The manufacturer is held liable under the risk-utility test if the probability of injury times the gravity of injury under the current product design is more than the cost of an alternative reasonable design plus the diminished utility resulting from modifying the design.
(other EU states: rome II) EU Regulation 864/2007 on the Law Applicable to Non-Contractual Obligations (&quot;Rome II&quot;) which is now in operation and would designate the law applicable to non- contractual obligations arising out of torts (Article 4) or damage caused by products (Article 5). As a general rule, Article 4 in respect of torts applies the law of the country in which the damage occurs, whilst Article 5 for product liabilities applies the law of: (1) the habitual residence of the person suffering damage, provided the product was marketed there; or, failing that (2) the country in which the product was acquired, provided the product was marketed there; or failing that (3) the country in which the damage occurred, provided the product was marketed there. Whilst the Convention takes precedence over Rome II for the 6 EU countries party to both, Rome II's choice of law provisions promisingly appear to increase the chances of US-based manufacturers avoiding being subject to US law before a European court.
Software and product liability Giuseppe Contissa | European University Institute
Strict liability vs negligence• should software manufacturers be held strictly liable for software defects? • If computer software is deemed to be a service, then a manufacturer is generally not liable in tort, absent some negligent behaviour or intentional misconduct.• If computer software is deemed to be a product, then a manufacturer may be liable under strict liability or negligence. • "aeronautical chart" cases• To date, there are no reported decisions in the United States holding a software vendor liable under a strict liability theory (Scott 2008).
Strict liability (1)• Software manufacturers should be held strictly liable because:• strict liability would encourage risk spreading • strict liability would encourage the manufacturer to purchase products liability insurance, thus passing the cost of the insurance onto the users of the product. (issues: insurance is not easy to obtain, higher prices)• liability under a negligence theory may be unavailable • the injured party, in a negligence action, faces the burden of showing that there was a lack of due care in the design or manufacture of the computer software. • in the more complex and advanced computer software, it may be extremely difficult for a consumer or user of the computer software to identify the lack of due care by the manufacturer which was responsible for the defect.
Strict liability (2)• Software manufacturers should be held strictly liable because:• strict liability forces manufacturers to take precautions before marketing their product • Manufacturer are in the best position to know all potential defects and potential harms that their products might cause. Forcing manufacturers to pay for personal injuries created by software defects will encourage them to be more careful.• injured party will be adequately compensated • the application of strict liability to computer software defects would ensure that injured plaintiffs receive adequate compensation for their injuries, especially in fields such ATM, where defective computer software may result in serious personal injury or death.• manufacturer makes a representation of product safety • implicit in a products presence on the market is a representation that the product will safely do the jobs for which it was built. By placing the computer software on the market, the computer software manufacturer should be forced to assume liability for any injury caused by the computer software which was unreasonably dangerous
negligence• Software manufacturers should NOT be held strictly liable because:• strict liability will cause an undue burden upon computer software manufacturers • it is essential to balance the need for the adoption of softwares and automation with the risk involved in their malfunctions. In balancing the need versus the harm, it is crucial to look at the costs and risk of damage had the computer program not been used, and if there are other efficient and safe methods of carrying out the same function.• strict products liability would hamper innovation • Implementation of strict products liability would discourage the research and development of potentially life saving / safety enhancing / efficient software. If computer software manufacturers were to face strict liability for defects in computer software which they did not know about and could not prevent, many manufacturers would discontinue "cutting edge" ventures
Contributory negligence• Contributory negligence or victim fault should be recognized in all cases of liability, both fault and strict:• An efficient liability rule would require that the operator bear the cost of avoidable harm, (avoidable by due care), excluding those harms that victims can prevent more cheaply (Calabresi -cheapest cost avoider)• If contributory negligence is not a defense, then any liability rule is potentially inefficient (Bergkamp)
Manufacturing defects vs. design defects• is a software bug a manufacturing defect or a design defect?• A manufacturing defect is one that differs from the intended result of the manufacturer or from other identical items of the same production line (production flaw)• A design defect, instead, exists where the product is designed in such a way that it carries an inherent risk of harm in normal use.• Strict products liability is equally applicable to both manufacturing defects and design defects, although it is often easier to apply strict products liability to a manufacturing defect. • Design defect has higher burden of proof (reasonable alternative design, level of expected safety) • State of the art defence • "risk/utility” test (B < PL)
software liability in relation to patches and updates• Is there a responsibility for failure to check adequately for bugs? • manufacturers’s responsibilities would include carefully formulating the design of the software to prevent vulnerabilities that can be exploited by hackers and other third parties, properly implementing the design in code, thoroughly testing the code to expose any vulnerabilities, and revising the code to remove the vulnerabilities before releasing the software to the public.• Is the developer responsible for providing a patch/update? Is there a users contributory negligence? • Usually, many of these errors are discovered only after the software has been distributed. Three software liability policies has been investigated (in relation to security): 2. Loss Liability Policies, where the software vendor/manufacturer is liable to partially or fully compensate users’ losses incurred in case of attack/damage 3. Patch Liability Policies, where the software vendor/manufacturer is held liable to compensate patching costs incurred by users if a vulnerability/error is discovered before the damage is produced 4. Security Standards Policies, where regulation enforces a certain standard of security to be achieved by the vendor/manufacturer during software development to mitigate security vulnerabilities.
liability and autonomous software• In certain circumstances, when a damage is caused by the use of defective autonomous software/automated systems, human operators (e.g. pilots) should be shielded from liability because they are relying on automated systems to fulfill their tasks (e.g. GPS/autopilots to guide them to the correct destination).• However, if no design/manufacturing defects are detected, the user would be responsible under (a sort of) vicarious liability, rather than liability of the custodian. • Therefore, in analogy with vicarious liability, when softwares performances are below a certain standard, the user would be liable even if he was not negligent. • In this scenario, what would be the appropriate standard to be taken into account? Maybe, the level of care that would be expected from a human being executing the same task delegated to the autonomous system.
liability for open source software• The peculiar characteristic of open source software is that it is distributed under the form of source code, while the distribution of the executable code is only optional.• In such a case, should liability be framed as liability for misleading/inaccurate/wrong information?• In the US, providers of items containing certain forms of “information” have been exempted from strict product liability, even in cases where the item in question has been mass produced (Book Cases).
Law and economics analysis• Law and economics models help us to analyse the effect of liability on incentives • whether to engage in activities • how much care to exercise to reduce risk when doing so • Cost internalization theory: 5.It creates incentives to prevent damages taking care (preventive measures to reduce risk) 6.It would further risk (or loss) spreading 7.It would cause the price of activities to increase, resulting in lower activity levels
Liability for accidents (Shavell): optimal care• Let x be expenditures on care (or the value of effort devoted to it) and p(x) be the probability of an accident that causes harm h (p decreases when x increases).• Assume that the social objective is to minimize total expected costs, x + p(x)h, and let x∗ denote the optimal x.• under both forms of liability, strict liability and the negligence rule, injurers are induced to take optimal care (x∗ ).• a regime of strict liability with contributory negligence induces the socially optimal level of care by both parties.
Liability for accidents (Shavell): level of activity• Let z be the level of activity• Let b(z) be the injurer’s benefit from the activity, (b increases when z increases)• z(x + p(x)h) is the total cost of care and expected harm given z• Under strict liability, an injurer will choose both the optimal level of care x∗ and the optimal level of activity z∗, as his objective is the same as the social objective, to maximize b(z) − z(x + p(x)h)• Under the negligence rule, an injurer will choose optimal care x∗, but his level of activity z will be socially excessive.• The explanation for the excessive level of activity is that the injurer’s cost of raising his level of activity is only his cost of care x∗ , which is less than the social cost, as that also includes p(x∗ )h.• Open issue: burden of proof
Software liability• intrinsic software (user does not interact directly with the software, e.g software embedded in planes or automobiles)• extrinsic software (pc application)• intrinsic and extrinsic software may be key to a socially efficient liability regime, because the economic theory of product liability law prescribes the assignment of liability to the party who controls the risk• strict liability rule may not be socially optimal for extrinsic software, because it would not induce the consumer to exercise due care in the installation, operation, and use of the software
Software liability in ATM: Überlingen (1)• First Instance Court N. 34 of Barcelona, Spain (2010)• plaintiffs representing thirty-one (31) of the Russian passengers (Bashkirian Airlines Flight 2937)• Defendants: The manufacturers of the TCAS, Honeywell International, Inc. (“Honeywell”) and Aviation Communication & Surveillance Systems (“ACSS”)• the Spanish Court found that two alleged defects of the TCAS had not been proven: (1) the alleged fault in the RA Reversal system; and (2) the alleged existence of a new version of TCAS software available to correct the claimed problems of the earlier version that defendants had failed to implement.• However, the Court did find that plaintiff had proven a third alleged defect, i.e., that the TCAS II Pilot’s Guide failed to clearly set forth the priority of TCAS advisories over conflicting air traffic control orders.
Software liability in ATM: Überlingen (2)• Product Liability• "[T]he lack of adequate instructions and warnings in the defendants’ TCAS Pilot’s Guide […] contributed towards the Tupolev pilot’s error that caused the accident and, accordingly, we can conclude that this information defect contributed substantially to the damage, being part of one of its causes. For this reason, the defendants shall be liable for the damages caused."• The Court rejected plaintiffs’ claims for survival damages. The Court also rejected plaintiffs’ claims for punitive damages.• The Court found that Honeywell was not liable for non-monetary damages• ACSS was liable for non-monetary damages ($5,991,501)• plaintiffs were awarded a total of $10,459,810.50 in damages for the deaths of 30 persons, including $6,723,639.45 as to ACSS and $3,736,171.05 as to Honeywell13 – an average of $348,660.35 per decedent. The decision is currently subject to appeal.
Software liability in ATM: Überlingen• “Forum shopping”• 22nd Convention on the Law Applicable to Products Liability, signed in The Hague on October 2, 1973• currently in force in 11 European countries (Spain, France, the Netherlands, Croatia, Finland, Luxembourg, Montenegro, Norway, Serbia, Slovenia, and FYROM) (6 of them are also party of Rome II)• Article 6 applies the law of the manufacturers principal place of business unless the claimant bases his claim on the law of the place of injury.• Article 11 establishes that there is no requirement for the Convention to have been adopted by the country to whose law Articles 6 points.• On these grounds judges applied apply Arizona law for ACSS and New Jersey law for Honeywell.