Software Product Liability?

ben writes "Reuters just ran a story about the increasing number of calls for liability on the part of software developers, with a not-too-suprising focus on Microsoft and its uber-fallible IIS webserver. Given that many other engineering disciplines have some sort of accreditation and licensing body to enforce codes of professional ethics, I'm curious what impact the demand for such a creature in the software industry could have on Open Source developers, especially the part-time hobbyist ones. That is, establishment of some sort of Software Developer's license means the developer is potentially liable for whatever havoc his bugs may wreak, and traditionally the only environment with legal resources adequate to deal with such liability has been the megalithic corporate one."

Classic Microsoft Quotes in the Article

[tupps]

Couple of quotes in the article I like:

The products are even less buggy than others, in terms of per capita usage, Microsoft Chief Executive Steve Ballmer has said.

So does that mean that because more people use Microsoft software they can have more bugs in it? This sort of statistic is like using "Revenue over number of employees named Frank" as an accounting measure for companies!

And the other one:

Mundie said. "Microsoft can't control that process. If the printer driver tanks the system, who do you hold liable?"

Now *that* explains what caused all those holes in my locked down IIS server!

Est. $60,000,000,000/yr in USA.

[Black+Parrot]

The NIST commissioned a study (sorry, 1.4Mb .pdf) that analyzed the cost of bugs^w "inadequate software testing infrastructure" in a couple of industries and then estimated how the cost scaled up to the entire USA. Result: $60 billion per year.

If you don't want to download the report, there's a brief summary in RISKS Digest 22.11, on comp.risks. If you do download the report, the final numbers are on p.174