Should Developers Be Liable For Their Code?

Glyn Moody writes "They might be, if a new European Commission consumer protection proposal, which suggests 'licensing should guarantee consumers the same basic rights as when they purchase a good: the right to get a product that works with fair commercial conditions,' becomes law. The idea of making Microsoft pay for the billions of dollars of damage caused by flaws in its products is certainly attractive, but where would this idea leave free software coders?"

Not my fault

[oh_bugger]

As a developer, I say that surely it's the tester's fault if there's flaws!

Re:Not my fault

[s_p_oneil]

Hmm, it would probably go like this:

Engineers: "It's the software!"
Developers: "It's the hardware!"
Both: "Why didn't the testers catch this?"
Testers: "That wasn't one of the use cases, so it's the designers' fault."
Designers: "The product wasn't meant to be used that way, so it's a documentation error if the tech writers didn't tell users not to do that."
Tech writers: "Don't look at me, I just write what you guys tell me to write."

Open Source Developer: Don't look at me. My users contribute design ideas, code, docs, testing, etc. So if there's a problem, it's their fault 4 times over for designing it, coding it, failing to test it, and failing to document it. ;-)

Re:Not my fault

[naoursla]

It worked on my box.

Re:Not my fault

[CarpetShark]

Actually it'll probably work out like:

Providers: Yeah, it's broken, sorry. Contact our insurance company, and put in a claim.

Clients: Oh, you're insured for this? Great.

Providers: Yeah, of course. We're pros, and totally insured for this, like all the other pros. Why else do you think you couldn't get a two-page website for less than $12,000?
 

Re:Not my fault

[koutbo6]

Good luck also untangling the dependency mess in software, I doubt it would be difficult to pin down who is really at fault.

Think of the mess when people start suing developers of web applications!

App Developer: Its the browser!
Browser developer: its the JavaScript library!
JavaScript library Dev: its the VM developers!
user again: Yeah lets sue Sun!
Javascript developer: JavaScript is not ...you know what ..your absolutely right! go for it

User can't find Sun and sues Microsoft for VBScript because its the closest thing to it.

Microsoft: Oracle bought Sun.
Oracle: Hell I knew I shouldn't have bought Sun, anyway, Java is OpenSourced so I have no control over it.
Java developers: JavaScript is not Java!
User: Why am I here?
Java developers: I don't know, but if there is anything wrong, its usually Microsoft's fault.
Microsoft: .... [chairs start to fly and hit user on the head]
Microsoft Lawyer: Lets counter suit the chair manufacturers for not anticipating our use case.

Fast forward to court date after every software and furniture manufacturer under the sun gets involved in the case....

User's lawyer: What do you mean you got windows off of pirate bay? You could have mentioned this small detail before I took on your case!
RIAA Lawyer: Don't worry, you can plead insanity, and I can take it from here.
TPB: Argh! We be hosting the tracker only mate! not the software! the software be hosted in china.

After a very long court proceeding which involved everybody under the sun and caused three world wars, two nuclear stand-offs, and countless bus parties... a strange group of people came crashing into the courthouse

Guys in red:Nobody expects the Spanish Inquisition!

and it starts to go downhill from here!

Re:Not my fault

[sjames]

Insurance company: Did the contract specifically say you could use that menu item while wearing a green shirt?

Clients: Well no, not specifically, but...

Insurance company: DENIED!!!!!!!!!!!!!

Re:Not my fault

[Hurricane78]

I like your style. ^^

Got an humoristic blog? With an URL for me?

Re:Not my fault

[SlashWombat]

Actually, 99 times out of 100, its the software. As a hardware developer, it really pisses me off when I have to look through the crappy code to find the bloody obvious fault that 20 software "gurus" couldn't bloody well see! Of course, the software developers don't do the same for me. Software writers are overpaid, and underworked. If they got off their arses, and did some of their own testing, things might be a bit different.

gpl comes with a license

[superwiz]

and no one to sue. and don't think the fact that you get it for free matters -- you can sue a soup kitchen if it gives you food poisoning.

Re:gpl comes with a license

[A+beautiful+mind]

you can sue a soup kitchen if it gives you food poisoning.

Sure, since that's a public health matter. If software controlling an aircraft crashes and causes the aircraft to crash too and that kills people, I'm pretty sure the software makers might end up liable too.

To continue your analogy, if a soup kitchen gives you soup that is too cold, comes in a plastic bowl and is too small of a portion, you've got nowhere to turn with that and you should have nowhere to turn with that, it is gratis after all. On the other hand, if this happens in a restaurant that calls itself high quality and advertises the famous chicken soup from a master chef and you get the same treatment, then there are numerous consumer protection agencies in Europe at least to fine the given restaurant.

Re:gpl comes with a license

[Timothy+Brownawell]

If software controlling an aircraft crashes and causes the aircraft to crash too and that kills people, I'm pretty sure the software makers might end up liable too.

Actually it would probably be whoever decided that that software was OK to use in an aircraft. If I were to somehow get an aircraft and install Gentoo on some critical system, I'm pretty sure I'd be the one to get in trouble rather than the Gentoo or Linux (kernel) or Glibc people.

Re:gpl comes with a license

[chill]

Except you just can't run anything for aircraft control. Read the fine print on software like Java, Windows and other items. You'll see it explicitly states you are not to use it for nuclear power plants, aircraft control and other life-critical applications. There are special rules for the super-critical stuff.

On the other hand, if this happens in a restaurant that calls itself high quality and advertises the famous chicken soup from a master chef and you get the same treatment, then there are numerous consumer protection agencies in Europe at least to fine the given restaurant.

That concept is so pathetic I don't know where to begin. Consumer protection agencies to fine a restaurant for poor quality and bad treatment? Are Europeans that big of pussies? What is wrong with "tell your friends they suck, don't eat there" and watch their business evaporate? You can't be serious that the government steps in for things like this!?

Re:gpl comes with a license

[mdwh2]

you can sue a soup kitchen if it gives you food poisoning.

But equally, people should be free to say what use their product is intended for. You can sue someone if they sell you food, you can't sue someone if they sell you some substance, and you decide to eat it (especially if it has warnings not to eat it).

The GPL states (similarly to most licences):

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM AS IS WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.

If this isn't enough for a new law, then expect to see many software developers using a licence that states "This software should not be used for commerical purposes" or even "at all [except perhaps for a few limited, restricted uses]".

I also fail to see how causing injury is comparable to alleged liability of Microsoft - there Windows did not in itself cause damage, the problem is loss caused by downtime. It's the difference between a car blowing up in your face, and a car not working so you miss an important meeting. (And if you take a car and drive it into the sea, you don't get to sue no matter how annoying the results are to you.)

There may well be a market for software that does allow liabilities for loss (i.e., they say it is intended to be used commercially). Expect to pay at least ten times the price for it.

Re:gpl comes with a license

[jabithew]

Doesn't GPL have explicit anti-sue protection, with that whole section on lack of implied merchantability or warranty?

This program is free software: you can redistribute it and/or modify
        it under the terms of the GNU General Public License as published by
        the Free Software Foundation, either version 3 of the License, or
        (at your option) any later version.

        This program is distributed in the hope that it will be useful,
        but WITHOUT ANY WARRANTY; without even the implied warranty of
        MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
        GNU General Public License for more details.

        You should have received a copy of the GNU General Public License
        along with this program. If not, see http://www.gnu.org/licenses/.

From the GNU how-to.

Does anyone know how this would interact with the potential EU law?

Re:gpl comes with a license

[rackserverdeals]

THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.

If the law changes and requires software to offer a warranty then the GPL will be vulnerable. Even if the GPL didn't include that statement, a court could invalidated it because a contract that breaks the law is not legally binding.

Changing a license for a big project isn't always easy.

This will most likely hurt companies like Redhat, Canonical, Novell and other corporate open source contributors because they will have to stand by their products and you're bound to get a few cases where they have to pay up.

But it's not a law yet.

Re:gpl comes with a license

[h4rm0ny]

A good analogy is like a map that lets you see a wider view of the terrain. A bad analogy is like the wrong sort of petrol in your car.

Re:gpl comes with a license

[A+beautiful+mind]

I wonder where is BadAnalogyGuy when you need him :)

Re:gpl comes with a license

[superwiz]

But equally, people should be free to say what use their product is intended for.

As a number of people pointed out, there are exceptions to this. Basically, laws can restrict what types of agreements can be entered into. The most extreme example of this is that you can't enter into a contract to be a slave. A less extreme example would be a law that voids all "no warranty" clauses of software licenses.

I also fail to see how causing injury is comparable to alleged liability of Microsoft.

Law suits are a mechanism for recovering damages caused by the other party. You can't sue someone for wrong doing (that's what criminal laws are for). What you sue for is the damages that the wrong doing (or negligence or even plain stupidity as long as the counter party was actually the cause of it). The money you win in a law suit is meant to compensate you for the damages you suffer. In this respect both poisoning and bad software are similar.

the problem is loss caused by downtime

What if it's loss of data? Besides, time is worth money, too. And a car breaking down due to wear and tear is one thing. A car breaking down because of a faulty design is quite another. You can sue in the latter case but not the former.

Re:gpl comes with a license

[Pentium100]

I know a joke based on this:

If food makers used the same licenses as software makers, then in a opaque box, there would be a license agreement:

1. The manufacturer does not guarantee that this item can be used for food and is not liable if it is not suitable for eating.
2. The user is not allowed to examine the contents of this item (for example to look if it had rat tails in it).
3. The user has a right to use (eat) the product, but does not become its owner.
4. The right to use (eat) the product gets only one person.
5. The user does not have a right to sell of give away the product to third parties.
6. The manufacturer does not guarantee that the product is free of hazardous materials (for example, rat poison, dioxin etc).
7. The manufacturer is not liable for any health risk to the user because of the product.
8. The manufacturer guarantees that the box is made of high quality materials and, if there is a flaw in it, will replace the box. This does not extend to the product that is in the box.
9. By opening the box and reading this agreement the user automatically agrees to it.

Re:gpl comes with a license

[digitig]

If software controlling an aircraft crashes and causes the aircraft to crash too and that kills people, I'm pretty sure the software makers might end up liable too.

But the proposed legislation is consumer protection, which is a totally different branch of legislation to that relating to B2B contracts. Yes, the software makers might end up liable, depending on the contract between the service provider and the software supplier, but they might not. There's a lot of Linux used in air traffic control in Europe, but I doubt anybody involved in Linux could end up liable in the event of an accident. Rather, the air traffic service providers have to make sure they have adequate protection against credible failure modes of the Linux element. (I've worked on quite a few safety cases arguing that such protections are adequate, so it's more likely that I'd be liable).

Re:gpl comes with a license

[Hognoxious]

you can't sue someone if they sell you some substance, and you decide to eat it (especially if it has warnings not to eat it).

Silica gel, yum yum!

Re:gpl comes with a license

[Stewie241]

Well, as somebody with an engineering degree, I know that we were taught that we were responsible for designs produced using software products. So, for example, if one used structural design software to design a building, and that software gave erroneous results, you are to blame, and not the software.

Re:gpl comes with a license

[ClosedSource]

Both open source and closed source software typically include non-warranty clauses. If a new law were passed to void those clauses, it would affect both types.

Re:gpl comes with a license

[superwiz]

In the food poisoning case you've suffered pain and discomfort.

You don't sue because you've been wronged. You sue because something of yours was taken away without your consent. If the law removes your ability to consent to certain risks (such as the risks associated with using untested software), then you'll be able to sue for the losses you would incur as a result of using untested software.

Ask for a refund.

The amount of damage you suffer is not limited to the price of the product when it comes to recovering damages through law suits. You have $0 involved in a transaction with a car thief. But you can still sue him for the damage he caused to your car.

Re:gpl comes with a license

[Registered+Coward+v2]

Well, as somebody with an engineering degree, I know that we were taught that we were responsible for designs produced using software products. So, for example, if one used structural design software to design a building, and that software gave erroneous results, you are to blame, and not the software.

The real blame, ultimately lies with the deepest pockets.

Re:gpl comes with a license

[Tablizer]

The bar for coding [engineered] things is so much more higher than for say writing a GMail Clone. If an email service goes down people typically arent going to die as a result.

What if somebody sent the message, "Don't eat that banana, it's poisoned". But your Gmail clone loses some words and the other side gets, "eat that banana" only?
   

Re:gpl comes with a license

[superwiz]

I am pretty sure that the only reason you can sue for pain and suffering is on the theory that your ability to peacefully enjoy your life was taken away from you. Not sure that someone can give you cancer, but if you get hit in the balls and don't suffer any consequences beyond a few minutes of pain, then you law suit options will be very, very limited. You will be able to charge them with a crime though.

As to the moronic comment about the car thief, learn the difference between civil and criminal law and then come back, OK?

I am fully aware of the difference. Please, take your medication now.

if you pay you get working stuff or a refund,

[A+beautiful+mind]

if you get it for no price, you don't enjoy such priviledges.

If someone sells GPL based software, they are free to do so and pick up the tab on flaws in the product. Same goes for proprietary software.

This should have been done at least 10 years ago.

Re:if you pay you get working stuff or a refund,

[sopssa]

If you get free food and it gives you food poisoning, the one that made the soup will still be viable. Same issue here.

Re:if you pay you get working stuff or a refund,

[rliden]

Do you really want to pay for perfect? There are risks associated with anything and buying perfect costs a hell of a lot of money.

This is an issue that is more complicated that should developers be held liable for perfection. Is it good enough to work reliably in most cases? Was there a malicious or negligent intent to box and bunch of schlock? There are a lot of good questions that could be asked here when trying to define the responsibility and accountability of development companies.

The market for proprietary software and the community for open source software does function pretty good for weeding out the crapware.

Re:if you pay you get working stuff or a refund,

[Cormophyte]

This should have been done at least 10 years ago.

Well, yes. But like a great many technological issues the people who make the law have been completely ignorant that the issue even exists, let alone proactive enough to formulate a solution for it.

Re:if you pay you get working stuff or a refund,

[moon3]

if you get it for no price, you don't enjoy such priviledges

Not so fast cowboy, author of the work might be liable for damages, even RMS is aware of this. That what that whole:

WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE

of the GPL is for. I mean this EU law is utter bullshit from free software or commercial software point of view and would discourage developers, not to mention that it surely be misused against software vendors of any kind.

Re:Where would this idea leave free software coder

[superwiz]

Going to medical school.

umm... to avoid being sued?

GPL

[neoform]

http://www.opensource.org/licenses/gpl-license.html

Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations.

Re:GPL

[superwiz]

there is no warranty for this free software

every software license worth its salt has this clause. laws can make certain parts of agreements void. for example, you can't enter into a contract to be a slave.

Re:GPL

[MeanMF]

Sure it's in the license now, and there are similar statements in the license agreements for most commercial software. But the license agreement is only valid if it's legal. So the question is what would happen if a law is passed that guarantees consumers certain rights regardless of what is in the license?

Re:GPL

[maharb]

If a law is passed 'protecting' the consumers then this clause of the contract become void. You can't have a contract to kill someone and have it upheld in court. Same goes with this sort of thing.

There are other complications but basically that clause doesn't help because it would become an illegal clause.

Stupid Idea

[Courageous]

The idea that code should be perfect is a stupid idea: consumers don't want that.

They want "good enough," not perfect. Perfect costs a great deal of money, probably 4X, and consumers will buy the good enough product, at 1/4 of that price, well beyond 95% of the time.

C//

Re:Stupid Idea

[rlseaman]

The idea that code should be perfect is a stupid idea: consumers don't want that. They want "good enough," not perfect. Perfect costs a great deal of money

Your comment is "insightful", but it is beside the point. This is exactly the same issue with all engineering. An object manufactured to better standards than needed for the purpose is an overly expensive object. The question rather is the web of responsibility. If Microsoft or Google or even somebody's shareware makes a claim of suitability, certainly the consumer should have redress when it proves unsuitable.

There are many other dimensions of this issue. For instance, the software industry is well known for adding pointless complexity - features that nobody ever asked for. If GE added a can opener to a toaster, they would be liable for any unexpected risks this reveals, but Microsoft can make Word so complex that businesses using it accrue large expenses related to training, etc., and risks related to misformatted and delayed documents and so forth - and yet Microsoft currently faces no significant market pressure from liabilities associated with having broken their own product.

Re:Stupid Idea

[Anonymous+Brave+Guy]

Exactly. The problem with trying to enforce this kind of measure for software is that there is a cost/performance curve, and most people don't want to pay to be right up at the end of it.

Heck, no-one in the world knows how to get right up to the end of it. Even the guys at NASA, whose development process is awesomely effective at producing reliable software compared to the the commercial/home user industry, still get bugs. Given the nature of their work, their bugs can cost as much in a single mission as a bug in widely used home user software costs spread across the whole user base, potentially including a cost in human lives, so it's not like they're hiring stupid people or not trying to get everything perfect.

Re:Stupid Idea

[14erCleaner]

Perfect costs a great deal of money, probably 4X

With free software, it's even more than 4X. Maybe even 10X.

Re:Stupid Idea

[williambbertram]

First of all, I would strongly disagree that most consumer software is currently 95%, more like 45% at best. I currently recommend people NOT use many of the consumer products with the highest market penetration, simply because it is nearly impossible to make them both safe and usable.

Second, we're paying far more than 4x for "good enough". Sure, the consumer goes and pays the "good enough" price, but that is FAR from the end of it. Consumers spend hundreds of billions every year fixing and securing "good enough".

Third, there are many more people affected than "consumers". All other markets including commercial, and government are affected. Corporations have to pay millions for AV, IDS, encryption, firewall, backup / recovery, and other related products because the core products are "good enough".

I would say the world has had it's fill of "good enough".

What if..

[Mastadex]

Say a developer uses a number of 3rd party libraries (ie. Boost, TinyXML, etc), who will be pay damages if the program crashes in a bad way? The developer for not trying to catch 3rd party crashes, or the 3rd party for writing in bad code?

Re:What if..

[A+beautiful+mind]

The one who sells the given product. This is all about sale.

If my harddrive breaks within warranty period, I don't go to the company who manufactured the silicon or the ICs, I go to the retailer or Samsung, who sold me the drive.

Only if they get final say on release of the code.

[GuyverDH]

Until the coders get total control of the project, from inception to completion, then no, they cannot be held responsible for bugs in the code.
How many companies push to get code out the door with *imperfections* - claiming they'll fix those in the first update?
Too many these days.
I'd say it's the management that controls the release schedules that should sign their names in blood on the bugs still known about (and unknown as testing probably wasn't allowed to complete).

This isn't a way to make software better....

[yourassOA]

or coders liable for anything. It will allow the government to say thing like, "Well your small company does not have the financial ability to support your product for "X" amount of years and you need insurance in case there are millions of lawsuits we are sorry but you can't sell your product". Meanwhile the large company (they are to big to fail or follow the rules everyone else is expected to) caries on as usual having eliminated to competition through government assistance and gets to carry on as usual because they are the only company left and we need them.

The word: Purchase

[MathFox]

Most EUropean countries have clauses in their laws that instruct the judge to take the price of the good into account when considering what would be a reasonable quality for a product. A corollary of that is when you give something away for free, the expected quality level is something like "not known harmful".
When you buy software, for example a Linux distribution, you may expect that the distributor has tested the packages and that the software mostly works. Because you pay more for MacOS, you may just expect MacOS to work better.

Off course there has to come jurisprudence on all this, but I don't think that finding just one bug will entitle you to your money back. However, when the software won't work at all for you, the supplier can not hide behind EULAs and could be forced to compensate your damages... It will be a case-by-case balancing of responsibilities.

Re:The word: Purchase

[itsdapead]

Most EUropean countries have clauses in their laws that instruct the judge to take the price of the good into account when considering what would be a reasonable quality for a product. A corollary of that is when you give something away for free, the expected quality level is something like "not known harmful".

This is consumer protection law, not civil damages. The biggest practical upshot of this would be that if you buy a piece of software and it turns out not to be "fit for purpose", you have the right to a refund and maybe compensation for the cost of post and packing to return it. This is obviously moot if you downloaded the product for free.

Your point about price might, however, come into play if I bought a cheap Linux CD and wanted my money back because the Minesweeper implementation wasn't quite up to snuff.

If a product causes serious damage to property or persons and the victim wants to sue for big money, then that is a totally different kettle of fish - and not (AFAIK) what this is all about.

Licensing and Accredidation

[iluvcapra]

If the EU wants higher-quality software, they should support an industry-wide system for the licensing and qualification of programmers, like we have for other engineering disciplines and professions. For example, they could require that all government software, or software for use in aircraft and life-critical functions. These developers wouldn't be "better" than anyone else, but they'd have taken an exam and be nominated by their peers, like a state bar.

If the software is developed by professional developers with licenses, it gets a big seal on it, and then people can choose to buy it or not based on the rep of the licensing body, and their risk tolerance.

Re:Licensing and Accredidation

[xilun]

You are confusing lot of things and so completely missing the point. Qualification of safety critical software already exists and already is done by qualified people, and this is probably the case all over the world. And the EU is already doing fine for qualification of safety critical software, thank you very much. Few casual consumer products with low safety risks need licensed engineers to be created. There are other mechanisms to protect the consumer in case of defects. Finally, about responsibility, regardless of the domain, the people who are responsible are not very often the only people doing all the work.

Re:EULA

[sopssa]

If they pass a law to protect consumers tho, eula cannot go against it. Those parts in the EULA would be just as null.

Thats how it works in some countries in europe aswell. For example most eulas try to prohibit you from making *any* copies of the software/game, but laws state that you can make yourself personal copies. Law goes on top of EULA, and if they differ law always wins.

Re:What a great idea.

[sopssa]

However theres a little bit of difference on complexity on programming and constructing something (I know, constructing requires knowledge aswell, but not on so wide scale and on the same level of complexity)

Re:That's one good thing about open source

[rxan]

I am tired of these implicit assumptions that FOSS is better than proprietary/closed source. You assume that because you have an FOSS product that you automatically have more people testing your it.

A large company just released a RC for their new OS. It's a closed source and proprietary product and it's being tested for free by more people than your product is (admittedly). You should check it out.

Furthermore, open source only matters for testing when your testers are actually doing white box. Unless your free testers are staring at code all day trying to force defects, it's all in vein.

Re:It is all in the license....

[ljw1004]

Sure it's all in the license at the moment. The question is whether we as a society are happy that these are valid licenses.

We don't let doctors do surgery with the EULA-like conditions that "anything they do is at the users own risk and the doctor isn't held to any standards."

We don't let engineers build bridges with the EULA-like conditions that "the bridge is delivered as is and people drive over it at their own risk."

Why do we allow software to get away with such a cowboy attitude when we're more rigorous about other important infrastructure?

Or, why are we so up-tight about doctors and civil engineers when they should have the same laissez-faire setup as software engineers?

open source is still not liable

[voss]

Because the software is not purchased there is no contract. "permission to use" is not the same as a sale.

Unworkable

[StormReaver]

This is an unworkable plan. Personal computers, by their very nature, require the end-user to tamper with them. The moment the end-user installs some 3rd-party software, or swaps out any piece of hardware, the environment the software runs under changes. This new environment will frequently produce a permutation that is impossible to predict and test against.

Additionally, many mainstream hardware manufacturers are TERRIBLE at producing hardware that conforms to the standards to which software developers target their code. Software developers can do everything right, but still see their programs malfunction due to circumstances beyond their control.

If this brain-damaged statute passes, the European Union will witness a steady exodus of consumer software, both closed and Open Source, from its member nations. There are just too many intermediaries between the software producer and software consumer to make this kind of liability feasible in any way, shape, or form. The price of even simple software would also rise to that of a small skyscraper, as a deluge of lawsuits would be filed by users for problems they caused themselves, but blamed on the software.

The cost to the European Union would be devastating.

Re:Only if they get final say on release of the co

[scamper_22]

I have mixed feelings on this.

This would only work if 'coders' gain the professional standing like doctors and lawyers. I would welcome the chance to have better qualified people in the field as well as bigger bucks.

On the other hand, all of software is design. It's hard to fault someone for breaking breaking standard protocol, when each piece of software is essentially designing something new. I heart surgeon doesn't invent a new heart procedure with each patient... By definition in software, everything is new as the compiler and CPU handle ALL the repetitive work.

Similarly, all products have a limited use. A company manufactures locks. Well with some kind of equipment, virtually all locks are breakable. IF a thief breaks into a my house can I sue the lock company? Well... only if the lock was defective I suppose... but what does defective mean? It means, it violated what a lock could reasonably stop. Normally by some specification (can withstand X amount of force, tension...). So what is it going to be with software?

They will have to list such specifications too which will basically amount to: this software will work as intended as long as you use it as we instruct. Take your care for example, if you are driving at 100 kph and put the car in reverse, which u can, you will blow up your engine. Yet in software, it is expected to take care of cases where the user pressed the wrong button at the wrong time... It should not crash. In most respects, software is remarkably reliable if you compare it to the rest of the world.

It's kind of pointless.

I think this is just more pointless European regulation. A body that has decided it doesn't want to do anything and just create an economy out of regulation and finance. Just my view anyways...

I say let the market handle reliability. I mean... amazing how Toyota does so well in the free market non? The market is the best structure to determine the trade off between price and reliability.

Marketing

[phorm]

From my experience, it's often more like,:

Accounting slashed the budget so that we were short developers and testers. Marketing advertised it for other than it's intended purposes, or more featureful than originally designed. Sales cut us out of client meetings and added a bunch of glitzy features or things that weren't even really possible to do properly.

The end product had features tacked on at the last minute, a shortened development cycle, a bunch of extra eye-candy thrown on at the expense of real features, a neutered budget, and almost no testing because even with the above cuts they still ensured customers it would be released at a way-too-early date...

Even with the headline's example of Microsoft, I'd have hard time placing all blame on the devs when all the above bullshit tends to happen, not to mention the overall fragmentation I've heard that they suffer from lately.

Re:Marketing

[supernova_hq]

That's why if blame must be cast, it must be cast on the company as a whole. If you buy a television and it burns down the house, you don't sue the chinese kid making 3 cents and hour, you use the company (Sony, Toshiba, etc).

As for free software (beer), almost all free software comes with a notcie along the lines of "This software is provided free of charge without even the guarantee of sale...". If you provide someone with something, but do not charge for it, there is no guarantee of sale, so there is no liability.

GPL v4

[earnest+murderer]

The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to destroy you and leave you (and or your business) reeling in economic and personal obliteration*. That our software looks like it does something productive should not be mistaken for any intent to be useful in any fashion â"the software is free for all its users.

*The GPL or authors of software using the GPL license make no guarantees regarding the efficacy of said software's destruction potential.

Aircraft software

[Okian+Warrior]

I make software that goes on an aircraft for a living.

All such software is required to be certified by the FAA, which has elaborate requirements for development, documentation, and testing (the applicable document is DO-178B).

I'm told that the reason for certification is not safety, but culpability. If your software satisfies the requirements and passes review by the FAA, then your company will not be held liable if it causes problems.

In essence, certification represents "best effort" engineering practices and tries very hard to eliminate bugs in the final product.

By the time a software package gets on a plane, many people have combed over it looking for problems, and the testers have spent a massive amount of time running it. There is a safety/failure hazard analysis which asks all the "what if" questions, and the flight crew has written procedures in case it fails.

If a bug is found after deployment (this happens occasionally) and it is discovered that there was a flaw in the certification process, all hell would break loose. It would open up the FAA and the company to all sorts of lawsuits from injured parties. The people who signed off on the certification would essentially be screwed.

The FAA is generally a bunch of bureaucrats. The one thing they do well is look out for their own interests.

Oh, and I worked for the company that got Microsoft Windows certified to run in the cockpit as a map display. It's Posix compliant, dontcha' know!

Re:"May Contain Bugs"

[mfnickster]

> I'm looking at a silica packet that is labled, "Do not eat."

I followed those instructions and nearly starved to death!

My lawyer advised suing for "negligence causing anorexia."

Re:Two versions

[julesh]

The result will be two versions of software. One will be priced the same as today, with a detailed license agreement with you ultimately giving up those rights

The purpose of the law would be to prevent license agreements taking those rights away. You already have them by default anyway (google "implied warranty of merchantability").