-----BEGIN PGP SIGNED MESSAGE-----
OK, thomas.loc.gov put up the text of the revised conference report
this morning, just in time for the US House "debate" and vote. It
was hard to find, being accessed under "bill status" rather than
"bill text".
<http://thomas.loc.gov/cgi-bin/cpquery/R?cp106:FLD010:@1(hr661):>
By the tone of the self-congratulatory "debate", I think this is
going to fly right through, even though the conference was
reportedly very contentious.
* The privacy language is gone -- absolutely deleted.
* There is a lot of new "consumer" protection language. However,
as far as I can tell, the only remedy is to "vote with your feet";
if you don't like the terms, stop using it.
* If you want an immutable paper version, they can charge you for it.
Even then, they can change hardware and software terms at any time.
* There are a lot of automatic exemptions, including UETA, the
UCITA companion that has no protections what-so-ever.
* The language from UETA is back (it had been replaced by something
more sensible in an earlier House version):
** This is not about secure digital signatures. These are
"electronic signatures", such as a "sound" on a recorder on a phone.
** There is new contradictory language in 101(c)(6) and 106(5);
thus the "sound" cannot be a voice saying "yes" (which I would have
thought more identifiable than a touch tone button).
** These "signatures" do not involve "signing" anything. You are
not even required to have a copy of whatever you thought you were
agreeing about. You merely have to "demonstrate" that you have the
"hardware and software" to "access information":
(i) prior to consenting, is provided with a statement of the
hardware and software requirements for access to and retention
of the electronic records; and
(ii) consents electronically, or confirms his or her consent
electronically, in a manner that reasonably demonstrates that the
consumer can access information in the electronic form that will
be used to provide the information that is the subject of the consent;
** However, they apparently think that this is too onerous, and
provide:
(2) ... The legal effectiveness, validity, or enforceability of any
contract executed by a consumer shall not be denied solely because of
the failure to obtain electronic consent or confirmation of consent by
that consumer in accordance with paragraph (1)(C)(ii).
** And they want to eliminate even that bare bones "burden":
105(b) ... Within 12 months after the date of
the enactment of this Act, the Secretary of Commerce and the Federal
Trade Commission shall submit a report to the Congress evaluating any
benefits provided to consumers by the procedure required by section
101(c)(1)(C)(ii); any burdens imposed on electronic commerce by that
provision; whether the benefits outweigh the burdens; whether the
absence of the procedure required by section 101(c)(1)(C)(ii) would
increase the incidence of fraud directed against consumers; ...
** It can be a "process", such as a click on an Install button,
making shrinkwrap licenses enforcable!
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1
iQCVAwUBOUfER9m/qMj6R+sxAQFoDQQA04IYEE8aD4G+vmbnrYEm6RZk2Cfsbbsq
HQhpL3iLDpst9BG/uz8Nq9O+jyQEcoihx4sjvMgVI6rhX4VEnEOc7I7ZAFo1s4qX
1aNljDJTwV54GbRkZ35KJQOpHCtxrUtMosp0lhYfi6INDPU/Jxbh8DWmx1E75LPT
v6NXH2q3xB0=
=++FD
-----END PGP SIGNATURE-----