We don't need no UCITA

While the New Zealand IT sector is anxiously awaiting new laws outlawing hacking and allowing digital signatures, Americans are anxious about another legislative initiative.

While the New Zealand IT sector is anxiously awaiting new laws outlawing hacking and allowing digital signatures, Americans are anxious about another legislative initiative. UCITA, the Uniform Computer Information Transactions Act, is a proposed law that would allow vendors to cripple software by remote control, sue users wherever they please and prevent anyone from reporting on software performance. Computerworld US’ Frank Hayes reports that after version one of the law was widely pilloried, a revision released a fortnight ago is only slightly more palatable.

Maybe, just maybe, a bad law got a little less bad.

Some of the language allowing vendors to booby-trap their products is gone in the amended version. The sue-where-you-want provision is a little less onerous. The blocks to prevent users from sharing test results with one another have been slightly reduced.

But maybe what they should do is just start again.

UCITA first arose in the 1980s as an addition to the Uniform Commercial Code. The idea of the UCC is to have a standard state law, passed by all 50 state legislatures in the US, that creates a uniform legal framework for commercial transactions -- in this case, for software licences.

The tough part, of course, is coming up with a law everyone can agree on. And when it comes to UCITA, the one thing most people agree on is that they don't like UCITA.

In 1999, one of the two organisations responsible for the UCC, the American Law Institute, refused to have anything more to do with the software law. The other UCC organisation, the National Conference of Commissioners on Uniform State Laws, promoted the software provisions as a standalone uniform law later in 1999. But since then, a long list of other organisations have objected to parts of UCITA, including the American Bar Association, more than 30 state attorneys general and dozens of large corporate IT users.

In three years, UCITA has become law in only two states, while three other states have passed laws that explicitly block parts of UCITA from being enforced. Most of the remaining states are either doing nothing or considering their own anti-UCITA legislation.

The uniform-law commissioners have worked on this for more than a decade, trying to tweak it, adjust it, fix its problems by making the smallest possible changes so as to avoid losing that decade's worth of carefully crafted compromises and agreements.

But a bad law is like badly written software. As every programmer knows, the more software is patched the more complex it becomes and the harder it is to maintain, and the more likely it is to do unintended things. And no matter how much you patch it, bad software will never become good software -- just a little less bad.

With what the uniform-law commissioners have learned since they began work in the 1980s on the law that became UCITA, they can doubtless create legislation that really will serve as a uniform legal framework.

Hayes, Computerworld US' senior news columnist, has covered IT for more than 20 years.

Join the newsletter!

Error: Please check your email address.

Tags UCITA

More about Hayes

Show Comments

Market Place

[]