Slashdot Mirror
Who's Responsible For Accidents Caused By Open Source Self-Driving Car Software? (ieee.org)
Here's the problem. "You could download Comma.ai's new open-source Python code from Github, grab the necessary hardware, and follow the company's instructions to add semi-autonomous capabilities to specific Acura and Honda model cars (with more vehicles to follow)," writes IEEE Spectrum. But then who's legally responsible if there's an accident?
Long-time Slashdot reader Registered Coward v2 writes:
While many legal experts agree OSS is "buyer beware" and that Comma.ai and its CEO Georg Hotz would not be liable, it's a gray area in the law. The software is release under the MIT OSS license and the Read Me contains the disclaimer "This is alpha-quality software for research purposes only... You are responsible for complying with local laws and regulatons." The U.S. Supreme Court, in a series of court cases in the 1990s, ruled open source code as free speech protected under the First Amendment of the U.S. Constitution.
The question is does that release the author(s) from liability. The EU has no EU wide rules on liability in such cases. One open question is even if the person who used the software could not sue, a third party injured by it might be able to since they are not a party to the license agreement.
An EFF attorney told HotHardware "Prosecutors and plaintiffs often urge courts to disregard traditional First Amendment protections in the case of software." But not everyone agrees. "Most legal experts that spoke with IEEE Spectrum -- and Hotz himself -- believe that if you use the company's code and something goes wrong, then it isn't liable for damages. You are."
The question is does that release the author(s) from liability. The EU has no EU wide rules on liability in such cases. One open question is even if the person who used the software could not sue, a third party injured by it might be able to since they are not a party to the license agreement.
An EFF attorney told HotHardware "Prosecutors and plaintiffs often urge courts to disregard traditional First Amendment protections in the case of software." But not everyone agrees. "Most legal experts that spoke with IEEE Spectrum -- and Hotz himself -- believe that if you use the company's code and something goes wrong, then it isn't liable for damages. You are."
It's coming anyway - just like bridge builders and other REAL engineers.
So bring it on.
That way we can differentiate between the real software engineers who know what the fuck they're doing and the pretenders playing with the likes of Ruby.
But when we deport them, THEN who's responsible? That's the real question!
Haven't you been paying attention to what Trump's been saying this week?
I am not sure I would ever put a python script in control...
There's no actual autopilot and they say specifically you have to keep hands on the wheel in case something happens and you need to take over.
They don't specify what might happen. Thus, everything that might happen is what you are potentially responsible for, just like cruise control.
It's coming anyway - just like bridge builders and other REAL engineers.
No, software engineering is not just like bridge building. Only simple software can be proven correct - bridge builders have equations they can use to verify their work.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
the renter of the car who you don't own is! Even when it's just an auto taxi I hope you don't drop the soap after the auto taxi BSOD and kills some one.
Where is the 'Cowboy Neal' option?
Software liability is not new. Its use in automobiles is.
If you download, compile (or trust some 3rd party build), and use you are responsible.
If your self driving car, using open source software, is in an accident, you are responsible. There is no responsible 3rd party.
This is old law.
This is the meaning of use at your own risk.
Accept it, or don't use it.
If this is for income generating purposes, then tricking people into installing and using their software may be considered as fraud and accountable for any adverse consequences. If their software is designed to work with their hardware, which they sell, they have even worse case as this is not considered general-purpose computing.
But humans are stupid and need to kill eachother in order to learn.
You build a car of your own design in your garage for fun. You learn some welding skills, grab parts from here there and where ever, and start your dream of being a custom car builder. You crash your homemade car into a store front window. Who's responsible?
WTF people. Is it patents all over again? Is it a new problem when you add "with open source" or "for the internet" or "on a mobile phone"? These aren't NEW questions or NEW problems. Just more BS drama for the age of the internet.
Who is going to be responsible for it, open source or not.
Laws are rules for the court, but merely a bottom bar to hit for life. Think beyond laws in your actions always.
No, software engineering is not just like bridge building.
You're absolutely right. If bridges were built with the same quality and attention to detail as software, we would have major bridge collapses on a daily basis.
"Only simple software can be proven correct" is a bullshit excuse. Yes, some software is very complex. So what. Deal with it. If you cannot determine whether or not your software functions properly, its only because:
(a) you are a shitty incompetent programmer
or
(b) you are a shitty incompetent programmer
or
(c) all of the above.
The time has come to stop giving software a free pass. Your software is a horrendous piece of crap and you know it. And you don't care because there's no liability. This needs to stop.
Sure, the store may go after Joe the installer, but that is their problem, not yours and the reason you didn't hire Joe directly. See subrogation.
Who's responsible for a warship going U/S when Windows NT falls over? Who's responsible when your PC doesn't work because OS is broken?
The latter one is relevant here, because the answer to that, as well as this one, is the one who decided to put that software on there. The OEM supplier installing the software.
I have to agree here.
If I buy a part for my car and the part's manufacturer claims that it complies with some ASE or similar standard, then if the part fails I might have a legal case (e.g., if I can prove negligence in the design or manufacture, or something that the established case law will respect). However, if I buy a part off a guy who makes them in his tool shed and hey tells me "hey, I'm not sure that this thing won't explode when apply the brake," then I am pretty sure I have no recourse whatsoever.
How is software different? If the manufacturer warrants it, then it should work as it is represented and if it fails then there is a discussion to be had. If the manufacturer disclaims warranty and it breaks (and the applicable laws don't override that; you know that in some jurisdictions that there are laws that still hold the maker or seller responsible to a degree for things they make or sell?) then I don't have a legal case.
Of course, even professionally produced commercial software normally has a EULA with a clause that reads something like "the manufacturer provides no warranty of merchantability or fitness for a particular purpose and shall not be liable for losses arising from blah, blah, blah..." If you are NASA and paying your contractors (an enormous amount of money) to mathematically prove their software correct then you might get a "yup, we certify that this software will work as designed," otherwise you have no such assurance.
If you drive a car over a carload of nuns, you're liable. What's new here?
Don't take life too seriously; it isn't permanent.
Hillary had 30 YEARS to fix the bugs in that software and she did nothing.
who's legally responsible if there's an accident?
That question is the real problem.
What does there have to be legal liability? Why not simply have your insurance take care of you and the other party's insurance take care of them? That's why you have insurance in the first place.
The answer, of course, is "Insurance Companies".
The entire business model of insurance companies is based on doing everything possible to avoid paying claims. They always want the other party to be "at fault" so that someone else has to pay for the damages.
And naturally you'll have insurance to cover driver mistakes?, just like you do now for the meatbag driving.
If you own a dog, you are responsible for what it does even though it has a mind of its' own. Self driving cars can be treated the same way.
Neither bridge building nor software engineering have mathematically proven models. You can approximate and calculate a lot of it based on years of construction but you still have to have common sense and experience.
The reason we have shitty software is because nobody typically dies when something goes wrong (and in the cases where it does, the instances are so rare the companies behind them often don't care enough). Bridges on the other hand are not nearly as lean and cost effective as they theoretically could be because nobody wants to take that risk, a bridge collapsing is severely more expensive than someone's heart rate monitor halting so if you need to build the largest bridge in the world, you pay the freaking engineers $1M/year in salary, if you need to compete to sell the cheapest heart rate monitor in the world, you get some Indian guy barely out of high school to do it for $1k.
It's why planes (until the Boeing 777X/AirBus A350 at least) have multiple "computer systems" (which are really purpose-built programmable machines) on physically separated networks but medical equipment runs Windows XP with a public IPv4 address on the Internet. 1 person that's already halfway in the casket is an acceptable risk, 100 people dying because of the same sloppy software practices would be a tragedy for the company involved.
Custom electronics and digital signage for your business: www.evcircuits.com
I'd advocate for liability for the companies that employ the engineers. In construction, the engineers are often not directly responsible unless you can prove intent, although they may lose a license in cases of severe incompetence. The construction company may be on the line for some of the construction costs, but often the governments involved ends up paying for those sorts of losses. In most cases however, it's not necessarily the engineers but the construction company and/or their subcontractors trying to squeeze out a few dollars in the process that are the problem.
Custom electronics and digital signage for your business: www.evcircuits.com
If you package something for sale, you are responsible. Here's a box filled with stuff for 49.99, oops the box exploded one or 10 times. The boxing vendor is responsible, regardless of the interaction that caused it. There is no specific law, but tort law generally plays out that way. A separate boxer? Not that guy's problem but he always has to go to court to be found, not at fault. Nothing here about software liability applies excepting between the packaging vendor and the development team. Will we see the US make a rational decision to this end? No. Will it result in this chain of responsibility eventually, yes.
Often wrong but never in doubt.
I am Jack9.
Everyone knows me.
I would venture to say you don't have a degree in engineering if you believe that the mathematical modeling of bridges is not accurate. And you've never worked as a PE if you believe typical bridge engineers make $1M/year. You are right that the number of people dying is a factor in design - it's why houses are not built to the same environmental loading as Fire Stations.
Software has the same problem that engineering design does. More and more designers are reliant on software to design their products, and fewer and fewer have the capability to design by hand and take the time to do a sanity check that things are working. The larger the project the harder it becomes for humans to manage it. Nonetheless, when it's your entire livelihood oh the line for the rest of your life (i.e., a professional engineer), you check things pretty closely. Every time.
(d) A manager decided to ship your rushed alpha code without any QA, even though you told him/her it's just the first draft.
Let's at least acknowledge that bridge builders get a proper amount of time to design their bridges. Coders get 1/4 of the time needed, and are expected to work nights/weekends to get it done.
It's also an environment where managers know you can patch code later on, unlike a bridge (even though there's never enough time to patch old projects).
No matter who is eventually liable, YOU the owner of the vehicle, with a title registered in your name, will be sued.
Guaranteed.
While you make some good points a counter arguement could be since it is alpha software and they released it knowing that and even potentially admitted it may be flawed they were negligent in releasing it. IIRC, you can't declaim negligence although many Agreements try to do that; the question here is not would the owner of the vehicle be liable but could the software developer also be liable.
I'm a consultant - I convert gibberish into cash-flow.
Parent is 100% wrong. The reason you are typically responsible for open source software is because the license comes with a disclaimer of warranty and of liability. For example, the GPL license says:
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
This does not prevent a company from selling you a warranty for a fee. e.g. Enterprise software customers get a warranty, because they pay for it. If you're buying a self driving car, insist on a warranty.
tl;dr: Parent is wrong; do not buy a self-driving car that doesn't come with a warranty.
How the hell is one going to make a case for negligence? Did the software magically "infect" your car and installed itself? The end user had to go through a non-trivial technical procedure to install the software.
If detect.pedestrian.ahead==true
then set.max.accel
It is obviously the Russians.
IN what fairytale do structural a have unlimited time? It's really simple. If it doesn't have the engineers stamp, it's not done. My engineers still scribble to sign off their code. I expect them to creat and test software to the design standards, and over the last decade we've found two errors in a million flight hours, in a high fairly high radiation (high BER) environment. But, we hired professionals and demanded professionalism. And yes, we have over a hundred thousand lines formally verified, and all million and a half have been verified with software tools.
It's not hard, but you have to hire professionals instead of programmers.
Will the self driving cars be forced to obey ALL the traffic laws, or will they move with the flow of actual traffic, which usually moves along at velocities exceeding the posted limits...
Whoever the courts/governments decide is responsible on a case by case basis, or course!
Lock her up!
If you hire a chauffeur to drive you around in a car that's your property, are you responsible when he blows a red light?
If someone publishes some bomb making recipe, would that person be free of liability? You can's simple slap EULA and license agreements to dodge the liability. If the bomb recipe you provide or the software you provide enables a person to do something that they would not have been able to otherwise, are you completely free of liability?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
Your environment isn't a normal programming environment...it's an engineering environment. Clearly you are a fucking moron for confusing the two.
It will be a replacement at some point. Avoiding accidents will not be the driver's job, but my expectation is that it will remain his responsibility; there's a difference. His insurance will have to cover it. Depending on your country's legislation of course, in some places insurance is tied to the driver, but over here it's tied to the owner of the car.
Any insurance company will take a long and hard look at the risk involved. What are the odds of an accident happening with any particular flavour of autopilot? If there is an accident, is there a manufacturer who can be held responsible? In the case of OSS, there is no entity to sue so insurance companies may well demand a much higher insurance premium for cars with OSS autopilots, unless statistics show that this autopilot is extremely safe. But in any case I will make this prediction: it won;t be too long before insurance premiums for human-driven cars will exceed those of self driving ones.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
This begs the question (assumes it and ignores it): When a NON-open-source software program is involved in an accident, the responsibility is that of the manufacturer.
That is not true according to current cases dealing specifically with Tesla.
A better question isn't "Hey if an open-source independent vehicle software program causes a crash, who's responsible" but rather: 'Who is responsible when software causes a crash" or better yet "How can people be responsible for their own behavior even if relying on a tool?"
E
Actually, It's me. Sorry in advance for all the dead people, all of that is my fault. Even the ones ain't died quite yet. Although I do feel badly, I do. Again, sorry.
Just last year an 18 wheeler made a careless lane change and scraped the bumper of my wife's car. (It was a peak hour traffic at 4 mph or so). It was the trucking company's insurance that paid for the 500$ damage.
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
So what you are saying is, al queda and ISIS have to simply open source their bomb making recipes and release it under GPL, then they will be free of liability. Right?
sed -e 's/Chuck Norris/Rajnikant/g' joke > fact
God is responsible, die suckers.
That's the problem, the "driver is responsible" model is useless. Babysitting a self driving vehicle is no easier than just driving it. The untapped resource with self driving vehicles are the state and federal DOT's. With fairly cheap roadside infrastructure (including cameras, centimeter accurate local positioning systems, vehicle location recording and broadcast) and a certification process for what software must do to drive a car, responsibility for the whole system becomes distributed over companies AND state and federal governments, and incremental changes can be made publicly over time for safety. No CEO gets to be Tony Stark and single handedly take all the credit for the system, but also no one takes all the blame when things go wrong, and it can move forward openly with public input.
-The art of programming is the pursuit of absolute simplicity.
This is one of my arguments about so-called 'self driving cars': The manufacturer is technically driving it if it's in self-driving mode, but just like so many of them, they'll dodge responsibility one way or the other if someone gets killed, and in the end there'll be no justice at all. It'll get tied up in the civil court system for years, or in some sort of arbitration, and in the end you'll either get nothing or some paltry chunk of change, and meanwhile a person is dead, all because of some shitty technology that was rushed to market that doesn't even have the cognitive ability of a smart dog. These so-called 'autonomous/self driving cars' are not going to be the panacea that some of you think it's going to be, we're just going to trade human error behind the wheel for human error in the development division of an auto manufacturer, or human error in the marketing department for rushing it to market before it was really safe to do so. All I can say is I'm not going to be the one strapped into a car seat with no controls whatsoever to stop the gods-be-damned thing when it goes haywire and kills me, and I have nothing but feelings of horror for whoever does, and deep sympathy for whoever the poor bugger leaves behind them.
Oh, and by the way? The way I think this should be handled legally-speaking, since it's obvious we'll be subjected to these gods-be-damned things regardless, is the same way aircraft mechanics are treated, legally: If a plane they worked on crashes and people die, and the cause of the crash is proven to be a mechanical failure that's the responsibility of the mechanic that worked on it, he is arrested and tried for murder. A so-called 'self-driving car' kills someone? The programmer(s) responsible for not doing their job correctly get thrown in jail charged with murder. Oh and before any of you give me shit for this? You all make a big point about how 'self driving cars will save lives'; well if they TAKE a life then some HUMAN has to be held criminally responsible for it, plain and simple. Otherwise you're just hypocrites.
So what you are saying is, al queda and ISIS have to simply open source their bomb making recipes and release it under GPL, then they will be free of liability. Right?
Nah, they don't even need to do that. Publishing is not a problem in most of the world. Even building and posessing them isn't a problem if you follow the law and basic safety rules. People and companies use explosives that could be used as bombs all the time.
If you're talking about publication only, The Anarchist Cookbook, first published back in 1971, describes how to make all kinds of bombs, explosives, and poisons, as well as assorted drugs like LSD. It is still in print, and pirated versions are available online. While it is banned in a few nations, in the US and several other countries it is protected under free speech rules.
Many groups use high explosives and bombs all the time. They just do it responsibly and follow the laws about keeping safe distances and notifying police, etc. Movie makers TV shows (like Mythbusters) build high explosives all the time. They generally need to take them to the bomb range and have supervised explosions, or have various permits in place. But even so, bomb-making recipes aren't a problem, neither is building high explosives when you follow the basic safety rules and laws.
Possessing a book about something dangerous typically isn't a crime in itself. Otherwise anyone who majors in chemistry or biology should be jailed. I saw a sign once saying: Welcome to Organic Chemistry where questions like 'where do you keep your chloroform?' are not suspicious. Not just chemistry and biology classes, but anybody learning about bomb disposal would need to study bombs, researchers in the industry need to write about the topics and share with other experts, and so on. Even fireworks manufacturers would be in serious trouble if they couldn't share documents or buy and sell explosive parts.
//TODO: Think of witty sig statement
How much for death how much for loss of limb
The letter of the law is sort of unimportant. If you thought Ford was going to be responsible, then it is not your understanding of law I would call into question first, but your basic common sense. A car would practically have to cost twice as much, if the manufacturer was responsible for all accidents and deaths it caused.
Troll is not a replacement for I disagree.
In this particular case, since it is described as "alpha quality" then the owner and/or person who installed the software is liable. The question should be, "If there were OSS of stable quality properly installed on a compatible vehicle in excellent condition (so that neither the vehicle nor the installation procedure can be considered as "at fault"), who would be considered liable in an accident that can't be blamed on local conditions (weather, etc.) or the other party?
The owner of the vehicle is responsible for ensuring his vehicle is safe to use. If he modifies it, by installing some untested software, he is most certainly responsible for the consequences if he then injures someone. And if the disclaimers are clear enough, his chances of successfully suing the software developer are slim.
The sad thing is that, as with the Tesla, you know some idiots will install this and go on to kill people - hopefully just themselves. After that I wouldn't be surprised to see the software developer sued claiming the warnings on the software were just not clear enough. Or even the car manufacturer, for allowing the vehicle to be so modified in the first place...
> The reason we have shitty software is because nobody typically dies when something goes wrong
The reason we have shitty software is because nobody wants to pay for having well tested software. The costs would be factors higher.
Case in point: wibbly wobbly bridge (millennium bridge) London. Clearly they had not worked out the maths before 2000.
:D
The reason we have shitty software is because nobody typically dies when something goes wrong (and in the cases where it does, the instances are so rare the companies behind them often don't care enough).
There are plenty of software in life critical applications.
The software in them is however written according to fairly strict standards and have documentation that involves graphs that shows that no unintended code execution can take place. (Dynamic allocation is problematic, exceptions even more so.)
Code in safety critical applications typically violates all the good guidelines you see posted on Slashdot. If you write those applications you don't use a high level language that does garbage collection and other stuff for you, because if you do you need to prove that they will work in all cases.
You also don't just throw in a library because one is available. You have to show that there aren't side effects that can cause problems so it is often easier and quicker to roll and maintain your own.
OTOH I've never met anyone with a CS degree with an experience of writing safety critical applications. It has always been EE.
I'm an independent contractor, and I always shift the liability to my client. They are the ones making the big bucks when the project is a success, so they should be the ones covering the damages if something fails.
Many software licenses include similar like this:
"The software is provided "As is", without warranty of any kind, express or implied, including but not limited to the warranties of merchantability, fitness for a particular purpose and noninfringement. "
This is from the MIT license, I'm sure other open-source licenses have a similar clause. It basically tells you that using this software, is at your own risk.
...You are over-qualified and under-paid. If we give you a raise, we will break the cosmic balance of the universe.
So the driver is responsible. But since the human isn't driving the self-driving car, the car itself is responsible?
Not only that but it's the last in the '86 family that uses directly the externally provided clock thus having no uncertainties introduced by PLL oscillators.
If inputs (like interrupts and READY signals) are externally synchronized to the proper clock transitions a number of 80386 CPUs can run same code in parallel without ever diverging. A difference in outputs indicates a CPU failure and can be corrected by 2/3 or 3/5 voting circuits on each output.
That's why rad-hardened 80386 are still used for very high risk devices like nukes.
The degree of "software correctness" required for a particular job depends on what is at risk, and for "mature cases" the industry has agreed what that is.
Building agreement takes time.
Once agreement is reached the agreement leads to written standards like the ones used to define and build "safety instrumented systems software". The requirements are defined by a HAZOP analysis of the process,
Once the HAZOP is complete, the system requirements can be designed, Remember a system is both hardware and software. It is usual for these systems to also include a wetware (human component) to determine what needs to happen in the event the SIS system performs a safety shutdown.
For more information on the subject, see the references in the wikipedia article on SIS
What a SIS shall do (the functional requirements) and how well it must perform (the safety integrity requirements) may be determined from Hazard and operability studies (HAZOP), layers of protection analysis (LOPA), risk graphs, and so on. All techniques are mentioned in IEC 61511 and IEC 61508. During SIS design, construction, installation, and operation, it is necessary to verify that these requirements are met. The functional requirements may be verified by design reviews, such as failure modes, effects, and criticality analysis (FMECA) and various types of testing, for example factory acceptance testing, site acceptance testing, and regular functional testing. [wikipedia.org]
The principle is that the state are responsible for ensuring the safety of the vehicle So if a vehicle have been certified safe by the authorities they take responsibility for the safety. On the other hand if there is no regulations regarding software used in cars or that software is proprietary then the manufaturer needs to take responsibility.
In the case of OpenSource there is definitely a possibility that the owner might be responsible. But American law is funny so it could go both ways.
So the driver is responsible. But since the human isn't driving the self-driving car, the car itself is responsible?
Its your fault for getting in the auto pilot death machine and running over those babies.
if I buy a part off a guy who makes them in his tool shed and hey tells me "hey, I'm not sure that this thing won't explode when apply the brake," then I am pretty sure I have no recourse whatsoever.
There are limits to this: if the seller in question made the brake pads out of plastic explosive I'm pretty sure the police will soon be knocking on his door. Putting a disclaimer on things does not magically allow you to get away with anything and some countries like the EU have mandatory minimum guarantees.
However in this case the software is not sold but given away so there is no sale which probably keeps the author protected unless they put something deliberately bad in the code.
Lawyers, of course, are hoping that both will be liable. To more, the better the business.
It is about who declares to take responsiblity.
Someone (i.e. a auto company) can create an open software, release a signed version and take the resposiblity (to a defined degree). If they don't, nobody actually needs to software, as you cannot use it without driving yourself, or your car is driving illegally.
If you now use this software, the liability is clear. When you start modifying it, it becomes interesting. Because either you have the full liability for the selfdriving part yourself (which probably means some accreditation to take liability, i.e. by having a reinsurance), or falling back to manual driving liability, which means you cannot legally do something you aren't allowed when driving without autopilot.
The point is, that the accreditation is important, as the self driving part may harm other people, not just you. So you should really know what you're doing, why and have someone watching you.
Another question is, are you only liable for things resulting from your modifications or for everything which happens with a modified version? Who can decide, if your part, another part or the whole package caused the accident?
This said, the open source is a great idea, while the normal person should not be allowed to run a system with (big?) modifications.
Another interesting consideration: Is a signed source enough? What if the accident happens because of a compiler bug? Does the compiler need a certification for building car firmware or does the firmware builder need to assert, that he checked the binary to have no bugs, which aren't visible from the source?
"who's legally responsible if there's an accident?"
Nobody is liable going by the Microsoft Windows 10 EULA. Indeed the license specifically bars you from sueing them in a court of law and even then you can only get back what you paid for the software or $50.
"One open question is even if the person who used the software could not sue, a third party injured by it might be able to since they are not a party to the license agreement."
The third party can't sue the first party precicely because the first party has no contractual obligations to the third party. Shame on you slashdot for allowing this forum to be used to insert Open source FUD into the blogosphere.
The AI left plenty of white space. But other drivers kept pulling into it.
Have gnu, will travel.
No suit is ever that simple. Just because the license claims no warranty, doesn't mean that an argument can be made that an implicit one existed.
The judgement would depend a lot on how good the parties respective attorneys are, but it would almost certainly result in a finding of joint liability. The split of that liability would likely depend on how wealthy each of the defendants is and, again, on who has the better attorneys.
Much like pretty much every open source license the one here is no different. It's open source, you have the freedom to do whatever you like with it, but you are the one who assumes responsibility for it too.
Copyright (c) 2016, Comma.ai, Inc.
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
https://raw.githubusercontent.com/commaai/openpilot/master/LICENSE.openpilot
It's coming anyway - just like bridge builders and other REAL engineers.
So what's that got to do with Open Source? They will either continue releasing with licenses that explicitly avoid any claims for warranty or liability just like in the case we are talking about right here or it will just kill Open Source because nobody wants to open themselves up to that sort of legal backlash just to release OSS.
The chilling effect of going after open source projects because they post their alpha code online would be disastrous. There is a perfectly valid reason to post alpha code online: so people around the world can collaborate on bringing it to beta then production. Any country that ends up with a chilling precedent like that will suffer from an eventual lack of innovation. Classic case of shooting your self in the foot.
I'd advocate for liability for the companies that employ the engineers. In construction, the engineers are often not directly responsible unless you can prove intent, although they may lose a license in cases of severe incompetence. The construction company may be on the line for some of the construction costs, but often the governments involved ends up paying for those sorts of losses. In most cases however, it's not necessarily the engineers but the construction company and/or their subcontractors trying to squeeze out a few dollars in the process that are the problem.
AFAIK, it doesn't take *severe* incompetence for structural/mechanical/civil/electrical Engineers to be sanctioned or potentially lose their license. Simply not following standard engineering practice or signing off something which is outside your area of practice (which often implies culpable negligence) is enough.
Companies can't simply hire "engineers" to perform engineering in most fields, they often have to hire Engineering companies whose principals are actually licensed Engineers, or if they employ chief Engineers who are not principals in the company, these employees have to at least have signature authority to sign off on designs and/or specifications (and any waivers the eventually occur). It is the Engineers who put their licenses on the line when they sign-off on specifications.
Of course if the construction company doesn't follow the engineering specs, or if they employ an "technician" that signs off on a waiver of the approved spec, the construction company is generally fully responsible and the Engineer or Engineering company is off the hook. In reality on any project there are many waivers and so-called "equivalent-substitutions" used by contractors and sub-contractors that may meet the letter original spec but are inferior in some way which causes a problem. This is generally when the lawyers come out.
OTOH I've never met anyone with a CS degree with an experience of writing safety critical applications. It has always been EE.
Hi, I have a CS degree and have written many safety critical applications (I do have a minor in EE though so I suppose I don't count). I think the reason you see EEs writing it is because there is tight marriage of hardware and software in most safety critical applications. So if you can't read a schematic and handle bit twiddling gpio you are not likely to ever find yourself in that situation.
MISRA! MISRA!