September 18, 2003
Should Microsoft be held liable for security breaches?
The
Seattle Post-Intelligencer wonders whether Microsoft can be held legally liable for the problems caused by the numerous flaws in its software. It's an interesting question. There's no denying that they know about the problems, and have known for some time, and that they have repeatedly claimed that these problems are not that serious.
A defect is found in one of the world's most popular products. Less than a month later, its consequences emerge -- idling workers around the globe, causing huge losses for businesses and generally inconveniencing hundreds of thousands of people.
Under different circumstances, this scenario might be a class-action lawyer's dream. But the product in question is software, and the companies that make it claim special protections from liability through the licensing deals that come as a condition of using their programs.
Those protections help shield Microsoft Corp. and other software companies from paying what could conceivably amount to billions of dollars in damages. But they're coming under increased scrutiny amid a rising tide of computer viruses, many of which exploit known flaws in popular Microsoft programs.
Consumer advocates and some computer users argue that the protections should be ended or diminished to let businesses and people try to hold software makers at least partially liable for the effects of product flaws. Doing so, they say, would make companies such as Microsoft more accountable, resulting in programs with fewer defects.
It's also well known that technologically at least there is no reason for modern software to be susceptible to viruses or to have anywhere near this degree of insecurity. (I've been using a Mac for 19 years now and have never even seen a virus, much less been infected by one.)
The problem is, as the article discusses, is that software makers have bribed the powers that be to give them an exemption from consumer liability laws. That is, no matter how defective their products, they cannot be held responsible, not under any circumstances. I've developed software myself, and certainly don't see how it differs in any way from other types of products. Manufacturers should be held liable for producing defective products, software the same as any other type.
Anyway, it's a nice lengthy article, which goes into the problem in some detail.
