• Mission & Governance
• Services Overview
• How to Get Involved
• Standing Committees
• NCSL Foundation

• Issue Areas: A-Z
• State-Federal Relations
• NCSL Standing Committees
• News from D.C. and the States

• About State Legislatures
• Elections, Campaigns & Redistricting
• NCSL's StateConnect Directory
• Web Sites

• Online Guide to NCSL Services
• Staff Sections and Networks
• Meetings & Professional Development
• Staff Directories

• Meetings Calendar
• Online Registration
• Meetings Home Page
• Legislative Summit

• Bookstore
• State Legislatures Magazine
• NCSL's StateConnect Directory

UCITA: RULES FOR THE INFORMATION HIGHWAY

Carlyle C. Ring, Jr.
Chair, NCCUSL UCITA Drafting Committee
1401 H Street NW, Suite 500, Washington DC 20005-3324
ccring@ober.com

A. THE NEED FOR UNIFORMITY

There is an urgent need for uniform rules for the information highway. The Internet is borderless and faceless. Contract terms cannot be different in different states
(see A Framework for Global Electronic Commerce – http://iitf.nist.gov/eleccomm/ecom.html (Clinton Administration); Global Business Dialogue on Electronic Commerce – http://www.gbde.org/conference/recommendations.html (70 CEO’s of major corporations and 110 government officials.)

The United States is now in the "Information Age." Information technology already accounts for more than one-third of the growth in the U.S. economy and is by far the most rapidly growing sector.

A recent U.S. Department of Commerce report estimated that between 1995 and 1998 the increase in electronic commerce and information technology industries constituted 35 percent of the nation’s economic growth. According to the report, by May 1999, 171 million people worldwide had access to the Internet.

UCITA creates a legal framework for contract law in transactions in computer information and provides greater legal certainty for the millions of transactions which are occurring daily under unclear legal rules. This additional certainty encourages and supports the continued growth of the digital information industry, a key economic engine for the future of the U.S. economy.

OUTLINE OF UCITA

UCITA is a uniform law drafted by the National Conference of Commissioners on Uniform State Laws (NCCUSL). UCITA addresses concerns that expansion of the nation’s digital economy could be impeded by extreme differences in the law of each state.

UCITA is a commercial contract law statute that provides substantive contract law rules governing electronic commerce contracts and licenses for computer information or programs.

UCITA follows the U.S. commercial law tradition that the agreement of the parties controls and defines their obligations under a contract. It thus corresponds and brings to information transactions the philosophy adopted in all states with respect to sales of goods and leases of goods. In UCITA, with few exceptions, substantive contract law rules are default rules and are subject to contrary agreement of the parties.

The scope of UCITA is limited to "computer information transactions", which are agreements with the primary purpose to create, modify, transfer, or license computer information or informational rights in computer information. UCITA applies to a computer information transaction unless the parties agree otherwise.

UCITA also applies in mixed transactions. As a general rule, UCITA applies only to the part of the transaction that involves the computer information, and other contract laws apply to the other part of the transaction.

In the event that the computer information transaction also involves "goods" the Uniform Commercial Code (UCC) Article 2 applies to the "goods" and UCITA applies to the "computer information." If the computer information is embedded in the goods, however, UCITA only applies if the goods are "a computer or computer peripheral" or "access to or use of the [computer] program is ordinarily a material purpose of the transaction."

UCITA does not apply to: (1) financial services transactions; (2) insurance services transactions; (3) contracts to develop audio or visual programming for broadcast, satellite, or cable (except affiliation contracts); (4) agreements to develop motion pictures and distribution contracts; (5) sales of books, prints, magazines, or newspapers; this does not include online books or other similar online products; or (6) contracts for the employment of individuals, who are not independent contractors.

UCITA, like the UCC, provides that a contract may be formed in any manner sufficient to show an agreement, including offer and acceptance and the conduct of the contracting parties, or in UCITA by the operations of electronic agents. This clarifies and makes uniform the modern view of contract formation. A contract is not formed if there is a material disagreement about a material term.

UCITA authorizes parties to agree to a choice of judicial forum where a dispute is to be litigated unless the choice is unreasonable and unjust. This codifies a standard set out by the U.S. Supreme Court and followed by a number of courts generally.

Under UCITA, parties may also agree as to the choice of law that applies to their contract. This clarifies a rule that applies in many states today. However, an agreed choice of law is prohibited from altering the law that would apply to a consumer contract if the choice was not made.

UCITA provides that the consumer protection laws of a state and conflicting federal law supercede UCITA and that a court may invalidate a contract term that is unconscionable or would violate a fundamental public policy of the State.

UCITA is good for consumers who should not be without the protections contained in UCITA. Consumer provisions include:
 

- a clear statement that existing state consumer protection laws apply to computer information transactions under UCITA in the same manner as they apply to consumer goods and services, which may be very unclear now (Section 105(c))

- a consumer (mass market licensee) has a cost-free right of return if a license term is not available for review by the consumer until after a purchase and the consumer wishes to refuse the terms

- a consumer defense for electronic error in an automated transaction which is different than current law that provides a unilateral mistake will not allow a consumer to void a contract

- implied warranties are created that were not clearly available before (maybe to computer programs on a tangible media in a box, but not to access contracts, or programs deployed over the Internet)

- a warranty to a consumer extends to all individual consumers in the family or household if use should have been expected by the licensor

- consumer contracts (mass market transactions) with terms limiting duration of a license or containing automatic restraints must be conspicuous

UCITA provides several types of warranties that build on the base of UCC Article 2, but expands the warranties that are available: (1) express warranties (stated promises); (2) an implied warranty of merchantability of a computer program (that the program will work for the general purpose it was bought); (3) an implied warranty of informational content (the warranty is that the information was collected with reasonable care); and (4) an implied warranty of system integration (the program was bought relying on the merchant’s advice that it will work with other programs or equipment).

UCITA rules on disclaimer of warranties are the same as the rules under UCC Article 2, but in some cases require more explicit language of disclaimer. If a state’s consumer protection law precludes disclaimer of warranty in a consumer case, that rule governs under UCITA.

In the event of a breach of contract, UCITA provides remedies and damages to place the aggrieved party in the same position as it would have been in had the other party performed as agreed.

The license may only be canceled for a material breach and if canceled, UCITA provides the licensor with the right to possession of the copies of the information and the right to prevent the continued use of the information by the licensee. The only non-judicial means to exercise these rights is the limited remedy of electronic self help.

Electronic self-help is expressly prohibited unless the parties agree to permit its use and electronic self-help is strictly prohibited in mass-market transactions (that includes all consumer contracts) regardless of what the agreement provides.

C. SNAPSHOT OF UCITA

Like the Uniform Commercial Code (UCC), enacted in all states, the principal theme of UCITA is that innovation and competition is best fostered in a free market, where the parties may choose the technology and business models that best suit their transaction. The outline of UCITA parallels UCC Article 2 for sale of goods:

Gap-filler rules Two/thirds of UCC Article 2 and of UCITA’s 106 sections are default rules that come into play only if the express terms of the agreement of the parties are silent on a matter and a term cannot be supplied by trade usage, course of dealing, or past performance of the parties (see definition of "Agreement" in both UCC Article 1 and UCITA, and also Section 113.) Only when the Agreement is silent, and trade usage, etc., does not fill the gap do the default rules of UCITA fill the gap. In the event the default rules (based upon general business practice) are not appropriate for the particular transaction, the parties may include an express term that is appropriate. With the exception of only a few default rule sections, there is no controversy over the approximately 70 UCITA gap-filler sections.

Formation Rules UCITA expands the contract formation rules to encompass electronic contracting for information. These rules comprise about 20% of UCITA’s sections. They follow the wording and provisions of the new E-Signature federal act and UETA, which, if enacted by a state, lifts the federal preemption. In addition, UCITA provides further substantive rules needed for on-line transactions that provide safeguards and safe harbors against inadvertent assent and attribution.

Non-variable Rules UCITA contains a limited number of non-variable provisions listed in Section 113 to provide against abuses.

All interested groups participated in the drafting process. Most support UCITA as a reasonable accommodation and consensus (see the attached listing of both large and small licensees and licensors.) The concerns of some that remain in opposition are often based on their view that there should be more mandatory rules – that government should intervene to establish the terms of the contract rather than the marketplace. In short, they would go further than current law as applied to any other aspect of the economy and impose for every transaction rules that in the view of many would hamper innovation and new technologies that cannot be fully envisioned at this time.

CURRENT LAW

Our current statutory and common law is based on transactions in tangible products. Current law is not designed to be applicable to intangibles and information. Licensors and licensees of software and information products both are looking for clear, consistent rules for the information highway. UCITA provides uniform rules essential for the global economy evolving in the Information Age.

The business practice has been to license intellectual property from the beginning of our Republic. Patents have been licensed since the Constitution was written; trade secrets licensed since the beginning of the Industrial Revolution; movies licensed to theaters since the beginning of the last century; and software licensed since it was invented. UCITA accepts this established business practice of licensing of intellectual property.

Intellectual property rights are largely established by federal law (patent and copyright laws). States also establish IP rights under trade secrets and other laws. Both federal and state case law involving licenses and other contract related to patent and copyright routinely hold that issues about contract including issues about creating, interpreting and enforcing contracts are matters of state law with very few exceptions. As the law exists today, the contract law of licensing is state law and that state law varies widely from state to state.

UCITA does not change or modify in any way the IP rights created under federal and state laws.

Under current common law, there are generally no bases for implied warranties. Such warranties are established by statutory law. UCITA establishes for the first time implied warranties of merchantability and fitness, as well as for integration and informational content, uniformly for computer information.

Court decisions since 1993 have enforced shrinkwrap and clickwrap licenses. UCITA places substantial limits on such licenses that protect the other party to the agreement.

Under current law software and information can be recovered by electronic means if there is no trespass or breach of the peace. Thus electronic self-help in the event of a material default by the licensee is unrestrained under current common law. UCITA does not permit electronic self-help unless the licensee separately negotiates and assents to it and imposes very substantial due process and other limitations on its use.

Under current common law and case decisions, it is possible to enter into inadvertent contracts electronically. UCITA imposes substantial safeguards to avoid inadvertent assent.

UCITA provides that consumer protection statutes and rules trump UCITA and any terms in a contract under UCITA. In addition, UCITA includes new statutory protections for consumers.

UCITA provides certainty and consistency in the law that fosters the opportunity for this new information age to reach its full potential.
 

E. SHRINKWRAP AND CLICKWRAP LICENSES

Courts have sustained the enforceability of shrinkwrap and clickwrap licenses (see Attachment 1 hereto).

UCITA limits these decisions by adopting significant procedural protections to assure assent is intentional.

To have an agreement the licensee must have:

an opportunity to review (Section 112)
the "intent" to sign (Sections 102(a)(6) and 112(a)(1))
"intentionally engaged in conduct" to assent (Section 112(a)(2)
"attributed" to the party to be bound by security procedures which are efficacious and commercially reasonable (Sections 212 and 213(c)). The "burden of establishing attribution" rests with the party enforcing the contract (Section 213(a)).

Under current law the Licensee does not have the substantial procedural safeguards provided by UCITA.

ELECTRONIC SELF-HELP

Under current law electronic self-help is permitted (see Attachment 2)
UCC Articles 2A and 9 permit the lessor or secured party the right to repossess without going to court and the right to disable in the event of a default (breach).
UCITA substantially limits common law electronic self-help with the following limitations so self-help cannot:

• entail a breach of peace (Section 815)
• entail foreseeable risk of personal injury (Section 815)
• entail foreseeable risk of significant physical damage (Section 815)
• occur unless the license was properly canceled (Section 815)
• occur in a mass market transaction (Section 816)
• be used if substantial harm to public health or safety or grave harm to the public interest (Section 816)
• occur unless licensee separately assents to a contract term authorizing it (Section 816)
• occur unless licensee provided a name and location to which direct notice of intent to exercise self-help
• occur unless the licensor gives notice of intent to use electronic self-help 15 days in advance (Section 816)
• occur unless the notice states the nature of the breach that justifies self-help and precisely the person to contact and how to contact that person (Section 816)
• occur if a court enjoins; the licensee has a statutory right to an expedited hearing (Section 816)

MYTHS ABOUT UCITA

1. " UCITA validates licensing"
UCITA does not create licensing. Licensing already exists and licenses are extensively used
Licensing routinely is upheld by Courts for intellectual property
UCITA recognizes parties may either sell or license digital information

2. "UCITA prohibits adverse comments and reverse engineering"
UCITA contains no provision authorizing such contract terms
To the contrary, UCITA empowers Courts to invalidate such terms that violate fundamental public policy (Section 105(b))
The Official Comments specifically state that free expression, fair use, and reverse engineering for interoperability are public policies that may override contract terms

3. "UCITA prohibits transfer of a license"
UCITA’s default rule is that a license in transferable
That default rule can only be overridden by the Copyright Act or other law, or a contract term agreed to by the parties

4. " UCTIA validates shrinkwrap and clickwrap licenses"
Courts have upheld shrinkwrap and clickwrap licenses (See attached list of cases)
UCITA substantially modifies and limits that case law to provide significant protections and limitations (See E. above)

5. " UCITA allows disclaimer of implied warranties"
UCITA’s disclaimer rule is the same as UCC Article 2 for goods, except the sample language is more protective and understandable (Section 406)
Under UCITA, other law such as misrepresentation, fraud, consumer protection, unfair and deceptive practices applies to and provides remedies for products sold or licensed with known defects
Without UCITA, and under the common law, there would be little basis for assenting implied warranties which are for the first time statutorily prescribed in UCTIA for intangibles.

"UCITA supercedes consumer protection law"
UCITA specifically provides that a state’s statutes and rules govern and trump any contract term.

UCITA’S DEFAULT RULES ARE BALANCED

UCITA’s default rules mostly codify either rules of UCC Articles 2 or 2A, or common law. (See attachment 6)

UCITA’s default rules add new protections for licensees that go beyond current law.

The participation in the 16 Drafting Committee meetings by observers who actively engaged in the dialogue were balanced between licensors and licensee (see Attachment 3)

ADDITIONAL INFORMATION AVAILABLE

Additional materials are available from the NCCUSL website (www.nccusl.org) including:
Full text and Official Comments of UCITA
Questions and Answers
Other materials

ATTACHMENTS

Cases upholding shrinkwrap and clickwrap licenses
Electronic Self-help Cases
UCITA Drafting Committee Meetings Recorded Attendance
Supporters of UCITA and Concerns Resolved
Virginia’s 2001 UCITA
Libraries and Fair Use

4 Federal Circuit Court Cases (Supreme Court did not grant certiorari)

10 Federal District Court or State Appellate Court Cases (New York, Washington, New Jersey, North Dakota, Massachusetts, Florida, Arizona, Rhode Island)

ZERO cases since 1993 to the contrary.
 

Cases Upholding Shrinkwrap and Click-wrap Licenses

ProCD, Inc. v. Zeidenberg, 86 F.3d 1447 (7^th Cir. 1996) (contract enforceable; limits use of database to consumer purposes only)
Compuserve Inc. v. Patteron, 89 F.3d 1257 (6^th Cir. 1996) (contract treated as valid without discussion; enforces choice of forum terms in online license)
Hill vs. Gateway 2000 Inc., 105 F.3d 1147 (7^th Cir. 1997) (contract requiring arbitration enforceable based on use of computer without objecting to contract terms)
Brower v. Gateway 2000, Inc., 676 N.Y.S.2d 569 (NY AD 1998) (contract enforceable based on use of computer without objecting to terms; part of particular arbitration clause unconscionable)
M.A. Mortenson Co., Inc. v. Timberline Software Corp., 970 P.2d 803 (Wash. App. 1999) (license enforced when it followed purchase order; "Reasonable minds could not differ concerning a corporation’s understanding that use of software is governed by licenses containing multiple terms.")
Caspi v. The Microsoft Network, L.L.C. et. al., 323 NJ Super. 118, 732 A2d 528 (N.J. Super. A.D. 1999) (click agreement enforced; choice of exclusive forum in on-line contract governs)
Hotmail Corp. v. Van$ Money Pie, Inc., 47 U.S.P.Q.2d 1020 (N.D. Cal. 1998) (online terms of service enforceable)
Rudder v. Microsoft Corp., Ontario Superior Ct., (Oct. 8, 1999) (click agreement enforced; choice of exclusive forum in on-line contract governs based on click acceptance)
Green Book Int’l Corp. v. Inunity Corp., 2 F. Supp. 112 (D. Mass. 1998) (enforceable shrink wrap gave greater rights of distribution)
Micro Star v. Formgen, Inc., 942 F. Supp. 1312, aff’d 154 F.3d 1107 (9^th Cir. 1998) (lower court enforced online license; appellate court held that either the license barred the conduct or there was no license to prevent claim of infringement).
Management Computer Controls, Inc. v. Charles Perry Const., Inc., 39 UCC Rep Serv 2d 1162 (Fla. App. 1999) (forum selection clause in shrink wrap license enforced)
Arizona Retail Sys., Inc. v. Software Link, Inc., 831 F.Supp. 759 (D. Ariz. 1993) (one contract not enforced; but other shrink wrap enforceable where conditional nature of deal clear)
Storm Impact, Inc. v. Software of the Month Club, 1998 WL 456572 (ND Ill. 1998) (fair use not present where online terms limited use to non-commercial uses)
Groff v. America Online, Inc., 1998 WL 307001 (R.I. 1998) (user bound by contract selection of law in online license)
Rinaldi v. Iomega Corporation, 1999 WL 1442014 (Del. Super.) (A disclaimer of implied warranty for Zip drive contained inside the packaging is effective)
Levy v. Gateway 2000, Inc., 33 UCC Rep. Serv. 2d 1060, 1997 WL 823611 (N.Y. Sup.) (With respect to an arbitration clause, had an opportunity to accept the accompanying terms by returning the product)
 

There are several cases cited as contrary, but that can be distinguished:
Step-Saver Data Sys., Inc. v. Wyse Technology, 939 F.2d 91 (3d Cir. 1991) (shrink wrap not enforceable in a "battle of forms", i.e., offer and counter- offer, context)
Arizona Retail Sys., Inc. v. Software Link, Inc., 831 F.Supp. 759 (D. Ariz. 1993) (follows Wyse as to one shrink wrap agreement, but enforces other where prior agreement conditional)
Vault Corp. v. Quaid Software, Ltd., 847 F.2d 255, 260 (5th Cir. 1988) (lower court held license invalid as contract of adhesion; Fifth Circuit does not review that issue, but focuses on preemption in the absence of a contract); Klocek v. Gateway, Inc. 2000 WL 967459 (D. Kan.) ("battle of forms" case under 2-207; no notice of additional terms, and no express consent to the additional terms)

Purpose:

This memorandum briefly discusses the reported cases which address the use of electronic means to deactivate a computer program, and, where possible (depending upon the availability of facts), discusses what result would have been reached on the same facts under UCITA.

Commercial Context:

Section 816 of UCITA, "Limitations on Electronic Self-Help," initially was conceived to address the following fact pattern: A software licensee materially breaches a software license (by failure to pay or other action constituting material breach, such as copying the software and reselling the copies to third parties, or wrongfully making the software available to unlimited third parties over the Internet ). The software licensor exercises its right to cancel the software on account of the material breach, and then uses electronic means to either repossess or prevent further use of the software, on the theory that the licensee is not entitled to use the software after cancellation.

The Drafting Committee was aware that there were few reported cases on the subject, and that courts would be likely to apply by analogy the self-help provisions of UCC Articles 2 and 9. In 1992, the ABA issued an updated Model Software Licensing Agreement that sets forth an express provision warranting that there is no Self-Help or Unauthorized Code evidencing that self-help was an issue over a decade ago. It was and is not extraordinary for a License to contain an authorization to disable the software if there is a material breach.

In considering the issue whether to be silent as is UCC article 9, the Committee was aware of a number of new commercial realities presented by the development of the Internet and the increasing reliance on computer systems to run virtually all aspects of business:

1. Information in digital form could, in a matter of seconds, be copied and distributed to millions over the Internet.

2. While the Internet had made it possible for thousands of small software licensors to distribute their products globally, those small companies generally had limited economic power. Self-help provided a way to secure their property and protect their income stream, thus leveling the playing field for them as against larger, established entities.

3. Companies against whom self-help was exercised could be crippled, even shut down completely.

4. There existed the potential for grave harm to the public by the exercise of self-help.

Findings:

A review of the reported cases which address the use of electronic means to deactivate a computer program reveals the following:

1. Only one reported case was found which follows the classic fact pattern for which Section 816 initially was conceived (use of electronic self-help to remotely deactivate software following breach). That case, Computer Trust Leasing, v. Jack Farrell Implement Co. 793 F.Supp. 1473 (D.Minn 1991), affirmed 967 F.2d 1208 (8th Cir. , 1992) upheld the right of the licensor to electronically deactivate the software after the licensee's default, despite the fact that there was no clause in the license agreement expressly permitting same.

2. No reported case holds that parties to a contract may not agree to provide in their contract for electronic deactivation of software;

3. Computer crimes statutes do not prohibit parties to a contract from including in their agreements provisions permitting the electronic deactivation of software.

4. There are several reported cases which held that it was wrongful to "secret" a "timebomb" or other disabling device in the software. Many of these cases were decided under federal and state computer crimes laws, none of which laws will be disturbed by UCITA. Some of these cases involved a breach by the licensee, others did not.

5. No reported case, whether commercial or under a criminal statute, holds that self-help is prohibited where authorized by a contract term.

Case Summaries:

A. Classic Electronic Self Help:

1. American Computer Trust Leasing, v Jack Farrell Implement Co., 793 F.Supp. 1473 (D. Minn 1991) aff'd 967 F2d 1208 (89th
Cir. 1992).

Plaintiff ACTL and its related company, Automatic Data Processing ("ADP"), leased computer hardware and software to Defendant Jack Farrell. Jack Farrell fell behind on payments and then refused to pay the balance owed, charging, among other things, that system failed to work properly. After Farrell's account had fallen significantly past due, ADP notified Farrell on June 30, 1987 that it would terminate all processing and support services on July 8 if payment was not received by that date. On July 8, ADP deactivated Farrell's software as previously warned. After Farrell discovered that its software had been shut off for nonpayment, Farrell paid the amounts past due on its account and ADP promptly reactivated the software. At that point, ADP contended, Farrell disconnected its modem so that ADP could no longer access the system for service and support. Farrell made no further payments to ADP although, ADP contended, Farrell continued to use ADP software and hardware. One of Farrell's officers testified that Farrell was aware of the fact that software services would be discontinued if payments were not made (though it does not appear from the record that the software license actually stated that the software could be deactivated electronically but merely provided that it could be canceled upon the client's default). The trial court found that the deactivation occurred as a result of Farrell's nonpayment under the terms of the software license agreement and that its deactivation was not unlawful or wrongful but merely an exercise of its rights under the software license agreement. The trial court stated that "... ADP had a legal right to deactivate...for non-payment..." the defendant's software. Moreover, the court found that ADP was under no obligation to provide the defendant with a conversion tape to help transfer its information from the ADP system to another vendor's system. The case was appealed and affirmed on grounds not relating to the exercise of self-help.

Result under UCITA: This is the classic case of electronic self help which UCITA was designed to address. If, as it appears from the record, the software license did not actually provide that ADP could exercise electronic self-help upon Jack Farrell's default, then under UCITA, ADP's exercise would have been wrongful, and ADP would have been liable for damages (including consequentials, which under UCITA cannot be avoided by contract.

B. Cases under Computer Fraud and Abuse Act (CFAA) 18 U.S.C. Sec. 1030

The CFAA is a criminal and civil action federal statute. It proscribes the unauthorized access to certain computer systems for harmful purposes by means of a modem or direct keyboard entry. To the extent that parties agree in a contract to permit such access, then, obviously, it is authorized and will not violate CFAA.

1. North Texas Preventive Imaging, LLC vs. Harvey Eisenberg, 1996 U.S. District, Lexis 19990 (C.D. Calif, 1996). NTPI was a provider of medical diagnostic imaging services. NTPI purchased the "Scribe" computer system from Defendant, the purpose of which was to perform computer enhancement of medical images. NTPI was dissatisfied with performance of software and tried to return for a $161,000 refund. Defendant (also known as "MDI") responded by asking NTPI to enter into a new licensing arrangement and stating that the software would be disabled on January 31, 1996 if the new license agreement were not executed. According to the record, when the software initially was installed, it contained no timebombs, but sometime later an "update disk" was sent to NTPI to install, which, unknown to NTPI, contained a timebomb. MDI notified NTPI that it could prevent the explosion of this timebomb by executing the new license agreement. NTPI sued , alleging that (1) MDI had violated the federal Computer Fraud and Abuse Act, and (2) the insertion of the timebomb amounted to "conversion." MDI filed motions to dismiss. The court dismissed the conversion claim, but refused to dismiss the CFAA claim. In not dismissing the CFAA claim, the court noted that "whether the use of a time bomb is illegal appears to require a case-by -case analysis of the defendant's intent, the type of computer involved and the resulting harm." Further, the court enjoined MDI from allowing the timebomb to go off until the matter could be litigated. The court noted: "Members of the public who have been, or who are now or who might become patients of NTPI are exposed to psosible harm to their medical conditions if the Scribe System is deactivated by a timebomb in its software, for their previously taken scans will not be avialble for review to monitor effectiveness of treatment or to recommend treatment and new scans could not be taken to detect serious or possibly life threatening diseases." There is no further record of this case, so it is not known how it would have been decided on the merits.

Result under UCITA: Exercise of the timebomb on these facts would be wrongful under UCITA because there was no separately assented to term and no notice as mandated by UCITA. Further, UCITA would not disturb any finding of criminal or civil liability under CFAA. Finally, the type of potential harm to patients of NTPI is exactly what is contemplated by UCITA's no "harm to the public health" standard.

2. Gomar Mfg. Co. v. Novelli, C.A. No 96-4000 (D.N.J. Jan. 28, 1998) (unpublished). Gomar "surreptitiously" loaded a time bomb. The court found that "undisclosed" disabling codes were intended to be covered by CFAA.

Result under UCITA: A timebomb inserted "surreptitiously" is contrary to UCITA. It is clear that UCITA would not permit an undisclosed exercise of self help, or exercise without the required notice in the manner agreed upon by the parties. UCITA, of course, would not disturb the operation of any criminal sanction or finding under CFAA.

3. Shaw and Moon v. Toshiba et al. 91 F Supp 2d 926, 1999 U.S. Dist. Lexis 21790 (E.D. Tex. 1999). This case dealt with whether CFAA was intended to cover only the actions of hackers, rather than the placing of surreptitious codes by manufacturers. The court denied motions for summary judgment that CFAA did not apply to the placing of codes by manufacturers.

Result under UCITA: It is clear that UCITA would not disturb any finding under CFAA. Further to the extent of a contract issue, a "surreptitious" deactivating of codes would be contrary to UCITA.

C. State Criminal Law:

1. Wisconsin v. Brian P. Corcoran, 186 Wis 2d 616, 522 NW 2d 226, 1994 Wisc. App. Lexis 954 (Court of Appeals, Wisc. 1994). ) Defendant Corcoran was engaged to develop software for plaintiff Mueller Consulting Systems ("MCS") . Defendant became concerned that he would not be paid for his work, and secretly installed a "time bomb" in the software set to disable the software at a preset time. It does not appear from the record that was any actual breach; Corcoran was merely concerned that there might be. (Note that Corcoran acted pro se, and that the arguments were not well developed in the case.) For example, defendant appears not to have argued that he set off the time bombs in reaction to MCS' failure to pay. It appears from the opinion that he merely was "worried" that MCS would not pay him. Nor, apparently did he demand payment, and threaten to set off the time bombs if he did not get payment. Note, also that this is a criminal case. A search of the record produced no citation to a companion civil case. Corcoran was convicted under the Wisconsin Computer Crimes Act.

Result under UCITA: This was not a case of self-help following breach. Although the "time bombs" were installed apparently because Corcoran was afraid he would not be paid, there is no evidence that MCS actually failed to pay, or otherwise breached the contract. Thus, this would not fall under 816, but instead would have to be analyzed under 605. Under 605, insertion and activation of this timebomb would have been wrongful. UCITA would not disturb any result under the Wisconsin Computer Crimes Statute. (These types of actions are exactly what most computer crimes statutes are designed to address.)

D. Other "Secret" Timebomb cases

1. Franks & Sons, Inc. v. Information Solutions, 1998 U.S. Dist. Lexis 18646 (N.D. Oklahoma 1988). The Order had no accompanying opinion, but states as follows: "The "drop dead" device was not a part of the original agreement between the parties. This type of extraordinary device by its very nature, when not part of the parties' bargain, is void as a matter of public policy."

Result under UCITA: The reference to "part of the bargain" indicates that the parties may agree upon a self-help term. Otherwise, it is impossible to determine further the application of UCITA given the lack of available facts.

2. Art Stone Theatrical Corp. v. Technical Programming & Systems Support, 157 A.D. 2d 689, 549 N.Y.S. 2d 789, 1990 N.Y. App. Div. Lexis 483 (Sup Ct., App. Div., 2d Dept. 1990). TPSS sold a software system to Art Stone. The system failed to work properly, and the parties engaged in a lengthy dispute over its performance. Defendant then removed the source code from the system without the plaintiff's knowledge or consent. This prevented any modification or adjustment to the system. Defendant agreed to restore the source code only if Plaintiff signed a General Release. Plaintiff signed the release, and then sued defendant. Defendant countered, contending that the release precluded Plaintiff from suing. Plaintiff charged that the release was procured through duress. The trial court agreed with defendant, but the appeals court reversed, holding that the release was invalid because it was procured through duress. The matter was returned for trial, but no record of the trial was found, indicating that the case likely settled.

Result under UCITA: Deactivation without knowledge is prohibited by UCITA. However, it does not appear that Defendant used electronic self help or surreptitious code to disable the program. Defendant's conduct in removing the source code ultimately would not be decided under UCITA, but would instead be decided under the applicable computer crimes statute, and attendant civil provisions.

3. Werner, Zaroll, Slotnick, Stern & Askenazz v. Donald A. Lewis, 155 Misc. 2d 558, 588 N.Y.S. 2d 960, 1992 N.Y. Misc. Lexis 459 (Civil Court, NYC 1992). Defendant computer consultant intentionally disabled Plaintiff's computer system by secretly placing a conditional statement in the software that caused the system to cease functioning when it reached a certain claim number, in the hope that plaintiff law firm would retain defendant computer consultant to correct the problem. The contract between the parties did not disclose that the system would fail to function upon reaching a certain number. The court held that defendant was civilly liable and probably was also criminally liable.

Result under UCITA: UCITA prohibits "secretly" disabling. Defendant's action was not taken in response to plaintiff's breach, but instead, in order to get more work from plaintiff. Therefore, this case would not fall under Section 816. A number of theories of recovery would be available to plaintiff under UCITA, including breach of warranty and wrongful use of an automatic restraint. Lewis had no right, under Section 605, to include such an automatic restraint.

4. Clayton X-Ray Company v. Professional Systems Corporation, 812 WE 2d 565, 1991 MO App. Lexis 1198 (Court of Appeals, MO, W.D. 1991). PSC sold Clayton a computer and software. When Clayton failed to pay the final balance of one-fourth of the price, PSC surreptitiously installed a "lock up code" which caused the system to lock up and made it impossible for Clayton to access its data. Jury found for Clayton on conversion theory. Court upheld on appeal noting that "PSC had no legal right, or any colorable legal right, to lock up Clayton's computer system. PSC's president had told a PSC employee to take a disk to Clayton's place of business, to tell the people at Clayton that there were some program changes that needed to be done, but then to load the computer instead with instructions to lock up. . . The effect of the lockup was to prevent Clayton's access to the records of is business."

Result under UCITA: PSC's actions would have been wrongful, thus making it liable for direct, incidental and consequential damages. However, had UCITA been in effect, it would have been more likely that PSC would have known that its actions were wrongful (because Section 816 states so clearly exactly what is required), PSC likely would have negotiated the self-help provision up front, and all parties would have been better off.

Conclusion:

No case or statute was found which prohibits the exercise of self-help in the classic fact pattern described at the opening of this memorandum, or which prohibits parties from agreeing in a contract that they may permit electronic self help. The only reported case which addresses the classic self-help fact pattern upheld the licensor's exercise of self help even though there was no contract clause authorizing it. Other cases, whether commercial contract or criminal cases, clearly sanction "secret" self-help devices but do not prohibit self-help that is authorized.

Prepared by Mary Jo Dively
September, 2000

A. Trade Associations (representing both large and small Licensors
and Licensees)

American Electronics Association
(3000 high-tech companies)
Business Software Alliance
(Members include Adobe, Apple, Autodesk, Bentley, Compaq, Intel, Intuit, Lotus, Microsoft, Macromedia Network, Novell, Sybase, WalkerDigital(Priceline))
Information Technology Association of America
(11,000 direct and affiliated companies)
Software and Information Industry Association
(1200-member companies including Dow-Jones, Oracle, McGraw-Hill, Reed-Elsevier, Apple, Netscape/AOL, Nasdaq, NY Mercantile Exchange)
Small Business Survival Committee
Silicon Valley Software Industry Coalition
(1800-member companies)
Computer Software Industry Association
(2000 California companies)
Equipment Leasing Association
(1800 member companies)
Digital Commerce Coalition
(AOL, AeA, Adobe, Autodesk, BSA, Intel, ITAA, Lotus/IOM, Microsoft, NASD, Novell, Reed Elsevier, Silver Platter, SIIA and Synantec)

Nasdaq
American Stock Exchange
New York Stock Exchange

Chicago Mercantile Exchange
New York Mercantile Exchange
Chicago Board of Trade

Reed Elsevier
Dun & Bradstreet

Maryland Bankers Association
Virginia Bankers Association

DuPont
Daimler Chrysler

America Online
Autodesk
Compaq
Intel
Lotus/IBM
Microsoft
SilverPlatter
Symantec

Verizon, Inc.
AT&T
MCI

Motion Picture Association of America
Magazine Publishers of America
Newspaper Association of America
National Association of Broadcasters
National Cable Television Association
Recording Industry Association of America
National Music Publishers' Association
Association of American Publishers

Circuit City

ABA Advisors to UCITA Drafting Committee
Delaware Bar Association
Oklahoma Bar Association (Financial Institutions and Commercial Law Section)
Virginia Bar Association (Business Law Section )
Washington Bar Association ( Report of Law of Commerce in
Cyberspace of Business Section)

Delaware Chamber of Commerce

The Virginia Amendments to UCITA undertake to address concerns that include those of libraries, retailers, consumers, and users of information products. The Amendments set forth in H.B. 2412 passed the House of Delegates by a final vote of 96-1 on February 13, 2001 and the Senate by a vote of 38 to 0 on February 9, 2001.

A related Bill which makes certain amendments to Virginia’s Consumer Protection to assure coverage of licenses and computer information. The principal and substantive changes made by H.B. 2412 are as follows:

Electronic Self-Help Under common law, electronic self-help (to disable software in the event of material breach) is permitted with no procedural or substantive limitations or prohibitions. UCITA imposes substantial limitations and prohibitions requiring clear separate assent and negotiation of the term, due process and notice provisions that would allow disabling only in the most egregious cases of misappropriation and prohibiting it in mass market transaction or where pubic health and safety and the public interest is impacted. The H.B. 2412 amendments further clarify and expand these limitations by:

Defining "wrongful use"
Emphasizing that "separate assent" is truly to be separate
Clarifying the intent of subsection (i)

Automatic (passive) restraints An automatic restraint definition is clarified, preventing use contrary to the contract while still enabling use as permitted by the contract. Also the amendment makes clear that a passive restraint cannot be employed as a remedy for a breach which is covered by Section 59.1-508.16. Any loophole, that might have been construed to be present, is closed (pages 17-18 of H.B. 2412).

Consumer Protections The intent of UCITA is that consumer protections trump contract provisions. The amendment to Section 59.1-501.5 clarifies that any (every) consumer protection law including but not limited to the Virginia Consumer Protection Act, trumps (page 12 of H.B. 2412). S.B. 1017 amends the Virginia Consumer Protection Act to make it clearly applicable to licenses and computer information. Another amendment requires mass-market (consumer) licenses to "expressly and conspicuously" set forth any designation of an exclusive forum (page 12 of H.B. 2412). In a mass-market (consumer) license, the term must be available before assent and after assent in a form readable by the licensee (page 14 of H.B. 2412).

Transferability In a sale or acquisition of an affiliate or subsidiary transferability to preserve the integrity of information or compatibility of processing systems is allowed (pages 16-17 of H.B. 2412). The UCITA default rule is that a license is transferable.

Libraries In discussions with the Virginia libraries, a new section is included that partially resolves concerns. As a default rule, unless the parties otherwise agree, with respect to a tangible copy (e.g. CD-ROM) a non-profit library, archive or educational institution may subject to the limitations and restrictions of copyright law
lend that copy to users in the ordinary practices of non-profit libraries or archives
make a copy for archival or preservation purposes
engage in inter-library lending
make classroom and instructional use of a tangible copy

However, the default rules can be varied if the change is conspicuous and specifically assented to. Further, if the term is not provided in advance, the institution must know or have reason to know it will be provided later with a cost-free return if it rejects the term. These provisions do not apply to an on-line transaction. However, the amendment makes clear that in an online transaction of a term contrary to fundamental public policy including policies under federal copyright law such as fair use is unenforceable (pages 15-16 of H.B. 2412). With some reservations, the Virginia Library Association, with this amendment, dropped its opposition to the implementation of UCITA in Virginia.

Service Providers Amendments are included that make clear that to the extent telecommunications companies are regulated, or are merely a conduit, they are not within the scope of UCITA (pages 10 and 14 of H.B. 2412).

Motion Pictures While contracts to create motion picture and theater distributions are excluded, an amendment includes within the scope of UCITA mass-market transactions for movies (e.g., over Internet or cable TB) (page 10 of H.B. 2412).
 
 

OVERVIEW
by
Carlyle C. Ring, Jr.
Ober, Kaler, Grimes & Shriver

DIGITAL INFORMATION WILL BE LICENSED WITH OR WITHOUT UCITA

Licensing of IP is as old as the Republic, and common for licensing of:
Patents – since the Constitution was adopted
trade secrets – since the Constitution was adopted
movies and recordings – since invented
digital information – since invented

Digital information is currently licensed to libraries and will continue to be licensed with or without UCITA.

UCITA IS NEUTRAL ON SALE OR LICENSING AND DEFERS TO FEDERAL COPYRIGHT LAW

UCITA recognizes either sale or licensing of Intellectual Property (IP).

UCITA specifically provides that federal law (e.g. Copyright Act) that preempts, preempts UCITA and terms of contracts under UCITA (Section 105(a)).

UCITA further provides that contract terms inconsistent with fundamental public policy (e.g. innovation, competition, free expression, fair use) are not enforceable (Section 105(b)).

UCITA also makes unenforceable contract terms that are "unconscionable" (Section 111) or lacking in "fair dealing (Sections 102(a)(32) and 114(b)).

UCITA contains safeguards against inadvertent assent (Sections 112, 202, 208, 209, 212, and 213).

These UCITA provisions are an advance over current common law for licensing.

CONGRESS AND THE COPYRIGHT OFFICE ARE THE APPROPRIATE FORUMS FOR CHANGES TO COPYRIGHT LAW

Congress has exclusive jurisdiction of Copyright Law and DMCA has authorized certain studies and proceedings to be conducted by the Copyright Office for distance education and exemptions.

State legislatures do not have the expertise or constitutional authority to prescribe the "do’s and don’ts" for licensing of digital information.
Congress and the Copyright Office are the appropriate forums for changes to copyright law.

Fair Use is an imprecise doctrine that requires weighing of factors which requires examining facts and circumstances on a case-by-case basis.

CONGRESS AND THE COPYRIGHT OFFICE HAVE BEEN CONSIDERING PROPOSALS FOR EXEMPTIONS AND CHANGES

(1) Legislative History of DMCA:
The principle of fair use involves a balancing process, whereby the exclusive interests of copyright owners are balanced against the competing needs of users of information (DMCA Legislative History)..

Report on Distance Education (May 1999)
"It [fair use defense] is flexible and technology neutral…It requires courts to examine all the facts and circumstances, weighing four non-exclusive statutory factors. While there are not yet cases addressing the application of fair use to digital distance education, a court’s analysis will be depend on elements such as subject matter of the course, the nature of the educational institution, the ways in which the instructor uses the material, and the kinds and amounts of material used." (Report on Copyright and Distance Education, Executive Summary, page viii).

"There is virtual unanimity that the doctrine of fair use is fully applicable to uses of copyrighted works in the digital environment, including in distance education" (id, at page xi).

The Report urges:
"clarification in the legislative history including examples of digital use that qualify as fair use
discussion of guidelines by interested groups

The Report sees no need to abandon or regulate "the long-standing licensing system" (id at page xxiii).

"We have not otherwise seen sufficient evidence of a need for legislative solution moving away from the general free market approach of current law…At this point in time we recommend giving the market for licensing of non-exempted uses leeway to evolve and mature. Because the field of digital distance education is growing so quickly, and effective licensing and technologies may be on the horizon, we suggest revisiting the issue in a relatively short period of time." (id, at page xxix).

Exemptions Final Rule 65 F.R. 64556 (Oct. 27, 2000)

"Licensing": Many of the complaints aired in this rulemaking actually related primarily to licensing practices…" (at page 64565).

"Commenters and witnesses who complained about licensing terms did not demonstrate that negotiating less restrictive licenses that would accommodate their need has been or will be prohibitively expensive or burdensome." (at page 64563)

The record in this proceeding does not reveal that ‘pay-per-use’ business models have, thus far, created adverse impacts on the ability of users…that would justify any exemptions from prohibitions or circumvention." (at page 64564)

"7. ‘Fair Use’ Works A large number of commenters urged the Register recommend an exemption to circumvent access control measures for fair use purposes…the classes are scientific and social databases, textbooks, scholarly journals, academic monographs and treatises, law reports and educational audio/visual works." (at page 64571)

"No evidence was submitted that specific works in these named classes have been or are likely to be inaccessible because educational institutions or libraries have been prevented from circumventing them. (at page 64571)

NATURE OF PROBLEM - SUMMARY

The dramatic transformation from books to digital technology over the last two decades has had an exciting but challenging impact on the speed and availability of information. A book can be used by only one person at a time; a digital record can be simultaneously available to thousand, 24 hours a day, anywhere.

Both Congress and the libraries have struggled with how "fair use" applies to a digital record; the libraries have not been satisfied with what Congress has done to date.

IP professors, writing to the Presiding Officers of the Maryland General Assembly, acknowledge that the matter is in the hands of Congress, and case-by-case application of the Law: "[T]he U.S. Constitution may still preempt some of these license terms… We believe that when this issue reaches the Supreme Court, the Court will conclude that federal law indeed does preempt…terms that interfere with fair use of override other statutory limitations on copyright protection…The federal copyright law does not specify with particularity which terms may and may not be varied by contract; theses decisions are made on a case-to-case basis by federal courts."

Federal copyright law is not for States to change. UCITA specifically provides that whatever federal law preempts is preempted. What Copyright Law permits or prohibits is the prerogative of Congress. State contract law is not the place to change copyright law.