Software liability

Software and product liability

Giuseppe Contissa | European University Institute

Strict liability vs negligence
• should software manufacturers be held strictly liable for
software defects?
• If computer software is deemed to be a service, then a
manufacturer is generally not liable in tort, absent some negligent
behaviour or intentional misconduct.

• If computer software is deemed to be a product, then a
manufacturer may be liable under strict liability or
negligence.
• "aeronautical chart" cases

• To date, there are no reported decisions in the United States
holding a software vendor liable under a strict liability
theory (Scott 2008).

Strict liability (1)
• Software manufacturers should be held strictly liable
because:

• strict liability would encourage risk spreading
• strict liability would encourage the manufacturer to purchase products liability
insurance, thus passing the cost of the insurance onto the users of the
product. (issues: insurance is not easy to obtain, higher prices)

• liability under a negligence theory may be unavailable
• the injured party, in a negligence action, faces the burden of showing that there was a
lack of due care in the design or manufacture of the computer software.
• in the more complex and advanced computer software, it may be extremely difficult for a
consumer or user of the computer software to identify the lack of due care by the
manufacturer which was responsible for the defect.

Strict liability (2)
• Software manufacturers should be held strictly liable because:

• strict liability forces manufacturers to take precautions before
marketing their product
• Manufacturer are in the best position to know all potential defects and potential harms that
their products might cause. Forcing manufacturers to pay for personal injuries created by
software defects will encourage them to be more careful.

• injured party will be adequately compensated
• the application of strict liability to computer software defects would ensure that injured
plaintiffs receive adequate compensation for their injuries, especially in fields such ATM,
where defective computer software may result in serious personal injury or death.

• manufacturer makes a representation of product safety
• implicit in a product's presence on the market is a representation that the product will safely
do the jobs for which it was built. By placing the computer software on the market, the
computer software manufacturer should be forced to assume liability for any injury caused
by the computer software which was unreasonably dangerous

negligence
• Software manufacturers should NOT be held strictly liable
because:

• strict liability will cause an undue burden upon computer software
manufacturers
• it is essential to balance the need for the adoption of softwares and automation with
the risk involved in their malfunctions. In balancing the need versus the harm, it is
crucial to look at the costs and risk of damage had the computer program not been
used, and if there are other efficient and safe methods of carrying out the same
function.

• strict products liability would hamper innovation
• Implementation of strict products liability would discourage the research and
development of potentially life saving / safety enhancing / efficient software. If
computer software manufacturers were to face strict liability for defects in computer
software which they did not know about and could not prevent, many manufacturers
would discontinue "cutting edge" ventures

Contributory negligence
• Contributory negligence or victim fault should be
recognized in all cases of liability, both fault and strict:

• An efficient liability rule would require that the operator bear the
cost of avoidable harm, (avoidable by due care), excluding those
harms that victims can prevent more cheaply (Calabresi
-cheapest cost avoider)

• If contributory negligence is not a defense, then any liability rule
is potentially inefficient (Bergkamp)

Manufacturing defects vs. design defects
• is a software bug a manufacturing defect or a design defect?

• A manufacturing defect is one that differs from the intended result of
the manufacturer or from other identical items of the same
production line (production flaw)

• A design defect, instead, exists where the product is designed in
such a way that it carries an inherent risk of harm in normal use.

• Strict products liability is equally applicable to both
manufacturing defects and design defects, although it is often
easier to apply strict products liability to a manufacturing
defect.
• Design defect has higher burden of proof (reasonable alternative
design, level of expected safety)
• State of the art defence
• "risk/utility” test (B < PL)

software liability in relation to patches and updates
• Is there a responsibility for failure to check adequately for bugs?
• manufacturers’s responsibilities would include carefully formulating the design of the
software to prevent vulnerabilities that can be exploited by hackers and other third
parties, properly implementing the design in code, thoroughly testing the code to expose
any vulnerabilities, and revising the code to remove the vulnerabilities before releasing
the software to the public.

• Is the developer responsible for providing a patch/update? Is there a user's
contributory negligence?
• Usually, many of these errors are discovered only after the software has been distributed.
Three software liability policies has been investigated (in relation to security):
2. Loss Liability Policies, where the software vendor/manufacturer is liable to partially or
fully compensate users’ losses incurred in case of attack/damage
3. Patch Liability Policies, where the software vendor/manufacturer is held liable to
compensate patching costs incurred by users if a vulnerability/error is discovered before
the damage is produced
4. Security Standards Policies, where regulation enforces a certain standard of security to
be achieved by the vendor/manufacturer during software development to mitigate
security vulnerabilities.

liability and autonomous software
• In certain circumstances, when a damage is caused by the use
of defective autonomous software/automated systems, human
operators (e.g. pilots) should be shielded from liability because
they are relying on automated systems to fulfill their tasks (e.g.
GPS/autopilots to guide them to the correct destination).

• However, if no design/manufacturing defects are detected,
the user would be responsible under (a sort of) vicarious
liability, rather than liability of the custodian.
• Therefore, in analogy with vicarious liability, when software's
performances are below a certain standard, the user would be liable
even if he was not negligent.
• In this scenario, what would be the appropriate standard to be taken
into account? Maybe, the level of care that would be expected from a
human being executing the same task delegated to the autonomous
system.

liability for open source software
• The peculiar characteristic of open source software is that it is
distributed under the form of source code, while the distribution
of the executable code is only optional.

• In such a case, should liability be framed as liability for
misleading/inaccurate/wrong information?

• In the US, providers of items containing certain forms of
“information” have been exempted from strict product liability,
even in cases where the item in question has been mass
produced (Book Cases).

Law and economics analysis
• Law and economics models help us to
analyse the effect of liability on incentives
• whether to engage in activities
• how much care to exercise to reduce risk when
doing so

• Cost internalization theory:
5.It creates incentives to prevent damages taking care
(preventive measures to reduce risk)
6.It would further risk (or loss) spreading
7.It would cause the price of activities to increase,
resulting in lower activity levels

Liability for accidents (Shavell): optimal care

• Let x be expenditures on care (or the value of effort devoted to
it) and p(x) be the probability of an accident that causes harm h
(p decreases when x increases).

• Assume that the social objective is to minimize total expected
costs, x + p(x)h, and let x∗ denote the optimal x.

• under both forms of liability, strict liability and the
negligence rule, injurers are induced to take optimal care
(x∗ ).
• a regime of strict liability with contributory negligence induces
the socially optimal level of care by both parties.

Liability for accidents (Shavell): level of activity
• Let z be the level of activity
• Let b(z) be the injurer’s benefit from the activity, (b increases when z
increases)
• z(x + p(x)h) is the total cost of care and expected harm given z

• Under strict liability, an injurer will choose both the optimal level of
care x∗ and the optimal level of activity z∗, as his objective is the same
as the social objective, to maximize b(z) − z(x + p(x)h)
• Under the negligence rule, an injurer will choose optimal care x∗, but
his level of activity z will be socially excessive.
• The explanation for the excessive level of activity is that the
injurer’s cost of raising his level of activity is only his cost of care
x∗ , which is less than the social cost, as that also includes p(x∗ )h.

• Open issue: burden of proof

Software liability
• intrinsic software (user does not interact directly with the
software, e.g software embedded in planes or automobiles)
• extrinsic software (pc application)
• intrinsic and extrinsic software may be key to a socially efficient
liability regime, because the economic theory of product liability
law prescribes the assignment of liability to the party who
controls the risk

• strict liability rule may not be socially optimal for extrinsic
software, because it would not induce the consumer to exercise
due care in the installation, operation, and use of the software

Software liability in ATM: Überlingen (1)
• First Instance Court N. 34 of Barcelona, Spain (2010)
• plaintiffs representing thirty-one (31) of the Russian passengers (Bashkirian
Airlines Flight 2937)
• Defendants: The manufacturers of the TCAS, Honeywell International, Inc.
(“Honeywell”) and Aviation Communication & Surveillance Systems
(“ACSS”)

• the Spanish Court found that two alleged defects of the TCAS had not been
proven: (1) the alleged fault in the RA Reversal system; and (2) the alleged
existence of a new version of TCAS software available to correct the
claimed problems of the earlier version that defendants had failed to
implement.

• However, the Court did find that plaintiff had proven a third alleged
defect, i.e., that the TCAS II Pilot’s Guide failed to clearly set forth the
priority of TCAS advisories over conflicting air traffic control orders.

Software liability in ATM: Überlingen (2)
• Product Liability
• "[T]he lack of adequate instructions and warnings in the defendants’ TCAS
Pilot’s Guide […] contributed towards the Tupolev pilot’s error that caused
the accident and, accordingly, we can conclude that this information defect
contributed substantially to the damage, being part of one of its causes. For
this reason, the defendants shall be liable for the damages caused."

• The Court rejected plaintiffs’ claims for survival damages. The Court also
rejected plaintiffs’ claims for punitive damages.
• The Court found that Honeywell was not liable for non-monetary damages
• ACSS was liable for non-monetary damages ($5,991,501)
• plaintiffs were awarded a total of $10,459,810.50 in damages for the deaths
of 30 persons, including $6,723,639.45 as to ACSS and $3,736,171.05 as
to Honeywell13 – an average of $348,660.35 per decedent. The decision is
currently subject to appeal.

Software liability in ATM: Überlingen
• “Forum shopping”
• 22nd Convention on the Law Applicable to Products Liability, signed in The
Hague on October 2, 1973
• currently in force in 11 European countries (Spain, France, the Netherlands,
Croatia, Finland, Luxembourg, Montenegro, Norway, Serbia, Slovenia, and
FYROM) (6 of them are also party of Rome II)
• Article 6 applies the law of the manufacturer's principal place of business unless
the claimant bases his claim on the law of the place of injury.
• Article 11 establishes that there is no requirement for the Convention to have
been adopted by the country to whose law Articles 6 points.

• On these grounds judges applied apply Arizona law for ACSS and New
Jersey law for Honeywell.

Software liability

More Related Content

What's hot (20)

Similar to Software liability (20)

More from ALIAS Network (20)

Recently uploaded (20)

Software liability

Editor's Notes