12 Principles for Fair Commerce in Software and Other Digital Products
Technical Version

Introduction

The digital revolution has provided powerful new tools for businesses and individuals and transformed commercial transactions in the digital marketplace. Yet, customers of mass-market digital products and services, including software and digital content, find their rights under attack as digital product sellers, including producers, distributors, and suppliers, have fought to give their one-sided terms the full weight of binding contracts, usually calling these arrangements “licenses.” Fairness in these transactions has become a pressing public policy concern.

An efficient marketplace depends on a balance of power between sellers and customers that must start with disclosure of terms early enough for the customer to review and compare terms of competing products in a meaningful way. Nevertheless, sellers often will not make their terms available for viewing until after the purchase, even in an on-line transaction. Instead, terms are often inserted inside software packaging or displayed only after the customer has paid for the product and is merely asked to click “I agree.” Once able to review the document, even the most earnest customer often finds it hard to understand the terms presented with the product. Couched in confusing legal language that can roll on for pages, sellers have few if any reasons not to include unexpected, harsh, or even anti-competitive terms. It is no surprise that customers often don’t read the terms; negotiation is impossible and it is burdensome to return a product to reject the terms.

Digital product sellers are drafting licenses that substantially diverge from reasonable customer expectations and from the public interest. A careful reader of the fine print commonly finds terms that prohibit testing or criticizing a product, transferring software, or using the product to create competing products. Some terms even assert that the seller has the right to invade the customer’s privacy by collecting personal data, monitoring Internet activity and using the data in any way the seller wishes.

Courts may or may not enforce such terms and that is the problem. Sellers can use extreme terms to threaten lawsuits against those who often lack resources to defend them and, therefore, must back down. These terms thus have chilling effects on competition, innovation and legitimate uses. As a result, both individuals and businesses face increased risk to computer integrity and security. Terms contrary to ordinary and reasonable expectations should not be enforceable unless sellers and customers actively negotiate them and they are consistent with sound public policy.

Software sellers, including manufacturers and distributors, may try to avoid the consequences of shoddy products by disclaiming warranties, providing inadequate support, refusing to give refunds, or attempting to prevent customer criticism. This approach is common in transactions for software and for Internet services and could spread to transactions for “smart” goods, such as automobiles, that contain and rely on software to operate. Software defects usually cannot be “seen” until after the product is purchased and used. The risks to the customer increase with the widespread practice of rushing defective or “buggy” information products to market to cut development costs, gain early market share and hasten sellers' profits. A lack of head-to-head competition in many digital products allows sellers to supply poor quality products and oppressive terms without the discipline of the market. The practice of holding those terms back until after payment means that customers must buy before they know what they are getting. Additionally, mediocre products and terms survive in the marketplace beyond when they normally would because customers cannot make rational comparisons based on the terms offered by competing products.

There is little incentive to fix a bug or security hole when license agreements protect a seller from legal recourse or criticism and deter would-be competitors from buying the product to see how it works and to improve it. The burden falls on individuals, businesses and governments, which continually struggle to maintain their systems’ reliability and security, to prevent invasion of their private data, and to protect the nation's overall cyber-security—at the cost of billions each year.

Americans for Fair Electronic Commerce Transactions (AFFECT) has long favored a competitive and fair marketplace in digital products. AFFECT has developed the 12 Principles for Fair Commerce in Software and Other Digital Products to help sellers, purchasers, and policy-makers work together to develop better and more fair laws to govern purchases of off-the-shelf digital products.

I. CUSTOMERS ARE ENTITLED TO READILY FIND, REVIEW AND UNDERSTAND PROPOSED TERMS WHEN THEY SHOP.
In a healthy digital marketplace, it should be easy for any customer to see and compare a product’s proposed terms of agreement before making a decision to purchase. This is particularly important so customers can compare one product with another. Customers must be informed in plain and conspicuous language of all aspects of the proposed deal – that they might influence a purchase decision.

A. Customers must be bound only by terms that are readily available for review, such as on an Internet site, before they decide to buy.

B. In addition, customers must be able to see each significant term before the seller requires that they agree to the terms. Examples of significant terms include but are not limited to restrictions on use of the product, statement or disclaimer of a warranty, availability and costs of product support or limits on potential remedies.

C. Sellers must effectively communicate terms in plain language so that the average customer can understand them.

D. Customers must be able to print and store the terms of the agreement; sellers must make available a copy as long as the agreement is in effect.

E. Customers must be made aware of the principal and significant functions and limitations of the product before committing to the deal. Examples of product features that should be disclosed include those that collect and transmit customer usage data back to the seller, require product activation, or make the product cease to operate.

II. CUSTOMERS ARE ENTITLED TO ACTIVELY ACCEPT PROPOSED TERMS BEFORE THEY MAKE THE DEAL.
Real acceptance requires the customer to take an active step to indicate agreement to the terms that become part of the deal. Sellers should not purport to bind customers by terms simply because they visit a website or open a box containing a product. Even if the terms are available somewhere on a website, or inside the box, customers should be bound only by the terms to which they explicitly agree in a way likely to signal real, knowing agreement, and not simply by performing some action necessary to research, install, or use the product. Of course, any terms that are unfair, including but not limited to those discussed in Principles V-XII below, should not become part of the deal.

A. Customers must not be bound by the seller’s terms unless they actively accept them, in a way likely to signal their actual agreement to the terms Depending on the context, clicking “I agree” may or may not signal real agreement. For example, failure to uncheck a box indicating “I agree” does not indicate active agreement. The simple use of a product should not be enough to show active acceptance of the terms. This is not real agreement.
B. Customers who have been shown the terms of the agreement shortly before the transaction should be able to rely on the terms remaining the same when they agree to them. They should not have to review the terms presented at the moment of agreement to determine if they differ from the terms they initially reviewed.

C. Customers must be entitled to be bound only to the original terms of the deal unless they actively agree to changes when they are proposed. Customers must have the choice to either keep the old deal or agree to a new one.

D. Sellers must not include terms in the initial agreement that purport to permit the seller to change the deal later without the customer's active agreement to the new terms. A customer does not actively agree to terms that are merely inserted in a mailing or posted later on a website.

E. Sellers may not require customers to accept a change of the initial terms in return for an update needed for product repair or protection.

F. Customers must not be bound by terms in standard form agreements that are unfair, surprising or would be unacceptable to a reasonable customer. Terms that are contrary to public policy, such as those that unduly burden competition and innovation, should also not be permitted. Such terms should be excluded from standard form agreements as their mere presence will have a chilling effect on uses of the product. Negotiation should be necessary for inclusion of terms that would be unacceptable to most customers.

III. CUSTOMERS ARE ENTITLED TO INFORMATION ABOUT ALL KNOWN NONTRIVIAL DEFECTS IN A PRODUCT BEFORE COMMITTING TO THE DEAL.
Customers and potential customers need easy access to plain language information about known nontrivial defects in digital products. Examples of nontrivial defects include a flaw that prevents a spreadsheet from correctly calculating a certain type of formula or inclusion of spyware or a virus. A seller who knows of such defects must disclose them. Improving customers' awareness of the quality differences between competing products will help individuals choose the best products for their particular needs. Only informed customers can improve the market, by shopping for the best products and thus stimulating competition on the basis of differences in quality. When there is no competing product, information about a product’s flaws allows customers to evaluate the benefits of the flawed product and either avoid the purchase or decide to work around the product’s flaws.

A. Customers must have easy public access to plain language descriptions of known information about nontrivial product defects, fixes, and common incompatibilities The descriptions should include consequences of defects and incompatibilities and steps the customer can take to avoid and mitigate them.

B. Sellers who become aware of a defect or security breach that threatens customers' computer security must notify customers, potential customers, relevant authorities and others who would foreseeably be affected. Sellers must give notice both of the danger and of possible remedies.

C. Sellers are entitled to a reasonable amount of time to evaluate reports of software defects, including security breaches, before disclosing the details of the defect.

D. Sellers may not restrict anyone, including other sellers, from disclosing what they know about the performance of products that are mass-marketed. Users must be allowed to make reports of defects and security breaches.

E. Customers must be informed about the system platforms for which products are appropriate, and sellers should explicitly state platforms for which their products are not tested or appropriate.

IV. CUSTOMERS ARE ENTITLED TO A REFUND WHEN THE PRODUCT IS NOT OF REASONABLE QUALITY.
Customers are entitled to assume products will meet or surpass reasonable customer expectations and the seller's claims. If a product is not of reasonable quality or does not measure up to the product’s stated purpose, the customer should always be able to return the product for a refund. That refund should be easily obtained from the point of purchase or by a reasonably convenient and clearly explained refund procedure.

V. CUSTOMERS ARE ENTITLED TO HAVE THEIR DISPUTES SETTLED IN A LOCAL, CONVENIENT VENUE.
If a mass-market customer and a seller of a digital product have a dispute, the customer should not be forced to go to a distant court to resolve the dispute. In addition, a customer is entitled to the remedies and legal protections guaranteed by the laws of the state in which the customer resides. Notwithstanding a customer's purported "agreement" to its application, the Uniform Computer Information Transactions Act is not reasonable law to apply to mass-market transactions in software and digital content.

VI. CUSTOMERS ARE ENTITLED TO CONTROL THEIR OWN COMPUTER SYSTEMS.
The seller or a third party should not be able to control or disable a customer's system or a digital product installed on it. Terms permitting such acts are unfair unless a digital product is clearly labeled as a product that will only operate for a fixed duration. Sellers who implement electronic "self-help" or "repossession" by remotely disabling a digital product threaten disproportionate damage. Terms in standard form agreements authorizing this sort of self-help are unfair. Systems must not transmit information to third parties without the customer’s active agreement to that specific feature. A digital product should continue to interact with other products in the same way as when the product was accepted or delivered. Sellers must take reasonable steps to ensure a product is free of viruses, spyware, and other malicious code or security problems that will compromise computer systems.

A. Unless a product is clearly labeled as limited to a certain time or number of users or restricted to use on a certain system, sellers must not directly or indirectly disable the product or terminate a customer's rights in the product without a court order. Other legal remedies are readily available to sellers.

B. Potential customers must be notified about known security risks, including back doors, that are built into a digital product.

C. Customers are entitled to adequate remedies in cases where sellers have not taken reasonable steps to secure the product from third-party interference.

D. If a product contains a virus or other harmful code, language limiting otherwise valid claims under applicable law for resulting damage should be ineffective.

E. Customers are entitled to assume that systems will not transmit information to third parties without the customer's active agreement to a specific term permitting transmission.

F. Customers are entitled to expect that a digital product will continue to interact with other products in the same way as it did when the product was accepted or delivered.

G. Customers must be able to uninstall or otherwise remove the product.

VII. CUSTOMERS ARE ENTITLED TO CONTROL THEIR OWN DATA.
In the course of using a digital product, a user may enter personal or mission-critical business data, store private information and create documents for future use. Users must be able to control the dissemination of data, including but not limited to personal information. Sellers should clearly inform customers, before payment or installation, of the product's principal and significant functions, including whether the seller will copy or distribute user-created data. In addition, users are entitled to be able to access data they have created, even if they can no longer access the digital product used to create that data. If data is created with a product limited as to time or number of users or restricted to use on a certain system, users must be able to convert their own data to a format that other programs can read. Terms that limit customers' rights to control their own data are unfair.

A. Sellers must not directly or indirectly access customers’ computers without the customer's knowledge and active agreement to this practice.

B. Customers must expressly consent to the transmission of information identifying the computer's hardware, software, or user prior to such information being sent.

C. Customers must be provided an explanation of why and for what purposes any transfers of their own data are being made before approving the data transfer.

D. If customers agree that a seller may collect their private information, they also have the right to stop ongoing collection, to correct collected information or withdraw that information from the seller's database if they choose.

E. Customers must be able to convert the data they created into a format common to other related digital products.

F. Sellers are responsible for securing and protecting any data received from customers’ use of their software or systems.

G. Sellers can only redistribute the data or the identity of users if the users have given their active agreement to a specific term permitting redistribution.

VIII. CUSTOMERS ARE ENTITLED TO FAIR USE, INCLUDING LIBRARY OR CLASSROOM USE, OF PRODUCTS AS PERMITTED BY FEDERAL COPYRIGHT LAW.
Consumers, businesses, libraries and educational institutions rely on "off-the-shelf" digital products. For two hundred years federal copyright law has carefully developed balanced rules for the use of copyrighted information. Standard form terms in agreements for mass-market digital products should not attempt to prohibit activities otherwise permitted under federal copyright law. For example, journalists and scholars should be able to quote language in mass-market digital content products and libraries should be able to lend this type of material. To avoid chilling important fair uses, terms in standard form agreements claiming to restrict them should not be permitted. Making these terms legally unenforceable may not be a sufficient remedy because the mere presence of such terms in an agreement can chill fair use.

IX. CUSTOMERS ARE ENTITLED TO STUDY HOW A PRODUCT WORKS.
Intellectual property law protects software sellers from theft of their work and provides strong remedies, including criminal sanctions, injunctive relief and fines in some situations. However, intellectual property law also permits customers to study products so that they can adapt them to work with their own system or other systems, understand their security features, or repair them. This type of study is permitted under intellectual property law for traditional products available to the public, and the law should be no different for digital products marketed to the general public. Terms for mass-market products that erode these important rights of study, analysis, and adaptation are unfair and should not be permitted in standard form agreements.

A. Sellers marketing to the general public should not prohibit lawful study of a product, including taking apart the product.

B. Sellers marketing to the general public should not prohibit the development and marketing of products that are able to read or write a proprietary file format, unless such a prohibition is explicitly authorized by the Copyright Act.

X. CUSTOMERS ARE ENTITLED TO EXPRESS OPINIONS ABOUT PRODUCTS AND REPORT THEIR EXPERIENCES WITH THEM.
Healthy competition depends on dissemination of information about competing products in the marketplace. Customers must be able to compare product terms and the products themselves, both qualitatively and quantitatively. They must also be able to recommend and criticize products, legally reprint images and quote text to convey product limitations and help other purchasers make informed decisions.

A. Lawful users of a digital product are entitled to conduct and publish quantitative and qualitative comparisons and other research studies on product performance and features.

B. Lawful users of a digital product are entitled to lawful use of screen images, text and other brief excerpts in reporting on the product.

XI. CUSTOMERS ARE ENTITLED TO THE FREE USE OF PUBLIC DOMAIN INFORMATION.
Public domain information is free for anyone to use, either because the information inherently does not fall under copyright protection, because the copyright term has expired or because the copyright holder has allowed the information to fall into the public domain. Except for trade secrets that are kept confidential and not widely distributed, sellers should not be able to take facts, ideas and other unprotected content from the public domain, claim property rights in them, and then attempt to limit a customer's use of these facts or ideas through an agreement. Such terms are unfair and contrary to sound information policy and should not be permitted. Free transfer and use of information promotes competition and innovation.

XII. CUSTOMERS ARE ENTITLED TO TRANSFER A PRODUCT AS LONG AS THEY DO NOT RETAIN ACCESS TO IT.
Customers should have the right to transfer a mass-market digital product so long as they do not retain access to it and the new recipient observes the fair terms of the deal. Any terms to the contrary are unfair and should not be permitted. Restraints on alienation have long been suspect because they reduce the value of property. Transfer restrictions on copies of software hamper business sales and mergers and could reduce competition in the second-hand market. Such terms should only be enforceable if negotiated.