[oclug] Ottawa Hospital getting their software Audited

Brad Barnett bbarnett at L8R.net
Fri Mar 15 09:24:32 EST 2002 

On Fri, 15 Mar 2002 09:56:55 -0500 (EST)
rod <rod at giffinscientific.com> wrote:

>  Brad Barnett <bbarnett at L8R.net> wrote:  
> >On Thu, 14 Mar 2002 22:50:55 -0500
> Chris Herrnberger <chris123 at magma.ca> wrote:
> 
> >> While your point is valid it is not necessarily correct. When you
> >> accept the EULA from MS that imposes certain responsibilities on you
> >> vs care and custody of the product and your rights as defined for
> >> usage. The licensor (MS) has established many procedures mostly
> >> software based that easily allow for monitoring of this EULA without
> >> ever entering your facility. Physical presence on your premise in
> >> usually never required. A simple letter from their corporate lawyer
> >> to yours is usually enough to produce the request documents. And
> >> guess what, most  licensees don't have the required docs.....never
> >> mind a software controll policy nor supporting procedures.
> [snip]
> > 1) EULAs aren't legit.  I don't care what anyone says, their very
> > nature is flawed.  Transfer of ownership is the only time a contract
> > can occur, and nothing else about software (in law) states otherwise
> 
> Brad is right here.
> Under US laws, EULA's are legitimate FYI, that has been tested in US
> courts.  However, we're not in the USA.  The thing that protects
> software manufacturers from piracy in Canada is the Copyright act.  You
> don't need to even read the EULA in order to be bound by the Copyright
> act, you only need to be in Canada.
> 
> > 2) Even if you signed a EULA on transfer, there are privacy laws to
> > take into account when it comes to monitoring
> 
> This is not strictly true.  It is legal (read: not criminal) if one of
> the parties knows and has consented to the monitoring ,or is actually
> the one doing the monitoring  There may be civil liability issues,
> depending on the nature of the communications, and how the information
> was used.
> 
> > 3) Even if your privacy rights aren't breeched, the company doing the
> > audit isn't the same company that you have an EULA with.  No EULA in
> > the universe is going to open-ended assign rights to any company that
> > wants to do audits.  Not going to happen.
> 
> The Canadian Copyright Act gives sweeping powers to named industry
> associations to sue offenders on behalf of the copyright holder.
> 

While this may or may not be the case (I don't have time today to look and
analyze the parts of the act you are talking about ;), the ability to sue
doesn't mean that they can just waltz in and do an audit.  They have no
rights granted to them that exceed even the powers the police themselves
have.

That was my point, but I do find even the concept you mentioned above
disturbing.  If you are familiar with the exact part of the act you are
referring to, I wouldn't complain if you pasted a link.

More information about the OCLUG mailing list