09 May 2009

Should Software Developers Be Liable for their Code?

Should Microsoft pay for the billions of dollars of damage that flaws in its software have caused around the world? It might have to, if a new European Commission consumer protection proposal becomes law. Although that sounds an appealing prospect, one knock-on consequence could be that open source coders would also be liable for any damage that errors in their software caused....

On Linux Journal.


saulgoode said...

In their amicus brief to the EPO (mentioned in the article subsequent to this one), Canonical stated that copyright is an appropriate way to protect both closed and Open Source software. I disagree with regard to closed software (though I concur with the overall presentation within the brief).

Society does not benefit to the same degree by providing copyright protection to closed software as it does for Free Software. For closed software, there is no public disclosure of the "intellectual property" inherent to the code; all that is provided is a binary executable of quite dubious intellectual or artistic value to the public at large.

I mention that here because I think the bargain that has been struck with regard to software copyrights is in need of re-evaluation in order to better benefit society; and that developer liability is one of the issues that should be addressed during this re-assessment.

If closed software is to be afforded copyright protection then software sales contracts (AKA EULAs) should meet the requirements demanded of other contracted purchases or leases. Terms of EULAs which endeavor to encroach upon the domain of copyright law -- or which seek to unequivocally indemnify the provider from liability -- should be invalid unless done through verifiable agreement by legally empowered parties.

The situation of copyright protection for Open Source/Free Software is rather different than for closed. Society immediately benefits from the disclosure of the "art" inherent to the software, and pure copyright licenses do not impose upon users any conditions that would supersede or contravene copyright law.

Since the user of Free Software is not required to sacrifice anything under copyrights, there is no actual "business relationship" with regard to the software itself (as Bruce Schneier stated in his comments). Of course, Open Source companies providing services under contract should still need to meet their contractual obligations, but that should all be fairly clear-cut and, again, agreed to in a verifiable manner by consenting adults.

Providing even closed source software providers some degree of indemnity against liability might be worthy of consideration; however, society needs to receive something in return. At a minimum, "click-through" EULAs which usurp the power of copyright law should need be eradicated.

Glyn Moody said...

That's a very interesting analysis. I particularly like the way that you link openness, copyright and liability.