A company recently asked me to evaluate their new tool. The EULA stated that by installing the software I was became a reference client for the vendor.
Great. Just what I need, email from prospective purchasers of the product. How this provision is supposed to help a paying customer eludes me. I clicked cancel and complained.
It's astonishing how little software vendors promise and how much they hide behind the EULA's legal umbrella. Consider this portion from the World of Warcraft's license:
9. Limited Warranty. Licensor expressly disclaims any warranty for the Game, including the Game Client and Manual(s). THE GAME, GAME CLIENT AND MANUAL(S) ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF CONDITION, DEFECTS, USE, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR USE, OR NONINFRINGEMENT. The entire risk arising out of use or performance of the Game, Game Client and Manual(s) remains with the user.
In other words, there's no recourse if the company ships a product that initiates the China Syndrome.
It then goes on to say:
Notwithstanding the foregoing, Licensor warrants up to and including 90 days from the date of your purchase of the Game that the media containing the Game Client shall be free from defects in material and workmanship.
Swell. The nickel's worth of plastic (that the company buys from someone else) will be fine. They don't even accept responsibility for properly burning the program onto the CD.
BJ's Wholesale Club filed a suit against IBM last year alleging that defects in IBM's software allowed an organized-crime ring to steal thousands of credit-card numbers. BJ's themselves are being sued by a number of financial institutions about the fraudulent credit card usages. Interestingly, IBM says their contract with BJ's indemnifies them from any security breaches. It sounds strikingly like another case of the litigation-shirking EULA.
According to Benedelman.orgthe license for the Claria package installed with Kazaa is 56 pages long, longer than the US Constitution. Who has the time or interest to read that? I did. Like the others it warrants nothing.
The proliferation of software into everything makes me worry that EULAs won't be far behind. When you buy a car the automaker warrants its performance. Will this change? Will the vast amount of firmware in modern cars mean that one of the papers we'll sign at the dealership is a EULA?
Customers have rights, too. We trade our hard-earned cash for a product that should work. When it doesn't we're out much more than the money. It takes time to install, learn, master and eventually uninstall the program. It may have wreaked havoc on our computer, costing more time to clean up the mess.
Many products are very mature. New versions of office suites, for instance, offer little extra functionality. Could the next competitive ground be EULAs? I'm astounded to see Windows XP's license includes the sentence: Microsoft warrants that the Software will perform substantially in accordance with the accompanying materials for a period of ninety (90) days from the date of receipt.
An F-22 experienced a crash last year which has been attributed, at least in part, to a software error. Another bug so overstressed an earlier F-22's airframe that it's thought that particular plane will never fly again.
I wonder if the pilots have to click “accept” on the Raptor's EULA before firing up the engine.
What's your take on EULAs that promise nothing?
Jack G. Ganssle is a lecturer and consultant on embedded development issues. He conducts seminars on embedded systems and helps companies with their embedded challenges. Contact him at . His website is .
I am an avid reader of your columns but I am disappointed in the one-dimensional view you presented on EULA's. The issue is economics. In today's litigous society, a software company could literally bet its future on the correct usage of its product. If it were demanded that software be fully warranteed, then the price would have to be astonomical in order to cover the risk.
Our company provides “commercial grade” software with industry standard terms. It is competitively priced.
We also provide safety-critical avionics products that are certified to the industry's highest standards. After having done dozens of these certifications we know that the average cost is about $1000 per line of code. Even then, this code is combined with customer code that we have no control over. So if a plane falls out of the sky onto a schoolyard, we must protect the company from the legal and economic devastation that would ensue.
This illustrates only two of the dimensions of the problem. First, the actual cost (and time to market) of producing highly certified code. Second, the problems in our legal system that cause companies to use all possible preventive measures.
One of your recurring themes is the need for increased quality of work in our field. I couldn't agree with you more. But please do not use EULAs to paint vendors with a broad brush. It's a low blow. There are many factors at play here.
Southwest District Manager
Green Hills Software
As to your EULA article, I agree wholeheartedly. Furthermore, most EULAs, such as WoW, are presented in in-game windows that don't let you easily copy and paste it into a text reader. In addition, many force you to scroll to the bottom before accepting.
However, in many applications such as WoW, they present it after EACH PATCH. Even though the date at the top doesn't change, there is a message stating that it HAS changed. And if it does change. Companies do not highlight the changes, but rather simply make you read, parse, and agree to the new terms.
I think all software reviews should include reading, understanding, and any counsel required to agree to the EULA in the “time it takes to install” estimate for the application. For example, the latest WoW patch would be 10s to download on broadband, 30s to install, 4:55m to read the EULA, and 5m to read the service terms agreement.
– Sam Kass
I vaguely recall a EULA from a DOS software product in the 1980s. It was titled something like “The plain english EULA”.
One excerpt read (I am paraphrasing):
“We think this software is completely useless. If you happen to find it useful great, but do not attribute this to any forethought on our behalf.”
While it basically claimed the same lack of warranty as most EULAs at least it was up front about it and provided a good laugh…
– Rennie Allen
Control Systems International
Having been through the debug hell of 'is it the hardware or the software?' so many times on projects that I worked on and understood from both angles, I can hardly imagine an attempt to fix blame for a problem in a court of law. I'm thinking that this avoidance of responsibility by the software producers will continue to fly under the radar for the foreseeable future. Then there will be an incident, a very big one. It will take an incident that is an unmitigated disaster for the consumer. Along with a company that completely avoids responsibility for this incident, by use of the EULA. Then the public might realize what has been going on and get angry enough to want something done about it. Then we will get legislation that will almost, but not quite fix the problem, but will get some people reelected. Then the cycle will start again. I'm thinking that many people will die and a lot of money will be lost before that happens.
– Mark Holdgrafer
Software Development Engineer
Think those are bad? You haven't read the license on any new music CDs lately have you?
I recently purchased a “CD” at a local big box retailer that wouldn't play in my car. Turning the case over and reading the fine print revealed that this was an “enhanced CD” with certain security guards in place and not guaranteed to work in a CD player, but that by opening it I had agreed to the license which meant I couldn't return it since it wasn't warranteed to work as intended. Apparently my CD player infringes on their copyrights.
Talk about infuriating…
Thankfully, after much arguing with the manager and a threat to take them to small-claims court, I was issued a refund.
– Rob Fritts
If you don't like the EULAs, don't buy the software. But, don't stop there. There has to be consumer feedback. You HAVE to complain to the software venders and let them know that we did not buy their software and their lack of confidence in their own software is why. They have the gall to charge users an exorbitant fee for software that could very well be junk … and they even admit that point!
– Lane Mitcham
Sr. Software Engineer
Regarding your comment on signing an EULA at the car dealer–I think we're already WAY past that. By FORCING customers to sign arbitration agreement, car dealers have already guaranteed themselves immunity from selling bad products. Regardless of claims of arbitration fairness, common sense will tell you that the arbiters are/will be biased to a favorable outcome for the party that generates the most business for the arbitrator–namely, the dealers and businesses whose customers generate the most arbitration cases. Perhaps arbitration clauses are better than the nothing-at-all you get from EULAs–but generally, not many folks spend tens of thousands of personal cash on software…..
– paul calvert
Scott Adams tried to warn us close to a decade ago. Dilbert signed an agreement that made him Bill Gates' towel boy.
– David M. Tomer
Senior Software Engineer
Bosch Security Systems
Perhaps this ties in with regulating the software industry. Perhaps the government needs to step in and have ONE EULA for all the country. Then companies can't hide behind their 56 page EULAs. There would be a standard. A person would expect a certain quality of protection. So if a company wants to sell software in the region, they must accept a certain level of responsibility, EULAs are a joke. Nobody reads them (well almost nobody reads them). They are of very little value to the consumer.
– Tim Flynn
Director of R&D
RMS Welding Systems
I have always been amazed that software companies could get away with disclaiming any responsibility whatsoever.
A restaurant could never get away with disclaiming “fitness for a particular purpose.” That would be like saying they won't promise the food is fit to eat. Yet software companies are disclaiming that their software is fit to run. Sheesh.
– Jeff Geisler
MedQuest Products, Inc.
Quite a bit of the claims in your typical EULA are pretty weak. There is no language that indemnifies the vendor from fraud or negligence. This cannot be done, because doing so would be pretty much against the law.
The typical thing that happens is…
1. All appears to go well with products and technology because the vendor really wants to do the right thing, (REALLY…they do!)
2. A boo-boo occurs, and 'gasp' someone loses life and or limb…or 'even more…GASP' tons of negative publicity take root!
3. In response, our ever vigilant lawmakers start passing laws in droves, and public outcry starts a real knee-jerk reaction that makes products even more difficult to design and implement.
Claimant cries fraud! Vendor counters with incompetence!
It is ok to be incompetent in our legal system. Hey…we all err from time to time. It is not ok to be fraudulent or negligent.
Hey, is there such a thing as fraudulent incompetence???
– Ken Wada
Sr. Embedded Systems Consultant
Aurium Technologies Inc
The problem is simple–at the micro level (all puns intended), you are installing a tool or something you need or want. You either accept it, or do without. If it is a compiler or other tool to do a client project, you are stuck.
In the macro level, a EULA really makes me angry. I cannot negotiate with the company, and what they say is: we are not even selling you crap, we are selling you the privilege of using our crap, and we can change the rules at any point, without recourse, and take our crap away from you at any time, for any reason, and you get nothing. Oh, by the way, if it destroys your computer, data, or anything else, too bad, so sad.
I stand behind my work. I want them to stand behind theirs.
You perfectly highlighted some of the reasons that make me use as much free software (as in free speech) as possible. (See www.fsf.org.) There are no more warranties than in any other commercial/closed-source product but at least, you can fix things yourself in case you notice some things go wrong. You can perform code audits for security flaws. You are guaranteed that you can get support even if the provider bankrupts. Etc, etc, etc.
By the way, it indeed seems to me that only software has that kind of (illegal) contract/licenses. When you crash in you car because of it malfunctioning, the manufacturer is indeed responsible, isn't he?
– Rob Fritts
Don't give the EULAs so much publicity Jack! Next thing you know they'll come wrapped in with the prescription drugs that we Americans are willing to pay prices no one else in the world will. And they're frequently administered in the setting of a hospital whose IT environment is about as current as Fred Flintstone's.
By the way the LATEST F-22 was lost to a power failure; it only took about a second for the APU to kick in but by then all 3 rate gyros on the triple-redundant computers had lost their context, rendering the plane uncontrollable. So the blame will probably go to bad software again (yawn!)…
– Jeff Lawton
I would never support the conditions of a EULA if I were on a jury.
– Gus Salavatore Calabrese
The EULAs in commercial software are pretty ridiculous and I doubt that one would hold up in court if someone were badly hurt by a software flaw. I also have had problems with major stores not accepting returns of PC video games even when the game doesn't work. Now I won't buy PC video games unless I verify that the store will guarantee that the game works.
I personaly only glance over the EULAs to see if anything really crazy is present. But since every software vendor states that their product is not required to function, my only choices are:
1. Cross my fingers and hope the product works.
2. Not buy any commercial software.
3. Only use open source GNU-type software.
I do prefer option 3 whenever it works.
– Widar Hellwig
I could not agree with you more regarding EULA's. We the consumer (whether we are a kid buying a video game or an OEM incorporating software into his latest product) have a right to expect that the software functions properly. After all, we are being charged for software, not for a “nickel's worth of plastic.”
I have little sympathy for those who say that the price of warranty is too high. I also work in the aerospace field, and we do warranty our products (not for forever, though). And every time we bring out a new product we ARE betting our future on having produced (as a minimum) a safe design.
It is time that we demand the same quality from software that we do from hardware. And if that means it raises cost, then so be it. Perhaps it will raise the demand for qualified personnal, instead of the company going to the cheapest supplier.
– Mark Walter