“This brings me to the first and most important defensive
measure every IT organization should take to prepare for a world
where UCITA exists even in a few states: Starting now, demand that
vendors warrant that their products are not self-help capable. Make
that demand a critical part of your software procurement process.
According to some readers, not only are many corporations doing
just that, but several government agencies are also considering
revisions to their procurement practices. This isn’t surprising,
particularly in the case of organizations for critical
infrastructures. The possibility that any software inside the
firewall could have unknown self-help mechanisms raises enormous
security issues. Corporations and agencies that don’t start asking
vendors very pointed questions will soon be guilty of a dereliction
of duty.”
“Several concerned corporations in Iowa have helped promote what
has been called bomb-shelter legislation to protect all Iowa
customers, consumers, and businesses from UCITA or UCITA-like laws
in other states.”
“The bomb-shelter law says that a transaction between an Iowa
party and a party that tries to invoke the law of a UCITA state
will instead be subject to the laws of Iowa — a fine example of
Midwestern common sense, if you ask me. An amendment to this effect
was passed by the Iowa House as part of its Electronic Transaction
Act (HF 2205) and now awaits consideration by the Senate. Software
industry lobbyists are swarming into the state like angry
mosquitoes. Perhaps some of the common sense that has been lacking
on either shore of the Potomac will be found in more abundance in
the Midwest.”