Standard licenses for shrink-wrapped software seem to violate traditional contract law, but a recent case rules them valid.
By Jonathan Wallace
One of the persistent issues that computer industry lawyers have worried about for many years is the enforceability of licenses for shrink-wrapped software products. Until last June, many of us, probably a majority, believed that shrink-wrapped licenses were not worth the paper they were printed on.
For anyone who has either been on Mars or hasn't bought any commercial software, a shrink-wrapped license is a closely printed legal document that comes with a software package. In the early days of the industry, these licenses were often on the outside of the box, under the transparent plastic shrink-wrap, hence the name. As they became longer and more detailed (and as marketing people objected to their placement on the outside), licenses were moved inside the box.
Why did software companies want to use these licenses, especially since their enforceability was in question? The problem perceived by software publishers--or their legal counsel--was that a purchaser of computer software could legally do some things with it inimical to the publisher's interests. He or she might reverse-engineer it and learn how to create their own or resell it to a third party. (Both reverse engineering and resale are legal under copyright laws--in the case of a resale, the user must, of course, not retain a copy.) Probably the companies' greatest worry was that the user, dissatisfied with the software, might bring a lawsuit, claiming that the company had violated one of the vague implied warranties the law creates for consumer goods, such as the "warranty of fitness for a particular purpose."
Shrink-wrapped licenses were a catchall solution to all of these problems. The companies were not happy with the proposition that, absent the licenses, the law treated consumer software the same way it treated the purchase of any other personal property, such as a toaster. They also felt that the copyright laws didn't go far enough to protect them--against reverse engineering, for example. So the lawyers created licenses which stated that, by purchasing or using the software, the user had consented to a passel of additional terms and conditions.
This implicated some fundamental principles of contract law, usually taught on the first day of law school: To form a contract there must be offer, acceptance and a meeting of the minds on the terms. Because software publishers would kill their sales by insisting that every purchaser read and sign a license agreement before leaving the store, putting shrink-wrapped licenses in the box was an attempted work-around. The controversy lay in whether they were successful.
To clarify the issue, let's back up to the original situation, in which the license is fully visible under the plastic wrap. You, the user, enter the store, read the license, decide to buy the product anyway and fork over your money. Under classic contract doctrine, the information you had about the product--the price and the license terms--were an "offer" which you accepted by paying the purchase price. After all, you could have left the store without buying the product. In this case, a shrink-wrapped license would likely be enforceable, unless it contained terms which were unconscionable (shocking and against public policy).
At the other end of the spectrum is the case in which nothing is visible from outside. You buy the product, take it home and find a license inside the box. It says that by inserting the disk in your computer and running the software, you are consenting to the terms of the license. If you don't agree, you must take the software back to the store and return it. A variation on this theme is the electronic license: a message displayed on your screen, saying that if you continue to install the product, you've agreed to the terms. "Do you accept? y/n."
This is highly questionable under contract law. Here the offer included only what you knew about the product when you went for your wallet--and therefore none of the license terms, which you didn't find out about until afterward. As a practical matter, everyone knows most computer stores will not give refunds or exchanges of software once you have left the store; it's too easy to copy the product to your hard drive, reseal the package with an iron, and bring the apparently inviolate box back to the store. From a more legalistic standpoint, once you paid the price, the negotiation was over, the transaction was consummated and you owned the product. Conceptually, it's hard to see how the seller could legally impose any additional terms, once you've paid for the software and taken it home.
A federal case decided last June threw an apparently settled area of law back into confusion. In ProCD v. Zeidenberg, the defendant, Matthew Zeidenberg, bought ProCD's database of names and telephone numbers on CD-ROM. Instead of using it for his own purposes, though, he posted the entire database to a Web page and sold access to commercial subscribers. Under some recent developments in the copyright law, ProCD couldn't enforce a copyright--apparently, it hadn't put enough creative work into compiling or arranging what would otherwise be public domain information. ProCD had to rely on its shrink-wrapped license, or it didn't have a leg to stand on.
In part, the result may be explained by the "unsympathetic fact" situation. What Zeidenberg did seems morally reprehensible, if not illegal; the court may have been looking for a way to help ProCD, as courts sometimes do. At any rate, it held ProCD's shrink-wrapped license enforceable, even though most of it was inside the box. The court hung its hat on the fact that the ProCD package did say that purchase of the product was subject to additional license terms on the inside. Because Zeidenberg knew that there would be additional restrictions, the court argued, he implicitly agreed to them, whatever they were, when he purchased the software:
"Vendors can put the entire terms of a contract on the outside of a box only by using microscopic type, removing other information that buyers might find more useful (such as what the software does and on which computers it works), or both. . . . Notice on the outside, terms on the inside, and a right to return the software for a refund if the terms are unacceptable . . . may be a means of doing business valuable to buyers and sellers alike."
The court noted that it would stop short of enforcing such a license if it contained terms that were truly ridiculous: "Ours is not a case in which a consumer opens a package to find an insert saying 'you owe us an extra $10,000.'" The question becomes, where do you draw the line?
The court took at face value the statement that the software could be returned if the terms were not acceptable. Zeidenberg bought the product in a computer store; it would be interesting to know if there was any testimony about whether the store would have accepted the product back and given a refund. Part of the unsavory nature of shrink-wrapped licenses results from the fact that the user can only get out of the deal if a third party--the store--cooperates. Because the publisher doesn't control the store and the store is not obligated to help the publisher keep its promises by accepting a return, the user can end up between a rock and a hard place. If the court was satisfied that returning software for a refund was not possible, the result it reached should have been different. In this way, the Zeidenberg decision reintroduces confusion to an area considered somewhat settled.
The same week the Zeidenberg case was decided, computer industry journalist Brock Meeks broke the story that some Internet blocking software products block radical political and feminist sites, not merely pornographic ones. An anonymous source had purchased the products and reverse-engineered them to examine their databases of blocked universal resource locators (URLs). Under the Zeidenberg decision, the source--who performed a service by bringing this information to public attention--might also have fallen afoul of the shrink-wrapped licenses accompanying each product, which expressly forbid reverse engineering. The can of worms appears to be open.
Jonathan Wallace is vice president and general counsel of Pencom Systems in New York City. He can be reached at firstname.lastname@example.org.