Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

more on good question DMCA used to shut down campus IDsecurity talk

From: Dave Farber <dave () farber net>
Date: Tue, 15 Apr 2003 19:23:01 -0400

------ Forwarded Message
From: Margaret Jane Radin <mradin () stanford edu>
Date: Tue, 15 Apr 2003 09:45:15 -0700
To: dave () farber net
Subject: Re: [IP] more on good question DMCA used to shut down campus
IDsecurity talk

The question whether under the law software developers are or are not
liable for any kind of product failure is more complicated than Dave
Wilson makes out.  There is no specific statute that makes them
liable, and according to Mr. Schmidt there is unlikely to be one, at
least at the federal level; but there is no specific statute that
immunizes them either.  It is important to realize that tort law--of
which liability for defective products is a major branch--is
primarily judge-made law.  I don't know of any case that has imposed
tort liability for defective software, but I am expecting that the
issue will come up, and I don't think it is a foregone conclusion
that immunity will be found.  The question is quite complex, partly
because it is intertwined with complicated contract questions. For
example, there is a question of whether or not software is a "good,"
transactions in which should be interpreted under each state's
version of the Uniform Commercial Code, which has implied warranties
of merchantability and fitness, but which warranties can be
disclaimed in certain ways.  Whether or not software is treated as a
"good" for purposes of the UCC, there is an ultimate question of
whether mass market licenses, especially in situations of market
failure (e.g., perhaps, the Windows EULA), can validly disclaim all
liability for any damage resulting from defects in the product.  This
is not a question that has been decisively resolved in the software
developers' favor.

In short, I do think that writers of cease-and-desist letters may be
well advised to take account of some downside risk from their tacit
admission that they know their product is flawed in ways that could
lead to serious damage for users.




------ Forwarded Message
From: Dave Wilson <dave () wilson net>
Date: Tue, 15 Apr 2003 07:34:37 -0500 (EST)
To: dave () farber net
Subject: Re: [IP] good question DMCA used to shut down campus IDsecurity
talk


In general, under the law software developers are not liable for any kind
of product failure, including security. Last week, when he was here at
Purdue University -- where I'm on a fellowship studying information
security these days -- I had the opportunity to ask a couple of question of
Howard A. Schmidt, Special Advisor to President Bush for Cyberspace
Security and head of the President's Critical Infrastructure Protection
Board. I asked Mr. Schmidt if the government should expose developers to
liability as a spur to develop a better environment. Schmidt said that
liability exposure ultimately drives up costs for users (as in a guy who
defends himself against a suit claiming flawed software has to charge more
for his products to pay off his legal bills). Mr. Schmidt argued that
consumers would eventually choose systems that are more secure, and that
the country needed to give the free market time to work its magic. The
government, he said, is reluctant to interfere with that process. "We will
indeed not regulate," he declared.

A bit later, I pointed out to Mr. Schmidt that several courts - including
the U.S. Supreme Court - have found that Microsoft Corp. has monopoly power
in the market for desktop computers, and that this monopoly power allowed
the company to force consumers to purchase products that are insecure. I
asked Mr. Schmidt, who was Microsoft's former chief security officer, if he
disagreed with the court's economic analysis. "I'm not a lawyer," he
replied.

-dave

------ End of Forwarded Message

-------------------------------------
You are subscribed as mradin () stanford edu
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/


Margaret Jane Radin
William Benjamin Scott & Luna M. Scott Professor of Law
Director, Program in Law, Science & Technology
Stanford University
Nathan Abbott Way
Stanford, CA 94305-8610


------ End of Forwarded Message

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/
Previous By Date Next
Previous By Thread Next

Current thread: