All Your $$$ Are Belong To Us!
January 2, 2007 2:06 PM Subscribe
Sue a software vendor for financial loss caused by security flaws in their software?
I'm interested to know whether an exploit or flaw in a software vendor's product has ever led to a (personal | corporate) financial loss and whether this loss has been verified as caused by such an exploit or flaw, leading to the successful prosecution of the software vendor for reclamation of the loss.
If not, what would need to happen for such litigation to stand a chance of succeeding? Is it even possible, given the lengthy and largely unintelligible (to the likes of me and many others) EULAs?
I'm interested to know whether an exploit or flaw in a software vendor's product has ever led to a (personal | corporate) financial loss and whether this loss has been verified as caused by such an exploit or flaw, leading to the successful prosecution of the software vendor for reclamation of the loss.
If not, what would need to happen for such litigation to stand a chance of succeeding? Is it even possible, given the lengthy and largely unintelligible (to the likes of me and many others) EULAs?
Not related to EULAs or litigation, but I know software bugs have caused death, never mind financial loss; here's the first google link I found here.
When I was studying comp sci in a canadian university, that one always got the attention.
I also found this wired article here.
posted by cgg at 2:35 PM on January 2, 2007
When I was studying comp sci in a canadian university, that one always got the attention.
I also found this wired article here.
posted by cgg at 2:35 PM on January 2, 2007
Best answer: Financial losses resulting from software bugs constitute what is know in legalese as "consequential damages". All EULAs exclude these kinds of damages, and even if you could get around the EULA, direct causation would be, as you note, very difficult to prove. The chances of such litigation succeeding are therefore extremely small, unless the vendor knew about and failed to fix the vulnerability. In that case, if there is a software warranty and if that warranty is not limited to the cost of the software (which they typically are even in custom development contracts), you might be able to recover something, though again you would face causation issues.
All in all IAAIPL and I wouldn't take the case on a contingency.
posted by The Bellman at 3:06 PM on January 2, 2007
All in all IAAIPL and I wouldn't take the case on a contingency.
posted by The Bellman at 3:06 PM on January 2, 2007
There have been many, many, many, cases of companies and individuals losing money because of software bugs. I have never heard of a case of someone successfully suing a software vendor to recover their losses, and as mentioned above the reason why is that software EULA's all explicitly exclude such damages.
There was the case of the Sony CD Copy Protection fiasco. But that wasn't a case of damage from a bug, it was a case of damage caused by a deliberate feature of the product, one which wasn't revealed to customers who purchased the product.
Sony was sued by California and Texas and settled for a nominal sum. But that was IIRC based on consumer law, not on tort.
posted by Steven C. Den Beste at 3:23 PM on January 2, 2007
There was the case of the Sony CD Copy Protection fiasco. But that wasn't a case of damage from a bug, it was a case of damage caused by a deliberate feature of the product, one which wasn't revealed to customers who purchased the product.
Sony was sued by California and Texas and settled for a nominal sum. But that was IIRC based on consumer law, not on tort.
posted by Steven C. Den Beste at 3:23 PM on January 2, 2007
This thread is closed to new comments.
Or something close to that; IANAL.
posted by baylink at 2:17 PM on January 2, 2007