InfoWorld Home / Open Source / Open Sources / Software liability will hurt open source vendors
May 12, 2009

Software liability will hurt open source vendors

An EU proposal could call the entire open source business model into question

By Savio Rodrigues
| Print | 9 comments|
218 Recommendations

The executive branch of the European Union, the European Commission (EC), is considering holding software vendors liable for damages caused as a result of defects in their software products.

Glyn Moody wonders about the impact of this proposal on open source coders. However, as Bruce Schneier, a proponent of the idea, points out:

Free software wouldn't fall under a liability regime because the writer and the user have no business relationship; they are not seller and buyer. ...

There would be an industry of companies who provide liabilities for free software. If Red Hat, for example, sold free Linux, they would have to provide some liability protection. Yes, this would mean that they would charge more for Linux; that extra would go to the insurance premiums.

Bruce is correct in pointing out that the writer of free and OSS code and the user of said code have no business relationship. Hence, there is no liability for the writer.

[ InfoWorld's Bill Snyder wonders whether a recent court ruling raises the risks of open source. | Keep up on the latest open source developments with InfoWorld's open source topic center and newsletter. ]

There is absolutely a buyer/seller relationship when a vendor, such as Red Hat, decides to build a business around the OSS code. Adding liability to the software purchase discussion would almost certainly impact the growth of open source vendors.

Since no software vendor can envision and test for every permutation of how their software will be used, liability insurance premiums must be added to the cost of doing business. This added cost would surely be passed on to customers. One could argue that equivalent costs would be added to established and open source vendor list prices alike. On the other hand, established vendors have a lot more paying customers to spread the insurance premiums over. So maybe this proposal would close the list price gap, making it more difficult for open source vendors to grow beyond the startup stage.

Since most open source business models are predicated on providing customer support when a defect does arise, I wonder whether open source vendors would have to reposition their subscription value propositions. I am not a lawyer, but it seems odd that a vendor could sell a subscription offering that assists customers with defect support if the customer could sue the vendor when a defect causes harm to the customer's business.

Related Content...
additional resources
White Paper - How to Improve Delivery of Advanced Web Applications

White Paper

Virtual Workforce: The Key to Expanding The Business While Cutting Costs

Get the independent advice and expertise you need to support a virtual workforce.

Go inside:
The three-step approach to making a virtual workforce a reality.
The four flavors of client virtualization technologies.
The three key initiatives that solve IT challenges.
Download now »
White Paper: Successfully Secure Your Wireless LAN With Wi-Fi firewalls.

White Paper

Addressing Linux Threats Leveraging Fewer Resources

The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.

Download now »
White Paper - The 2009 Handbook of Application Delivery

White Paper

The 2009 Handbook of Application Delivery

Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.

Download now »
White Paper - Is Your Backup System Outdated?

White Paper

Mid-range Storage Considerations

A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.

Download now »
8 of 9 comments
Sign In or Register to comment
zman58 12-May-09 12:03pm
1 reply
This looks like another Open Source FUD article to me. How does this put open source and any greater risk than proprietary? On the other hand, how would this impact a proprietary software business such as Microsoft? ..You need to read the EULA. It clearly states that the software may not be fit for any purpose. You must agree before you can use it. :)
Savio Rodrigues 12-May-09 5:44pm
1 reply
@zman58, this is no FUD. If we consider an open source vendor and a proprietary vendor, the OSS vendor is going to fare a lot worse than the proprietary vendor under this proposal. To be sure, both vendors will both feel pain, but the OSS vendor will, in my opinion, face more pain. The reason being the cost of liability insurance and what happens to a subscription-based business model predicated on support when defects arise. I have not read Microsoft's EULA, but that doesn't surprise me ;-) But I guess MSFT would have to 'adjust' its EULA.
ctryon 13-May-09 7:43am
The TITLE of the article is definitely FUD, even if the body of the article says that proprietary vendors could be hurt too, since it implies that Open Source would be the primary target. You are right though that the intent of this legislation is to do an end-run around the claims in almost *ALL* EULA's which basically absolve the writer/vendor of all responsibility for harm which might might occur through the use of the product. I don't know how it is in the EU, but the liability landscape here in the US is horrific, to say it nicely. It's like trying to thread your way through a fracking mine-field. The only people who really benefit in the long run are the lawyers, who are making money hand over fist in these cases. :-(
Tragicomix 12-May-09 1:51pm
1 reply
That's a text book case of people establishing rules in an area they obviously don't know much about.
Savio Rodrigues 12-May-09 5:46pm
@Tragicomix, yes, I'd agree...Their motives seem pure, but they aren't fully considering the consequences.
MAS 13-May-09 4:52am
1 reply
It will be interesting to see how close to "traditional" product liability laws these laws will get. In the US, no business relationship is required in defective product liability cases involving machinery or equipment---even if it has been modified without consent of the manufacturer!
ctryon 13-May-09 7:46am
1 reply
Here, you don't even have to be the party primarily responsible for the harm. If you've got "deeper pockets" than the guy who is really responsible, then YOU end up footing the bill. It's mind-numbingly stupid.
Savio Rodrigues 13-May-09 3:33pm
yes, and then YOU (with deeper pockets) could spend the time and resources getting $$$ back from those with shallower pockets who were 'responsible'...fun, fun, fun for lawyers!

Sign up to receive InfoWorld Resource Alerts

Subscribe to the Today's Headlines: First Look Newsletter

Find out what will be news for the day, with our first-thing-in-the-morning briefing.

©1994-2010 Infoworld, Inc.