Legal Liability for Software

The Disclaimer

How often have you seen these phrases of art in the legal boilerplate in a software license?

Software is provided on an "AS IS" basis, without warranty of any kind, including without limitation the warranties of merchantability, fitness for a particular purpose and non-infringement. The entire risk as to the quality and performance of the Software is borne by you. Should the Software prove defective, you and not VENDOR assume the entire cost of any service and repair. etc. etc.
I've seen it on almost every piece of software I've ever bought. Given the overall quality of the systems & software that we all use every day (i.e. poor), I don't think this is a good thing.

What It Means

What it is saying, in short, is that software which you buy with these words attached is being sold with a wink and a nod, and you have essentially no legal recourse if you discover a nasty bug, or if it fails in some egregious way that causes you some real loss.

General public acceptance of this state of affairs has allowed the computer software industry to exist in a dream world where bugs have few serious consequences, and they can be slipshod when it comes to quality assurance, or skimp on testing. After all, it's not like a single bug is going to drive the company into bankruptcy, right?

The Dreamworld

Imagine if General Motors tried to suggest that they had no liability for the quality of the parts or workmanship in the automobiles that they build and sell to you. Or that Boeing had no liability for the quality of its aircraft? That's a laughable notion, isn't it? Well, it's laughable so long as Ralph Nader is around to keep 'em honest.

Reality

There are well known design and testing methodologies that can substantially reduce the risk of bugs in shipping software, but they take time and money to apply properly. Such time and money is often not allocated to those ends, because of the demands of a competitive market ("It compiles without warnings or errors now? Ship it!"). Competition in free markets is a fine thing, provided that all the costs and externalities are properly incorporated into the market structure; failure to account for some of these will lead to skewed results (like bad software).

In other words, if there is a real and consequential risk from bugs in software that gets to your customers, you're much more likely to spend the money and time up front to make sure that the software that you ship does what it is supposed to do, and no more than that.

What Will (eventually) Be

It is my belief that, one day, some individual or corporation will suffer a consequential loss from some bad software, will decide to attempt to pierce the legal liability disclaimer of the vendor s/he bought their software from in order to try and recover some or all of their loss, and they will win a big damages award. I believe that award will serve as the wake-up call for the software industry as a whole. Indeed, it may be the only way to get the attention of the beancounters who seem to be in charge of the software development efforts at majority of the larger firms in this industry, and appear to be doing their utmost to prevent software engineers from producing software with quality workmanship in it.

I'm just waiting for the other shoe to drop.



Erik E. Fair <fair@clock.org>
April 14, 1996