By Tom Espiner, 11 May 2009 08:57
NEWS
Software companies could be held responsible for the security and efficiency of their products, if a new European Commission consumer protection proposal becomes law.
Commissioners Viviane Reding and Meglena Kuneva have proposed that EU consumer protections for physical products be extended to software. The suggested change in the law is part of an EU action agenda put forward by the commissioners after identifying gaps in EU consumer protection rules.
A priority area for possible EU action is "extending the principles of consumer protection rules to cover licensing agreements of products like software downloaded for virus protection, games or other licensed content", according to the commissioners' agenda. "Licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions."
EU consumer commissioner Kuneva said that more accountability for software makers, and for companies providing digital services, would lead to greater consumer choice.
"If we want consumers to shop around and exploit the potential of digital communications, then we need to give them confidence that their rights are guaranteed," said Kuneva. "That means putting in place and enforcing clear consumer rights that meet the high standards already existing in the main street. [The] internet has everything to offer consumers, but we need to build trust so that people can shop around with peace of mind."
The Business Software Alliance (BSA), which represents the interests of software makers including Apple, IBM and Microsoft, criticised the proposals.
"Digital content is not a tangible good and should not be subject to the same liability rules as toasters," BSA director of public policy Francisco Mingorance told silicon.com sister site ZDNet UK on Thursday. "Unlike tangible goods, creators of digital content cannot predict with a high degree of certainty both the product's anticipated uses and its potential performance."
Mingorance said the performance of a piece of software depends on the environment it operates in, how the code is updated, whether it is possible to adapt and modify the software, and whether the code is attacked.
According to Mingorance, the proposed regulatory extension would cover all software, including beta products, and would cover both proprietary and open-source software.
Right now, under the current EU Sales and Guarantees Directive, physical products are expected to carry a guarantee of two years. Extending those terms to software would have the effect of limiting customer choice, as contract terms would have to be extended to a minimum of two years, Mingorance added.
"Extending the scope would force the businesses to maintain update services for such contracts beyond the contractual term and ultimately limit the choice of offers," the BSA director said. "It is like renting your house for a summer month and being then obliged to extend the rent for another 23 months."
In addition, Mingorance said that extending consumer regulation to software could lead to less interoperability between software products, as manufacturers might decide to limit how far third-party developers could access their code.
Software companies have long argued against accepting responsibility for the security and efficiency of their code. Linux kernel developer Alan Cox in 2007 told a House of Lords Committee that neither proprietary nor open-source developers should be held accountable for their code.
Comments
There are 2 comments. Join the discussion
1. James Button
So - Beta releases will have to be perfect!
I have, for a long time, been advocating that sellers of mainstream products should be required to give financial recompense for security gaps in software they sell.
That recompense being greater the longer a fault remains known to the IT community, and not fixed by the seller.
However - Open source is just that - Open for anyone to alter, but not to charge for..
You use open source stuff and you should accept that there may be holes in it.. You get no warrantee with stuff that's free.
Then - including Beta releases.
The whole point of Beta releases, and even Release Candidates is that the supplier is providing - FREE - copies of their efforts and asking the 'community' to see if they can find errors and glitches in it!
If the creator didn't accept that there may be problems it wouldn't be a Beta, or Release Candidate!
Perhaps we could hold the EU commissioners and Parliament members personally responsible for the adverse effects of their rulings and regulations.
2. Simon
Whilst I don't think it's practical to go as far as it seems is being considered, I agree very strongly with the "the right to get a product that works with fair commercial conditions" bit of the argument.
In the physical world, no-one would consider buying a toaster that can be remotely disabled if you use non-approved bread in it. No-one would buy a car that could be remotely commanded to drive itself back to the factory if you used non-approved parts on it. Yes, these two examples sound ludicrous, but they are more or less what is common place in the "bits and bytes" world - products that can be remotely disabled by the manufacturer (Windows), products that restrict what you can buy and where (iPhone App-store), ...