[long] Re: Legal traps in open source

Simon Fowler simon at himi.org
Thu Oct 31 15:36:20 EST 2002 

On Thu, Oct 31, 2002 at 10:56:32AM +1100, Alex Satrapa wrote:
> >How about we simply apply the same standards of liability as we do
> >now?
> 
> AFAIK, current standards of liability look only at actual harm caused 
> and actual dollars lost.  Until we find a way to represent the cost of 
> lost data as lives or dollars (the latter being more important in the 
> Australian legal system), there's no real way to estimate the damages 
> (or potential damages) arising from, say, Microsoft Outlook.
> 
What about lost time and/or productivity? That seems to be the
standard measure used for viruses and cracking and the like. The
numbers tend to be ridiculously inflated, but there's nothing to
stop us from coming up with more reasonable models. 

I don't think it's an inability to put numbers to the losses that's
the problem, it's the complete lack of desire to /do/ something
about it. 

> >If you sell something, then barring gross
> >negligence the damages are proportional to the purchase price. So,
> >if you screw up seriously, you're liable for whatever the court
> >decides, otherwise you're only liable for something along the lines
> >of the original purchase price. What, exactly, is so terrible about
> >this?
> 
> Take Microsoft Outlook for example - it's a great big security incident 
> looking for a time to happen. It is shipped, by default, to be extremely 
> permissive about proliferating viruses. To me, this counts as being 
> about as negligent as Ford continuing to sell the Pinto even after many 
> of them had caught fire in minor accidents - or continuing to sell that 
> SUV with factory tyres after they knew the tyres were dangerous.
> 
> Microsoft's stance of, "you should protect yourself better" makes as 
> much sense as Ford saying, "don't have accidents if you drive a Pinto!"
> 
That's an excellent argument for limiting their ability to disclaim
liability, I would have thought. 

As for suing a free software developer, my law student friend is of
the opinion (obviously not a legal opinion, just an informed one)
that short of gross negligence there's bugger all chance of a court
awarding damages against a free software developer. He was talking
about a "no financial risk incurred" test, which free software would
meet quite easily. And reallistically, what is a court going to
think if someone brings a case before it that basically says "this
person licensed me this software for free, source code and all, and 
it doesn't do something I want it to do, so I want damages!". 

Really, the more I look at this, the more reasonable it seems to
just limit the ability of software developers to disclaim liability.
Either that or introduce a stricter test for deciding whether a
disclaimer is reasonable - something along the lines of not letting
you disclaim liability for the purpose you've advertised the
software as having. 

Simon

-- 
PGP public key Id 0x144A991C, or http://himi.org/stuff/himi.asc
(crappy) Homepage: http://himi.org
doe #237 (see http://www.lemuria.org/DeCSS) 
My DeCSS mirror: ftp://himi.org/pub/mirrors/css/ 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20021031/2cf97533/attachment.bin

More information about the linux mailing list