While the USA is plenty stupid and litigious sometimes, the EU has recently come up with one of the most destructive ideas ever:
In short, they're saying "Let's explicitly legislate that software developers are liable for security lapses."
Yes, possibly even for FOSS (open source software). Now this might sound like a really good idea to a non-programmer — but it's just not. And for further entertainment, let's say they do exempt FOSS. That would only stifle non-opensource developers and put them at a ridiculous disadvantage. I think the dual model performs well collectively — both FOSS, and closed source have their respective places in the software ecosystem. This is just an all-around bad idea for both.
Now I don't advocate absolute immunity for developers. That's silly — but let's leave that to the lawyers. Just like we've seen lawyers pierce corporate veils in perverse corporate liability cases here, lawyers can frequently establish liability in cases where a license or disclaimer specifies otherwise. That's their job, after all.
Legislating the liability will cause well-meaning, bright, productive developers to look over their shoulders — or simply not develop at all. Application developers will lock down APIs for fear that a plugin will expose a theretofore unexploitable or obscure vulnerability. And opensource developers who originate the code on two sides in a complex software system would be potentially liable, and waste exorbitant amounts of time litigating about whose fault it really was.
In the end, it will stifle productivity. If I were a WordPress developer in this hypothetical toxic environment (core — or plugins), I'd think twice before peddling my wares in the EU. WordPress and its "rich ecosystem" of plugins can be a security fiasco of sorts.
The licenses for FOSS typically stipulate that liability will not exceed the cost of the application ($0). Why bother exposing yourself, and what is the EU thinking?
One thing I do know — the lawyers are salivating — and legislating does nothing except feed them.
Related posts:
"3 Wise Comments Banged Out Somewhere On The Internet ..."
Yeah letting legislature handle these situations is probably the best idea. I think someday soon we will see more government interaction with online.
All sounds nuts to me, and another reason that more people here in the UK just want to get as far away from the maniacs in the EU as possible. As usual, it will be the legal people who benefit, and look at the state of litigation in the USA nowadays. Mad, mad world.
@Nick Stamoulis: Your comment got lost in my spam queue. I can't say I disagree any more than I already do, though. Letting the government handle things is a surefire way to have them legislate things like … 30% efficiency on engines? That's Unacceptable! We must be 95% efficient. I believe there was a senator from the 70s who, ignorant of engineering or thermodynamics, thought that was an intelligent thing to say. Let engineers innovate. Let senators do what they do and feel important. Sometimes we need laws, but the fewer the better.
|
