Can Programmers Become Legally Liable for Their Code? 20
owillis asks: "Reading this Salon article on file sharing programmers who are suspending or ending work on their projects due to the legal climate post-Napster, I wonder what the liabilty is for people who work on open source software. Does open source protect the creators from these laws or is it fair game?" We've discussed this before but it would be interesting to note if your opinions have changed after the Napster ruling. However it bothers me that in today's legal climate, it is easier to blame the creator of the tool rather than the users who use them illegally.
Won't see this happen (Score:3)
Every software license I know of, either open-source or proprietary, waivers liability. Big companies such as AOL/* and Microsoft will not be accepting liability ever, so they will make sure there is a way to prevent this from happening.
And whatever way they find to keep the ability to dismiss claims, this way can also be used by open-source. AFAIK it is not possible yet to buy/bribe yourself an exception clause to the law. And if that wold be possible, then it's time for a new Constitution.
liability for material product versus IP product (Score:2)
Similar laws govcern things like lock picks and bongs. I doubt anyone ever got arrested for having made their own lock picks, or having a bong (hell, head shops would go out of business!) But there are laws that allow the prosecution of possession of burglery tools or drug paraphenalia in most states. Just another charge to pile on when someone gets arrested for something else they were doing. Locksmiths need picks. Someone somewhere might actually be smoking tobacco in that bong.
Intellectual property would seem to be diffeent. It's speech, and it might even be protected speech (still waiting to hear on that...) But it also does something, performs a function. SO it's a real murky water.
Keep in mind that the FAA and the National Weather Service are almost always co-defendants in lawsuits over air-traffic disasters. Usually cited for negligence (they also usually win their cases). A weather forecast is really just more IP, and in fact comes with its own implicit disclaimer.
I do find this an interesting issue. Many here take the side that it's not fair that the big software houses don't have to warranty their product free from defect and disavow liability (ala UCITA), yet the same folks seem to flip flop when smaller developers are also concerned with the same issue. Where should the liability rest, then? If I create a tool whose sole purpose is to share files, am I aiding and abetting? The algorithm is certainly protected speech. Maybe the implementation isn't. I can draw a general diagram of how a bomb works, no problem. It's in the encyclopedia. Schematics and instructions on how to sneak into the white house are probably illegal.
As we move forward and computers do more and more for us (i.e higher level languages, voice command, etc.) what if I give a few voice commands and the programm breaks the law by trying to execute my commands, even though any human listening to my instructions would understand that that isn't my intent? I could say retrieve all pictures of Natalie Portman, and who knows what sort of smut it might find labeled with ther name.
oooohh, my head hurts....
An out for Free Software? (Score:2)
Liability is therefore foisted onto those who distributed binaries. Another (possibly necessary) step to take is to comment out "main ()". Program won't compile until it is read. Therefore forcing one to read the disclaimer that this is a form of discussion, not a computer program.
Now, we all know that this is the highest degree of semantic bullshit. But that is what typically carries the day in court.
Short answer: YES. (Score:3)
That's not the same thing as protection, though.
Remember that contracts are subservient to the civil and criminal law. It is not possible to construct a contract which violates the civil law; if such a contract exists, then the portions of it which violate civil law are null and void.
So let's say, for sake of argument, some state has a law on the books which says "for all software used in avionics, the manufacturer must provide a warranty". This is a plausible law; avionics is a life-and-death software situation, and it's entirely within the rights of a state to specify that life-and-death software be held to a higher standard.
Now let's say that an aerospace company wants to build an airplane, and decides to use a GNU tool as part of the software package. The engineering staff sees that there's a disclaimer of warranty, and sends a letter to the Free Software Foundation saying "hey, I'd like to use this software in our new plane, would you mind terribly if we did?"
Suppose the FSF says "sure, go ahead"--in writing, of course. The FSF thinks that the terms of the GPL apply; the engineer thinks that the terms of the state apply, and by giving the go-ahead, the FSF has acquiesced to this.
Now suppose that plane crashes, and lawsuits are filed. Suddenly there's a big lawsuit filed against the FSF; the aerospace company claims "we talked to them and we have this letter here permitting us to use their software; that overrides the GPL which they *thought* they were releasing it to us under, and that means the FSF *must* provide a warranty for this software".
The FSF says "But wait! This is a Washington state court, and we're from Massachussets. We weren't aware of Washington's required-warranty law, and had we been aware of it, we wouldn't have told them to go ahead--we told them `sure, go ahead', meaning under the terms of the GPL, with no warranty involved!"
Eventually, the case would go to the jury. The jury would come back with a decision, and it might not be favorable to the FSF.
This is just one hypothetical situation. There are many more you can construct. No matter what, though, it all winds up the same: in a civil trial, everything's irrelevant once the jury gets seated. If the jury is dead-set on saying that you're liable, then by God you're going to be liable whether or not you disclaimed everything.
The very short version:
Don't spend your time worrying about whether or not you can be held liable--you can. Spend your time making your software high enough quality that nobody will ever want to sue you for making a shoddy product.
Open Source and the legal system. (Score:2)
Joseph R. Kiniry
http://www.cs.caltech.edu/~kiniry/
California Institute of Technology
Yup (Score:2)
I'll admit that it's different when dealing with open sourced software that nobody's paying for. But we still hold creator responsible for virii, don't we? Its the same sort of thing. If you're going to do something bad, and you know it, then you should be prepared to face the concequences. Don't think that you're above everyone and everything and every law in the land just because you visit slashdot regularly and occasionally understand what an article talking about.
Re:Short answer: YES. (Score:2)
//rdj
Question of ethics or law? (Score:2)
--------------------------------------------------
I think the law has to treat the person who uses a product for illegal means as the "guilty" party. The person who makes it bears no automatic culpability.
This is my general take. Gun manufacturers are not responsible for murders committed with guns. Now, I'm not a gun nut, but I think this is legally right.
The same should hold true for the authors of nmap and queso (to name a couple tools that system crackers might use) and the authors of pgp and gpg (to name a couple tools that criminals or terrorists might use).
Now, if it is a question of ethics, you've opened an entirely different can of worms. Ethically, I think several guns need a closer look. I think teflon tips are something that raise ethical questions. I think nmap has a few grey areas (what legitimate use requires the micro-fragmentation feature? That's there just to avoid string scanning intrusion detection.), but in each of these cases (except maybe those teflon tips) I think the law has to protect the author/maker and hold the user accountable.
If we hold that the maker/author is responsible for all of the ways in which their product/idea is used, then we should have locked up Darwin because his ideas contributed to holocaust. We should lock up the inventor of the circular saw because it has maimed and killed. And so on...
Ethics lies behind law, but the cliched figure of justice that adorns so many government buildings (at least so many American ones) wields a scale, a sword, and she is blindfolded. The sword is two edged as well. It may be a cliche, but it is an apt one. The law is not ethics. The law is the minimum interference to maintain the social order. While many conservatives in this country will argue with me about the law being minimal, it is certainly not the opposite. You can write and buy a book about how to crack safes. That's legal. Crack somebody else's safe, and you've broken the law. It seems absurd, but it isn't. To write a book on how to crack safes (so long as you believe in the idea of private property) is unethical, but I for one would not want to see it made illegal.
Offtopic, but relevant. (Score:2)
How does this relate to hacking tools and software? Well, if you're a script kid with an illegal portscanner, illegal IP fragment generator, a illegal copy of traceroute, and you know the other guy doesn't, you can pretty much guarantee you're going to hack more sites than if you knew the fellow you were attacking were similarly armed. Script kids and armed robbers are cowards.
Think on this (Score:1)
If I have a dog and it bites someone, its my fault
If I write a virus and it wipes your hard drive, im not responsible?
A more proper scenario, I have a program that I have waivers of liability on and its a program many people use because it is useful but I become disgruntled and in one release it formats everyones hard drives at a certain time
Since waivers are there I am protected?
Needless to say never trust anything open source right? Well let me ask when was the last time you read the source of the program, chances are closed/open source the existence of such things will not be detected any quicker. So.. where does that leave us you have to draw a line in the sand somewhere, where should that be?
If you think education is expensive, try ignornace
Study (Score:1)
Deja Vu (Score:1)
Indeed we have. Same article was posted about four days ago: Hacker Crackdown [slashdot.org]
The law cuts both ways (Score:2)
Patel's injunction has to mean that a TOS or EULA, no matter how carefully crafted, doesn't absolve a company of responsibility for the abuse of their product.
Now, this may well be the kind of thinking that enables families of, say, murder victims to sue gunmakers, but it's also the kind of thinking that put seatbelts into automobiles.
There is an upside: what are viruses if not an abuse of software (specifically, of the security holes in software)?
If the EULA doesn't protect companies from liability for abuse of their software, well, places like M$ will have to take security & privacy concerns a lot more seriously lest they face class-action suits.
The law cuts both ways.
Possible answers at UK law. (Score:3)
Depends what you mean by "liable".
Criminally liable? Possibly. We have laws against cracking in this country, and any coding you do to that end could make you liable to a conspiracy or aiding and abetting charge. Possibly. I don't do any criminal law, and haven't in over ten years, so I can't be sure on this one.
Not entirely seriously, there are a number of offences you can commit by communicating with others in the UK:
Civilly liable? I doubt it, frankly. The only successful case we've seen so involved some other thing being done by the guilty party: Napster offered the pirates' trading service. They aren't being made liable for their code.
DeCSS is an odd case. That DMCA business is a real kicker: it makes the tool, and distribution of the tool, illegal contrary to what I understand to be (and what the judge now appears to understand to be) the proper interpretation of the First Amendment. In theory at least, that should come out all right, but chickens should remain uncounted for a while yet.
The other oddity is Crypto. There are a lot of places around the world where you can get in serious, serious trouble for even thinking about the stuff.
Re:Like guns (Score:1)
Distribute anonymously. (Score:1)
--
Be careful of you liscense (Score:1)
Programmers --- Bad (Score:1)
I think it is very immoral creating software and just spreading them. For everyones sake, you should post your work to your country's governmental archiving department and let the politicians (the ones who know what is best for all of us) decide what to do with the software.
The most irresponsible of all are the open source people. You are basically giving bullets to a bunch of terrorists, having empty AK4 magazines, just waiting to get them filled. (Don't try to fool me with your talk about legitimate uses, why would there be free software if it wasn't for evil purposes? Nothing is free in this world today)
Now, some of you might start shouting about freedom of this and rights of that. Before you start, please realize something. Your rulers and masters know best! Why did you else elect them, giving them the rights to control your lives?
Re:Won't see this happen (Score:2)
It's important to point out however, that I don't think anyone will ever be successfully sued in a civil suit but there may be the possibility of criminal liability. If someone wrote a piece of software that's only function was to do something illegal, then you might be able to go after that person for aiding a crime or something like that, since they wouldn't be able to use the defence that their software also had legal uses as well.
Companies like Micro$oft and AOHell wouldn't have any problems because they provide mainstream products and services, and their EULAs pretty much absolve them of any responsablilty for what may or may not happen. In this way, it would be possible to prosecute people without having to worry about the legal clout of the big tech companies.
Alcohol, tobacco, firearms etc all have legit uses as far as legality is concerned, so I don't think you can lump purpose-written, single function progams into that area. This is why the Napster programmers are safe, their product does have potentially legal uses. On the other hand, if someone were to write and distribute a program which can shut down any poweplant in north america, the legal system would probably have a pretty easy time going after the programmer in court assuming they could find him/her.
Like guns (Score:2)
 
This is the same approach people take with guns. I hate to sound like the NRA, but it's the same story. People want to make all kinds of rules, legislation and litigation around the tool, rather than the people who choose to use the tool irresponsibly.
Like guns, this makes the tool users reluctant to use the tools, because the climate is so antagonistic to the tool. It slurs all tool users with the same stigma.