Free Software at Risk Under Lemon law 393
mpawlo writes: "Newsforge published a piece I wrote on a lemon law for software. That is - what would happen if shrinkwrap limitation of liability clauses would be banned? I think Microsoft and the GNU Project would both suffer."
CmdrTaco - US flag desecrator and Anti-Delawarian! (Score:0, Interesting)
The flag icon for Slashdot's 'United States' section [slashdot.org] [slashdot.org] is missing its first stripe - the stripe that represents Delaware, the first state admitted to the Union. While a simple oversight could be forgiven, it should be known from here on out that Slashdot is in fact aware of the missing stripe, and even worse, refuses to do anything about it! [sf.net] [sf.net]
This vulgar flag desecration and rabid anti-Delawarism must be put to a stop. Let the Slashdot crew know that we will not accept a knowingly mutilated flag or the insinuation that Delawarians deserve to be cut out of the union. I ask you, what has Delaware done to deserve this insolence, this wanton disregard, this bigotry?
This intentional disregard of a vital national symbol is unpatriotic. Why, the flippant remarks CmdrTaco made about our flag border on terrorism! I urge you to join the protest in each 'United States' story. Sacrifice your karma for your country by pointing out this injustice. Let's all work together to get our flag back. Can you give your country any less?
Interesting comment - not by me (Score:5, Interesting)
by Anonymous Reader on 2002.05.11 13:21
I am not a lawyer (thankfully), but I do know that if I pay for something, and it fails, I am entitled to compensation. If it fails from negligence or designed error, then there can be punitive damages. But let's examine the case of a Linux/BSD web server, running Apache, MySQL, and PostNuke.
To be safe, I download for free a non-commercial Linux such as Debian, or FreeBSD. I might be mistaken, but both are developed by groups of people, and anyone is allowed entry if they are competent enough coders. But a group is not a company. The whole corporation/private/public/IPO thing. I acquire, freely and legally, a copy of their work. They might have benefactors and patrons, but that isn't the same as employers.
So I download Apache, MySQL, and PostNuke. All fall under the same category. Maybe MySQL doesn't, then just replace MySQL/PostNuke with Perl/DBI.
So now a huge bug develops, a hole so large, it had to be coded in Redmond. I lose all my data, my competitors get my secrets, and I'm on unemployment line next to Enron execs. Who do I have to blame?
Let's see, someone or some people worked on a project that was supposed to do some particular task. They made it freely available, source and all, so that others might work on it as well. They made no claims about it's security, stability, etc. Others may have, but they did not misrepresent the software in any way.
I did not contribute, but I saw an opportunity to use their work. So I did. They received nothing from me, not money, not anything. And, the whole time, the company kept no secrets about the product, and in fact, by making the source available, does just the opposite.
There was no intent to decieve, nor any misrepresentation. By not purchasing the product nor any sort of service contract, I entered into no agreement with the group.
Going in, I understand the risks. I assume the responsibility if problems occur. This is 180 degrees different from microsoft, since they make plenty of claims, and since there is a legal agreement between a company and microsoft, and because they are marketing a product with known liabilities.
No, free/open source software doesn't stand to be shut down, rather it stands to gain tremendously. The problem is for companies like RedHat which sell and service open source software. So, form the commercial standpoint, it hurts linux companies who don't have billions to spend on lawyers, like er um, microsoft. But it doesn;t hurt open source software.
rob mandel
^^^----- Posted anonymously here [newsforge.com]
In fact Software ARE material goods (Score:1, Interesting)
In fact computer programs are very similar to material goods. (Not like in "Volkswagen Beetle vs Microsoft Windows", though.) Users of cars, electric appliances, cellulars, etc. are also used as dummies in a sense. Money is what counts. If you pay for something, you can ask something in return. (Read: Liability)
I guess, companies like which _sell_ products or services like Mandrakesoft, Redhat and Microsoft will suffer a lot, whereas groups such as Debian will not.
Lemon Laws would kill software (Score:1, Interesting)
Does anyone have the original recommendation made by the panel?
Unfortunately, it's needed (Score:3, Interesting)
Some sort of "lemon law" that would REQUIRE the publisher to either correct bugs, and distribute patches for free, or else refund the purchase price IS needed.
What needs to stop is companies like MS being able to leave gaping holes in their products, then correct some of them, and releasing them as "upgrades", ala Windows 98 SE and ME... Those were not really "new" OS's, they were service releases that increased the stability of `98...
In all honesty, the commercial software publishers have brought this on themselves. Sure, MS distributes patches for free for the worst holes (ala, the ones that make Code Red, Nimda, and Klez work), but the fact is, they let their products LEAVE the house with those bugs in the first place.
I see bad consequences for free software out of this, created for it by the closed source companies. Perhaps there can be an exception written in for companies that release source, and in effect, have industry wide peer review of their code.
Eventually, if such a law isn't passed, sooner or later the sharks are going to class action sue and crack away ALL such limitations in the EULA's.
There is too much money and lost productivity happening right now due to software defects.
What we need is a defined list of responsibilities, passed into law, that can't be EULA'ed away.
Wouldn't Affect Free/Open Source Software (Score:3, Interesting)
While IANAL, I did consult one about this once - when you give something away, you have no obligation to the recipient. Specifically, the recipient can't sue you if the product is defective in some manner.
Americans should remember how they destroyed ... (Score:4, Interesting)
It got so that anyone who flew whilst drunk and crashed a plane that he hadn't maintained for years could sue the manufacturer for many millions with a fair chance of winning. And even if the manufacturer won their legal costs would wipe out the profit on many aircraft. So basically the US lightplane industry closed down. (It has since started up again, as a shadow of its former self, following some law changes.)
OK, that didn't affect all that many people. Closing down the software industry would be a different game altogether.
What about failing components? (Score:2, Interesting)
I really don't understand why this is called a lemon law, actually. A car that's a lemon doesn't work, or works for a while and then throws a rod or something. I don't quite see the analouge between that and software.
In fact, someone mentioned a web server dying at some important moment, and the users of that web server losing a lot of money (ebay or amazon or something). Does this qualify under a lemon law? If I have to get somewhere important, and my car doesn't start, can I actually sue the makers of the car?
Its the implementation... (Score:2, Interesting)
Technically, under thet respect, it doesn't apply to Microsoft either.
If you buy a uesd car, and in the next couple months have to put a lot of money into it to keep it running (i.e. a prime candidate for the 'lemon law'), you don't sure Ford/GM/whoever for making a crappy car that no longer works, you sue the person who sold it to you. In effect, you sue the distributor for charging you for a crappy product, not the publisher.
It should be the same with software. Microsoft ships software to retailers and OEMs, windows get sold to consumer, consumer is unhappy, consumer sues retailer/OEM. After this, the OEM will no longer buy windows from Microsoft, so the quality of the product and the strength of the corporation will be indirectly affected, but it shouldn't be directly. If 50 owners of windows sue Microsoft, many will lose as they don't have the resources to beat out a large corporation in a legal battle. If Dell or HP/Compaq stopped selling windows with its PCs because they got a very large bad review from those consumers who bought their PC, it will have a much larger impact on Microsoft and its lines of products.
In this case also, with OSS, the writers would not be the ones who can be sued, but the corporations (RedHat, Hummingbird, Ximian et. al)
Perpetual Beta? (Score:3, Interesting)
If this were to happen, it might actaully help the public, forcing the commercial vendors into a system where they actaully have to admit that thier product is never finished. Maybe then the public would stop shelling out money every time the latest edition comes out, lining the pockets of Gates and company.
Re:No warranty anyway (Score:2, Interesting)
Source code is like the plans for a car. Are plans copyrightable? Patentable?
Compiled code is like the car itself. Same question as above.
Limit liability to multiple of software price (Score:5, Interesting)
Re:Not a lot of sense here... (Score:3, Interesting)
The only reason I mention the Japanese is the car manufacturing example I used. (Did you look at the link I provided?) The principles of quality control are universal and were actually imported by the United States: The quality movement in Japan began in 1946 with the U.S. Occupation [loyola.edu]
Now, why would Japanese companies like Toyota (which started basically in someones garage) be able to take market share from companies like Ford (who began mass production)? Because they actually applied the quality control principles. Ford, &c., were selling an inferior product, which the "lemon laws" were meant to protect consumers against.
The same is true for software. Maybe we'll get some "lemon software" protection, but the only thing that's really going to get compaies like Microsoft to start making reliable software is real competition.
He's right... Here is a different solution. (Score:5, Interesting)
I think any liability laws would unfairly punish smaller companies.
Some people are in favour of Lemon Laws specifically because they dislike Microsoft and think that Microsoft software is insecure. This is stupid and shortsighted.
Deal with Microsoft's monopoly abuses seperately. Monopolies come and go but bad legislation is forever.
Create laws that arm consumers with security information. Perhaps a grading scheme where software that doesn't connect to the internet is given a A rating. If it is a client then it gets a B rating. If it is a server it starts at C then for every three exploits within the last year the rating increments by one.
After you have informed the consumer you can let the market decide. If they still use software with a G rating then that's their own problem.
Only promise that it does what the source says (Score:2, Interesting)
Ask Microsoft to ship full source code with their products for a full disclosure of what it actually does. Since they're not willing, you have to take their word for it, which is hardly comforting.
This wouldn't effect MS, see here... (Score:2, Interesting)
1) Is all of your hardware HQL approved?
2) Are you running only Microsoft products (if you have a single custom ASP page running on your server answer no)?
3) Are you running the current versions of all software and protocols used?
4) Do you have all current updates and service patches applied?
5) Was/Is your installation completed and maintained by someone who is MSCE for every aspect, component, and method of use for the MS software and protocols you are using?
If you have answered no to any of these questions, you are TSOL.
Assuming tort-reform... Is SW a toaster or a book? (Score:2, Interesting)
Open Source software can be much like a public park. There should be an exemption for free, public *anything* that doesn't involve criminal negligence. If you don't pay admission, it would be up to you to make sure you don't do anything stupid on the play equipment.
At that point, Red Hat, SUSE, etc. can assume as much or as little liability as they want as they add a paid layer on top of the commons.
Further, Source is stuck somewhere being a device (like a toaster) or a book. If you don't like the ending of a book, or how the cake turns out, the book is in no way defective. If you can't follow instructions, or even if you simply won't, or the instructions are wrong or dangerous, you normally can't sue the author. You can sue if the toaster is defective and is actually an ignition source when used as directed.
An EULA in the usual form Microsoft uses basically declares it to be a device. If I can't read it or analyze it or quote it, but only use it, it is a device and not a book. Also it says you don't even own it (even the single copy as under copyright).
GPL on the other hand says lets discuss, improve, analyze the work, and by the way, you can run it and maybe use it to do something useful (like a recipe in a cookbook). It might be used as a device, but it is still a "book". And I think you could tweak the GPL if necessary to make it legally fall into the same liability category as a book.
Between tort reform, and resolving the device / artistic work dichotomy, I think GPLed software would thrive.
But we do not have wise leaders, and Microsoft sends more money to prevent clear thought on the part of our legislators.
Re:Free Software - Refund the purchase price. (Score:2, Interesting)
If a company has a larger annual profits, you sell exactly the same solution at a proportionally higher price. This means that the seller can be trusted, because it is in their interests to produce a piece of software that is as reliable as possible, and the buyer buys piece of mind. It also provides an answer to "Who do you sue if open source software goes wrong".
Re:Interesting comment - not by me (Score:3, Interesting)
1) Is the fix made in a timely manner? If I base my business on a webstore that you wrote in your spare time, will you be able to get me a fix within 8 hours in the middle of your final exams?
2) Does the fix solve the customer's problem? What if it is a performance / scalability problem, you designed the app to handle 100 transactions per day and the user wants to do 10,000? It dosen't need to be a technical problem either - what if the software is just too complex to use?
Then, consider all of the overhead that the distributer needs in order to (a) test the problem to make sure that they can reproduce the bug - you don't want your developers to get thousands of bogus bug reports (b) find and communicate the problem to the developer (c) and communicate the status to the user.
I think that this is a larger issue than most slashdot readers realize.
OSS advocates will use inferior products ... (Score:2, Interesting)
Yes and No.
(1) No, many Open Source advocates are quite willing to use an inferior product to maintain philosophical purity, forward a political/religious agenda, or to stroke their egos by being elite, rebellious, etc. I don't mean to imply all advocates are like this. Back in the day I would have killed to have Linux on a PC at home rather than have to dial in to the VAX at school, but science and engineering majors are geek home turf for OSS. We too often think what is good for us is good for all.
(2) Yes, many people who do try Linux, FreeBSD, etc. immediately return to Windows after deciding the OSS wasn't for them for whatever reason. I don't mean to suggest that there is anything wrong with Linux, FreeBSD, etc., just that they are still pretty much built by geeks for geeks.
Personally I think the future will bring a hybrid approach, part open, part closed. MacOS X is a good example. Other examples will be more open source libraries used by commercial apps, examples: compression, encryption, image processing, etc.
Re:Interesting comment - not by me (Score:1, Interesting)
Re:Interesting comment - not by me (Score:2, Interesting)
I am a cycling coach. I also make a little bit of money making bikes and sell one to Bob. Bob rides the bike home and on the way the brakes fail and he gets himself mangled by a sixteen wheeler. Not only am I going to get my ass sued by Bob's family for selling a "lemon", the settlement will be much more than what I sold the bike for.
This could seriously hurt the open source business. If a company uses say, RedHat, and finds that not only does it not work, it corrupts lots of information, RedHat is going to get itself in court.
Microsoft would probably be in deeper water. I would imagine that "known issues" would be like a company selling a toy which they know contains asbestos (maybe a bit harsh, but you get the idea).
It may not hurt the developers in a big way but it could effectively kill Open Source by killing off any company which tries to release a distribution. I mean, what CEO is going to authorise his techs to load an OS which was put together by his friends and he has no recourse should it mess up his entire operation, when he can buy software that he knows will compensate him should it all go SNAFU.
This is going to be a very hard area to try and legislate, and knowing the government, they are going to screw it up but good.
Americans, HELLO! We're here, too! (Score:3, Interesting)
Something that really bugs me is the comment that this lemon law could kill "OpenSource and Free Software" alltogether. In the case you guys from the US haven't noticed: There are other countries with other laws.
Of course here in Germany a vendor or producer is liable for what he sells, too. But this liability has limitations! In Germany you CANNOT sue McDonald's because you failed to notice that coffee may be hot and McDonald's hasn't provided you with that information! You CANNOT sue a toy company for selling Superman capes without providing a warning that those capes won't give you the ability to fly! And even if you can sue a company for liability (i.e. because they failed to give notice about poisons or side-effects in their products), you won't be rich!
German jurisdiction mostly follows the customs and the common sense. That means: if you pay 1000 Euro for product A it is NOT regarded in the same way as product B which you got for free.
Besides: do you really think that OpenSource and Free Software are dead the same moment the US leaves the building?