Author: James Courtier-Dutton Date: To: stephen.davies CC: Hampshire LUG Discussion List Subject: Re: [Hampshire] Software bugs & impending liability
2009/8/8 Stephen Davies <stephen.davies@???>: > James,
> You make some good points however having the known bugs listed in Bugzilla
> is IMHO not going to be enough. In this increasingly ligitious age, I think
> it is imperative for everyone involved in FOSS to have some form of
> Professional Indemnity insurance.
> If you are a member of a FOSS project in your own time and for some reason
> that software is the cause of a lawsuit, you personally could become liable
> for damages. Those damages could lead to you losing your house and literally
> the shirt off your back.
> Ok, I might be a bit extreme here but there is a reason that we have
> Companies setup that in cases like this, limit the liability of any one
> person in the company.
> That is why Sole Traders are more risky to do business with than one man
> Limited companies (from the person who is running the company's point of
> view).
> When I was working for myself I had Professional Indemnity insurance just
> for this very reason. However if you as an individual try to get such
> insurance it is AFAIK, nigh upon impossible.
> There is a downside to FOSS products. We all trumpet the availabilty of the
> source code as being great and that lots of people can review it to make it
> higher quality. The flip side is that if you are going to be sued then the
> evidence is out there for everyone to see.
>
> What I'm trying to say really is that IMHO we as FOSS developers need to
> become more professional and savvy simply in order to protect ourselves from
> possible litigation. I'm sure that once people understand this there will be
> quite a few developers who decide that it is not worth the risk and pack it
> in. This is a shame but I just feel this is the way our society is going.
> Only the lawyers are winners here.
>
> Stephen D
>
>
I don't think any sort of Professional Indemnity insurance is needed
for an open source software developer. There is no contract involved,
therefore no liability. The user is choosing to use the software,
normally without any involvement of the developers.
Therefore the only person to blame for using the software is the
person themselves, and not the developer. Now, the software could have
some major undocumented side affects, but the developer is not to
blame for those. One could even argue that the source code is
perfectly good documentation, so nothing was hidden from the user,
therefore no liability.
It is quite a different think from the case where I go into a company,
sell my services, recommend some software to them, and install it for
them. If is then causes damage, I would hope I have Professional
Indemnity insurance. The difference then, is the customer is entering
into a contract and placing some of the risk onto the supplier. One
can only transfer risk to the supplier if one has a contract with them
saying so. Now, for example the MS EULA, it is stated quite clearly
that MS has specifically not agreed to take on any of the risk.
The risk of something going wrong is then solely with the user.
I can only be negligent if there is some contract saying I would do
something to some level of quality, and I failed to do so.
Now, I am not a lawyer, but that is how I understand the situation to me.
