Slashdot Mirror

← Back to Stories (view on slashdot.org)

Robots May Inspire Suits Against Programmers

Posted by timothy on from the your-roomba's-in-my-peanut-butter dept.

cpu6502 writes "Robert Silverberg wrote a recent editorial about the dangers of robots and the legal consequences for their programmers and engineers: 'Consider malicious kids hacking into a house that uses a robot cleaning system and reprogramming the robot to smash dishes and break furniture. If the hackers are caught and sued, but turn out not to have any assets, isn't it likely that the lawyers will go after the programmer who designed it or the manufacturer who built it? In our society, the liability concept is upwardly mobile, searching always for the deepest pocket.'"

22 of 202 comments (clear)

  1. Maybe... by DWMorse · · Score: 4, Insightful

    Maybe... But last I saw, Ford Motor Company wasn't liable for drunk drivers that use their vehicles to drink and drive, resulting in death or destruction of property. This makes me think that engineering a product doesn't necessarily make you liable for someone that breaks it apart.

    Now, if your product was a security software, and you advertised it to supposedly prevent this...

    --
    There's a spot in User Info for World of Warcraft account names? Really?
    1. Re:Maybe... by Anonymous Coward · · Score: 5, Insightful

      A more apt car analogy would be suing ford because someone broke into your car. Or suing Microsoft because somebody hacked your server. There's zero precedent to these types of lawsuits, and adding "with a robot" doesn't change that. This article is fucking retarded, even for Slashdot.

    2. Re:Maybe... by WrongSizeGlass · · Score: 3, Funny

      I'm not worried at all because I have a Robot Lawyer ®.

    3. Re:Maybe... by bsDaemon · · Score: 2

      What happens if you buy a refrigerator specifically for keeping food cold, but I sneak in and put 400lbs of rotting meat and vegetables inside of it? Then, when you open it, the overwhelming stench causes you to throw up, then your wife slips on the puke puddle and breaks her leg? Yeah, I could see how GE might be responsible for making the fridge. Call it an attractive nuisance, I guess.

    4. Re:Maybe... by TWX · · Score: 5, Interesting

      the argument that will be used is that the software engineer or programmer didn't do the use cases to foresee the potential for misuse and abuse of the product by criminals - and that they were therefore negligent - I don't buy this argument but lawyers are a slimy lot !

      Why don't you buy it? I'm amazed that Microsoft hasn't had the crap kicked out of them due to how vulnerable their software has been to exploitation, and exploitation that has left numerous unaffiliated companies that don't even use Microsoft operating systems. Users whose computers are easily compromised and companies who have suffered the ill effects of attacks made by compromised or hijacked computers should have one hell of a case.

      As far as liability for physical devices goes, while the OP's point that as an owner, misusing a product (like drunk operation of a motor vehicle) might not open the manufacturer to liability, I don't think that would even come close to the argument in a lawsuit. The argument would revolve around how 1) the manufacturer used consumer equipment and communications protocols for their equipment allowing other consumer equipment to contact the manufacturer's devices, and 2) that the manufacturer also neglected to provide sufficient safeguards to keep out those who aren't authorized to use the equipment, and the consumer protocols and equipment selected by the manufacturer made it unduly easy for even the technological layman to tamper with only minimal instruction or assistance.

      IMHO, the state of commercial software development is atrocious. I don't expect every software product or operating system to be completely immune to exploitation, but the fact that commercial operating systems with large paid development teams and oversight by paid management still manage to have hundreds or thousands of weaknesses that lead to remote exploits or infections through applications like the friggin' web browser despite many users' attempts to lock down ports, installing antivirus and malware programs, and hiding behind firewalling routers, developers should be ashamed of themselves. Having worked in a company that was developing a communications application, and whose job was quality assurance, I can tell you that part of the problem is that most developers lack the devious streak to know how their software could be misused. They only see how they can make it function for X circumstances, not how Y and Z circumstances could lead to its compromise. As the QA tester it was far, far too easy to break or exploit communications daemons, and when the programmers were confronted by the evidence they got defensive and indignant instead of wanting to know more about the nature of the test or the fault. As long as that attitude prevails in programming this sort of thing will continue to plague our software, and in my opinion, development companies should be responsible for the ramifications of their decisions.

      --
      Do not look into laser with remaining eye.
    5. Re:Maybe... by WrongSizeGlass · · Score: 4, Funny

      But what if it fails to defend you properly...

      Then I'll sue the programmer. Ahh, the circle of life ;-)

    6. Re:Maybe... by meerling · · Score: 2

      Except there are a lot of lawsuit happy morons out there that don't accept responsibility for their own actions and want to sue everyone who's even peripherally involved in even the vaguest sense so long as they have money.

      You've heard about the moron that ignored the warning signs, climbed over the fence (by the warning sign) and tried to pet a dolphin that bit him? (I think the article said it was really minor, maybe didn't even break the skin.) He still got 10% of the insane amount he was asking for.

      How about the lady that put the McDonalds hot coffee (law requires it be a minimum temp, at least in my state) in her lap between her legs while driving? Well if you haven't she squeezed, it popped, she got burns in places you don't want burns. She ended up suing McDonalds, I don't recall the result on that one.

      A real winner that happened very recently, a bicyclist was being stupid and riding at night without lights and got hit by a car. The driver of the car sued the bicycle manufacturer. I guess it was for not forcing morons to use lights at night when bicycling, I don't remember. Again, I don't know what finally happened, if it's over yet.

      Here's a story that's been done many times. Somebody gets shot, rather than sue the shooter, or even the gun store/show where it was purchased, they go after the big money and try to sue the gun manufacturer. This has happened so many times I'm sure you could write a book on it. (Don't know who'd want to buy it, but still...)

      Those are just a few of the stupid lawsuits that should never have happened, but because greedy people don't care who it is, as long as they think they can get some loot.

      I know some of those fit the situation listed with just a few noun changes, and others were to illustrate the litigation insanity of a growing group of creeps and cretins, but I hope I got the point across. It doesn't seem reasonable to us, but those type of lawsuits aren't brought by reasonable people.

    7. Re:Maybe... by AmiMoJo · · Score: 3, Insightful

      The reason Windows has had so many exploits is because in the 90s people were demanding an OS compatible with their existing software, i.e. one where you run at root all the time with no firewall and all services on by default. All applications are trusted to make system wide changes. If you changed any of that they wouldn't install or run. XP made things a bit better but it wasn't until Vista that they changed the default to untrusted and look at how (un)popular that decision was.

      Vista was the bitter medicine needed to force developers to start behaving. The much hated UAC prompts were not for users, they were to make the experience of badly written software so shitty that the developer would be forced to change it. Now 7 is out and more of the legacy crap has been dropped, as well as applications in general becoming less stupid and more compatible with secure settings, Windows is actually fairly secure. Certainly the days of limitless remote exploits are over, with most hacks being targeted at applications instead of the OS. A lot of exploits rely on the user doing something stupid such as installing random software they downloaded. Nothing is perfect but companies running Vista/7 have a lot fewer problems with viruses than those still on XP.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
  2. How is this interesting? by Haedrian · · Score: 2

    Or even news?

    What happens if kids break into your house and break your dishes? You sue their parents? You sue the school for not teaching them well? You sue the government for not putting enough money in education?

    There is no logic to who gets sued. Suing is an interesting part of physics - whenever there is a "Lots of money" gradient, and a "Has worse Lawyers" gradient, the suing target moves.

    Now I'll just be off suing microsoft for my latest virus. Brb.

  3. Stop the insanity ! by Dolphinzilla · · Score: 4, Insightful

    This in my opinion is a major reason our society is so screwed up - why should we even consider it reasonable that lawyers can go after software engineers and programmers to "make someone pay" because the real criminals have no assets. Product liability insurance is a major reason why some things cost so much and until we break the cycle and get the lawyers out of control (most of them run our governments)these frivolous lawsuits will continue - in the end the only people that really win are the lawyers. This is the same argument as going after a Glock handgun designer because one of their weapons was used to shoot someone - its absurdity to the max

  4. Re:Am I the only one who by WrongSizeGlass · · Score: 2

    remembered the movie 'Runaway'? Cynthia Rhodes was hot then.

    But she wasn't sued because the rest of the movie sucked.

  5. In united states, very probably. by unity100 · · Score: 2

    because the legal system encourages profiteering over reparations. especially for the law firms. it is natural that these firms would use any excuse to have people sue other people for all kinds of bullshit.

    --
    Read radical news here
  6. Nah by RyanFenton · · Score: 2

    1. Manufacturers will very likely isolate their product from function, only selling unprogrammed tools with APIs, to companies who resell the devices with an OS with strict functionality limitations, and DRM-like lockouts to isolate themselves from liability.

    2. Companies will be careful in the beginning to set precedence that allows them to bypass such liability. Likely they'll create a set of manufactured "harm" scenarios, with honest but complicit victims with a vested interest in blocking most future lawsuits based on indirect liability.

    Only once liability precedence has been set will the APIs open up on consumer tools from the major manufacturers. The court system may be insane in many ways - but they function to the needs of large companies - mostly as a negotiation device, and a filter for amount of money owned ("You must be this rich to use the court system").

    Ryan Fenton

  7. Re:Programmers? by OddJobBob · · Score: 2

    Yes it is the CEO or Engineering director they should go after. We had a boss who was insistent that we did not waste money getting our equipment tested by an external body for electrical safety, until he was informed that he was the person that could go to prison if some died as a result.

  8. This is why punitive restitution is the best way by MikeRT · · Score: 2

    Instead of locking the punks up, make them pay the victim 7 times the value of the damaged property. Deny them welfare until they've paid it back. If they commit another felony while they're still paying it off, double the sentence for that felony.

    On the surface, it may sound harsh, but if they do $1000 of damage to their neighbor and the court makes them pay back $7,000 as restitution and punishment instead of booking them in the pokey for two years, which is less disruptive? Having to pay back $7,000 with no interest at 1-2x minimum wage or doing prison time and then trying to find a job?

  9. Re:Most software licenses limit liability by jbengt · · Score: 2

    Most software licenses have waivers of liability, and have a limit on the monetary damages.

    Liability clauses can work both ways.
    If a robot company produces and sells robots that cause harm, then they can be sued under product liability laws, which apply strict liability standards (in the US, anyway), which means that absent post-sale changes to the product, the producer/seller is liable, period. (If the harm is caused by a hacker, that's a different story.)
    However, if a software company provides a service to a robot company, then the software may fall under a different liability doctrine in which the robot company would need to prove that the software company failed to use a reasonable standard of care in order to collect from them. Reasonable care is determined largely by comparing to the typical standard of care in the industry. In that case, any decent programmer would be safe from liability.
    However, any competent legal advisor for the robot company would add clauses to the contract requiring the software company to indemnify the robot manufacturer from software failure. This is what insurance companies are for.

    IANAL
    YMMV

  10. Re:Do we even need an analogy? by SuricouRaven · · Score: 2

    I recall the MS EULA specifically prevents any liability. It's near the bit that forbids the use of general-purpose Windows licences in the operation of nuclear facilities or other places there there is potential for epic fail. Maybe robots will have an EULA too, with a similar clause.

  11. 4th Law by stealth_finger · · Score: 2

    1 A robot may not injure a human being or, through inaction, allow a human being to come to harm.

    2 A robot must obey any orders given to it by human beings, except where such orders would conflict with the First Law.

    3 A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.

    4 A robot must not make a mess and if it does it must clear up after itself.

    --
    Wanna buy a shirt?
    https://www.redbubble.com/people/stealthfinger/shop?asc=u
  12. Re:Most software licenses limit liability by Surt · · Score: 2

    Precisely. Most of them didn't even move.

    --
    "Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
  13. Re:Do we even need an analogy? by 91degrees · · Score: 3, Interesting

    Why do people always assume that just because it's in the EULA, it's legally binding. It's a factor, certainly, but generally courts take a dim view of companies trying to weasel out of their legal obligations with this sort of thing. There's still an expectation that the software is fit for purpose.

  14. OP Doesn't Understand The Law by automandc · · Score: 4, Insightful

    As an attorney, reading this question invokes the same reactions that many of the /. crowd would have if I started trying to opine on the technical failings that would allow our mythical vandals to reprogram the hypothetical robot.

    Not to get too technical, but just because you sue the company doesn't mean you win. The liability insurance that even the smallest companies carry would cover the legal costs of having such a suit dismissed. (For the technically inclined, look up comparative negligence and the proverbial "intervening bad actor").

    The homeowner (the ones suing) would probably be found more responsible for not following basic security etc.

    As others have pointed out, software companies have long been given practically a free ride in harm caused by poorly written software. First, they have been allowed to disclaim the standard warranties of fitness and function. This is akin to buying a car that the manufacturer won't promise to actually work or be safe. If Ford told you that they wouldn't guarantee that pressing the brake pedal actually engaged the brakes, would you drive that car? Yet every piece of commercial software we use specifically says that there is no promise that it will work at all, or do what the purchaser wants.

    Here is a counter hypothetical (more realistic as it has actually happened). A relative dies in a plane crash. The FAA investigation conclusively shows that the accident was caused by a bug in one of the key computer systems. Should you sue: the airline? The manufacturer (boeing/airbus)? The subcontractor that wrote the software?

    The answer is, you sue the airline, and the system is set up so that anything you win from them, they can then sue to recover from the party up the chain. Thus, everyone's liability is ultimately apportioned according to their degree of fault (note, yes it is a gross simplification). This is why people writing software for critical systems (ones where a failure can cause property damage or injury) need a good lawyer to write their contracts/licenses. They law has allowed programmers to avoid their responsibilties for a long time, so if a sw company doesn't take advantage of that, it is their own fault.

    Consider, there is no educational or professional certification required to write and sell software that controls an infant incubator used in an NICU, but you need a government license to drive to the store. Programmers and engineers have been getting a sweet deal in liability for years, so it's awesome to hear them still complaining.

    --
    I'm a lawyer with excellent karma. Something's gotta be wrong.
  15. Therac 25 by Xugumad · · Score: 2

    Wait, is he claiming robots will suddenly make software have more real world consequences? If so, I'd like to introduce him to Therac-25... http://en.wikipedia.org/wiki/Therac-25

    Short, not too squeamish version: Software bug in rare cases allowed radiation overdoses. People died.