Slashdot Mirror
Should Developers Be Liable For Their Code?
Glyn Moody writes "They might be, if a new European Commission consumer protection proposal, which suggests 'licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions,' becomes law. The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?"
As a developer, I say that surely it's the tester's fault if there's flaws!
Go home and shave your giant head of smell with your bad self
and no one to sue. and don't think the fact that you get it for free matters -- you can sue a soup kitchen if it gives you food poisoning.
Any guest worker system is indistinguishable from indentured servitude.
Going to medical school.
if you get it for no price, you don't enjoy such priviledges.
If someone sells GPL based software, they are free to do so and pick up the tab on flaws in the product. Same goes for proprietary software.
This should have been done at least 10 years ago.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
Going to medical school.
umm... to avoid being sued?
Any guest worker system is indistinguishable from indentured servitude.
http://www.opensource.org/licenses/gpl-license.html
Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations.
MABASPLOOM!
The idea that code should be perfect is a stupid idea: consumers don't want that.
They want "good enough," not perfect. Perfect costs a great deal of money, probably 4X, and consumers will buy the good enough product, at 1/4 of that price, well beyond 95% of the time.
C//
I say that if someone is making software for profit that they should be liable for their code. This would protect the free software coders. Might give Linux a legitimate chance..
Say a developer uses a number of 3rd party libraries (ie. Boost, TinyXML, etc), who will be pay damages if the program crashes in a bad way? The developer for not trying to catch 3rd party crashes, or the 3rd party for writing in bad code?
A morning without coffee is like something without something else.
Until the coders get total control of the project, from inception to completion, then no, they cannot be held responsible for bugs in the code.
How many companies push to get code out the door with *imperfections* - claiming they'll fix those in the first update?
Too many these days.
I'd say it's the management that controls the release schedules that should sign their names in blood on the bugs still known about (and unknown as testing probably wasn't allowed to complete).
Who is general failure, and why is he reading my hard drive?
The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?
Probably the same place as always, ie, "you get what you pay for". If the users don't pay you, they can't reasonably expect anything from you. Well, maybe they could if you were to tell them that it would work (but who does that anyway), IIRC there tend to be rules about when people are harmed by relying on something you told them?
or coders liable for anything. It will allow the government to say thing like, "Well your small company does not have the financial ability to support your product for "X" amount of years and you need insurance in case there are millions of lawsuits we are sorry but you can't sell your product". Meanwhile the large company (they are to big to fail or follow the rules everyone else is expected to) caries on as usual having eliminated to competition through government assistance and gets to carry on as usual because they are the only company left and we need them.
When you create closed source code you have a much higher chance of flaws because your code can not tested nearly as much as open source can. As the leader of an open source project, FreeSWITCH http://www.freeswitch.org/ , I am fortunate to have a very large crowd of beta testers who help ensure our releases are as stable as they can be. If you are selling the application and never letting anyone see the source you run a very high risk of missing something in Q/A and releasing buggy software. When people pay for it the will get angry so I am not surprised such a suggestion is being made but I find it unpractical to enforce since if it "works right" is hard to judge in some cases besides maybe medical equipment or other situation where human lives are at stake. Blue screens of death are hardly an excuse to sue anyone.
Only in software is it accepted that you can put a product out there that does not work as advertised. It seems that these days the idea is to get the product out there ASAP, and finish it later with patches and updates. It is great that with ubiquitous internet access and 'phone home' functionality built into a lot of software these days we have the ability to fix bugs and add features on the fly after the purchase date; however this should not be used as an excuse to release what in reality is beta code, charge people for it, and then try to polish it up later on (if it even gets done at all...the temptation would just be to move on to the next 'version').
When you buy software, for example a Linux distribution, you may expect that the distributor has tested the packages and that the software mostly works. Because you pay more for MacOS, you may just expect MacOS to work better.
Off course there has to come jurisprudence on all this, but I don't think that finding just one bug will entitle you to your money back. However, when the software won't work at all for you, the supplier can not hide behind EULAs and could be forced to compensate your damages... It will be a case-by-case balancing of responsibilities.
extern warranty;
main()
{
(void)warranty;
}
The one thing that has always pissed me off about this industry is no one is held responsible for their screwed up products. Unlike the Construction Industry where if you do shoddy work you get "Back Charged" for fixing you shitty work. The sad truth is if companies like Microsoft were held accountable for bad code we would not have the mess we have today on the Internet.
MS and others make too much money from the system being broken. Just think if MS had to pay YOU! ever time their system got infected or it died from bad code. There would be no more need for anti-whatever they would fix their system.
It all about hitting someone where it hurts. Since MS has no balls. Hit them in the pocket book.
If the EU wants higher-quality software, they should support an industry-wide system for the licensing and qualification of programmers, like we have for other engineering disciplines and professions. For example, they could require that all government software, or software for use in aircraft and life-critical functions. These developers wouldn't be "better" than anyone else, but they'd have taken an exam and be nominated by their peers, like a state bar.
If the software is developed by professional developers with licenses, it gets a big seal on it, and then people can choose to buy it or not based on the rep of the licensing body, and their risk tolerance.
Don't blame me, I voted for Baltar.
This law doesn't work and is evil.
It doesn't prevent software from being licensed as "use at your own risk", as most software is licensed.
It prevents the writer from engaging in the freedom of expression currently enjoyed, by forcing the licensing of all thought expressed, if published.
It mandates the imposition of insurance companies, and concomitant premiums, before thoughts, as programs, can be shared.
The idea that code should be perfect is a stupid idea: consumers don't want that.
They want "good enough," not perfect. Perfect costs a great deal of money, probably 4X, and consumers will buy the good enough product, at 1/4 of that price, well beyond 95% of the time.
C//
Consumers want air bags that deploy in a "good enough" fashion and seat belts that hit a 95% success rate.
The result will be two versions of software. One will be priced the same as today, with a detailed license agreement with you ultimately giving up those rights and a second version that sells for a million dollars a copy with those rights.
I think that is pretty obvious. The only time you would be liable is if you make a promise of some sort whether explicitly or implicitly. If it is free software and you offer to support it for money, you are also liable for your services... that's an ugly grey area. But the very notion that someone should be able to impose BSA tactics against your business while at the same time not be held liable for flaws in the product they are protecting with such tactics is pretty uneven. The "Because we say so" licenses that people click-agree or F8-agree to should be held to the same standards of other goods and services.
And here's the part I like -- if the "software industry" cannot survive under those conditions, perhaps they should not survive. Consumer protection laws exist because there is a need for them. To exempt a business that could not survive consumer protection laws otherwise would mean that they should be allowed to screw customers with lock-in, perpetual "upgrades" and abuse like that forever.
Any business should think CAREFULLY before making a promise in exchange for money. As it stands, the common EULA says "we make no promises, you give us money AND the right to audit your business's use of software."
Constitution/International treaties > laws > government regulation > private contract > untested in court, onesided statements such as EULAs.
:)
Does this clear it up for you?
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
I think it'll be the companies responsability here, not a single developer's. If the company gets shit tho, they'll prolly fire that developer.
Although in the last years I will admit there was a tendency to put on sale software which don't have major breaking bugs, "They want "good enough,"" very often good enough was not even provided. And in such a case you can certainly be SOL. This is particularly true with game , when retailer don't happen to accept back openned package, and you can get a real stinker which don#t even work.
C. Sagan : A demon haunted world:
http://www.amazon.com/gp/product/0345409469/
visit randi.org
It is all in the license. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
Constitution/International treaties > laws > government regulation > private contract > untested in court,
Could you site the case? Because I am fairly sure "the law of the land" doesn't make it on par with the Constitution. All laws passed by Congress are laws of the land. Unless it explicitly says that treaties have the power to modify the constitution, they don't have such power.
Any guest worker system is indistinguishable from indentured servitude.
If I go to the store and purchase a calculator with a broken display, why should I have the right to get a refund once I realize that it's broken? Unless there's clear deception the seller owes the buyer exactly nothing.
I get that free as in beer != free as in speech, but there is a pretty high correlation, and really this article is trying to imply that if I give software away for free as in beer I can be liable to the person who "purchased" my software license. Are they really trying to suggest that the ubiquitous line in almost every free as in beer software along the lines of "hey I'm giving you this software for free, so I'm not liable" isn't legally valid? I mean if the only condition I ask of you when you use my free software is that you not expect it to be bug free, how can you sue me for damages? I didn't make anything remotely resembling a guarantee. You still have the choice not to use the software, just like you have the choice not to purchase any software with licensing conditions you are not willing to accept.
I mean I didn't read the text of the proposed law itself, but does seem like the idea that it will affect people who give away software for free is kind of a paranoid worst case scenario, and should be assumed to be false unless otherwise clearly stated, not the other way around. The text that was quoted in the article, "Licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions." hardly seems controversial or applicable to free software. Sure, if you sell software for mission critical / safetly applications and your buggy software gets people hurt, you should held liable. Alternately, if you give away for free a DVD player which skips, ignores every other button and dies after 4 weeks, you can't be sued for damages.
If they pass a law to protect consumers tho, eula cannot go against it. Those parts in the EULA would be just as null.
Thats how it works in some countries in europe aswell. For example most eulas try to prohibit you from making *any* copies of the software/game, but laws state that you can make yourself personal copies. Law goes on top of EULA, and if they differ law always wins.
The problem with guaranteeing software is the number of uses that it can have and the number of different environments it can be used in.
Well, it's not necessarily a problem of software. If we look at the PlayStation/Wii/Xbox model, there is the potential to offer a guarantee there. Users are really only allowed to run things certified for the platform, one at a time, etc. That makes it at least *possible* to create a guarantee.
The problem with computers is that it is impossible to create a guarantee like this. Different programs do sometimes interfere with each other, people can and do use them improperly in a way that they are the source of the problem, and nothing is certified.
To go back to the toaster issue: what if toaster manufacturers had to certify that their toaster would work (or at least not break) with any input? I decide to put a knife in there and rattle it around, I decide to dump it in the bathtub, etc. and it still has to work. Well, software is somewhat like that. I'm putting all sorts of unknowns in there and so no one can certify that it will *just work*.
Heck, would you hold a toaster manufacturer accountable if someone put a bagel too large in one of the slots? Of course not. There's a logical thing there where it's the user's fault. However, in software it becomes more murky. We often don't know what is a valid use of software until someone tries it. I guess we could offer a similar guarantee - our software will work properly for everything that it works properly for. Which really is the same guarantee that the toaster is offering. It's just that the toaster has much more limited and known uses.
I guess an easy way to get around this is to claim that your software has only one "proper" use that is guaranteed - to use up some CPU cycles. Any use beyond that is "improper" use akin to throwing a toaster off your roof. Users can use it for those cases, but they won't be covered.
The proposal is to give licensees the same kind of protections as buyers, to close off the scam of "licensing" a product with more restrictions than allowed when selling it.
The writer just wanted to get more attention, so he puffed it up with an imaginary threat to developers.
--dave
davecb@spamcop.net
Paying for a product that does not work as advertised happens in politics too, but with software it's at least slightly democratic since you can choose a different product, instead of being forced to pay more for yet another promise to fix it.
Now it seems to be about lawyers and government bureaucrats.
This is not always bad, when the efforts are properly channeled and directed, e.g. automobile emissions and safety. But when these folks start controlling every export industry, well, that's enough to start turning people into Republicans.
'Going to medical school.'
Going to law school?
And while they're there, they could work towards drafting some sort of legal framework that guarantees 'consumers' of the European Commission's policies the same basic rights as those expected under other responsible authorities - e.g., the right not to have harmful copyright extension legislation imposed by an organization that 'wilfully ignores scientific analysis and evidence in its policy making process':
http://www.out-law.com/page-9378
Yes, when the consumer pays for a service, like providing an tested Software, where the distibutor promises a certain function, several thing should happen
a) A distributor should have mandatory documented testing standards, where the documentation is public to the users (before buying).
b) These testing Standards should be formulated in terms of an ISO norm. E.g. Tests, source code review, etc. should be formulated as clear statements.
c) There should be a simple label system classifying highly speacialized (and qulity assured software) vs. broad function (but not so well tested) software. An free open source would be an extreme case of the latter one.
d) the difference in liability should correspond to usual goods. While i can buy an Radio clock and sue the manufacturer if it does not function i can not buy a do it youself set, fuck up and then sue. While instant foods which taste unedible may be a case for returning them i thik if you fuck up when cooking your pizza, nobody will accept the return.
e) Yes, i would appreciate if companies could not restrict their liability to situations which require the planets to be in perfect alignment and a pink hedgehog running over your table.
If software developers had to provide a timely fix or your money back (their choice), the free software developers would be free from legal liability. Or just make the law apply to non-free software. I see one issue with the law. Let's say program 1 and program 2 conflict with each other in some way, maybe making the OS freeze, freeze the program, or freeze the other program, or both programs freeze when both are running. Program developer 1 says it's program 2's fault, program developer 2 says it's program 1's fault. An example is that I cannot get my Canon ZoomBrowser EX software for my digital camera to work,a nd to date their support people have not (yet) been able to help me fix the problem. (I can import and view pictures with either Windows Photo Gallery or use Fspot in Linux without any trouble.) Since it worked a while ago (I hadn't used it for a while), it is probably a conflict with another program. I can see each developer saying that it is the other program that is the problem. Even Canon mentioned that I might have to disable any drivers that access a scanner, like my MP210 multifiunction printer, scanner, and copier (I didn't have the driver installed at that time since it wouldn't install-another issue that I fixed myself since then). In this case, if I was not satisfied with the crashing picture browser software, would I be eligible for a complete refund of my camera, or would the software be considered "free" and therefore the company would not be liable for the problem? I can see this would be more a Windows software related problem than in Linux, and probably not common in the Mac OS either. This law could stifle innovation, I think, if some limits are not placed on how liable the developers are, and if the individual coder is to blame, it will possibly cause even more problems. Good coders would require higher salaries, and that might drive software costs up. Then again, maybe this would get rid of the bad coders and solve the problems we're seeing in poorly coded software.
If I do not allow anybody to see what I do, then surely I am alone responsible for the code.
If I let the person see the code, they they would be responsible for accepting the code.
Don't fight for your country, if your country does not fight for you.
It's time for software to grow up.
I proposed this in 2000 as a penalty for Microsoft in their antitrust trial. That would have been a big step forward.
The claim that "the vendor doesn't know the environment in which the software will be used" is bogus. Car companies have no idea where you will drive your car, or on what kind of roads. They have a far worse problem than any software maker. Yet they have to accept serious liability obligations.
Provided that this is implemented as a constraint on commerce, it's not an issue for free software when distributed for free. However, companies that package up free software and resell it (Red Hat, Novell, etc.) will face liability. That's as it should be.
What about when you mess up the code for an x-ray machine and end up giving the patients 10 times the normal dose of radiation. Shouldn't the programmer be liable. The simplest solution to this problem is insurance similar to doctors malpractice insurance.
Say NO to unpaid Internships!
They should make the maximum penalty be that if you have a problem with the software, you are legally allowed a full refund of the purchase price, and the right to full access of the source code.
Imagine what that would do to Microsoft and the Open Source communities respectively.
Because the software is not purchased there is no contract. "permission to use" is not the same as a sale.
There are laws on the books for this already.
They are called implied warranties of fitness and merchantability.
In most states in the U.S., these warranties can only be waived under certain conditions so software licenses don't necessarily absolve mfrs and merchants of responsibility.
Basic info:
http://en.wikipedia.org/wiki/Implied_warranty
I guess that the reason this is newsworthy is that EU directives harmonize European laws, which are presently quite diverse on the matter.
If you cant get your taxes e-filed due to a crash, its no different then not being able to get to the post-office due to your car not starting because of a defective battery.
Sure, you should be able to return/exchange the product as being defective but you don't get your IRS fine paid.
And we are talking consumer grade products here, if its specialized there should be some severe penalties if the product doesn't perform. ( such as a heart monitor for example )
---- Booth was a patriot ----
No good deed goes unpunished. I would not like to see free software be labeled as an "attractive nuisance" and an environment where users could litigate against free software developers. This would kill free software.
I guess you could argue this depending on the country. In most countries ratifying treaties and amending the constitution of the country requires a supermajority and from a legal POW (IANAL) treaties are on par with the constitution (this is the case for example in Hungary, the country I live in). It might be the case that in the USA, treaties are considered below the constitution a notch in importance, but I'm pretty sure that if a law and a treaty disagrees, the treaty is considered valid.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
but where would this idea leave free software coders?
From the same header:
licensing should guarantee consumers the same basic rights as when they purchase a good
When you obtain "FREE" software, you do not "PURCHASE" anything. The damages obviously do not apply - in a sane world.
Seven puppies were harmed during the making of this post.
How about making Lawyers legally liable for any mistakes they make in court, or errors in their contracts ? Or Legislators liable for bad legislation ? Or Researchers legally liable for errors in their research (say medical) ?
"However beautiful the strategy, you should occasionally look at the results" - Winston Churchill
Complex products are always going to have bugs and imperfections. That goes for cars, consumer electronics, etc.. There should be nothing special about software. Most products are sold with a disclaimer of liability for consequential damages, such as business losses due to product not working. In most cases the liability for "product not suitable for intended purpose" is limited to refund of the purchase price, which seems fair and reasonable to me, and offers adequate protection for free software. The problem is that in most jurisdictions liability disclaimers cannot protect you from consequential damages arising from safety defects, such as a software product which accidentally kills people by adjusting medical radiation dose too high in cancer therapy. In such cases you might be held liable unless you have made very clear disclaimers limiting how your software should be used. What about less serious cases such as your software product malfunctions and erases the user's hard drive, or fries a device connected to the computer? That's a tough one. Maybe the seller, distributor, and/or developer of the software could be found liable. I sure hope not, because the reality is that if such a thing is even possible, insurers are going to slap us commercial software sellers with a huge increase in liability insurance. This already happened once about 5 years ago, but fortunately the fuss died down and insurance rates went back down again.
There was a recent article in The Economist about how in democratic countries the politicians are mostly lawyers and doctors by profession, while in dictatorships it's mostly technically oriented people. Ah yes, here it is.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
The modern general purpose computer, even Macs, are very open products compared to typical consumer goods.
A CD player is a CD player. It has to work properly with itself, and CDs. Even componentized systems have a very limited environment within which they have to work. Precisely defined interfaces in and out, and they are limited in number.
A general purpose computer program though, is another beast entirely. There are thousands, if not millions, of other programs that they may have to coexist with. Most only need to worry about one OS, though with Java getting more popular for general applications, there might be several OSes to consider. And hardware... Even with Macs, there are several different models with different hardware configurations, and wierd stuff occasionally happens between them.
And then you get into end user use patterns and configurations. It's really a miracle that software is as reliable as it is, it really shows how good the compiler/linker/OS people are, even on Windows, given that it all mostly works in the real world.
A liability law is a nice idea, but this stuff would ahve to be taken into account.
Personally for their code.
But companies should be liable if they produce a software product, and the product does not work as advertised.
Their liability should be limited to the amount the consumer paid for the product.
Plus liable for the costs required to remove the product that didn't do what was needed. UNLESS they knowingly distributed a product containing the bug without a prominent up-front warning about the specific issue, before allowing the purchase.
I.e. If the product was difficult or impossible to uninstall, they would be liable for reasonable costs involved in "cleaning up" and executing the uninstallation.
But not to exceed the cost of rebuilding a system that meets the software's system requirements for use from scratch.
That means if an accidental bug in the program destroys all your data, you're still responsible for having a backup; you can return the software, but they don't pay for the downtime, or the loss of data.
This is apparently Microsoft's solution to fixing bugs: require you to buy the upgrade to the next version. When Outlook crashed recently, the dialog box that came up afterward told me I could click on a link for a fix to the problem. The page that came up said I should buy the upgrade.
I'd be happier if Microsoft would just fix the damn software I bought, or else offer the upgrade for free. I don't want to pay for software that they know doesn't work.
but I'm pretty sure that if a law and a treaty disagrees, the treaty is considered valid.
Actually, no, not in the US. For example, the UN charter was established through an international treaty. But US doesn't see UN proclamations, decisions, etc. as anything but advisory. Since US Congress (the legislature) has the power of the purse, all government expenses are appropriated by laws. US from time to time simply doesn't pay its UN dues. There is no recourse. If the treaty that established the UN charter were above the US law, there would be a way for the UN to recover the dues. But as long as Congress doesn't pass a law handing over that money, UN gets nothing.
Any guest worker system is indistinguishable from indentured servitude.
But developers that take royalties should be liable for their code.
A car is clearly flawed if it typically gets you killed in a 20 MPH crash, but is acceptable if it gets you killed in a 100 MPH crash. People- legislators especially- don't grasp computers well enough to tell the difference, so they will see every problem as a flaw.
My webcomic
The Conficker worm, by the way, would not involve Microsoft in billions of damages. When did you last see Yale go out of business because its doorlocks can be defeated by criminals? Security is a moving target. To be successfully sued under European law, Microsoft would have to be shown to know that their software was vulnerable to a particular attack but have done nothing about it (like the Ford Pinto case), or be shown to have violated an established standard which is required for CE marking of a software product, and yet to have CE marked the product. The well known Chinese habit of just sticking a CE mark on any old tat intended for the EU has not yet resulted in Chinese manufacturers going out of business.
I am not a lawyer and this does not constitute legal advice, but I have worked in the field of electrical product safety during EU harmonisation, and that worked pretty well. My own view? A proper regulatory framework for enterprise software in particular would be a good thing. Low value end user and free software will not be affected, but malware producers could be prosecuted.
From scarped cliff or quarried stone she cries "A thousand types are gone, I care for nothing, no not one."
New clause in the EULA that will say, "By clicking ACCEPT, you are acknowledging that the software is being sold as-is and may contain flaws. The manufacturer will only be liable for damages up to and including the cost of replacing the purchased software product and that software only. ALL other FEES and DAMAGES are the responsibility of the owner. However, if you would like to purchase our Insurance, click on INSURANCE. If you want the limited edition, error-minimized, guaranteed support version, have your credit card ready and click on AWESOME VERSION. Please insure that you have an available credit limit of at least $5,000 in order to upgrade any Single MS Product."
"Be polite, be professional, but have a plan to kill everybody you meet." General James Mattis
People may get a kick out of the EU collecting billions USD every now and then from Microsoft, but this type of gravy train could have unintended consequences. The EU may come to depend on Microsoft fine/settlement money as a revenue source, if they haven't already; just as many states in America rely on settlements from tobacco companies. This might cause the Europeans to think twice about kicking out Windows and MS Office in favor of free software, or even commercial software from a less wealthy vendor. If they switch to Linux, they make a statement about free software but they may lose funding for pet projects that could make the difference between reelection and having to send out lots of resumes while collecting shit from their spouse and the press.
OTOH Microsoft may see this as a cost of doing business in Europe, like protection money to the Mafia paid by local businesses.
As a developer, let me say this. If developers ever become liable for their code, get ready for software prices to skyrocket. We'd then be essentially the same as other individuals in the professional arena. Hey, my salary will triple, but I'll also have to buy the coders equivalent of malpractice insurance. Back when I was in college, this was actually brought up and no good will come of it.
As a number of people pointed out, there are exceptions to this. Basically, laws can restrict what types of agreements can be entered into. The most extreme example of this is that you can't enter into a contract to be a slave. A less extreme example would be a law that voids all "no warranty" clauses of software licenses.
I never claimed otherwise. Can you give me an example which would void "This software can only be used for XYZ"? And why non-edible substances aren't held to the same standard (i.e., you can't sue someone for eating something that wasn't labelled as food)?
What if it's loss of data? Besides, time is worth money, too.
TFA talks about malware - the primary fault is the illegal actions committed by malware. Whether a car manufacturer is liable for someone stealing from the car isn't clear (same with whether house builders are liable for a burglar) (other than issues where say things that claim to work don't work, such as a lock not working). And there have to be reasonable limits - should a car manufacturer be 100% liable because your priceless ming vase got stolen?
Part of the problem here is that things that are considered acceptable in a physical product are seen as "security flaws" in software. Personally I'd say it's a security flaw that someone can smash the windscreen, but we accept that as a risk. And software is immensely more complex when it comes to security issues. Both software developers and car manufacturers try to come up with new ways to prevent illegal acts on their product, but it's not clear to me that either is liable if someone gets round it - unless they advertised it as an "anti-theft/malware" device, and it didn't work. Which car manufacturers tend to, but software developers could always not mention them, or state that they aren't intended for use.
It's a bit similar to "May Contain Nuts" - faced with the problem that they were liable for unexpected nuts, but being unable to guarantee them not being there, we end up with large numbers of products saying "May Contain Nuts". The complexities of software suggest that we'll see the same thing happening there - "This product may crash or delete your data". Except for software where you pay at least ten times the price for it.
And if for some reason a court decides this isn't good enough (which, imo means holding software to a higher standard than physical products), then expect to see "This software cannot be sold/used in Europe", or for the cost of software to go rapidly up, and development times to slow, as far more effort is invested in fixing security issues, bugs, and Q/A rather than developing new features. Is that what the market wants?
A car breaking down because of a faulty design is quite another. You can sue in the latter case but not the former.
But there has to be a reasonable limit to liability. If I put something in the cloakroom of a nightclub and it gets stolen, I might have some claim from the owners for letting it get stolen. If I put my priceless ming vase in there however, it seems far less reasonable that they pay the price for it - anyone reasonable would say I was stupid to put it there in the first place if I wasn't willing to accept the risk.
...who are under ridiculous restrictions that the pointed headed management impose on them. They want it quick and perfect with half the resources. Ever read "Death March"?
As long as they continue to get a % of the trillions of dollars in productivity the help create.
not that I dislike FOSS (in fact, quite the opposite: I've written some stuff over the years under FOSS licenses: CC or GPL of some sort)...but an old adage came to mind when I read it: You get what you pay for.
I'm hoping that if this law passes, they have some sort of clause that exempts software that isn't paid for (not limited to free/public domain/open source programs but also for pirated/stolen software installed by the user).
Just think of the mayhem if all those people sue Microsoft....even though they never bought it.
(OEM bundled software wouldn't be off the hook as there's a monetary exchange between the OEM and the software company).
And I hope that the law also has a clause that targets all the CRAP software, although free, that's installed by a third-party.
I think the liability in these cases should go to the third-party (that'll definitely get them to stop bundled crapware).
Closed-source developers should be 100% liable. Free software developers should not.
In the case of free software, the user can see the code and thus make the final decision as to whether they trust the software or not. This cannot be said for closed code.
It is impossible to do a lawsuit for something like this, or at least in the USA. To win a lawsuit, you have to show Proximiate cause, meaning it is program X, not program Y. That is the problem with many of the tobacco lawsuits, it was not smoking brand X, but the lung cancer was caused by the air pollution, genetics, etc.
Even if you sued Microsoft for security holes in Windows, they will argue, "we are not liable for illegal acts of others."
What might be a solution is not permit software companies to charge for upgrades, where you run into the problem. Software Back in the 80s and 90s, software companies used to give me free upgrades when I found their bugs. Now, like for Act! 2005, they said, "We added performance upgrades, like freeing resources that we don't use anymore."
Fight Spammers!
This is an unworkable plan. Personal computers, by their very nature, require the end-user to tamper with them. The moment the end-user installs some 3rd-party software, or swaps out any piece of hardware, the environment the software runs under changes. This new environment will frequently produce a permutation that is impossible to predict and test against.
Additionally, many mainstream hardware manufacturers are TERRIBLE at producing hardware that conforms to the standards to which software developers target their code. Software developers can do everything right, but still see their programs malfunction due to circumstances beyond their control.
If this brain-damaged statute passes, the European Union will witness a steady exodus of consumer software, both closed and Open Source, from its member nations. There are just too many intermediaries between the software producer and software consumer to make this kind of liability feasible in any way, shape, or form. The price of even simple software would also rise to that of a small skyscraper, as a deluge of lawsuits would be filed by users for problems they caused themselves, but blamed on the software.
The cost to the European Union would be devastating.
and look for who is behind them.
Large companies are actively behind the scenes trying to close out their competitors especially open source developers through draconian new laws concerning developer licensing, or security requirements for developers. There is no way a solo or small team of independent developers will be able to operate at all if these things pass.
You're being targeted deliberately.
One who knows.
I think this will be good if it comes to pass. We need some accountability in software. No more, blame games, no more sloppy code (yeah right) . I don't care about law suites just sick poorly written code/software.
6.8SPC TR of 550, l xwind at 6, drift rt at 26" drops 77". AT has 503 ft-lbs at 1403 fps. FT 0.86
I don't see this as being a major problem. The lawyers sure don't.
http://en.wikipedia.org/wiki/EULA#Product_liability
Did the seller sell it as broken? Or did he put that calculator in a box together with other, working, calculators?
If he did not specify that this calculator is broken, that means the buyer expects it to work (well, you usually go to a store to buy working items) and the seller has to guarantee that it works at least immediately before/after purchase, even if no warranty is provided.
On the other hand, if I buy something like a calculator, the seller opens the box and tests it with my presence before I give him the money.
If you buy a cell phone and it explodes in your pocket, should the manufacturer be held liable?
assuming that no cost == no warranty required
what if i give the product away for free, but ask money only for support?...should be safe...
suits are brought to recover damages caused by the counter party
then OSs like windows will suffer and fall by the wayside, and only the better Linux distros and BSDs will be the only ones to survive, i think IT is tired of cleaning up the mess that a crappy windows install leaves behind...
Politics is Treachery, Religion is Brainwashing
That this was enacted. Most commercial software houses would go out of business, and existing commercial software would get very, very expensive. Assuming FOSS was exempted, most would turn to FOSS and then there'd be no one liable for flaws again - because FOSS was exempted. Assuming the purpose of the law is to improve software quality, this wouldn't do that. Another possibility is that services companies would spring up that would not license software, but would fix bugs that were encountered. Again, the purpose of the law would not be achieved. Thus, the only way to accomplish the goal of the law is to INCLUDE FOSS.
'licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions,'
I invoke the law of "you get what you pay for." I can't remember the last OSS license I read that didn't include something about use of the software absolving the developer from any monetary damages. Besides, using free software is a little like getting something from the curb. You're essentially using something that you've found, and no one is liable for any damages to the user's system except for the user, unless said user could show cause that there was malicious code buried in the program for the purpose of causing harm. If you find a working washing machine on the curb and it explodes, the burden of proof is on you to demonstrate that this was caused by an act of malice on the part of the person who left it there. If you can demonstrate that someone planted a bomb, you've got a good case. If all you can do is demonstrate that the motor was faulty, you'll need some other evidence to demonstrate that it wa purposefully rigged that way.
Of course, if you're charging money for your software, then you should be subject to the same conditions as the large players. It might not be a bad idea to look into some liability insurance if you want to sell your code.
"The software does not work, or if it does, it's pure coincidence. We do not promise it does anything meaningful. We do not promise it doesn't damage anything, including your files or hardware. No matter what you might expect, we don't promise it would do that.
Why? 'cause you gotta buy it anyway, so why should we bother promising anything?"
The point about liability is that you can only be liable for what you promised. A coffee maker is not defective if it can't make you a toaster, unless the company making it said it would. So what if some software maker doesn't promise anything at all?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
I read a book a little while ago called 'Geekonomics: The Real Cost of Insecure Software' and I have to agree with the author's general sentiments. It's high time that real quality assurance came to software development. Real standards could be set and software would have to comply with those standards. I don't by the argument that this will stifle creativity. If we end up with better products, we will all benefit. Software development tools are now WAY better than anything we had in the past. Now how could the affect Open Source? Well, if Open Source software was proposed by a vendor as a solution, then that vendor would have to be responsible for ensuring that the code would conform to a third party quality assurance criteria. If the QA comes back and the system sucks, someone is going to have to fix it. Then the questions comes, who PAYS to fix Open Source software. Since a lot of Open Source relies on free labor, this could become a problem.
I have mixed feelings on this.
This would only work if 'coders' gain the professional standing like doctors and lawyers. I would welcome the chance to have better qualified people in the field as well as bigger bucks.
On the other hand, all of software is design. It's hard to fault someone for breaking breaking standard protocol, when each piece of software is essentially designing something new. I heart surgeon doesn't invent a new heart procedure with each patient... By definition in software, everything is new as the compiler and CPU handle ALL the repetitive work.
Similarly, all products have a limited use. A company manufactures locks. Well with some kind of equipment, virtually all locks are breakable. IF a thief breaks into a my house can I sue the lock company? Well... only if the lock was defective I suppose... but what does defective mean? It means, it violated what a lock could reasonably stop. Normally by some specification (can withstand X amount of force, tension...). So what is it going to be with software?
They will have to list such specifications too which will basically amount to: this software will work as intended as long as you use it as we instruct. Take your care for example, if you are driving at 100 kph and put the car in reverse, which u can, you will blow up your engine. Yet in software, it is expected to take care of cases where the user pressed the wrong button at the wrong time... It should not crash. In most respects, software is remarkably reliable if you compare it to the rest of the world.
It's kind of pointless.
I think this is just more pointless European regulation. A body that has decided it doesn't want to do anything and just create an economy out of regulation and finance. Just my view anyways...
I say let the market handle reliability. I mean... amazing how Toyota does so well in the free market non? The market is the best structure to determine the trade off between price and reliability.
In no event shall Microsoft be liable for any damages whatsoever, even in the event of fault (including negligence).
-- Windows XP Professional license agreement
Shutting down free speech with violence isn't fighting fascism. It IS fascism!
Let's face it, enforcing a warranty with a large corporation is a hit-or-miss matter at best. If they deny your claim on the most flimsy of grounds, it's usually not worth the effort to take to court. Having had good success with NO warranty, software corporations won't feel as pressing a need to be seen as standing behind its products as, say, a retailer -- and we all know how well the national computer technology retailers backed their own guarantees and maintenance contracts ... right up to their dissolution in bankruptcy.
Corporate culture and bottom-line bean-counting won't let that kind of thinking change, but it's going to give real-looking teeth to the argument "Who will compensate you if an open source solution fails to work as advertised?"
Bulk-order promises and justice don't work. If you want accountability, you need a custom written contract, and a source who sincerely believes they have enough at stake to honor them. Very often, that's not going to be the software developer, but a solution repackager, consultant, or in-house staff who can be held accountable or fired.
BTW, Microsoft can't afford to pay billions in actual dollars/Euros. Their shaky accounting house of cards has been well documented for a decade. Like today's financial giants, it looks too big to fail, but it's little more than a '<url="http://en.wikipedia.org/wiki/Going_concern">going concern</url>' that's too big to be <i>allowed</i> to fail. That's partly why the DoJ didn't even seek to hammer them with the full charges/penalties the evidence/verdicts would have allowed.
In the end, the accountability would illusory for most end users (including businesses to small to play in the Dinosaur Wars, or with other priorities demanding their attention/resources) Sure, maybe you'd someday be technically able to sue in small claims, uncontested, but unless you're one of the handful who have sued in small claims over spam or do-not-call violations, you won't sue over an OS or app either. You'll just howl a lot louder at Customer Support, then eat the loss.
The "who will you turn to?" downside of open source is as illusory a risk as the warranty is a benefit, but together they add up to a consumer/PHB boondoggle
and when you don't, don't. Simple, really. If you're raking in the bucks, you need to take more buck-related responsibility. Under a regime like this, proprietary software goes to the teensy niche where it belongs.
What part of "A well regulated militia" do you not understand?
But software is really just information, instructions for how to do something.
Suing a developer because his software crashes in your computer is like suing your English teacher because you find a typo in your own writing, or suing you dance teacher because you stumbled.
Software is not a product, is just that copyright, closed source, and the fact that most people are not programmers enables this way of thinking of software as a package you buy in the stores.
But... the future refused to change.
I use a computer for my work as a patent attorney. The word processor corrupts the file and I lose 2 hours of work for which the client would have been charged E400. Do I get that money? How do I prove it? The 2 hours loss of work makes that I do miss the deadline and I cannot file the application in time (before the end of the priority year). Can my client claim a milion in damages? Why not the hard disk manufacturer in case of a HD failure?
If I can get a monetary reward related to but not exceeding the price of the software. The software is working mostly OK. So, do I get a dollar, or so? How easy is it to cash it?
I'm all for bugs being fixed. I'm suffering from bugs in software that are there for years. Let's make a software maker responsible for not fixin them.
Bert
If software makers would be responsible for damages, shouldn't they also get a cut of the profit made with the software?
well, the segway code was developed for intellectual curiosity, but the business went live with the product, which then started throwing people off violently.
The Christian religion has been and still is the principal enemy of moral progress in the world. -- Bertrand Russell
Until the coders get total control of the project, from inception to completion, then no, they cannot be held responsible for bugs in the code.
When say, Ford makes a car, do they make all of the parts that go into the making of the car? So, if you buy a car from Ford and the car won't start because the starter motor is defective, then Ford isn't responsible because they didn't make the starter motor?
Say you buy a Hamilton-Beach toaster. You open the box to find a piece of paper that says "By opening the box, you agree that Hamilton-Beach does not warrant that this toaster will actually toast bread." You plug in the toaster only to find that it doesn't work. Do you say "Oh well, I guess I'm out of luck"?
Such examples are patently stupid. Yet this is exactly what software EULAs say: the software is not warranted for any purpose, not even the purpose for which it was sold. Most jurisdictions have laws pertaining to merchantability and product liability. These laws work adequately (more or less, depending upon jurisdiction) for the sale of goods. The laws make distinctions between defects which do not hinder use, minor defects, major defects, and life-threatening defects. It all works (more or less) for cars and toasters; why shouldn't it be made to work for software.
software liability? Do you think introducing liability for software would be a great way to force Microsoft to pay for all the damage its software has caused, and to start writing some really secure code, or would it lead to terrible problems for those producing free software, and stunt the uptake of open source? Would the European Commission's proposal be a blessing or a blight?
It could be both good and bad. If commercial vendors like Microsoft are help liable then their products may get better. Or it could kill MS. If FOOS had to meet the same liability I don't see how it could survive. I'm hesitant but I may say commercial vendors should be liable but not FOOS.
Falcon
Should there be a Law?
From my experience, it's often more like,:
Accounting slashed the budget so that we were short developers and testers. Marketing advertised it for other than it's intended purposes, or more featureful than originally designed. Sales cut us out of client meetings and added a bunch of glitzy features or things that weren't even really possible to do properly.
The end product had features tacked on at the last minute, a shortened development cycle, a bunch of extra eye-candy thrown on at the expense of real features, a neutered budget, and almost no testing because even with the above cuts they still ensured customers it would be released at a way-too-early date...
Even with the headline's example of Microsoft, I'd have hard time placing all blame on the devs when all the above bullshit tends to happen, not to mention the overall fragmentation I've heard that they suffer from lately.
You can't make perfect code. However some companies do release half baked shit with a view to patching it later. This is unacceptable and I do think companies should be punished for this.
More so on consoles where you have one set of hardware to work with. There is no excuse for launch day/week patches when, for so many years, consoles got by fine without patches and managed to get out the door without being a heap of shit.
I blame Microsoft for that bring the shitty PC game development attitude to console gaming.
The way of having them be liable is TPS reports and being forced the comment each line of code.
If EU cares about protecting the consumer and ensuring that software is of high quality then they should make proprietary software illegal and require all software to be made available under the GPL.
Such a law will make Software Engineers, Computer Science Majors,... the only ones able to take responsability (sign) software/hardware proyects. If the system fails, and there are damages, there will have to be an investigation, and the responsible will have to pay a fine, go to jail or lose their license.
Just like it happens to civil engineers, every proyect has it's main/chief engineer who is the person in charge. This persons is responsible for his part on the proyect. At the beginning, this means the whole proyect. If the proyect requires them to delegate, or if the proyect requires them to do something beyond their area of expertise, the law encourages them to find an expert on that area, whom with his signature, will be the one to be held responsible if that part fails, and it goes on and on.. Of course, not only persons are allowed to firm proyects, companies can sign them too. And I really think that this is the best ways to improve the trust of the people in software engineering.
When we talk about critical system i.e. airplanes this is really easy to understand. In real life this proyects are chunked out in very small pieces, and from cpus, memory, hdd's till the last bit of code every part of the proyect will be covered by someone's or some company's responsability.
Non critical systems are a different story, specialy those involving opensource apps. Who is the one to be held responsible if a system using an opensource app fails? I would say, opensource apps are not accountable for responsability. Instead the person that choose them, the person that has to adapt the code for a concrete situation or the person that didn't check the code are the ones to be held responsible. I don't think this will kill opensource apps. In fact I'm pretty sure that this will stimulate a market of companies that will contribute a lot to opensource apps, and that will sell realiable versions of them (or at leas take responsability for them).
I really hope such a law appears, because at the moment the sad truth is that Software/Hardware engineering is the only field of engineering where noone is held responsible if the proyect fails. Due to this there is also a lot of intrusion in the field, everyone can do a proyect, why pay a real engineer when a scriptkiddy can do the same for less money? This is also why lot of people see them as geeks and not as real engineers. The first step to become an adult is to take responsabilities for your acts, software engineers should take responsabilities for their code, or for choosing others code, and if they make a bad choice, well, then stand up and take responsability for it.
What happens if the software is downloaded. In New Zealand at least, the Tax department considers downloaded software as a service NOT a product. Im not sure of other countries law, but offering only software that is downloadable would, at least in New Zealand, get around laws applicable to products.
As with any strict regulation, only the big companies can afford compliance. Look at the PCI compliance standards. If you want to be a financial services start-up (i.e. PayPal, Google Check-out), you have to have this cert, and you're looking at a minimum of $50,000 worth of hardware, not including the software licensing and auditor fees. If developers are suddenly "liable" for thier code, OSS, and small dev shops will be weeded out. The rich get richer, the small become non-existent.
Exactly. If developers are expected to be liable in the same way civil engineers are, then they must be given the absolute final say to sign off on releases. And management must not be able to punish them for their honest appraisal when deciding yay/nay on signing off.
I hate the title 'software engineer'; the term implicitly lies as far as I'm concerned.
But expect to see instant demand for much, much higher salaries by software engineers if such a weight is put on their shoulders.
Giving someone all the responsibility without the accompanying authority is a recipe for disaster.
It'd be nice to say "well, I'll just always release open-source code and that way it's buyer beware, they had their chance to make sure it would all operate nicely" or whatever. But if you're being denied your right to protect yourself from liability from the consumer, that's not going to help. And wait until this comes our way in the U.S. Every time the American justice system gets ahold of a technological issue, they screw it up. And that goes for every branch of the government, for that matter. Even the patent office is screwed up over tech -- remember the patenting of single-click purchasing? It's this halfbrained approach to already-existing technology that builds a foundation for technoshamanistic theocracy.
"Stratigraphically the origin of agriculture and thermonuclear destruction will appear essentially simultaneous" -- Lee
The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to destroy you and leave you (and or your business) reeling in economic and personal obliteration*. That our software looks like it does something productive should not be mistaken for any intent to be useful in any fashion â"the software is free for all its users.
*The GPL or authors of software using the GPL license make no guarantees regarding the efficacy of said software's destruction potential.
Platform advocacy is like choosing a favorite severely developmentally disabled child.
If someone sells GPL based software, they are free to do so and pick up the tab on flaws in the product. Same goes for proprietary software.
I don't think you thought this through. If software developers are held liable, especially for FOOS, then only the wealthy could afford to buy software. It would cost too much for open source projects to buy insurance. And commercial software, if it existed, would cost too much as well.
Falcon
Should there be a Law?
The problem with software liability is that there no limit on how much might be risked on $100 (or so) software. With a ladder, the risk is on the order of one life per ladder. With software, there is no physical constraint that prevents someone or some company risking any number of lives or any amount of money on cheap software. What we have today is special rules for special risks (e.g., airplane control systems, medical devices). Other than that, you should assume that you bear any risk beyond what you paid for the software (or some small multiple).
Until the coders get total control of the project, from inception to completion, then no, they cannot be held responsible for bugs in the code.
Say you buy a Hamilton-Beach toaster. You open the box to find a piece of paper that says "By opening the box, you agree that Hamilton-Beach does not warrant that this toaster will actually toast bread." You plug in the toaster only to find that it doesn't work. Do you say "Oh well, I guess I'm out of luck"?
If I bought it on sale for $20 online, I pretty much do say "I'm out of luck." I'm not going to waste my time trying to get the money back, or another crappy blender.
If I bought it locally for $20, I would still not complain to Hamilton about it. I'd just take it back to the retailer who sold it to me. If they don't take it back, then I'm still out of luck, but I won't buy anything like that from them again and if they screw enough people over fast enough, no one else will either.
By and large, we, as consumers, rely on retailers to handle manufacturing QA for us. The manufacturers who can't stop getting orders from retailers.
Such examples are patently stupid. Yet this is exactly what software EULAs say: the software is not warranted for any purpose, not even the purpose for which it was sold. Most jurisdictions have laws pertaining to merchantability and product liability. These laws work adequately (more or less, depending upon jurisdiction) for the sale of goods. The laws make distinctions between defects which do not hinder use, minor defects, major defects, and life-threatening defects. It all works (more or less) for cars and toasters; why shouldn't it be made to work for software.
The issue here is if a law is passed saying that yor old license CAN'T waive product liability.
Say in 2008 you released a GPL licensed tool to display JPGs, saying it is designed to do nothing but try to display JPGs and that it may not be suitable even for that (is not warranted).
In 2010, someone in Europe passes a law saying you can't say that it isn't warranted.
A idiot l-user in 2022 then finds an old copy of your software, flashes the firmware on his Jumbo Propulsion Godzilla (JPG) rocket and, surprise surprise, it explodes.
People are complaining that this sort of law, poorly worded as they always are, leaves you on ythe hook for that idiot's actions if the judge in the case sticks to the letter of the law.
"Only in software is it accepted that you can put a product out there that does not work as advertised."
Look at microwave ovens. Do they advertise that they don't know how long a particular item will take to cook? Do they advertise that it matters where you place the item in the oven?
There are plenty of non-software products that work only "good enough".
My initial post was on the topic of selling software, not giving it away, and certainly not the development of new software.
How is a FOOS developer putting food on the table if the software they develop is not sold? That I can think of now, the only way is if someone sells service and support? That itself is a liability though.
You said you would feel no moral responsibility for damage caused by your code. I don't disagree if that code never moves past beta. But once you put it out there as available to 'end users', I think you have some duty to make sure it is usable for what it purports.
Herein lies Apple's advantage over Microsoft. Apple creates it's software to run on the hardware it also creates. They are able to make sure it "just works". MS on the other hand can not control what hardware their software will run on.
Falcon
Should there be a Law?
If you want to pay $5000 for a spreadsheet program and $1000 a year maintenance. And even then the liability is only good for a very restricted version of the operating system, patches, and devices. If you install any device or software not covered by the contract on the machine, your coverage is void.
She was like chocolate when she drank... semi-sweet at first and then increasingly bitter.
In the EU: yes. The EU is nowhere near as litigious as the US.
The law would still affect the ability of one-house GPL licensed software developers to sell non-GPL licenses on the side (and therefore the total funding available for FOSS development). I have no idea how significant that would be. I do know of at least one developer who has earned some money this way, but it was an insignificant amount compared to his day-job salary.
How is this hard?
a) commercial software (as in, you pay money) = consumer rights, should work, publisher liable for damages since he put it in the market for $
b) free software (as in, free beer) = no consumer rights, caveat emptor, flatten and reinstall if damages occur, hope you had backup
I make software that goes on an aircraft for a living.
All such software is required to be certified by the FAA, which has elaborate requirements for development, documentation, and testing (the applicable document is DO-178B).
I'm told that the reason for certification is not safety, but culpability. If your software satisfies the requirements and passes review by the FAA, then your company will not be held liable if it causes problems.
In essence, certification represents "best effort" engineering practices and tries very hard to eliminate bugs in the final product.
By the time a software package gets on a plane, many people have combed over it looking for problems, and the testers have spent a massive amount of time running it. There is a safety/failure hazard analysis which asks all the "what if" questions, and the flight crew has written procedures in case it fails.
If a bug is found after deployment (this happens occasionally) and it is discovered that there was a flaw in the certification process, all hell would break loose. It would open up the FAA and the company to all sorts of lawsuits from injured parties. The people who signed off on the certification would essentially be screwed.
The FAA is generally a bunch of bureaucrats. The one thing they do well is look out for their own interests.
Oh, and I worked for the company that got Microsoft Windows certified to run in the cockpit as a map display. It's Posix compliant, dontcha' know!
Why don't I just forbid european use of my software via the license agreement. They can still buy it, but since they already violated the EULA it isn't my liabiliy anymore. In theory this would be bad for business, as I'm cutting myself out of a market, but the fact is that they will still buy/pirate my software.
No software is 100% bug free (other then some really simple stuff) and it just seems to me with this that the EU wants free software. So let them have OSS or a rock solid version of Windows 3.11. Either way they are behind the curve in functionality as new ideas in software tend to bring problems.
Nobody said anything about coders. Sellers. In the EU, just like in the USA, you have an implied warranty whenever you buy a product. First is the warranty of fitness for a particular purpose. This means that if a seller knows or reasonably should know a particular reason for purchasing the product, that it must be guaranteed to work for that purpose. There's about one reason to buy a fridge, to keep food from spoiling. The seller of the fridge guarantees that it can do this when they sell it. You could use a fridge to keep medical samples cool, but that's not its intended purpose, and if the fridge dial cannot be set cool enough for that purpose, tough titties for the buyer. But if it cannot be set cool enough to keep food from spoiling, expect at a bare minimum to refund the customer and compensate them for any food that spoiled! This also means that if you ask a salesman "Can I do this?" or "Find me something that does ___" then whatever they sold you is guaranteed by them to do whatever it is you asked.
Related is the warranty of merchantability. Basically it says that the goods are good. In particular, the goods must be usable for the purpose that such goods are typically used for. They must conform to the relevant laws governing such goods. Finally, it must be of quality "as passes ordinary within the trade"
What does this have to do with software? Well, EULAs have a boilerplate and quite illegal phrase that the product you purchased was sold without particular purpose, or implied warranty of any kind. Few places can you disclaim an implied warranty, unless the product was explicitly and unavoidable labeled "As is", and even then some jurisdictions do not allow "As is" sales. No places can you disclaim the terms of a sale AFTER THE SALE. I guess the EU just wants this point hammered home forcefully.
So what's this mean? If you go to Best Buy and say "I wanna fix the redeye on my pictures" and they sell you some software, they can get a refund if it doesn't do that. If some harm comes from being mislead, they can go after Best Buy for it, but that's unlikely to happen, because what the hell are you doing with software that causes harm due to missing features? This isn't talking about doing something poorly, it's about not being able to do it. The software you buy would also match the law for all non-software purchases in that it would have to conform to standards of quality. I dunno about the EU, but in most commonlaw countries, the standard is "as passes ordinary within the trade". That is, if you buy software that's full of bugs, you can get a refund, and compensation for any damages caused by the bugs, just as if you had bought a fridge that doesn't work and spoiled your food. But Windows? No. You'd have to prove in court that Windows is of quality substantially lower than passes as normal within the software industry. Sorry, but I've crashed Linux and OSX just as much as I've crashed Windows 2000 and onwards. (Which is to say, hardly ever for any of them, but it still happens). In the days of Windows 95, it was highly unstable, but I never managed to get earlier versions of Slackware working without Kernel Panics back then, either...It's gotten much much better recently, but even a few years ago, OO.o used to crash on me at least 10x as often as I've ever seen MS Office crash, even in the days of MS Office 95. I would say that for all the screaming about MS Products, they have quality as would pass for ordinary within the software industry. Perhaps that's sad, but it's true. Also, ordinary quality is a moving target. And that's how it should be. When you buy something, you should have reason to expect it to be at least of ordinary quality. If in 50 years everything works better, then you should reasonably expect that when you buy something, it works as well as most competing products work! That doesn't mean you can go sue if your program crashes. Only if it's so bad that it's notable worse than most other similar software.
And once again, i
ASCII stupid question, get a stupid ANSI
I write software that goes into aircraft for a living.
Aircraft software is not always perfect, but in many cases it is and in the other cases it's pretty close.
During development, we once calculated that there is about 15X as much effort put on the certification process as the software development.
That means to say, if the software alone takes 3 man-months to develop, there is an additional 45 man-months spent on documentation and testing.
This is an average for critical systems. Non critical systems have easier requirements, so the cost goes down *slightly* in that case.
This is one of the saner comments I've read. Unfortunately, while you can return the TV or computer even if it's not in the box most stores do not accept returned software if it's been opened. I say most, because while I've never been to or heard of one doing it there might be some who do. Heck, stores around here won't even give a refund for DVD movies that have been opened. The best I've been able to do is to get a store to do an exchange, exchange the media for another one of the same movie. And I once had to return and exchange the same movie twice because the disks wouldn't play.
Falcon
Should there be a Law?
How is a FOOS developer putting food on the table if the software they develop is not sold?
The same way they are now.
Not every scrap of FOSS code floating around was written for payment. Some was written and published as 'see if this works for someone else.' and I would hope would not be covered by this new law. Other was written for some reward and, still available for free to everyone else, may or may not be similar to a "commercial product" because of the intended audience. And all of that combined probably covers only 2% of the FOSS code written.
Herein lies Apple's advantage over Microsoft. Apple creates it's software to run on the hardware it also creates. They are able to make sure it "just works". MS on the other hand can not control what hardware their software will run on.
They could, all that's stopping them is the fact that they would have to give up some of their market share to Linux, or step up their support of older OS+hardware combinations.
I'm seeing too many people try to compare software with physical goods such as cars and toasters. There are numerous, irreconcilable differences between the two realms that make a direct comparison anything but straight forward. Furthermore, many of you seem to have some inflated view of what merchantability and suitability mean for physical goods.
For starters, physical goods warranties and liabilities have limits. If I buy a truck from Ford, GMC or Dodge, it will have a certain rating for load capacity and towing capacity. If I exceed those ratings and something bad happens, up to and including injury or loss of life, it's my fault. Other physical goods, such as toasters, also have limits as to what situations they will be designed and tested for. If I try to make french toast using a slot load toaster and something bad happens, up to and including injury or loss of life, it's my fault. In one case the manufacturer knows that somebody out there will try something that they know has a high likelihood of causing known failures (i.e. if you try to tow too heavy of a load with your truck you run the risk of overheating your brakes and causing an accident) and in the other case we have to come to terms with the fact that idiots will find a way to break shit no matter how many warning labels you put on it.
Now about those irreconcilable differences between software and hard goods. With hard goods, your warranty goes out the window the moment you modify it in any way that has not been approved by the manufacturer. That is completely reasonable because I can buy a car and drive it completely as is and it will serve its full intended purpose with out any 3rd party add-ons. The same with a toaster, I can buy a toaster and make toast without adding to or modifying the machine.
A modern computer system, however, is nearly worthless until you start adding to it. Let's, for the moment, ignore hardware failure as being beyond the scope of software warranty. If I buy a system where the only installed software is MS Windows (and I mean *only* software, no games, no office/productivity, no peripheral hardware beyond standard keyboard, mouse and monitor, etc.) then there's not a lot of ways for it to break at a software level. Now let's start adding things. If my video driver conflicts with my antivirus software, who is to blame? Both work at a level close to the hardware to do their jobs and both have been tested to work as intended with the target operating system. And as luck would have it, they were both released nearly simultaneously so there was no opportunity for either vendor to test against the other's current product.
If we want to get into more industrial or life or death situations where computers are used, let me just say that if you trust human life or millions of dollars of equipment to the flawless operation of general purpose hardware running a general purpose, multitasking operating system then you're an idiot. The engine management and safety systems in a modern car are controlled by purpose built electronics running custom built software. Automated production equipment generally uses PLC type systems that been thoroughly tested for tolerances and MTBF rates.
Really what are we hoping to accomplish with this legislation? Windows, MacOS and Linux are all very stable (Vista's Task Manager is reporting 240 hours for my current uptime) barring hardware failure (which is easy for the lay person to blame on the OS since the OS is what tells us something went wrong) or applications that don't play nice with each other. Applications that corrupt data usually don't make it out of testing in that state and when they do it's usually fixed quickly if the company that made it wants to continue to do business. Open source software is perpetually beta since it is developed by the community and simply made available to anyone who thinks that it might be useful.
My God! It's full of eval()'s.
I don't see the problem here. I have a lot of free software on my web site, and it all comes with a money-back guarantee if it doesn't work for you.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
IMHO Software Developers should not be liable, at least in the first place, for their code.
The main difference with a good is that it does actually belong to whom had bought it. So, the customer may sue the company for selling something which isn't in proper conditions. And the right to own it is legally guaranteed providing the other party accepts to sell it. The good is suposed to behave properly, unless the opposite has been explicitly agreed by both parties beforehand the interchange.
In software, however, who posseses the copyright is granting to whom paid a right to use it, and this is totally different. Because normally that person wouldn't be able to use that piece of software anyway, and the right to do such is provided only if that same user accepts to be subject to that agreement.
Of course the situation is entirely different when there is, for instance, an advertisement saying that that software is free of bugs, for example, and then it turns out not to be in that way, or if the EULA states that the software comes with a warranty.
Only when you've found the correct idea you'll speak a lot about nothing and you'd be perfect.
This has probably been covered but I'm putting in time waiting for a download to complete (mobin img) on my Aspire netbook, soooooo. Under contractual law my law courses in Canada would suggest there would have to be "Consideration", e.g. $1.00 or some other form of value before a contract would be found to be in existence and as such be grounds for a suit. My prof touched upon something I remember as "injurious reliance" wherein a law suit could have merit under laws of tort or negligence. If you buy something or rely upon something and then suffer some sort of injury or loss because of your reliance you can then bring a suit under the guise of injurious reliance. Lastly, if you've been foolish enough to follow along on my untotal recall of law courses, there's an onus on the injured party bringing a law suit to mitigate against losses. You have to do what you can to stem losses as soon as possible. That's it, that's all I got cheers
ideopath @ play
I hereby demand that this legislation is extended beyond software authors to cover the full spectra of information. Fiction authors should be liable for plot holes, journalists for incorrect facts and government employees for... where exactly are those Iraqi weapons of mass destruction we went to war over?
The same way they are now.
Now, many are paid by businesses to develop the software which the business then sells or services. If those businesses are held liable for more than just the cost of the software or service then those companies may not stay in business long. Microsoft wouldn't be able to pay everyone for damages, even if they have a lot of money in the bank. One estimate one TFA has is Conflicter caused more than $150 Billion in damage in one year alone. Never mind MS, FOOS projects could not handle that type of liability.
Herein lies Apple's advantage over Microsoft. Apple creates it's software to run on the hardware it also creates. They are able to make sure it "just works". MS on the other hand can not control what hardware their software will run on.
They could, all that's stopping them is the fact that they would have to give up some of their market share to Linux, or step up their support of older OS+hardware combinations.
Microsoft can't control what hardware people install Windows on, unless during installation it checked to make sure the hardware was authorized. People are already having trouble with XP's and Vista's Activation even after adding or swapping hardware, they'd go ballistic if Windows told them it did not work with their hardware because it wasn't authorized. Supporting more hardware would lead to testing for all the possible hardware combinations which would lead to higher costs.
Don't get me wrong, I'm not an MS fanbios. If you check my previous posts about MS I don't like it but I don't blame them for everything either.
Falcon
Should there be a Law?
Give the consumer/purchaser a choice:
1. The uncertified version that costs $150
2. The certified & insured version that costs $1,200
Let's see what they pick?
I wonder what such a rule would do to 3rd-world software development? Perhaps their cost of living is 1/5 ours, but a lawsuit that is 20 times their life salary may change all that.
Table-ized A.I.
As an open source developer with half a dozen projects on SourceForge, I can promise you that if the government suddenly creates a possibility that I would be sued for them, I'm pulling each and every one of them off and closing the projects as permanently as I am allowed. Sure, I don't intentionally screw my users, but that doesn't mean I would bet that my code is perfect. Heck, I found a couple of small bugs just yesterday. These things happen. But if you want to punish me for them, you are welcome to live without my code. I'll pull it all off the net and keep it to myself.
Of course, nobody would notice if my little projects went off line. But I'm sure there are a few more important ones out there with commercial competitors who would just LOVE to see the competition disappear. A liability law wouldn't bother a large corporation, since it already has a legal department for blowing people off. I don't have a legal department, and I don't have millions of dollars to devote to defending myself in court. Guess who wins?
Done wrong, this could be a fiasco. That means that this would be a fiasco. That said, I'd welcome this sort of pressure on the software industry because developers would start to build things that they bloody well understand. Today, we've got people just cranking out code that looks like it will work, works okay for a few years, gets discarded when the next guy to come along thinks that he can do a better job, lather, rinse, repeat. Consider instead that once you invest of your time and energy to build something extremely well once (at ten times the current development cost), everyone else will desperately want to use it in their products. Businesses will have an incentive to build the highest quality software that they can in order to attract clients who want to reuse it.
Look, I developed it for you, so you, the client, is at fault for signing off something that wasn't right.
ergo
Look, I sold it to you and you bought it, don't blame me if you bought something you didn't want
I am tired of these implicit assumptions that FOSS is better than proprietary/closed source.
And what of the implicit, and explicit, assumptions and assertions, that closed source is better than open source? Why not judge software on it's merits? I like GIMP, it's great for most of what people want to do with it. But it's not a drop-in replacement for Photoshop. I like OS X, I'm typing this on a MacBook Pro running Leopard, but I also like Linux. And am thinking of installing Ubuntu on it to make it dualboot.
Fslcon
Should there be a Law?
The way the government gets away from liability (which is adopted by many organizations) is to require that all employees are certified by a certifying body, usually a school. The damaged user is then forced to prove negligence by suing the certifying body. But this is impossible because all the experts he can muster were also educated by the same bodies, so cannot pass judgement on them.
If the only tool you have is a socket, all your problems look like connections.
Next you know well be suud fur grammer and spailing errers. That suks!
Table-ized A.I.
This is insane, goods are NOT free, FREE Software is, how can those who make no profit defend themselves against such claims to their software, they can't. Even with those who do, it is the users fault if they use the software and it should be the same if you eat brocoli and get sick how does the farmer (the one that created it, so the programer in this example) know that the store had the food wide open and someone had rat poison on their hands and touched the food and so it becamse dangerous. The EU is stupid, sue microsoft sue everyone. Microsoft is shouldn't be sued for controlling what the user can use, example if Microsoft controlled that you can only use IE, guess what don't like IE don't use Windows it is YOUR choice.
Like if food was held to health and safety standards only the rich could afford to eat? But no worries, I hear you can buy some cheap milk* from China.
* This product is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Software development would become more time consuming, expensive, and would drive up prices. Then Microsoft really WOULD be like GM.
-- I am. Therefore, I think!
"The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?"
Hey, how about a full refund of the purchase price?
sd
Go read _Geekonomics_ for the book-length treatment of this subject. It's a good book, but damned depressing. It has a chapter on Open Source, but it's disappointing and mostly amounts to, "yeah, they get screwed and that sucks, but too bad, we have to do it anyway."
I hate M$ and love F/OSS, but I have to agree. We're losing the war for information security, badly, it's largely, but not exclusively, Microsoft's fault and we need to do something sooner than later. This should have happened 10+ years ago.
I say "it's largely Microsoft's fault" because they are responsible for the many of the most egregious examples (Windows, IE, Outlook Express, ActiveX, etc.), they have the monoculture to make those egregious examples extremely significant (in a bad way), and they have forced everyone else in the COTS (Commercial Off The Shelf) world to to sink to their level just to compete. Though is all fairness that wasn't that much of a struggle.
There's a reason for the old saying that Microsoft/Windows and cell phones have conditioned us to mediocrity, though I'd argue it's much worse than than "mediocrity" now. And remember, it was MS who brought us the utterly insane concept of a "preventative reboot."
-JP
if the press release is anything to go by.
The only point that seems to come near TFA is:
Bit more detailed if you go to the original resolution (mostly s.36 onwards). Free software doesn't even come into either the new or existing law because there is no consideration.
All we're really looking at here is blocking the damned "now that you've opened the box to read this notice, you can't get your money back". Liability is not going to go any further than a refund, unless the software maker expressly states they guarantee something. Unlike a toaster, normal use of consumer software cannot electrocute you or start fires. The aim of the whole thing is for the benefit of trade (particularily inter-EU) - to get consumers to buy more software and for them to shop around within the EU countries, they need to have standardised rights that give them confidence.
I just compiled the code using the command "rm -rf *" in the source code directory.
Unless you are selling copies of your program directly to consumers this is irrelevant to you. People who buy Ubuntu CDs directly from Cononical might have a claim against Canonical (which probably could be satisfied by a full refund). They would have no claim against the upstream developers. People who download free copies of Ubuntu would have no claim at all.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
Like if food was held to health and safety standards only the rich could afford to eat?
Most anyone can grow food, the past couple of weeks I've been working on my garden, most people can not write their own programs though. By one estimate Conficker caused more than $100 Billion, with a "B", damage in one year. A FOOS project could not afford that. I doubt even MS or Oracle could.
But no worries, I hear you can buy some cheap milk* from China.
There are local farmers I can get to know I can buy milk from, though I don't I am a member of not 1 but 2 coops that buy from local businesses and farmers. My milk doesn't travel 1000 miles to get to my frig. A lot of the produce they carry don't go more than a couple of hundred miles, some farmers are even within 50 miles. Then there are a number of farmers markets I can go to as well.
However I don't expect every town to have it's own software business.
Falcon
Should there be a Law?
...but with a much higher price tag. Like at least 10 times the price. At least.
So if you would rule that I would be liable for all my code, then all my code would become that expensive. And all the code of other programmers who think more than a day ahead.
But I bet many would still offer nearly the same price. At least until they got sued into oblivion. ^^
Any sufficiently advanced intelligence is indistinguishable from stupidity.
Lots of comments seem to be over-thinking this.
This is about (potentially) holding commercial sellers of (software) licensed products to the same standard as everybody else. Within there particular market of course.
It's about a software company selling you a peace of software which turns out to be flawed or broken beyond the reasonable.
If some random person creates a food container for you and gives it too you and it turns out that the paint makes you vomit, that's too bad. You get an apology and that's fine.
When you bought a food container from a vendor and it turns out the paint makes you vomit you can hold them liable for the damage. Because as an commercial entity making money from you and claiming to have 'the best food container in the world' they can be held to reasonable standard.
It's the same here... The individual developer from a software company is not the one targeted and will not be held liable. The software company however will be held liable for things that are reasonable. Where at this moment it's very hard to hold them liable.
Currently software vendors sell there products like people sell music or movies, only without any possibility to get a decent preview before buying. When you buy a movie or cd and it turns out that you don't like it (the content) after the mandatory return/refund date you cannot do anything about it... to bad... Software is like that... you cannot really see what your buying (it's illegal to download it right? :) and when the return/refund date expires you have almost no rights left what so ever.
The program can be horribly flawed, broken or even completely stop working after a month without any possibility to fix it, and there's almost nothing you can do about it.
If this law would be correctly worded and reasonable in it's intent and execution it would help customers a lot and would help to make sure that the free market of software is not a free market of garbage without consumer protection.
Depends, do you want to pay $40,000 for Windows?
Do you want to pay 100k for a computer?
Here is what I think should happen:
Software should be treated like a license. It can be bought/sold and traded or even RETURNED for the FULL PURCHASE PRICE.
This would give more incentive to folks like Microsoft, to produce Quality software.
Software 'features' could not be REMOVED, and if they are, the license can be returned, for the full price paid.
FREE software, can continue to exist in it's current form. I paid nothing for it, my expectations are low, and therefore the quality usually is much HIGHER than my expectations.
If I pay 400.00 for Windows, my expectations are high, and the quality of the software frequently falls well below my expectations.
When you release a physical product, you can issue disclaimers with it like "don't use near flame", "don't use in extreme cold", "don't use naked inside live volcano." Software can wind up installed on systems that are the equivalent of all of these. Can you test on every OS, OS minor version, OS with patches x/y/z, combination of drivers, this chipset, that graphics card? What about on systems that are misconfigured? With corrupt Registries/Netinfo DBs/config files? How about ones infected with Malware? What if the admin/user installs or configures your software incorrectly?
Every system is a potentially highly hazardous environment that you cannot control nor test for.
If a paid software author can be held liable for his damages, then so too should a free software author, and the foundations that do them.
Face it, lawyers are looking for some new people to loot, and they are taking dead aim at the software industry.
This is my sig.
Always the "uh, us poor hobby coders".
If you are selling your code (and that's what the proposal says), then you're no longer a hobbyist.
And besides, some basic liability would be good, even in non-commercial environments. Europe has so far run things reasonably in this regard. For example, if you help me move, and you break something, you don't have to pay it (though usually your insurance will cover it) under normal circumstances. But if you were really dumb, such as trying to carry the huge flatscreen TV all by your own up the stairs, then you could be liable.
I wouldn't mind having the same kind of liability even when I write free software. I've written GPL code for high-availability systems, you better assume that I know what kind of critical systems it's going to run at and apply at least basic care.
I invoke the law of "you get what you pay for."
No. If a person is damaged by the software, and we establish that being damaged by the software is an suable thing, then damages have to be based on the cost of a remedy. So, if a Linux file system blows up, then, the author of that file system is liable for all the data loss from it.
If free software is competitive, then it has to be held to the same exact standard that commercial software is. Otherwise, its just what a lot of people said all along, a not really competitive thing, just propped up by the government.
This is my sig.
Well I think holding MS liable would certainly be a reason to throw a parade but for freeware it's free for Christ's sake if you use it you have to already know that it might be harmful that's the risk you take with free stuff. One cannot complain.
Maybe I missed it and someone already said this, but the way warranties work is defined by the Uniform Commercial Code - and not necessarily to our benefit.
If a software developer were to provide a printed warranty - sort of like: "If it doesn't work correctly we will fix the problem and give you a free copy of the revised version", the developer has just printed his own suicide note.
You can't write a simple commonsense warranty because of a legal doctrine called strict liability. If you give any warranty at all, you have automatically imported an entire body of law that governs warranties.
That is why most software products refuse to even guarantee that the CD will fit in the drive or that the computer will not catch fire during installation.
When you are dancing with wolves, never limp
This is a stupid question, and you are a stupid person for asking it.
A FOOS project could not afford that. I doubt even MS or Oracle could.
I doubt they want to kill the software industry, so they will start with baby steps while giving the industry time to adjust. I would imagine software warranty would end up costing surprisingly little once wheat has been separated from the chaff companies.
Then there are a number of farmers markets I can go to as well.
Let's hope they don't add melamine if their milk is more water and no protein even if it's cheaper.
I disagree, this is not a good analogy. You are confusing free soup and freedom. As in freedom is the recipe for the soup, or the source code of the software. I never got Linus Torvalds to install the Kernel for me or prepare any soup for me. I happen to make the soup, and install the kernel according to the recipe. And the recipe clearly stipulates that any kind of death of suffering is my own responsability. I don't know if I am clear. But if somebody understood, please back me up, since I feel it's a dangerous misunderstanding.
And then I stopped posting my code for public consumption. Why bother putting myself at risk of a lawsuit when I don't make money off my code?
Can anyone give me a reason to innovate AT ALL under this idiotic legislation??
http://slashdot.org/comments.pl?sid=1221343&cid=27831925 amd while you're chewing on that bitter taste of defeat, prove to us all that you actually know what you're talking about, and prove to us you are a professional programmer.
I think the designer should only be help responsible if you had to buy the program. Paying money to me means that the program is at a stable point and shouldn't be breaking things. If the program is free, then it comes at a "use at your own risk" basis and might not be stable etc.
Only in software is it accepted that you can put a product out there that does not work as advertised. It seems that these days the idea is to get the product out there ASAP, and finish it later with patches and updates.
Software is unlike any other good in that it behaves more like the law, in that people will keep prodding at it in different ways and will eventually find 'holes' in it.
If software providers are to be held to such a standard, than every time someone is subjected to great injustices under a poorly written law the legislators should also have to pay obscene damages.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
If you're selling commercial software, the buyer has a reasonable expectation of commercial quality. Regardless of its license! It's called "merchantibility". When you sell a fork the user expects a working fork. When you sell a toaster the user expects a working toaster. There are some things you simply cannot disclaim away with a mere license notice.
If you don't like that state of affairs, get out of the business!
If you're a purely non-commercial developer, then don't worry about it. But if you're selling the software, you need to realize that you're not protected by a warranty disclaimer. THAT'S WHY YOU TAKE BUGS SERIOUSLY! It's also why you need to stop making snake-oil claims about the quality of your software. When you make a claim you need to be able to back it up.
Of course, warranty and liability are two vastly different things. But in both cases they come down to implicit claims of software quality. I fully sympathize that the tort system has gotten out of control. Liability insurance has become a necessity for businesses that shouldn't ever need it. But the reality that we live in means that slapping a disclaimer clause on a license just isn't good enough for a software business.
Don't blame me, I didn't vote for either of them!
Most of the code I've written someone else designed. I'd object to being held liable for something I had no choice in the design of.
-- Programming with boost is like building a house with lego. It's a cool but I wouldn't want to live in it
I can't find any references at the moment, but from memory in the early days of software you could buy a complete system from the likes of IBM who would guarantee that it would work, because:
- the provided all of the hardware
- they provided all of the software
- they performed all of the installation
- they performed all of the configuration
- they provided a competent engineer to make changes
- changes made by their engineer were appallingly expensive so you made damn sure you got them right the first time
- the machine was in a locked room where nobody else was allowed to touch it
Only when you have total control of a system can you start talking about guarantees.
Isn't there something usually in the EULA about users using software at there own risk, or in some other way protecting the coder? If not, would adding that clause not protect the developer?
And who created those bugs that needed fixing?
Bug fixes are needed because developers either did crappy work or they didn't think everything through. Most other industries you get it right the first time and if you have to go back to fix it then the worker will probably get fired for incompetence. I've worked at a manafacturing plant where testing was done to ensure no mistakes were made. It was EXPECTED that there would be no mistakes and if we saw them showing up it was either bad components or somebody was getting remedial training.
In software they are probably promoted for having shipped it.
So why shouldn't the developers be held responsible?
Agreed. The developers should be sued if their software gives food poisoning.
The good, the evil and the vacuum tubes.
Um, no different than from now? As near as I can tell, open-software or free software doesn't require a 'license' that the user has paid for. But the idea that I can buy a product and have it broken when I get home or not work as expected -- and then be told I can't get a refund, or that I need to get updates, or pay for upgrades for working products -- is so completely bogus its really not that funny.
I would relish the idea of product liability applying to software again. I might even find the software field tolerable again -- as opposed to the current system, where software developers are rushed and pushed to release anything that remotely can function -- and if it doesn't die on install or cause a system crash, then 'ship it'. Everything else you promise a patch -- that often never comes -- they just release a new product you have to upgrade to (because they don't support your old version) and you have to hope the bug is fixed in the new product -- and, well, it might be -- if you could find the feature that used to be there that you wanted to work -- but lo and behold, they've 'simplified' the interface, and 'modernized' it by removing all those pesky features you bought the product for, but never had them quite work correctly.
They old bait & switch -- that and the 'addict the customer to periodic subscription fees (called monthly support, or yearly support, or annual upgrades). Some companies go the extra mile to screw you over, so if you wait too long to 'upgrade' your product, and end up not staying on top of their release cycle and buying everyone of their updates, then when it comes time to upgrade, -- I had one company that wanted to charge me $150 for every upgrade between the one I had and the latest -- so to get currently I would have had to pay $450. It was only $400 to buy a new version of the product. At that point, I decided I didn't need their product anymore.
If they'd been required to fix the bugs in their original software in the first place, then I wouldn't have needed the $450 upgrade to their $400 product. But to get the fixes, I also had to buy all the new features and upgrades -- all on my dime, even though all I wanted was a simple bug fix in their product. Sorry -- we don't support that anymore. You have to buy a new one. But current one is 3 revisions ahead, so that will be $50 more than buying another copy of the product outright.
Gee -- thanks -- and the benefit of buying the upgrades? All my settings, documents and files would be upgraded to the new format -- otherwise I'd have to re-enter and recreate my setup with the new software. Bye-bye overpriced, under-supporting Hummingbird-X morons!
Oh, and did I mention, XFree, works faster and with fewer bugs than the for-pay product?
So -- yeah, requiring a software vendor to stand behind a product they charge for sounds reasonable -- else maybe they shouldn't be selling the software -- maybe they should be giving it away and just selling service?
The user: But all I did was use the software product!
The developer: Call our insurance company see if we are covered!
Insurance company: You haven't met your deductible as of yet, and we don't cover new coders, or new hardware.
The developer: Say what?
Those little bumps and crashes are part of the microsoft "experience".
Sweet
Microsoft has produced Crap code and now if this code idea works, they owe all of us money. Good news for the real computer enviroments such as Linux. Everything is can now come down, Awesome lets let the real code keep living and the horrible code die
Die Microsoft, Die Microsoft AND I"M NOT A TROLL, I"M A REAL COMPUTER USER, JUST NOT A DUMB ASS WINDOW USER.
Thanks
Docmur
You get what you pay for. When I use popular open source, I trust that developers are competent and the software will work with few glitches, if any. But, I don't expect that I am entitled to sue for damages if it causes problems. That is, unless I paid Redhat, Novell, or someone else who promises specific guarantees against damages. Otherwise, I'm just glad for backups and start over.
I don't think you thought this through. If software developers are held liable, especially for FOOS, then only the wealthy could afford to buy software. It would cost too much for open source projects to buy insurance. And commercial software, if it existed, would cost too much as well.
Silly argument. By that argument only the rich would be able to afford anything at all, as [in most countries] there is a statutory right that anything you buy is "of merchantable quality". Heck, even the company that sold me the bed I bought had to send someone out to fix it when it arrived with a part not nailed on properly, and yet most people [who are not homeless] can afford to purchase a bed to sleep in.
than politicians should be held accountable for their decisions ?
Free speech was meant to be free for all... how can anyone grow up in a nanny state ?
If I bought it locally for $20, I would still not complain to Hamilton about it. I'd just take it back to the retailer who sold it to me. If they don't take it back, then I'm still out of luck, but I won't buy anything like that from them again and if they screw enough people over fast enough, no one else will either.
If that happens in the UK (and, I presume, the rest of the EU) you could sue in the small claims court for you $20, if you can be bothered. The consumer protection people might be able to go after the retailer, too - I'm not sure.
The issue here is if a law is passed saying that yor old license CAN'T waive product liability.
This isn't about product liability in the 'it shot my cat, give me a million dollars' kind of way. It's about the requirement of a seller to repair or replace inadequate products, or give a refund if that's not possible. Here are some excerpts from the directive on physical goods:
1. The seller must deliver goods to the consumer which are in conformity with the contract of sale.
2. Consumer goods are presumed to be in conformity with the contract if they:
(a) comply with the description given by the seller and possess the qualities of the goods which the seller has held out to the consumer as a sample or model;
(b) are fit for any particular purpose for which the consumer requires them and which he made known to the seller at the time of conclusion of the contract and which the seller has accepted;
(c) are fit for the purposes for which goods of the same type are normally used;
(d) show the quality and performance which are normal in goods of the same type and which the consumer can reasonably expect, given the nature of the goods and taking into account any public statements on the specific characteristics of the goods made about them by the seller, the producer or his representative, particularly in advertising or on labelling.
This is not a 'we can sue you for every bug' law, it's a 'we can have our money back if there are so many bugs as to make the software useless for its purpose' law.
Treaties do have the power to modify the Constitution.
Article VI - Debts, Supremacy, Oaths
All Debts contracted and Engagements entered into, before the Adoption of this Constitution, shall be as valid against the United States under this Constitution, as under the Confederation.
This Constitution, and the Laws of the United States which shall be made in Pursuance thereof; and all Treaties made, or which shall be made, under the Authority of the United States, shall be the supreme Law of the Land; and the Judges in every State shall be bound thereby, any Thing in the Constitution or Laws of any State to the Contrary notwithstanding.
The Senators and Representatives before mentioned, and the Members of the several State Legislatures, and all executive and judicial Officers, both of the United States and of the several States, shall be bound by Oath or Affirmation, to support this Constitution; but no religious Test shall ever be required as a Qualification to any Office or public Trust under the United States.
So why not coding?
If I build a house and do a bad job and someone gets hurt I am liable
If I run electrical wire and don't shield the bare wire properly and someone gets zapped, I am liable
If you bring your car to rotate the tires and I dont tighten them and they fall off, I am liable
If I am your doctor and perscribe you the wrong meds and you get sick/hurt/die I am liable
So why would programmers be any different? If your code causes harm to others by neglect on your part you should be held liable
I see how it can be read from the "... any Thing in the Constitution" clause, but it's simply not the case. Reid v. Covert explicitly established that the Constitution supersedes treaties (even ratified treaties).
Any guest worker system is indistinguishable from indentured servitude.
Oh, and here's a an even better tidbit I just found in Geofroy v. Riggs: "The treaty power, as expressed in the Constitution, is in terms unlimited except by those restraints which are found in that instrument against the action of the government or of its departments, and those arising from the nature of the government itself and of that of the States. It would not be contended that it extends so far as to authorize what the Constitution forbids, or a change in the character of the [p18] government, or in that of one of the States, or a cession of any portion of the territory of the latter, without its consent."
And this is from Reid v. Covert: This Court has also repeatedly taken the position that an Act of Congress, which must comply with the Constitution, is on a full parity with a treaty, and that, when a statute which is subsequent in time is inconsistent with a treaty, the statute to the extent of conflict renders the treaty null .
Any guest worker system is indistinguishable from indentured servitude.
Treaties do have the power to modify the Constitution.
Just a little nitpick here (but I think an important one):
You're correct in that international treaties are allowed by the US Constitution to "be on par" with it (given the same weight/power), so in that sense the GP is wrong.
However international treaties don't have the power to "modify" the US Constitution, since by definition that would give international treaties *more* power than the US Constitution, never mind that the Constitution is very specific about how it can be (legally) modified (and international treaties are not one of the mentioned methods). So treaties being able to ultimately *supercede* the Constitution is an idea that the US Supreme Court has never accepted.
Its important here to understand what the authors of the Constitution were thinking about when they wrote that part you quoted. The only treaty the US was a signatory to prior to adopting the Constitution was the Treaty of Paris, which ended the Revolutionaly War, and that was what the Constitution's framers were referring to, and protecting, in the first part you quoted.
This is an interesting read on the subject, in particular the 'Legal background' and 'Aftermath' sections. Note what is said at the end of that article in the 'Aftermath' section: the bottom line, established by the 2 US Supreme Court cases mentioned there, is that international treaties can't trump the US Constitution.
let's see, the idea is, you make a software / hardware, but it makes something it isn't supposed to do (like spying you... you are liable), also avoids that a nasty bug in software implementation gives you tons of problems.
Software should work fine without problems! If you can't make it right you probably aren't in the right business. You can say humans aren't perfect... but when you write software code you can see what you are doing, and can review what you have done to see if their isn't any mistake. You can argue that is to difficult, again if that is true, you probably are in the wrong business. I as a consumer, expect something one way, to work, to be useful for me... if the product doesn't work fine and make problems, shouldn't I have the right to have a refund in all that gone wrong because of the problems caused? Your I only have the right to pay and be quiet(?)... we the consumers should be protect from those of you that are making bad software... because are you who give bad name to the computer world.
If cars stop working because some engineer made some bad code I would like to see your face of happiness... best this actually is happening all over the world because... you guessed! manufacturers star putting hardware and software in cars... and now a days the cars stops working because some hardware stopped working... and the best part, they make you pay for the repair even trough they don't say in manual when you buy de car that you will need to spend money in changing that kind of parts... also the fail of one of them shouldn't make the car stop... imagine one air plane having a disaster because on hardware part fail.
No. Testers should be responsible for my code.
Bwahahahahaha I love torturing QA.
Liability should fall with whoever deploys the software - they are the only ones in a position to know of the potential downsides. Contract can shift liability after that point, and insurance can get involved at any point, but that's where it should start.
For FOSS, this means that you're using it at your own risk, unless you're paying someone to take that risk on for you (a business opportunity in its own right). This seems appropriate.
Most anyone can grow food, the past couple of weeks I've been working on my garden, most people can not write their own programs though.
Nonsense. Anyone is capable of writing their own software, just as anyone is capable of keeping and maintaining their own garden. Both have some barriers to entry, but by far the biggest are time commitments and interest. My mother has zero interest in programming her own apps, just as I have zero interest in growing my own food. If she had any interest in programming she could learn how to write code, and if I had any interest in gardening I could go out and buy a shovel and some seeds. She would probably write very poor code at first, and I would probably keep a terrible garden; both of us could improve with time.
How are sites slashdotted when nobody reads TFAs?
Wow. Looks like I learned something today. Thank you superwiz and True Grit.
I mean, people need to be held responsible for their own actions.
Here we go again! More know-nothing government bureaucrats want to somehow interfere with technology. Unless the software were embedded in a machine built by one company, you can't hold developers accountable for software simply because there are so many variables that go into making software it's very difficult to know what type of computer and what patches, upgrades or other software will be running along side your software.
People misuse computers all the time and not all software is designed to be secure from the start. In the OS arena, hackers are constantly trying to break into Windows. Microsoft "supposedly" does their best, but even if they don't, how can a software company justify going into business only to be forced out of business by law suits where the plaintiff knows very little about securing his/her computers?
The fact that this dumb idea came from Europe does not surprise me in the least. The EU has always been very business unfriendly when it comes to how they treat their tech companies which is why very little OS and large scale application development is done there in the first place.
The only people who will benefit from stupid laws like this will be the lawyers.
Nonsense. Anyone is capable of writing their own software, just as anyone is capable of keeping and maintaining their own garden.
This is nonsense. Most people can't program even using something like Borland's Delphi or MS Visual Basic whereas there are very few who have brown thumbs or black thumbs.
My mother has zero interest in programming her own apps, just as I have zero interest in growing my own food.
I do both. I started college with a major in Computer Engineering and have been growing gardens since before I was a teen. I also have other interests. In high school I was torn between majoring in CE and Marine Bio or another marine science. I picked CE, though if I had known then what I know now I would have done a double major.
She would probably write very poor code at first, and I would probably keep a terrible garden; both of us could improve with time.
And how many have the tyme to devote to learning programming while they're already working full tyme? Sure people can improve but that doesn't mean they will be able to program a compleat and useful app. Gardening is easier.
Falcon
Should there be a Law?
Probably the most relevant article that jumps to my mind.
and it would be bad for business if we allowed customers to buy, burn, then return every DVD in the store.
I know it's easy to make copies of DVDs but people should be able to get a refund. I've got maybe a dozen disks that are bad and have had to exchange the media for one movie more than once. I've never had as many problems with VHS tapes, I've only had one tape eaten by the player and no problems otherwise, as I have had with DVD disks. And I've bought more tapes than DVDs.
I've always felt that we could remedy this by keeping track of who returns software (e.g. Driver's License info),
Some stores around my area buy used movies and music and at least one requires official ID before they will buy.
and bar certain "repeat returners" from ever returning again.
Whether it's just because I'm unlucky, jinxed, or what I don't know but I've had a bunch of problems with disks. Some have suggested it's the player, but I'm on my third one and I've tried some of the bad disks on all three. Just as there are Lemon Laws for other items they should be applicable to media as well.
Falcon
Should there be a Law?
I'm a bit mystified about this post--software developers already are liable for damages and/or injury caused by flaws in their work. There's a whole category of liability insurance (and matching case law to boot) around the subject. In the insurance business it's called "software errors and omissions."
If you're not aware of this...
you're either not in the software business, or you probably should be talking to your insurance agent. If you work in the United States, do business in the United States, or can be found to have a "business nexus" within the United States, you can find yourself named as a respondent in a U.S. liability lawsuit. And there's a nasty little element of U.S. liability law known as "joint and several liability" that essentially means that whether you are at fault or not, if the jury finds that the plaintiff was injured--and that some degree of the fault lies with any of the respondents, all of the respondents are jointly responsible to pay damages.
An earlier post in this topic wrote, in essence, "between the developers, the tester, the customer, the business analyst--good luck figuring out who made the mistake." That's the point of joint and several liability--they sue all of you. The jury doesn't have to decide whether it was the tester, the developer, the analyst, or the end user. So long as at least some part of the injury was caused by negligence of some kind--you can be found liable.
The Achilles heel of Open Source
Suppose you join a project on SourceForge--like a nifty project to develop Open Source Linux video drivers for high-end plasma video displays. You produce some really spectacular work--and you draw the applause of a small community of really high-end gamers when you ship your first release.
But, unbeknownst to you, a networking consultant in New Jersey finds your project, and uses it to provide a low(er)-cost solution for a radiologist who uses the same video card/monitor system to read CAT scans. The radiologist is reading mammograms.
Seventeen months later, a woman is diagnosed with an "aggressive" form of breast cancer. Had it been detected earlier, she might not have required a mastectomy, or serious chemotherapy. Now she has lost both breasts, and all of her hair has fallen out. She--and her attorneys--want to know why the radiologist didn't find the problem in the mammogram seventeen months earlier.
Right. The mammogram the radiologist viewed on a high-end plasma display. Using an Open Source video driver. The one you helped to develop.
You are in deep yogurt. And whether the video driver had anything to do with it at all, you can expect to be served notice that you have been sued in federal court. And you will then be staggered to discover just how much it costs just to respond to the lawsuit. And the fact that you didn't get paid a dime--hey, it was Open Source, right?--doesn't make a lick of difference.
Fairness, Justice, and the Law are Three Different Things...
Fifteen years ago I was the system architect on a project to manage liability insurance claims for a very, very large insurance company. A liability claim is a lawsuit--we evaluated all kinds of circumstances (prior history in this jurisdiction, prior history with this judge, who the plaintiff was, who plaintiff's counsel was, who our counsel was, yadda yadda yadda). We went through a bunch of factors, carefully weighing each of them, till we got to the end of the process. The very last questions were--does plaintiff have an injured child to show in the courtroom? Does plaintiff have a disfigured woman to show in the courtroom? Does plaintiff have a dying victim--particularly with soon-to-be-orphaned small children--to show in the courtroom? If so, then all bets were off--it did not matter in the slightest if our
I also wonder how much will have to pay other companies...
While most free (libre) software is, in fact, given away... some people do sell it (and provide the source code). Presumably those folks would still be exposed to potential liability.
En casa andaba!
"Until the coders get total control of the project, from inception to completion, then no, they cannot be held responsible for bugs in the code.
How many companies push to get code out the door with *imperfections*" - by GuyverDH (232921) on Saturday May 09, @11:29AM (#27888515)
TOO many do, POMCO of Syracuse N.Y. does, & they call it "the POMCO way" (they force you to build shit)... I'll outline a couple examples, & with specifics, of the incompetence of their staff & mgt. there (& THEY DEAL IN SS#'s & HEALTHCARE DATA no less, very personal information no less)...
Damn straight, & it cost me a job once in 2006:
I was hired by a company called POMCO in Syracuse N.Y. to help secure their codebases done in VB6 (some of which we transitioned over to VB.NET because of its capacities for server-side apps mostly & built-in garbage cleanup) to scramble out SS#'s & such... I completed 3-4 apps in 7 months there... but?
Later, I discovered they were NOT securing down the "end points" (workstations, printers, etc. et al) fully, per this type of procedure outlined in this guide, to supplement work I & the others devs had done to the apps AND webservers + DB engines (SQLServer):
----
HOW TO SECURE Windows 2000/XP/Server 2003 & even VISTA, + make it 'fun-to-do', via CIS Tool Guidance (& beyond):
http://www.tcmagazine.com/forums/index.php?s=2ccbde62be4c73b6d069d86d5cf90200&showtopic=2662
----
I suggested that to be done, FIRST, on a "prototype" system!
(To be sure ALL of our apps would work using it (they did, @ least all the ones I worked on, because I eventually did my workstation that way @ their shop & ALL still worked), then "mass deploy" the settings using AD Group Policies &/or logon scripts (merging .reg files etc. et al)).
So, upon discovering this?
I went to the CIO (Mark) first, privately, telling him:
"This needs doing as well as securing down code & DB's! IF you don't? It WILL eventually get you "keylogged" most likely due to user error in unawareness of the dangers present online. Educate them all about it, in a meeting @ some point is the way to go! Simply, because all the security in the world won't help once the user's passwords are 'sniffed' out upon logon (to their workstations &/or DB backends through the front ends we devs built for they)".
I also used users to consult on the design of apps we built or rebuilt for they, which proved a TOTALLY "new wrinkle" for them, because the main user of one of the apps was in our morning meeting we had once a week and actually THANKED ME for it!
(The sad part? The others developers, not all, but the main one? Literally called them "STUPID", & I was like "You're the stupid one: Those people, first of all, know THEIR JOBS far better than we do, & THEY KNOW WHAT THEY WANT TO SEE & USE... plus? They're the reason WE HAVE A JOB IN THE FIRST PLACE!").
This was a mere 6 yr. VB6 &/or VB.NET community college educated developer leading that shop, & it showed!
Especially w/ THAT attitude towards his users!
E.G. -> His work was also quite shoddy, lacking error traps & wasn't 'automated' enough... so much so, that I had to run one of his 'apps' daily, costing me 30 hrs. a month in MY TIME as a junior dev. there (though I had 15 yrs. under my belt as a pro in this field, with VB/C/C++/Fortran/COBOL/Assembler & more under my belt by that time, I was still the "new kid on the block" learning their data schema, which was NOT puny (insurance company data never is))).
What happened near the end? Well, I found a virus on my system, after asking "Are you monitoring me with somekind of application", they said "NO", so I showed it to them... turns up, it was a virus (keylogger w/ random names on diff.
This bill will reduce consumer freedom.
Consumers now have a choice of buying error-prone cheap software (i.e. Microsoft, Linux, Apple), or pay a programmer to develop an expensive but rock-solid system (older open source platforms like openBSD).
This bill will basically force everyone to pay for expensive reliable software. It violates free market principles and should be roundly condemned. For some industries, namely car manufacturer, this shift in liability works because we highly value our safety. And, as a public policy, we don't want anyone driving cheap unsafe vehicles. But I see know problem with consumers using cheap error-prone computers.
True, we spend lots of money on IT support, virus protection, and the Geek Squad, but under this new rule, we'll be forced to spend this money upfront.
Fast Federal Court and I.T.C. updates
By that argument only the rich would be able to afford anything at all
No, this is silly. Not many things can be the cause of a business losing millions of dollars, other than bad business models and plans, but bad software can. Viruses are said to have cost businesses billions of dollars. If I buy software and I lose $1 million because it was bad, if the company that wrote it was liable they could end up paying millions.
Now I'm not saying software can't be well written so there's no bugs or easily exploitable security holes but writing software so that it is like this will drive up the price of software.
Falcon
Should there be a Law?