Issue #41: Licensing

Fitness For Purpose

Licensing has become the major battleground of the software industry. I do not mean the petty in-fighting between the advocates for copyleft and non-copyleft free software licences, nor the Humpty-dumptyism of the debate over “free software” versus “open source software”. I do not even mean the blood-stained hills where stand the encampments of the open source and the proprietary software warriors. The battle I refer to is the decades-long combat between programmers on the one side, and their sponsors and clients on the other. The war the software industry wages against its own user.

Long ago, before even the Covid-19 pandemic if you can remember back that far, makers of software realised that it would best serve their interests not to sell software, but to take money for it anyway. There were lots of problems with selling things, mostly gathered under the umbrella of “consumer protection”. Particularly irksome is the first sale doctrine which says that after you have sold something to a customer, it is theirs to use as they wish. How rude! Do not these busybody lawmakers realise how difficult life is for checks notes high salary software engineers?

The software people came up with a wheeze so cunning, it took the media industry associations decades to understand and copy it. The book publishers have been slowest of all to cotton on. Yes we took your money and gave you software, but those two things are unrelated. It is not the same as selling you the software. Having software does not mean you are allowed to use it (as we did not sell it so first sale doctrine does not apply), but in recognition of your donation to our shareholders we will allow you a specific, limited, non-negotiable, non-transferable license to use the software in ways which we dictate. Now we have all the upside of taking your money, and none of the downside usually associated with making a sale.

Over time the complexity and selfishness of the end-user licence “agreement” has evolved. Who can forget shrinkwrap EULAs—the licence was written on a sheet of paper inside a sealed box, but by breaking the seal you agreed to the licence? Even though you could not possibly have read it yet! In the internet age, this gave way to the click-wrap licence, where merely launching the installer was sufficient proof that you agreed with the licence terms—not just the terms shown in the installer, but any new ideas the vendor’s lawyers might come up with in a fever dream and unilaterally apply.

And believe me, they invented some humdingers. At one point Borland Kylix‘s licence granted them the right to enter your property and audit your use of their software. Not just while you were using it either, but for up to a year afterwards. Does it sound like you should be able to challenge this in court? Not so fast—by agreeing to the licence you have also waived your right to a jury trial.

Borland later apologised and made it clear that these conditions should have applied only to corporate customers—which is of course entirely acceptable.

The most risible of these software licence clauses—the one that renders the whole industry a sham, and all attempts to pretend that software engineers are professional, disciplined, or even at all skilled, null and void—is the one true ubiquitous clause. The one idea that everybody in the industry, from the most acquisitive venture capitalist to the most charitable of free software contributors, can agree on.

This is the idea that nobody has the right to expect that any software will do what is claimed, will work properly, or even have the capabilities that were advertised. In more precise legalese:

The software is provided “as is”, without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose or noninfringement.

That is how the lawyers at MIT phrase it, continuing to say that there is no reasonable expectation of redress through criminal or civil law should the software not do what was claimed, or somehow cause harm in another way. In other words, programmers are so incompetent it is a wonder when software does what you think it ought, and no person or corporation has any reasonable business expecting software to do what they think it should. In other other words, even if you did not pay for this software, you have been suckered.

Microsoft are slightly more lenient than open source authors. They do include the exact same clause with almost the exact same wording (in the Windows 11 licence this is section 9, paragraph b), but they do accept that the software should behave “substantially as described in any Microsoft materials that accompany the software”—albeit only for a limited time (one year if you bought Windows, 90 days if you bought a PC with Windows). This may sound like Microsoft are maybe suggesting that their software engineers know what they are doing, but for two issues. Firstly there is no substantive description of Windows accompanying the software—you get a USB stick and a shiny hologram. Secondly the licence goes on to limit liability to the purchase cost—if you install Windows 11 and its bugs bankrupt your company, you will get your fifty dollars back and not a red cent more.

This professionalism vacuum is the axle about which revolves a vicious circle of low-quality software engineering. There is no point in improving software quality, security, or reliability, because there is no harm to the creator in making software that is not fit for purpose. And there is no way that anybody will stake their reputation, in an act of competitive advantage, on the idea that their software is fit for purpose because they know how poor software quality practices are.

It is not like nobody is trying to fix this. The entire software engineering machinery, from multi-organisation management initiatives like CMMI to technical practices like TDD, is about the management of risk and quality. It is just that these practices are introduced into a culture that optimises for taking neither quality nor risk seriously, and passes responsibility for both onto its customers.

While that “fitness for purpose” clause remains universal, nothing about software can truly change.

Cover photo by Luis Villasmil on Unsplash.

Graham is a senior Research Software Engineer at Oxford University. He got hooked on making quality software in front of a NeXT TurboStation Color, and still has a lot to learn.