Hey,he's YOUR judge,I never called MS that.
Putting all your eggs in Big Brother's basket
By Simon Minahan
November 25 2002
Next
Recently, federal shadow spokeswoman for IT, Kate Lundy, was bemoaning the
"IT straitjacket" that state and federal governments are in. She was
referring to recently renewed commitments to Microsoft products for the
long term - and for mucho dinero. Her proposition was that it was done
without sufficient thought about other solutions.
Certainly when compared to the nascent global trend evident in Norway,
Britain, Peru and the EU to break out from proprietary software to open
source, the lack of substantial commitment - beyond a little research and a
lot of rhetoric - seems, well, unquestioning and questionable. In the case
of Microsoft XP products, it's a question with some serious legal
undertones. For starters, there is the question of security vulnerability.
As I have discussed recently, Microsoft is forever issuing patches for such
vulnerabilities and one has to wonder about the implications for the
security of government IT that relies on it. Then there's the whole
operational philosophy of the XP model. A United States commentator,
Michael Jennings, recently listed no fewer than 18 instances where XP
operates by automatically and remotely connecting to Microsoft servers and
exchanging data. Just what data is not clear in many cases. Neither is it
clear there are "only" 18 instances where it happened.
Coupled with the possibility that (as Jennings remarks) some security
vulnerabilities have been engineered to allow US agencies to access
computers running Microsoft, it starts to be a bit chilling. Admittedly
there is a touch of conspiracy theory hysteria about the idea.
Next, there's the whole content control push that already sees applications
internally "branding" content produced by them and dissemination possibly
being regulated by corporate clearance.
Finally, factor in the licensing and contractual model Microsoft introduced
with XP, where it is possible to install patches and introduce contractual
amend ments remotely, and the notion of sovereignty (and the wisdom of
putting the eggs in this particular basket) begins to look a little shaky.
The fact is that vast slabs of the public information foundation are going
to be run on systems over which Microsoft will have some opaque degree of
remote control and which have a long history of security problems. And it
may impede easy or complete citizen access to information and increase the
likelihood of unauthorised access. In turn, this could well bring
governments into conflict with legal requirements under Privacy Acts and
the common law. It also leaves them hostage to a legacy rather than
exploring the possibilities of spreading the business and the buying power.
Lets hope these topics have been thoroughly addressed in the
decision-making processes. I mean, the government would do that, right?
The Microsoft experience must also make one think about committing to
proprietary code systems more generally. If the biggest IT company on the
globe can introduce a wholesale change to its business and legal model in
one generation of manufacture, then it's possible anyone may. For instance,
a reader recently wrote asking about the possible pitfalls of putting a
public archive into Adobe's PDF files. My initial response was that Adobe
couldn't possibly change from distributing reader technology free. It would
be commercial suicide. I also wonder if there mightn't be some legal basis
for holding them to the model on the grounds of a long and continuing
representation that this is how the system works and will work.
But then I can't recall an express promise by them that it would always be
thus and haven't found one yet (on, admittedly, a brief research
excursion). So, who's to say, for sure? At least open systems will stay open.
The author is a Melbourne barrister who practises in intellectual property
and commercial law. The information in this column is of a general nature.
Readers should obtain legal advice for specific problems. The author may be
contacted at [EMAIL PROTECTED]
http://theage.com.au/articles/2002/11/25/1038173686615.html