X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.
Microsoft Corp. is no stranger to the courtrooms of America. It’s a frequent target of antitrust and patent infringement suits. At the same time, the company is virtually immune from user suits over flaws in its software, such as vulnerability to computer “viruses” that cost consumers and businesses millions of dollars. In August, for instance, security flaws in Microsoft’s Windows operating system were exploited by MSBlaster, Sobig and other computer viruses. They attacked more than 1 million computers, impeded operations on countless computer networks and forced some businesses and government agencies to shut down temporarily. It wasn’t the first time such a thing has happened. Yet Microsoft says it hasn’t faced a single suit in the United States over a security hole in its software. (One is pending in Korea.) Nor is it likely to, some experts say. “There are practically no remedies for mass market product software purchasers who get defective products,” said Professor Cem Kaner, an attorney who teaches software engineering at Florida Institute of Technology and who wrote Bad Software: What To Do When Software Fails. Advocating new law Kaner advocates new laws that would allow, under certain circumstances, software companies to be held liable for negligence in writing software code. Last year, the Computer Science and the Telecommunications Board of the National Research Council issued a report recommending that lawmakers consider increasing the liability of software makers for security breaches. There is no sign that federal or state legislatures intend taking any action to strengthen customers’ rights against software companies. Software companies do face suits when they create customized software that does not work as promised, said Stuart Meyer, a partner in the intellectual property department of Fenwick & West. However, it is much less common for suits to be brought for problems in mass-market software, such as Windows or WordPerfect, he said. Software companies are protected partly because they make few binding promises about these products. When installing or using a software product for the first time, a customer must typically agree to a so-called end-user license agreement that pops up on the screen. “The license agreements disclaim warranties, and they don’t include much in the way of promises of functionality,” said Dean Harvey, a partner in the Dallas office of Houston-based Vinson & Elkins, who specializes in computer law. Numerous courts have ruled that these licensing agreements are enforceable. In an important decision, the 7th U.S. Circuit Court of Appeals upheld restrictions that the agreement placed on a retail purchaser’s use of the software. The court said the licenses are enforceable “unless their terms are objectionable on grounds applicable to contracts in general (for example, if they violate a rule of positive law, or if they are unconscionable).” The court then granted an injunction against the purchaser, forbidding him to use the software for commercial purposes in violation of the agreement. ProCD Inc. v. Zeidenberg, 86 F.3d 1447 (7th Cir. 1996). A customer could try to attack the terms of an agreement, claiming that its terms are unconscionable or are part of a one-sided contract of adhesion. Courts have usually been reluctant to strike down contract provisions on those grounds, Kaner said. From 1980 to 2000, there were only 16 published cases in which the courts struck down as unconscionable part of a contract for sales of goods, none involving software, he said. Another source of protection for Microsoft is the fact that commercial software often contains flaws. That establishes an industry standard that courts often use to decide what a reasonable company should legally be expected to do. Defective software “is within the range of typical industry practice, said R. Polk Wagner, who teaches law and technology at the University of Pennsylvania Law School. “That would make it difficult to sue Microsoft” for selling software with security flaws, he said. Several legal experts said this industry practice exists for good reason. Market pressures compel software companies to release their products as soon as possible, even if this means the products contain some flaws. If a company took additional time to ensure that its products had no security flaws, the product would be obsolete by the time it hit the market, according to Anthony Lupo, a partner at Washington’s Arent Fox Kintner Plotkin & Kahn, who specializes in technology law. “Software products have life of two to three years,” Lupo said. “If it takes two years to ensure a product has no security holes, it would kill the product.” In addition to the protections provided by licensing agreements and standard industry practice, software companies receive comfort from legal rules that impede class actions against them. “It is hard to prove damages except on an individual basis, so you can’t do a class action” against a software company, said a partner at a prominent plaintiffs’ class action firm who wished to remain anonymous. “And you can’t sue to get a court order requiring the company to fix its software, because before you can get the order, the company has issued a patch for the software.” (“Patch” refers to corrective software.) Several class actions brought against Microsoft in the 1990s over nonsecurity issues illustrate the difficulty of holding a software maker liable for product flaws. These suits concerned a problem in the MS-DOS 6.0 operating system that allegedly destroyed some users’ data. A class action was filed in Texas against Microsoft, and the trial court and the appellate court approved the class certification. Microsoft v. Manning, 914 S.W.2d 602 (Texas App.-Texarkana (6th) 1995). Microsoft appealed to the Texas Supreme Court. While this appeal was pending, the district court sua sponte reversed itself and denied the class certification, said Sam Baxter, a partner at Dallas’ McKool Smith and one of the main attorneys for the Texas plaintiffs. Another class action filed against Microsoft in Alabama met the same fate, when the trial court decertified the class. Meanwhile, a third class action had been filed in Pennsylvania and, ultimately, after the rulings in Texas and Alabama, plaintiffs’ counsel in Pennsylvania declined to go forward with the suit, said Denis Sheils, a partner at Philadelphia’s Kohn, Swift & Graf, one of the lead counsel for the alleged class. The courts did not explain their reasons for dismissing the class actions. The attorneys contacted who were involved in the cases refused to speculate. While some legal experts are calling for a re-examination of software companies’ legal responsibilities, others warn of grave consequences if software companies were to be held liable for making and selling flawed products. Wagner said that imposing a negligence standard could drive small software companies out of business and kill the open-source software movement, in which software is made available to users free. The movement’s Linux operating system is emerging as one of the main competitors to Microsoft’s Windows. “Microsoft has lawyers who can navigate any regime,” Wagner said, “but open-source developers and small software companies don’t have the resources to hire lawyers if they need to defend themselves in court.”

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at [email protected]

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.