery and opening the software), can include:
American customers are reluctant to return defective merchandise. Only a small fraction, often estimated as 5%, of the people who buy defective merchandise will take it back to the store or otherwise complain. According to Softletter (March 29, 1995, p. 2), the percentage of customers returning new software in direct sales channels has dropped to about 2%. (However, Jim Cox of the Software Support Professionals Association cites survey data that software customers are at a 10-year low in satisfaction with customer service. Maybe more people should reject these licenses?)
Therefore, it would take a truly remarkable term indeed that would make a publisher or reseller reasonably predict that the typical licensee would cancel the transaction just because of that particular term.
Surely, if we believe in "freedom of contract" (an often-used phrase in the meetings), we would want specifically negotiated terms to have priority over standard terms that appear only on the seller's form.
The notion of "manifest assent" allows
the publisher to pretend that the customer is actually agreeing
to a retraction of the specifically negotiated term in favor of
the standard term that she thought she had negotiated her way
The notion of manifest assent is remarkably powerful. Here are some of the things (this is a non-exhaustive list) that you can put into the license agreement and make enforceable against the customer even if he never saw them or suspected them before paying for the software, accepting delivery of the software, opening the software, and starting to use it:
This is a powerful tool. Note that it can be used by the licensor against the licensee (click OK to agree to these terms during installation). The licensee has no comparable opportunity to slip his terms by the licensor. There is no mechanism, for example, for the licensee to exclude consequential or incidental damages.
This powerful tool works only one way--it gives the licensor the ability to claim that the licensee actually agreed to its standard contract terms, but it never gives the licensee the opportunity to claim that the licensor agreed.
The old Article 2 had some difficult rules to cover the battle of the forms. The new 2B has a much simpler rule. The licensor always wins.
One of the ways that a software publisher can trash your data is by including (oops) a virus with the software that it sells you. Normally, I would think that shipping a software product that trashes your hard disk would be a material breach of contract. It might be a tort too, but the court in Rockport Pharmacy, Inc. v. Digital Simplistics, Inc., 53 F.3d 195 (8th Cir., 1995) made the licensees look to their contract for recovery in a case involving destruction of data. Here's the draft's language for dealing with viruses:
For software publishers, virus control is not rocket science.
I don't know anyone, or know of anyone, in the industry who followed these steps and released a product with a virus. I can imagine that it might happen, but in the cases that I've heard about second hand (over a few hundred product releases, no one associated with me has ever let through a virus), the software release staff took some shortcuts and got burned. Rather, their customers got burned.
Viruses are a potential huge problem. Presumably, we would like to encourage software companies to exercise care to prevent the release of products with them. It's relatively inexpensive to a publisher to buy five virus checkers and their update contracts (total cost is maybe $500). But for an individual customer, this is a big investment. It also wastes a huge amount of customer time to thoroughly test software for viruses, when the software publisher could do it once, saving everyone downstream from the bother of it.
The Article 2 approach is not quite this way, however . Instead Under 2B-319(b)(1) the publisher can simply include a disclaimer in the license agreement. (It has to be conspicuous, but it can be conspicuous" post-payment and post-delivery so long as you get "manifest assent").
Or the publisher escapes liability if it exercised reasonable care. Non-negligent conduct becomes a shield for the publisher. How often in this Article does negligent conduct become available as a sword for the licensee? I think the number is zero. I don't object to the inclusion of some fault-related and negligence-related language in the UCC. I just want it to sometimes operate in the customer's interest. Another negligence example is in 2B-701. The measure of consequential damages is to be reduced by "that part of a loss that could have been avoided by taking measures reasonable under the circumstances to avoid or reduce loss resulting from breach, including the maintenance before breach of reasonable systems for backup or retrieval of lost information."
Again, the customer loses the ability to recover if she is negligent. When does the publisher lose if it is negligent?
My final note regards remedies. The mass market customer will often have no remedies.
Revised Article 2 proposes that the aggrieved party should always be entitled to a "minimum adequate remedy." There is no hint of that in the draft of Article 2B.
Article 2B allows the publisher to fully exclude incidental and consequential damages. (In the July draft, consequential damages were automatically excluded, by default.) If the other remedies fail of their essential purpose, these exclusions still apply. If the customer ends up with no remedy, well, the customer should have negotiated a better contract.
Software publishers are charging for support these days. If you pay by the call, or by the incident, you might pay as much as $190 (that's the largest number I've heard) for an "incident." Some publishers start charging from the day you open your package. They provide no free support period. Some charge even if you are calling to report a bug.
You can spend more on the cost of calling the software publisher about a bug or two than you spent on the program. These are incidental expenses. You don't get them back (because the mass-market license will always exclude them.)
If it costs you more to get authorization to return a product than you will gain back from the refund, what remedy do you have against defective products?
In July, Consumers Union asked for a minimum assured remedy of repair or full refund. This is a nice start, but the customer's costs of defective products sometimes go well beyond the refund, and the transaction costs of reporting a bug (long hold times-sometimes 1.5 hours-on toll-costing long distance lines; pay-by-the-call support; cost of shipping the product back; etc.) can themselves go beyond the price of the program. Under these circumstances, the refund that the customer will finally get if he is willing to spend the money and jump through the hoops, is just an illusion. There is no remedy.
Competent software test organizations find most of the bugs that their products ship with. Most bugs that customers call about were found and deferred (publisher decided not to fix them) before the product was released. There are surprises, but if you keep manufacturing the product after 100 customers have called to complain about a bug, you (publisher) can no longer claim "surprise" about the bug in any newly made copies of the product, can you?
If the publisher knows that a bug will damage some customers' data or that it will fail under other predictable circumstances, but doesn't warn customers about these circumstances, and if a customer loses money because of this known bug, what public policy does it serve to say to the customer: "no matter how much you lost, you get no more than a refund (or maybe just a partial refund"?
What public policy does it serve to say to the publisher: "No matter how much you knew and no matter how much fully predictable damage you did to your customer, the worst you'll ever have to pay back is a refund."?
The core problem with Article 2B is that it provides such minimal remedies to aggrieved customers.
In later memos, I'll point out the range of remedies
that Article 2B provides to aggrieved publishers. They are not
insignificant. As in the rest of the Article, the balance favors
|Cem Kaner attends Article 2B meetings as an observer. He consults on technical and management issues, practices law, and teaches within the software development community. His book, Testing Computer Software, received the Award of Excellence in the Society for Technical Communication's 1993 Northern California Technical Publications Competition. He has managed every aspect of software development, including software development projects, software testing groups and user documentation groups. He has also worked as a programmer, a human factors analyst / UI designer, a salesperson, a technical writer, an associate in an organization development consulting firm, and as an attorney (typically representing customers and software development service providers). He has also served pro bono as a Deputy District Attorney, as an investigator/mediator for Santa Clara County's Consumer Affairs Department, as an Examiner for the California Quality Awards. He holds a B.A. (Math, Philosophy, 1974), a J.D. (1993), and a Ph.D. (Experimental Psychology, 1984) and is Certified in Quality Engineering by the American Society for Quality Control. He teaches at UC Berkeley Extension, and by private arrangement, on software testing and on the law of software quality.|