SlideShare una empresa de Scribd logo

Software liability

Descargar como PPT, PDF
ALIAS Network
ALIAS Network
Tecnología
1 de 17
Software and product liability Giuseppe Contissa | European University Institute
Strict liability vs negligence • should software manufacturers be held strictly liable for software defects? • If computer software is deemed to be a service, then a manufacturer is generally not liable in tort, absent some negligent behaviour or intentional misconduct. • If computer software is deemed to be a product, then a manufacturer may be liable under strict liability or negligence. • "aeronautical chart" cases • To date, there are no reported decisions in the United States holding a software vendor liable under a strict liability theory (Scott 2008).
Strict liability (1) • Software manufacturers should be held strictly liable because: • strict liability would encourage risk spreading • strict liability would encourage the manufacturer to purchase products liability insurance, thus passing the cost of the insurance onto the users of the product. (issues: insurance is not easy to obtain, higher prices) • liability under a negligence theory may be unavailable • the injured party, in a negligence action, faces the burden of showing that there was a lack of due care in the design or manufacture of the computer software. • in the more complex and advanced computer software, it may be extremely difficult for a consumer or user of the computer software to identify the lack of due care by the manufacturer which was responsible for the defect.
Strict liability (2) • Software manufacturers should be held strictly liable because: • strict liability forces manufacturers to take precautions before marketing their product • Manufacturer are in the best position to know all potential defects and potential harms that their products might cause. Forcing manufacturers to pay for personal injuries created by software defects will encourage them to be more careful. • injured party will be adequately compensated • the application of strict liability to computer software defects would ensure that injured plaintiffs receive adequate compensation for their injuries, especially in fields such ATM, where defective computer software may result in serious personal injury or death. • manufacturer makes a representation of product safety • implicit in a product's presence on the market is a representation that the product will safely do the jobs for which it was built. By placing the computer software on the market, the computer software manufacturer should be forced to assume liability for any injury caused by the computer software which was unreasonably dangerous
negligence • Software manufacturers should NOT be held strictly liable because: • strict liability will cause an undue burden upon computer software manufacturers • it is essential to balance the need for the adoption of softwares and automation with the risk involved in their malfunctions. In balancing the need versus the harm, it is crucial to look at the costs and risk of damage had the computer program not been used, and if there are other efficient and safe methods of carrying out the same function. • strict products liability would hamper innovation • Implementation of strict products liability would discourage the research and development of potentially life saving / safety enhancing / efficient software. If computer software manufacturers were to face strict liability for defects in computer software which they did not know about and could not prevent, many manufacturers would discontinue "cutting edge" ventures
Contributory negligence • Contributory negligence or victim fault should be recognized in all cases of liability, both fault and strict: • An efficient liability rule would require that the operator bear the cost of avoidable harm, (avoidable by due care), excluding those harms that victims can prevent more cheaply (Calabresi -cheapest cost avoider) • If contributory negligence is not a defense, then any liability rule is potentially inefficient (Bergkamp)
Manufacturing defects vs. design defects • is a software bug a manufacturing defect or a design defect? • A manufacturing defect is one that differs from the intended result of the manufacturer or from other identical items of the same production line (production flaw) • A design defect, instead, exists where the product is designed in such a way that it carries an inherent risk of harm in normal use. • Strict products liability is equally applicable to both manufacturing defects and design defects, although it is often easier to apply strict products liability to a manufacturing defect. • Design defect has higher burden of proof (reasonable alternative design, level of expected safety) • State of the art defence • "risk/utility” test (B < PL)
software liability in relation to patches and updates • Is there a responsibility for failure to check adequately for bugs? • manufacturers’s responsibilities would include carefully formulating the design of the software to prevent vulnerabilities that can be exploited by hackers and other third parties, properly implementing the design in code, thoroughly testing the code to expose any vulnerabilities, and revising the code to remove the vulnerabilities before releasing the software to the public. • Is the developer responsible for providing a patch/update? Is there a user's contributory negligence? • Usually, many of these errors are discovered only after the software has been distributed. Three software liability policies has been investigated (in relation to security): 2. Loss Liability Policies, where the software vendor/manufacturer is liable to partially or fully compensate users’ losses incurred in case of attack/damage 3. Patch Liability Policies, where the software vendor/manufacturer is held liable to compensate patching costs incurred by users if a vulnerability/error is discovered before the damage is produced 4. Security Standards Policies, where regulation enforces a certain standard of security to be achieved by the vendor/manufacturer during software development to mitigate security vulnerabilities.
liability and autonomous software • In certain circumstances, when a damage is caused by the use of defective autonomous software/automated systems, human operators (e.g. pilots) should be shielded from liability because they are relying on automated systems to fulfill their tasks (e.g. GPS/autopilots to guide them to the correct destination). • However, if no design/manufacturing defects are detected, the user would be responsible under (a sort of) vicarious liability, rather than liability of the custodian. • Therefore, in analogy with vicarious liability, when software's performances are below a certain standard, the user would be liable even if he was not negligent. • In this scenario, what would be the appropriate standard to be taken into account? Maybe, the level of care that would be expected from a human being executing the same task delegated to the autonomous system.
liability for open source software • The peculiar characteristic of open source software is that it is distributed under the form of source code, while the distribution of the executable code is only optional. • In such a case, should liability be framed as liability for misleading/inaccurate/wrong information? • In the US, providers of items containing certain forms of “information” have been exempted from strict product liability, even in cases where the item in question has been mass produced (Book Cases).
Law and economics analysis • Law and economics models help us to analyse the effect of liability on incentives • whether to engage in activities • how much care to exercise to reduce risk when doing so • Cost internalization theory: 5.It creates incentives to prevent damages taking care (preventive measures to reduce risk) 6.It would further risk (or loss) spreading 7.It would cause the price of activities to increase, resulting in lower activity levels
Liability for accidents (Shavell): optimal care • Let x be expenditures on care (or the value of effort devoted to it) and p(x) be the probability of an accident that causes harm h (p decreases when x increases). • Assume that the social objective is to minimize total expected costs, x + p(x)h, and let x∗ denote the optimal x. • under both forms of liability, strict liability and the negligence rule, injurers are induced to take optimal care (x∗ ). • a regime of strict liability with contributory negligence induces the socially optimal level of care by both parties.
Liability for accidents (Shavell): level of activity • Let z be the level of activity • Let b(z) be the injurer’s benefit from the activity, (b increases when z increases) • z(x + p(x)h) is the total cost of care and expected harm given z • Under strict liability, an injurer will choose both the optimal level of care x∗ and the optimal level of activity z∗, as his objective is the same as the social objective, to maximize b(z) − z(x + p(x)h) • Under the negligence rule, an injurer will choose optimal care x∗, but his level of activity z will be socially excessive. • The explanation for the excessive level of activity is that the injurer’s cost of raising his level of activity is only his cost of care x∗ , which is less than the social cost, as that also includes p(x∗ )h. • Open issue: burden of proof
Software liability • intrinsic software (user does not interact directly with the software, e.g software embedded in planes or automobiles) • extrinsic software (pc application) • intrinsic and extrinsic software may be key to a socially efficient liability regime, because the economic theory of product liability law prescribes the assignment of liability to the party who controls the risk • strict liability rule may not be socially optimal for extrinsic software, because it would not induce the consumer to exercise due care in the installation, operation, and use of the software
Software liability in ATM: Überlingen (1) • First Instance Court N. 34 of Barcelona, Spain (2010) • plaintiffs representing thirty-one (31) of the Russian passengers (Bashkirian Airlines Flight 2937) • Defendants: The manufacturers of the TCAS, Honeywell International, Inc. (“Honeywell”) and Aviation Communication & Surveillance Systems (“ACSS”) • the Spanish Court found that two alleged defects of the TCAS had not been proven: (1) the alleged fault in the RA Reversal system; and (2) the alleged existence of a new version of TCAS software available to correct the claimed problems of the earlier version that defendants had failed to implement. • However, the Court did find that plaintiff had proven a third alleged defect, i.e., that the TCAS II Pilot’s Guide failed to clearly set forth the priority of TCAS advisories over conflicting air traffic control orders.
Software liability in ATM: Überlingen (2) • Product Liability • "[T]he lack of adequate instructions and warnings in the defendants’ TCAS Pilot’s Guide […] contributed towards the Tupolev pilot’s error that caused the accident and, accordingly, we can conclude that this information defect contributed substantially to the damage, being part of one of its causes. For this reason, the defendants shall be liable for the damages caused." • The Court rejected plaintiffs’ claims for survival damages. The Court also rejected plaintiffs’ claims for punitive damages. • The Court found that Honeywell was not liable for non-monetary damages • ACSS was liable for non-monetary damages ($5,991,501) • plaintiffs were awarded a total of $10,459,810.50 in damages for the deaths of 30 persons, including $6,723,639.45 as to ACSS and $3,736,171.05 as to Honeywell13 – an average of $348,660.35 per decedent. The decision is currently subject to appeal.
Software liability in ATM: Überlingen • “Forum shopping” • 22nd Convention on the Law Applicable to Products Liability, signed in The Hague on October 2, 1973 • currently in force in 11 European countries (Spain, France, the Netherlands, Croatia, Finland, Luxembourg, Montenegro, Norway, Serbia, Slovenia, and FYROM) (6 of them are also party of Rome II) • Article 6 applies the law of the manufacturer's principal place of business unless the claimant bases his claim on the law of the place of injury. • Article 11 establishes that there is no requirement for the Convention to have been adopted by the country to whose law Articles 6 points. • On these grounds judges applied apply Arizona law for ACSS and New Jersey law for Honeywell.

Recomendados

6 software contracts
6 software contracts6 software contracts
6 software contractsSaqib Raza
 
intellectual property rights
intellectual property rights intellectual property rights
intellectual property rightsHamza Cheema
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal lawZaheer Irshad
 
Software Engineering Code Of Ethics And Professional Practice
Software Engineering Code Of Ethics And Professional Practice Software Engineering Code Of Ethics And Professional Practice
Software Engineering Code Of Ethics And Professional Practice Saqib Raza
 
ACM code of ethics
ACM code of ethicsACM code of ethics
ACM code of ethicsMuhammad Haroon
 
computer misuse n criminal law
computer misuse n criminal lawcomputer misuse n criminal law
computer misuse n criminal lawHamza Cheema
 
Ieee code of ethics
Ieee code of ethicsIeee code of ethics
Ieee code of ethicsWaqar Ahmad
 
computer contracts.pdf
computer contracts.pdfcomputer contracts.pdf
computer contracts.pdfSanaKhan319883
 

Recomendados

6 software contracts
6 software contracts6 software contracts
6 software contractsSaqib Raza
 
intellectual property rights
intellectual property rights intellectual property rights
intellectual property rightsHamza Cheema
 
Computer misuse and criminal law
Computer misuse and criminal lawComputer misuse and criminal law
Computer misuse and criminal lawZaheer Irshad
 
Software Engineering Code Of Ethics And Professional Practice
Software Engineering Code Of Ethics And Professional Practice Software Engineering Code Of Ethics And Professional Practice
Software Engineering Code Of Ethics And Professional Practice Saqib Raza
 
ACM code of ethics
ACM code of ethicsACM code of ethics
ACM code of ethicsMuhammad Haroon
 
computer misuse n criminal law
computer misuse n criminal lawcomputer misuse n criminal law
computer misuse n criminal lawHamza Cheema
 
Ieee code of ethics
Ieee code of ethicsIeee code of ethics
Ieee code of ethicsWaqar Ahmad
 
computer contracts.pdf
computer contracts.pdfcomputer contracts.pdf
computer contracts.pdfSanaKhan319883
 
Frame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison UniversityFrame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison Universitytouseefaq3
 
Accountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeAccountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeSyed Hassan Ali
 
The Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM CodeThe Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM CodeAhmed Elshal
 
Ethics and computing profession
Ethics and computing professionEthics and computing profession
Ethics and computing professionshahmansoor109
 
computing profession and core skills
computing profession and core skillscomputing profession and core skills
computing profession and core skillsHamza Cheema
 
anatomy of a sw house
anatomy of a sw houseanatomy of a sw house
anatomy of a sw houseHamza Cheema
 
Codes of ethics
Codes of ethicsCodes of ethics
Codes of ethicsEyelean xilef
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsDyuti Islam
 
Software Contract and Liability
Software Contract and LiabilitySoftware Contract and Liability
Software Contract and LiabilityMohamad Sani
 
Professional ethics in_computing
Professional ethics in_computingProfessional ethics in_computing
Professional ethics in_computingUc Man
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal IssuesKak Yong
 
Computer ethics & copyright
Computer ethics & copyrightComputer ethics & copyright
Computer ethics & copyrightVehitaltinci
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsJagan Nath
 
Uses,mis uses and risk of software
Uses,mis uses and risk of softwareUses,mis uses and risk of software
Uses,mis uses and risk of softwareAHSSAN AKHTAR
 
Professional Practice Course Outline
Professional Practice Course OutlineProfessional Practice Course Outline
Professional Practice Course OutlineSaqib Raza
 
Assignment 1
Assignment 1Assignment 1
Assignment 1Lahore Garrison University
 
Computer Ethics
Computer EthicsComputer Ethics
Computer Ethicspoonam.rwalia
 
Software Liability.pptx
Software Liability.pptxSoftware Liability.pptx
Software Liability.pptxRaeesKhan691281
 
Chapter 1 powerpoint
Chapter 1 powerpointChapter 1 powerpoint
Chapter 1 powerpointstanbridge
 
Professional Ethics of IT
Professional Ethics of ITProfessional Ethics of IT
Professional Ethics of ITMaria Stella Solon
 
Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpointLonda77
 

Más contenido relacionado

La actualidad más candente

Frame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison UniversityFrame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison Universitytouseefaq3
 
Accountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeAccountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeSyed Hassan Ali
 
The Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM CodeThe Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM CodeAhmed Elshal
 
Ethics and computing profession
Ethics and computing professionEthics and computing profession
Ethics and computing professionshahmansoor109
 
computing profession and core skills
computing profession and core skillscomputing profession and core skills
computing profession and core skillsHamza Cheema
 
anatomy of a sw house
anatomy of a sw houseanatomy of a sw house
anatomy of a sw houseHamza Cheema
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsDyuti Islam
 
Software Contract and Liability
Software Contract and LiabilitySoftware Contract and Liability
Software Contract and LiabilityMohamad Sani
 
Professional ethics in_computing
Professional ethics in_computingProfessional ethics in_computing
Professional ethics in_computingUc Man
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal IssuesKak Yong
 
Computer ethics & copyright
Computer ethics & copyrightComputer ethics & copyright
Computer ethics & copyrightVehitaltinci
 
Computer ethics
Computer ethicsComputer ethics
Computer ethicsJagan Nath
 
Uses,mis uses and risk of software
Uses,mis uses and risk of softwareUses,mis uses and risk of software
Uses,mis uses and risk of softwareAHSSAN AKHTAR
 
Professional Practice Course Outline
Professional Practice Course OutlineProfessional Practice Course Outline
Professional Practice Course OutlineSaqib Raza
 
Chapter 1 powerpoint
Chapter 1 powerpointChapter 1 powerpoint
Chapter 1 powerpointstanbridge
 

La actualidad más candente (20)

Frame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison UniversityFrame Work of Employee Relation Law , Lahore Garrison University
Frame Work of Employee Relation Law , Lahore Garrison University
 
Accountability And Auditing In Professional Practice
Accountability And Auditing In Professional PracticeAccountability And Auditing In Professional Practice
Accountability And Auditing In Professional Practice
 
The Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM CodeThe Software Engineering Code and the ACM Code
The Software Engineering Code and the ACM Code
 
Ethics and computing profession
Ethics and computing professionEthics and computing profession
Ethics and computing profession
 
computing profession and core skills
computing profession and core skillscomputing profession and core skills
computing profession and core skills
 
anatomy of a sw house
anatomy of a sw houseanatomy of a sw house
anatomy of a sw house
 
Codes of ethics
Codes of ethicsCodes of ethics
Codes of ethics
 
Social and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - EthicsSocial and Professional Issues in Computing - Ethics
Social and Professional Issues in Computing - Ethics
 
Software Contract and Liability
Software Contract and LiabilitySoftware Contract and Liability
Software Contract and Liability
 
Professional ethics in_computing
Professional ethics in_computingProfessional ethics in_computing
Professional ethics in_computing
 
Computer Ethics and Legal Issues
Computer Ethics and Legal IssuesComputer Ethics and Legal Issues
Computer Ethics and Legal Issues
 
Computer ethics & copyright
Computer ethics & copyrightComputer ethics & copyright
Computer ethics & copyright
 
Computer ethics
Computer ethicsComputer ethics
Computer ethics
 
Uses,mis uses and risk of software
Uses,mis uses and risk of softwareUses,mis uses and risk of software
Uses,mis uses and risk of software
 
Professional Practice Course Outline
Professional Practice Course OutlineProfessional Practice Course Outline
Professional Practice Course Outline
 
Assignment 1
Assignment 1Assignment 1
Assignment 1
 
Computer Ethics
Computer EthicsComputer Ethics
Computer Ethics
 
Software Liability.pptx
Software Liability.pptxSoftware Liability.pptx
Software Liability.pptx
 
Chapter 1 powerpoint
Chapter 1 powerpointChapter 1 powerpoint
Chapter 1 powerpoint
 
Professional Ethics of IT
Professional Ethics of ITProfessional Ethics of IT
Professional Ethics of IT
 

Similar a Software liability

Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesPriyanka Aash
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpointLonda77
 
Liability Issues in Autonomous and Semi-Autonomous Systems
Liability Issues in Autonomous and Semi-Autonomous SystemsLiability Issues in Autonomous and Semi-Autonomous Systems
Liability Issues in Autonomous and Semi-Autonomous SystemsJohn Buyers
 
professional Issues in COmputer science and Engineering
professional Issues in COmputer science and Engineeringprofessional Issues in COmputer science and Engineering
professional Issues in COmputer science and EngineeringMohibullah Saail
 
20cs2024 Ethics in Information Technology
20cs2024 Ethics in Information Technology20cs2024 Ethics in Information Technology
20cs2024 Ethics in Information TechnologyKathirvel Ayyaswamy
 
Safety and risk
Safety and riskSafety and risk
Safety and riskSKS
 
7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTEDbugcrowd
 
1606125427-week8.pptx
1606125427-week8.pptx1606125427-week8.pptx
1606125427-week8.pptxSumbalIlyas1
 
Open Source Outlook: Expected Developments for 2016
Open Source Outlook: Expected Developments for 2016Open Source Outlook: Expected Developments for 2016
Open Source Outlook: Expected Developments for 2016Black Duck by Synopsys
 
Marketing of services Australian Education
Marketing of services Australian EducationMarketing of services Australian Education
Marketing of services Australian EducationSourav Biswas
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaChris Bailey
 
Ethics and TechnologyACM Code of Ethics Project Guidelines.docx
Ethics and TechnologyACM Code of Ethics Project Guidelines.docxEthics and TechnologyACM Code of Ethics Project Guidelines.docx
Ethics and TechnologyACM Code of Ethics Project Guidelines.docxSANSKAR20
 
Project Planning and Management.pptx
Project Planning and Management.pptxProject Planning and Management.pptx
Project Planning and Management.pptxvishnupriyapm4
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for JavaTim Ellison
 
MIT520 software architecture assignments (2012) - 1
MIT520 software architecture assignments (2012) - 1MIT520 software architecture assignments (2012) - 1
MIT520 software architecture assignments (2012) - 1Yudep Apoi
 
Owasp_Security_Labeling_System
Owasp_Security_Labeling_SystemOwasp_Security_Labeling_System
Owasp_Security_Labeling_SystemluisenriquezA
 
Ethical consideration in open source software
Ethical consideration in open source softwareEthical consideration in open source software
Ethical consideration in open source softwareaamatya
 
Ethical consideration in open source software
Ethical consideration in open source softwareEthical consideration in open source software
Ethical consideration in open source softwareaamatya
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutionsabe8512000
 

Similar a Software liability (20)

Legal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity VulnerabilitiesLegal Liability for IOT Cybersecurity Vulnerabilities
Legal Liability for IOT Cybersecurity Vulnerabilities
 
Blog powerpoint
Blog powerpointBlog powerpoint
Blog powerpoint
 
Liability Issues in Autonomous and Semi-Autonomous Systems
Liability Issues in Autonomous and Semi-Autonomous SystemsLiability Issues in Autonomous and Semi-Autonomous Systems
Liability Issues in Autonomous and Semi-Autonomous Systems
 
professional Issues in COmputer science and Engineering
professional Issues in COmputer science and Engineeringprofessional Issues in COmputer science and Engineering
professional Issues in COmputer science and Engineering
 
20cs2024 Ethics in Information Technology
20cs2024 Ethics in Information Technology20cs2024 Ethics in Information Technology
20cs2024 Ethics in Information Technology
 
Safety and risk
Safety and riskSafety and risk
Safety and risk
 
7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED
 
Reliability
ReliabilityReliability
Reliability
 
1606125427-week8.pptx
1606125427-week8.pptx1606125427-week8.pptx
1606125427-week8.pptx
 
Open Source Outlook: Expected Developments for 2016
Open Source Outlook: Expected Developments for 2016Open Source Outlook: Expected Developments for 2016
Open Source Outlook: Expected Developments for 2016
 
Marketing of services Australian Education
Marketing of services Australian EducationMarketing of services Australian Education
Marketing of services Australian Education
 
JavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for JavaJavaOne2013: Secure Engineering Practices for Java
JavaOne2013: Secure Engineering Practices for Java
 
Ethics and TechnologyACM Code of Ethics Project Guidelines.docx
Ethics and TechnologyACM Code of Ethics Project Guidelines.docxEthics and TechnologyACM Code of Ethics Project Guidelines.docx
Ethics and TechnologyACM Code of Ethics Project Guidelines.docx
 
Project Planning and Management.pptx
Project Planning and Management.pptxProject Planning and Management.pptx
Project Planning and Management.pptx
 
Secure Engineering Practices for Java
Secure Engineering Practices for JavaSecure Engineering Practices for Java
Secure Engineering Practices for Java
 
MIT520 software architecture assignments (2012) - 1
MIT520 software architecture assignments (2012) - 1MIT520 software architecture assignments (2012) - 1
MIT520 software architecture assignments (2012) - 1
 
Owasp_Security_Labeling_System
Owasp_Security_Labeling_SystemOwasp_Security_Labeling_System
Owasp_Security_Labeling_System
 
Ethical consideration in open source software
Ethical consideration in open source softwareEthical consideration in open source software
Ethical consideration in open source software
 
Ethical consideration in open source software
Ethical consideration in open source softwareEthical consideration in open source software
Ethical consideration in open source software
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
 

Más de ALIAS Network

Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...
Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...
Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...ALIAS Network
 
Luca Falessi - the caa perspective on the future of atm
Luca Falessi - the caa perspective on the future of atmLuca Falessi - the caa perspective on the future of atm
Luca Falessi - the caa perspective on the future of atmALIAS Network
 
Ken Carpenter - application of legal case to acas x
Ken Carpenter - application of legal case to acas xKen Carpenter - application of legal case to acas x
Ken Carpenter - application of legal case to acas xALIAS Network
 
Ken Carpenter - a new generation of airborne collision avoidance systems acas x
Ken Carpenter - a new generation of airborne collision avoidance systems acas xKen Carpenter - a new generation of airborne collision avoidance systems acas x
Ken Carpenter - a new generation of airborne collision avoidance systems acas xALIAS Network
 
Damiano Taurino - operational usages and regulatory framework of rpas
Damiano Taurino - operational usages and regulatory framework of rpasDamiano Taurino - operational usages and regulatory framework of rpas
Damiano Taurino - operational usages and regulatory framework of rpasALIAS Network
 
Anthony Smoker - the ifatca perspective on the future of atm
Anthony Smoker - the ifatca perspective on the future of atmAnthony Smoker - the ifatca perspective on the future of atm
Anthony Smoker - the ifatca perspective on the future of atmALIAS Network
 
Anthony Smoker - the atcos perspective on RPAS: The IFATCA view
Anthony Smoker - the atcos perspective on RPAS: The IFATCA viewAnthony Smoker - the atcos perspective on RPAS: The IFATCA view
Anthony Smoker - the atcos perspective on RPAS: The IFATCA viewALIAS Network
 
Dennis Shomko - rpas industry perspective: who’s in charge?
Dennis Shomko - rpas industry perspective: who’s in charge?Dennis Shomko - rpas industry perspective: who’s in charge?
Dennis Shomko - rpas industry perspective: who’s in charge?ALIAS Network
 
Roger Sethsson - insurance perspective on automation and innovation in aviation
Roger Sethsson - insurance perspective on automation and innovation in aviationRoger Sethsson - insurance perspective on automation and innovation in aviation
Roger Sethsson - insurance perspective on automation and innovation in aviationALIAS Network
 
Luca Save - a human factors perspective: the loat
Luca Save - a human factors perspective: the loatLuca Save - a human factors perspective: the loat
Luca Save - a human factors perspective: the loatALIAS Network
 
Giovanni Sartor - addressing legal and social aspects the alias project
Giovanni Sartor - addressing legal and social aspects the alias projectGiovanni Sartor - addressing legal and social aspects the alias project
Giovanni Sartor - addressing legal and social aspects the alias projectALIAS Network
 
Amedeo Santosuosso - judicial approaches on rpas
Amedeo Santosuosso - judicial approaches on rpasAmedeo Santosuosso - judicial approaches on rpas
Amedeo Santosuosso - judicial approaches on rpasALIAS Network
 
Alfredo Roma - addressing liabilities with rpas
Alfredo Roma - addressing liabilities with rpasAlfredo Roma - addressing liabilities with rpas
Alfredo Roma - addressing liabilities with rpasALIAS Network
 
Stefano Prola - IATA input in alias legal case
Stefano Prola - IATA input in alias legal caseStefano Prola - IATA input in alias legal case
Stefano Prola - IATA input in alias legal caseALIAS Network
 
Carolina Rius Alarco - liabilities and automation in aviation - rpas
Carolina Rius Alarco - liabilities and automation in aviation - rpasCarolina Rius Alarco - liabilities and automation in aviation - rpas
Carolina Rius Alarco - liabilities and automation in aviation - rpasALIAS Network
 
Marc Bourgois - experience from long-term and innovative research
Marc Bourgois - experience from long-term and innovative researchMarc Bourgois - experience from long-term and innovative research
Marc Bourgois - experience from long-term and innovative researchALIAS Network
 
Maurizio Mancini - the ansp perspective
Maurizio Mancini - the ansp perspectiveMaurizio Mancini - the ansp perspective
Maurizio Mancini - the ansp perspectiveALIAS Network
 
Hanna Schebesta - test application results
Hanna Schebesta - test application resultsHanna Schebesta - test application results
Hanna Schebesta - test application resultsALIAS Network
 
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systems
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systemsPierpaolo Gori - elements of regulation on remotely piloted aircraft systems
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systemsALIAS Network
 
Giuseppe Contissa - the legal case
Giuseppe Contissa - the legal caseGiuseppe Contissa - the legal case
Giuseppe Contissa - the legal caseALIAS Network
 

Más de ALIAS Network (20)

Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...
Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...
Paola Tomasello - Liabilities of Remotely Piloted Aircraft Systems (RPAS): th...
 
Luca Falessi - the caa perspective on the future of atm
Luca Falessi - the caa perspective on the future of atmLuca Falessi - the caa perspective on the future of atm
Luca Falessi - the caa perspective on the future of atm
 
Ken Carpenter - application of legal case to acas x
Ken Carpenter - application of legal case to acas xKen Carpenter - application of legal case to acas x
Ken Carpenter - application of legal case to acas x
 
Ken Carpenter - a new generation of airborne collision avoidance systems acas x
Ken Carpenter - a new generation of airborne collision avoidance systems acas xKen Carpenter - a new generation of airborne collision avoidance systems acas x
Ken Carpenter - a new generation of airborne collision avoidance systems acas x
 
Damiano Taurino - operational usages and regulatory framework of rpas
Damiano Taurino - operational usages and regulatory framework of rpasDamiano Taurino - operational usages and regulatory framework of rpas
Damiano Taurino - operational usages and regulatory framework of rpas
 
Anthony Smoker - the ifatca perspective on the future of atm
Anthony Smoker - the ifatca perspective on the future of atmAnthony Smoker - the ifatca perspective on the future of atm
Anthony Smoker - the ifatca perspective on the future of atm
 
Anthony Smoker - the atcos perspective on RPAS: The IFATCA view
Anthony Smoker - the atcos perspective on RPAS: The IFATCA viewAnthony Smoker - the atcos perspective on RPAS: The IFATCA view
Anthony Smoker - the atcos perspective on RPAS: The IFATCA view
 
Dennis Shomko - rpas industry perspective: who’s in charge?
Dennis Shomko - rpas industry perspective: who’s in charge?Dennis Shomko - rpas industry perspective: who’s in charge?
Dennis Shomko - rpas industry perspective: who’s in charge?
 
Roger Sethsson - insurance perspective on automation and innovation in aviation
Roger Sethsson - insurance perspective on automation and innovation in aviationRoger Sethsson - insurance perspective on automation and innovation in aviation
Roger Sethsson - insurance perspective on automation and innovation in aviation
 
Luca Save - a human factors perspective: the loat
Luca Save - a human factors perspective: the loatLuca Save - a human factors perspective: the loat
Luca Save - a human factors perspective: the loat
 
Giovanni Sartor - addressing legal and social aspects the alias project
Giovanni Sartor - addressing legal and social aspects the alias projectGiovanni Sartor - addressing legal and social aspects the alias project
Giovanni Sartor - addressing legal and social aspects the alias project
 
Amedeo Santosuosso - judicial approaches on rpas
Amedeo Santosuosso - judicial approaches on rpasAmedeo Santosuosso - judicial approaches on rpas
Amedeo Santosuosso - judicial approaches on rpas
 
Alfredo Roma - addressing liabilities with rpas
Alfredo Roma - addressing liabilities with rpasAlfredo Roma - addressing liabilities with rpas
Alfredo Roma - addressing liabilities with rpas
 
Stefano Prola - IATA input in alias legal case
Stefano Prola - IATA input in alias legal caseStefano Prola - IATA input in alias legal case
Stefano Prola - IATA input in alias legal case
 
Carolina Rius Alarco - liabilities and automation in aviation - rpas
Carolina Rius Alarco - liabilities and automation in aviation - rpasCarolina Rius Alarco - liabilities and automation in aviation - rpas
Carolina Rius Alarco - liabilities and automation in aviation - rpas
 
Marc Bourgois - experience from long-term and innovative research
Marc Bourgois - experience from long-term and innovative researchMarc Bourgois - experience from long-term and innovative research
Marc Bourgois - experience from long-term and innovative research
 
Maurizio Mancini - the ansp perspective
Maurizio Mancini - the ansp perspectiveMaurizio Mancini - the ansp perspective
Maurizio Mancini - the ansp perspective
 
Hanna Schebesta - test application results
Hanna Schebesta - test application resultsHanna Schebesta - test application results
Hanna Schebesta - test application results
 
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systems
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systemsPierpaolo Gori - elements of regulation on remotely piloted aircraft systems
Pierpaolo Gori - elements of regulation on remotely piloted aircraft systems
 
Giuseppe Contissa - the legal case
Giuseppe Contissa - the legal caseGiuseppe Contissa - the legal case
Giuseppe Contissa - the legal case
 

Último

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Último (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Software liability

  • 1. Software and product liability Giuseppe Contissa | European University Institute
  • 2. Strict liability vs negligence • should software manufacturers be held strictly liable for software defects? • If computer software is deemed to be a service, then a manufacturer is generally not liable in tort, absent some negligent behaviour or intentional misconduct. • If computer software is deemed to be a product, then a manufacturer may be liable under strict liability or negligence. • "aeronautical chart" cases • To date, there are no reported decisions in the United States holding a software vendor liable under a strict liability theory (Scott 2008).
  • 3. Strict liability (1) • Software manufacturers should be held strictly liable because: • strict liability would encourage risk spreading • strict liability would encourage the manufacturer to purchase products liability insurance, thus passing the cost of the insurance onto the users of the product. (issues: insurance is not easy to obtain, higher prices) • liability under a negligence theory may be unavailable • the injured party, in a negligence action, faces the burden of showing that there was a lack of due care in the design or manufacture of the computer software. • in the more complex and advanced computer software, it may be extremely difficult for a consumer or user of the computer software to identify the lack of due care by the manufacturer which was responsible for the defect.
  • 4. Strict liability (2) • Software manufacturers should be held strictly liable because: • strict liability forces manufacturers to take precautions before marketing their product • Manufacturer are in the best position to know all potential defects and potential harms that their products might cause. Forcing manufacturers to pay for personal injuries created by software defects will encourage them to be more careful. • injured party will be adequately compensated • the application of strict liability to computer software defects would ensure that injured plaintiffs receive adequate compensation for their injuries, especially in fields such ATM, where defective computer software may result in serious personal injury or death. • manufacturer makes a representation of product safety • implicit in a product's presence on the market is a representation that the product will safely do the jobs for which it was built. By placing the computer software on the market, the computer software manufacturer should be forced to assume liability for any injury caused by the computer software which was unreasonably dangerous
  • 5. negligence • Software manufacturers should NOT be held strictly liable because: • strict liability will cause an undue burden upon computer software manufacturers • it is essential to balance the need for the adoption of softwares and automation with the risk involved in their malfunctions. In balancing the need versus the harm, it is crucial to look at the costs and risk of damage had the computer program not been used, and if there are other efficient and safe methods of carrying out the same function. • strict products liability would hamper innovation • Implementation of strict products liability would discourage the research and development of potentially life saving / safety enhancing / efficient software. If computer software manufacturers were to face strict liability for defects in computer software which they did not know about and could not prevent, many manufacturers would discontinue "cutting edge" ventures
  • 6. Contributory negligence • Contributory negligence or victim fault should be recognized in all cases of liability, both fault and strict: • An efficient liability rule would require that the operator bear the cost of avoidable harm, (avoidable by due care), excluding those harms that victims can prevent more cheaply (Calabresi -cheapest cost avoider) • If contributory negligence is not a defense, then any liability rule is potentially inefficient (Bergkamp)
  • 7. Manufacturing defects vs. design defects • is a software bug a manufacturing defect or a design defect? • A manufacturing defect is one that differs from the intended result of the manufacturer or from other identical items of the same production line (production flaw) • A design defect, instead, exists where the product is designed in such a way that it carries an inherent risk of harm in normal use. • Strict products liability is equally applicable to both manufacturing defects and design defects, although it is often easier to apply strict products liability to a manufacturing defect. • Design defect has higher burden of proof (reasonable alternative design, level of expected safety) • State of the art defence • "risk/utility” test (B < PL)
  • 8. software liability in relation to patches and updates • Is there a responsibility for failure to check adequately for bugs? • manufacturers’s responsibilities would include carefully formulating the design of the software to prevent vulnerabilities that can be exploited by hackers and other third parties, properly implementing the design in code, thoroughly testing the code to expose any vulnerabilities, and revising the code to remove the vulnerabilities before releasing the software to the public. • Is the developer responsible for providing a patch/update? Is there a user's contributory negligence? • Usually, many of these errors are discovered only after the software has been distributed. Three software liability policies has been investigated (in relation to security): 2. Loss Liability Policies, where the software vendor/manufacturer is liable to partially or fully compensate users’ losses incurred in case of attack/damage 3. Patch Liability Policies, where the software vendor/manufacturer is held liable to compensate patching costs incurred by users if a vulnerability/error is discovered before the damage is produced 4. Security Standards Policies, where regulation enforces a certain standard of security to be achieved by the vendor/manufacturer during software development to mitigate security vulnerabilities.
  • 9. liability and autonomous software • In certain circumstances, when a damage is caused by the use of defective autonomous software/automated systems, human operators (e.g. pilots) should be shielded from liability because they are relying on automated systems to fulfill their tasks (e.g. GPS/autopilots to guide them to the correct destination). • However, if no design/manufacturing defects are detected, the user would be responsible under (a sort of) vicarious liability, rather than liability of the custodian. • Therefore, in analogy with vicarious liability, when software's performances are below a certain standard, the user would be liable even if he was not negligent. • In this scenario, what would be the appropriate standard to be taken into account? Maybe, the level of care that would be expected from a human being executing the same task delegated to the autonomous system.
  • 10. liability for open source software • The peculiar characteristic of open source software is that it is distributed under the form of source code, while the distribution of the executable code is only optional. • In such a case, should liability be framed as liability for misleading/inaccurate/wrong information? • In the US, providers of items containing certain forms of “information” have been exempted from strict product liability, even in cases where the item in question has been mass produced (Book Cases).
  • 11. Law and economics analysis • Law and economics models help us to analyse the effect of liability on incentives • whether to engage in activities • how much care to exercise to reduce risk when doing so • Cost internalization theory: 5.It creates incentives to prevent damages taking care (preventive measures to reduce risk) 6.It would further risk (or loss) spreading 7.It would cause the price of activities to increase, resulting in lower activity levels
  • 12. Liability for accidents (Shavell): optimal care • Let x be expenditures on care (or the value of effort devoted to it) and p(x) be the probability of an accident that causes harm h (p decreases when x increases). • Assume that the social objective is to minimize total expected costs, x + p(x)h, and let x∗ denote the optimal x. • under both forms of liability, strict liability and the negligence rule, injurers are induced to take optimal care (x∗ ). • a regime of strict liability with contributory negligence induces the socially optimal level of care by both parties.
  • 13. Liability for accidents (Shavell): level of activity • Let z be the level of activity • Let b(z) be the injurer’s benefit from the activity, (b increases when z increases) • z(x + p(x)h) is the total cost of care and expected harm given z • Under strict liability, an injurer will choose both the optimal level of care x∗ and the optimal level of activity z∗, as his objective is the same as the social objective, to maximize b(z) − z(x + p(x)h) • Under the negligence rule, an injurer will choose optimal care x∗, but his level of activity z will be socially excessive. • The explanation for the excessive level of activity is that the injurer’s cost of raising his level of activity is only his cost of care x∗ , which is less than the social cost, as that also includes p(x∗ )h. • Open issue: burden of proof
  • 14. Software liability • intrinsic software (user does not interact directly with the software, e.g software embedded in planes or automobiles) • extrinsic software (pc application) • intrinsic and extrinsic software may be key to a socially efficient liability regime, because the economic theory of product liability law prescribes the assignment of liability to the party who controls the risk • strict liability rule may not be socially optimal for extrinsic software, because it would not induce the consumer to exercise due care in the installation, operation, and use of the software
  • 15. Software liability in ATM: Überlingen (1) • First Instance Court N. 34 of Barcelona, Spain (2010) • plaintiffs representing thirty-one (31) of the Russian passengers (Bashkirian Airlines Flight 2937) • Defendants: The manufacturers of the TCAS, Honeywell International, Inc. (“Honeywell”) and Aviation Communication & Surveillance Systems (“ACSS”) • the Spanish Court found that two alleged defects of the TCAS had not been proven: (1) the alleged fault in the RA Reversal system; and (2) the alleged existence of a new version of TCAS software available to correct the claimed problems of the earlier version that defendants had failed to implement. • However, the Court did find that plaintiff had proven a third alleged defect, i.e., that the TCAS II Pilot’s Guide failed to clearly set forth the priority of TCAS advisories over conflicting air traffic control orders.
  • 16. Software liability in ATM: Überlingen (2) • Product Liability • "[T]he lack of adequate instructions and warnings in the defendants’ TCAS Pilot’s Guide […] contributed towards the Tupolev pilot’s error that caused the accident and, accordingly, we can conclude that this information defect contributed substantially to the damage, being part of one of its causes. For this reason, the defendants shall be liable for the damages caused." • The Court rejected plaintiffs’ claims for survival damages. The Court also rejected plaintiffs’ claims for punitive damages. • The Court found that Honeywell was not liable for non-monetary damages • ACSS was liable for non-monetary damages ($5,991,501) • plaintiffs were awarded a total of $10,459,810.50 in damages for the deaths of 30 persons, including $6,723,639.45 as to ACSS and $3,736,171.05 as to Honeywell13 – an average of $348,660.35 per decedent. The decision is currently subject to appeal.
  • 17. Software liability in ATM: Überlingen • “Forum shopping” • 22nd Convention on the Law Applicable to Products Liability, signed in The Hague on October 2, 1973 • currently in force in 11 European countries (Spain, France, the Netherlands, Croatia, Finland, Luxembourg, Montenegro, Norway, Serbia, Slovenia, and FYROM) (6 of them are also party of Rome II) • Article 6 applies the law of the manufacturer's principal place of business unless the claimant bases his claim on the law of the place of injury. • Article 11 establishes that there is no requirement for the Convention to have been adopted by the country to whose law Articles 6 points. • On these grounds judges applied apply Arizona law for ACSS and New Jersey law for Honeywell.

Notas del editor

  1. The manufacturer is held liable under the risk-utility test if the probability of injury times the gravity of injury under the current product design is more than the cost of an alternative reasonable design plus the diminished utility resulting from modifying the design.
  2. (other EU states: rome II) EU Regulation 864/2007 on the Law Applicable to Non-Contractual Obligations (&amp;quot;Rome II&amp;quot;) which is now in operation and would designate the law applicable to non- contractual obligations arising out of torts (Article 4) or damage caused by products (Article 5). As a general rule, Article 4 in respect of torts applies the law of the country in which the damage occurs, whilst Article 5 for product liabilities applies the law of: (1) the habitual residence of the person suffering damage, provided the product was marketed there; or, failing that (2) the country in which the product was acquired, provided the product was marketed there; or failing that (3) the country in which the damage occurred, provided the product was marketed there. Whilst the Convention takes precedence over Rome II for the 6 EU countries party to both, Rome II&apos;s choice of law provisions promisingly appear to increase the chances of US-based manufacturers avoiding being subject to US law before a European court.