RE: Products Liability and Innovation. Was: ...
It's been interesting seeing the back and forth on this, especially since I kicked off this subthread. I've found the anti-liability arguments quite persuasive. Peter Trei
RE: Products Liability and Innovation. Was: ...
It's been interesting seeing the back and forth on this, especially since I kicked off this subthread. I've found the anti-liability arguments quite persuasive. Peter Trei
RE: Products Liability and Innovation. Was: ...
Black Unicorn[SMTP:[EMAIL PROTECTED]] From: Eugene Leitl [EMAIL PROTECTED] On Mon, 13 Aug 2001, Trei, Peter wrote: I hate to say this, but until software developers are held (at least at the corporate level) in some way liable for their failures, there will be little or no improvement in the situation. I think this is the wrong approach to the situation. Making people liable stifles innovation. I think 30+ years of active products liability jurisprudence might disagree with you. Just in the automotive world and off the top of my head: Automatic Breaking Systems, designed failure points (crumple zones), 6mph bumpers, safety glass, shoulder belts, passive belts, air bags and a host of other technologies or innovations that may or may not have been developed but for litigation are most probably the result of strict liability in products liability cases. The effect is to make safety profitable- or more accurately, to make unsafety unprofitable. See generally Posner, Hallman and the Chicago School of Law and Economics, an entire movement in legal thought centered on the idea that you are very wrong about the effect of liability on innovation. Now less I be misinterpreted, misworded, misquoted and misunderstood by the various misanthropic types here: Do I think that software should have products liability attached to it? No. Do I think strict liability stifles innovation? No. [I hate to post something that makes it look as if I'm doing further BU bashing (which is not my intention), but:...] When all you have is a hammer, everything looks like a nail. There are other groups which can apply pressure than lawyers, courts and Men with Guns. Auditors and insurance companies come to mind. Schneier has noted how improvements in safe (as in a secure metal box) technology was driven not by losses, not by customers, nor by lawsuits, but rather by insurance requirements. 'You're running your ecommerce site on IIS? Ok, that's 10% extra on your premiums. (This is already starting to happen). Peter Trei
RE: Products Liability and Innovation. Was: ...
Black Unicorn[SMTP:[EMAIL PROTECTED]] From: Eugene Leitl [EMAIL PROTECTED] On Mon, 13 Aug 2001, Trei, Peter wrote: I hate to say this, but until software developers are held (at least at the corporate level) in some way liable for their failures, there will be little or no improvement in the situation. I think this is the wrong approach to the situation. Making people liable stifles innovation. I think 30+ years of active products liability jurisprudence might disagree with you. Just in the automotive world and off the top of my head: Automatic Breaking Systems, designed failure points (crumple zones), 6mph bumpers, safety glass, shoulder belts, passive belts, air bags and a host of other technologies or innovations that may or may not have been developed but for litigation are most probably the result of strict liability in products liability cases. The effect is to make safety profitable- or more accurately, to make unsafety unprofitable. See generally Posner, Hallman and the Chicago School of Law and Economics, an entire movement in legal thought centered on the idea that you are very wrong about the effect of liability on innovation. Now less I be misinterpreted, misworded, misquoted and misunderstood by the various misanthropic types here: Do I think that software should have products liability attached to it? No. Do I think strict liability stifles innovation? No. [I hate to post something that makes it look as if I'm doing further BU bashing (which is not my intention), but:...] When all you have is a hammer, everything looks like a nail. There are other groups which can apply pressure than lawyers, courts and Men with Guns. Auditors and insurance companies come to mind. Schneier has noted how improvements in safe (as in a secure metal box) technology was driven not by losses, not by customers, nor by lawsuits, but rather by insurance requirements. 'You're running your ecommerce site on IIS? Ok, that's 10% extra on your premiums. (This is already starting to happen). Peter Trei
Re: Products Liability and Innovation. Was: ...
On Monday, August 13, 2001, at 10:14 AM, Trei, Peter wrote: [I hate to post something that makes it look as if I'm doing further BU bashing (which is not my intention), but:...] When all you have is a hammer, everything looks like a nail. There are other groups which can apply pressure than lawyers, courts and Men with Guns. Auditors and insurance companies come to mind. Schneier has noted how improvements in safe (as in a secure metal box) technology was driven not by losses, not by customers, nor by lawsuits, but rather by insurance requirements. 'You're running your ecommerce site on IIS? Ok, that's 10% extra on your premiums. (This is already starting to happen). I've been pointing this out for many years, and did so at very early Cypherpunks meetings. If you say Schneier has noted this, I'll take your word. The proper (moral, public choice theory, economically sound) approach is for those who want more security against theft to _pay_ for it. This through either their own choices, such as the choices I myself made for the type of gun safe I have in my house, or through the advice and pricing from their insurance companies. Holding a cheap safe maker strictly liable for loses when thieves use tin snips to cut through their safe is NOT the solution to the strong safe problem. Unfortunately, as Declan also notes, the men with guns tend to go for do this or we will shoot you solutions. I count mandatory air bags and seat belt laws in this category. Friedman's recent book Law's Order has many good economic analyses of tort situations, showing in nearly all cases that free market (mutually negotiated, noncoerced) produce more efficient results than non free market (imposed by government, coerced) solutions. Not surprising to libertarians, but useful to consider in the crypto context. Bringing strict liability into the world of security and crypto would result in the usual market distortions. As an example, one might expect a recommended security standard, decided upon by industry committees (with government, probably the NSA, involvement). Like airbags, this would then be mandated to be included in all Net connectivity and related products. Vendors would scramble to meet this requirement. And probably some form of escrow (to help resolve disputes, for the children) would be mandated-in. And of course it probably couldn't be too strong. Liability as currently interpreted can easily suppress innovation: Westinghouse froze the design of their boiling water nuclear reactors at roughly the 1960 level, except for minor changes in instrumentation and construction methods. The theory being that they had been given a kind of safe harbor on past designs (often done in conjunction with the Feds, as part of military reactor and AEC-led design projects) and that introducing innovations could alter the risk equation...even if it made the reactors better! Similarly, innovations in automobile design are suppressed by liability concerns. A car maker who improves the layout of gas and brake pedals faces lawsuits over accidents caused by the changes. (cf. sudden acceleration, aka nitwit stepped on the wrong pedal.) Peter Huber, in Galileo's Revenge, notes many cases where strict liability law has suppressed innovation. My favorite was the Florida case where a woman claimed a CAT scan made her lose her psychic powers. A jury awarded her $2 million in liability damages. (This also mixes in pseudoscience issues, but the liability laws are still implicated.) And speaking of CAT scans, or NMR, PET, etc. scans, many hospitals now routinely order such scans in nearly all cases of minor injury. My father went in for an exam and the doctor recommended an NMR scan of some sort. My father asked why. The doctor: Don't worry, your insurance will cover most of it. My father: I asked why I need this. Doctor: We really recommend it. To cut to the chase: Hospitals recommend such scans just in case. To cover their asses in a possible liability suit should some problem happen later in time. Is this due diligence? Well, NMR scans are not cheap, so the cost gets passed on in the usual ways. Is the average benefit worth it to the average patient who gets the we recommend it advice? Debatable. Except there _IS_ no debate about it, certainly not between the average patient and the average doctor. BTW, my father said No to the doctor. The doctor argued, then gave up. Apparently he felt my father was exposing _him_ to strict liability. (Needless to say, a patient's waiver is challengeable in the usual ways: I didn't know what I was signing, The doctor didn't explain to me that the scan might have detected the tumor I now have, and the other usual Mommy State whines.) Anyway, I think imposing FDA-type oversight and medical industry-type liability laws on the security and crypto industry would be a disaster. Here's one of my articles from 1996 about this issue: * To:
Re: Products Liability and Innovation. Was: Re: Traceable Infrastructure is as vulnerable as traceable messages.
On Mon, 13 Aug 2001, Black Unicorn wrote: Do I think that software should have products liability attached to it? No. Do I think strict liability stifles innovation? No. I would actually like to make a smaller point here. Broadly I agree with BU, but I'd like to analyze it a little. If software actually cost money per every unit produced, products liability would make more sense because then it could become part of the production costs. However, given that copying bits is in fact free (copyright issues aside), adding a real per-unit expense has the potential to *dominate* the production cost. Open-source software would become impossible to produce, because the whole open-source paradigm depends on copying bits being free. I think MS would like nothing better than having products liability attached to software in general; it would solve a massive problem for them by putting open-source stuff out of production. Even though the open-source stuff is better from a security standpoint, there is effectively no one who is making enough money from it to bear the costs of product liability. Some security consultants *do* bear the cost of product liability on software they install and configure; they are paid obscene amounts of money to take that risk and do the solid configurations that minimize it, and that is as should be. The effect of product liability on the industry as a whole would be to remove the only secure products available (open-source products), making it effectively impossible for security consultants to do their jobs. Bear
More Liability Issues. Was: Re: Products Liability and Innovation.
- Original Message - From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, August 13, 2001 12:34 PM Subject: Re: Products Liability and Innovation. On 13 Aug 2001, at 9:42, Black Unicorn wrote: - Original Message - From: Eugene Leitl [EMAIL PROTECTED] To: Trei, Peter [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; Faustine [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, August 13, 2001 7:49 AM Subject: RE: Traceable Infrastructure is as vulnerable as traceable messages. On Mon, 13 Aug 2001, Trei, Peter wrote: I hate to say this, but until software developers are held (at least at the corporate level) in some way liable for their failures, there will be little or no improvement in the situation. I think this is the wrong approach to the situation. Making people liable stifles innovation. I think 30+ years of active products liability jurisprudence might disagree with you. Just in the automotive world and off the top of my head: Automatic Breaking Systems, designed failure points (crumple zones), 6mph bumpers, safety glass, shoulder belts, passive belts, air bags and a host of other technologies or innovations that may or may not have been developed but for litigation are most probably the result of strict liability in products liability cases. Well, nobody can say with certainty exactly what would have happened in contrary-to-fact situations, and litigation will probably encourage some innovations while discouraging others, Points all taken. but it seems to me that litigation is highly unlikely to encourage innovation overall; it seems to me that you are much more likely to lose a case if your product is hazardous in a way that distinguishes itself from the industry standard, even if it's safer overall, and in any case most potential innovations don't have anything to do with increasing safety. Points also taken. In a more or less unregulated market, consumers are free to value product safety as they choose. Legislation which, say, mandates air bags appears to assume that consumers tend to undervalue their own safety, a proposition I object to on philosophical grounds. Liability works more or less the same way. Think of it this way. The proposition that the strict liability doctrine makes is that certain activities are ultra hazardous. One of these is product design. Strict liability- essentially the proposition that no showing of negligence is required for the plaintiff to prevail- is generally thought of as a mechanism to allocate the risk onto the market actor. Economically speaking this is intended to spur the innovator to self insure or to design safety (safety from litigation anyhow) into the product, or at least have a strong regard for it during the development process. This in contrast to the negligence standard- where the innovator has to have been shown to be willfully negligent in design and therefore a good portion of the risk of the product development is shifted back to the end user. The theory is that if your goal is to reduce accidents and claims you allow the market to incorporate that sort of risk (which in early innovation looks a lot like an externality) into the innovation process. Activities, it is argued, which cannot be made sufficiently safe to be economically viable in the market will not be undertaken because the market will not support such activities. Proponents of products liability point to this in justifying the policy. (Critics primarily point to the unfairness of assigning liability to actors who have not acted negligently). The showing for a plaintiff for products liability works something like this, although admittedly this is very simplified: 1. Plaintiff used the product according to directions. 2. Plaintiff was injured. That's pretty much it. This is why safety is a big deal in automobile design and why gun manufacturers have managed to duck major products liability issues for the most part (misuse). Since automobile design flaws of sufficient magnitude can cause death and big money law suits, the market has incorporated that component of the risk into the design cost of the product either ex ante (during the design process) or ex post (by compensating the aggrieved parties). Costs are shifted onto the market when they are passed on (ex ante or ex post) in the form of product cost. This is the way that strict liability specifically, and the legal process in general, tends to spur on innovation. The effect is to make safety profitable- or more accurately, to make unsafety unprofitable. Right. Safety at all costs. The cost of safety is already too high in most industries IMNSHO. Well, I would argue that it is self adjusted by the market when we are talking about products liability. The market has put a price on safety by forcing producers either to design safe, and limit ex post costs incurred by litigation in favor of ex ante
Re: Products Liability and Innovation. Was: ...
On Mon, Aug 13, 2001 at 01:14:10PM -0400, Trei, Peter wrote: other groups which can apply pressure than lawyers, courts and Men with Guns. Auditors and insurance companies come to mind. Schneier has noted how improvements in safe (as in a secure metal box) technology was driven not by losses, not by customers, nor by lawsuits, but rather by insurance requirements. Minor note: I'd argue that insurance requirements, in a free market, are in the end driven by losses or prospective losses. -Declan
Re: Products Liability and Innovation.
On 13 Aug 2001, at 9:42, Black Unicorn wrote: - Original Message - From: Eugene Leitl [EMAIL PROTECTED] To: Trei, Peter [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; Faustine [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Monday, August 13, 2001 7:49 AM Subject: RE: Traceable Infrastructure is as vulnerable as traceable messages. On Mon, 13 Aug 2001, Trei, Peter wrote: I hate to say this, but until software developers are held (at least at the corporate level) in some way liable for their failures, there will be little or no improvement in the situation. I think this is the wrong approach to the situation. Making people liable stifles innovation. I think 30+ years of active products liability jurisprudence might disagree with you. Just in the automotive world and off the top of my head: Automatic Breaking Systems, designed failure points (crumple zones), 6mph bumpers, safety glass, shoulder belts, passive belts, air bags and a host of other technologies or innovations that may or may not have been developed but for litigation are most probably the result of strict liability in products liability cases. Well, nobody can say with certainty exactly what would have happened in contrary-to-fact situations, and litigation will probably encourage some innovations while discouraging others, but it seems to me that litigation is highly unlikely to encourage innovation overall; it seems to me that you are much more likely to lose a case if your product is hazardous in a way that distinguishes itself from the industry standard, even if it's safer overall, and in any case most potential innovations don't have anything to do with increasing safety. In a more or less unregulated market, consumers are free to value product safety as they choose. Legislation which, say, mandates air bags appears to assume that consumers tend to undervalue their own safety, a proposition I object to on philosophical grounds. Liability works more or less the same way. The effect is to make safety profitable- or more accurately, to make unsafety unprofitable. Right. Safety at all costs. The cost of safety is already too high in most industries IMNSHO. See generally Posner, Hallman and the Chicago School of Law and Economics, an entire movement in legal thought centered on the idea that you are very wrong about the effect of liability on innovation. An entire movement dedicated to the idea that Eugene is very wrong? Now I'm jealous, I can be as wrong as him, wronger even. Now less I be misinterpreted, misworded, misquoted and misunderstood by the various misanthropic types here: Do I think that software should have products liability attached to it? No. Do I think strict liability stifles innovation? No. On behalf of my fellow misanthropes, thanks for the clarification. George
Re: More Liability Issues. Was: Re: Products Liability and Innovation.
On 13 Aug 2001, at 13:33, Black Unicorn wrote: The theory is that if your goal is to reduce accidents and claims you allow the market to incorporate that sort of risk (which in early innovation looks a lot like an externality) into the innovation process. Activities, it is argued, which cannot be made sufficiently safe to be economically viable in the market will not be undertaken because the market will not support such activities. Strikes me as being a circular argument, since which activities are sufficiently safe to be economically viable depends on the size of the awards. Proponents of products liability point to this in justifying the policy. (Critics primarily point to the unfairness of assigning liability to actors who have not acted negligently). Less misanthropic ones, maybe. We more misanthropic critics are more likely to complain about being prevented from engaging activities which we know damn well contain an element of risk, a risk we are willing to assume because in our judgement the benefits outweigh the risks. The showing for a plaintiff for products liability works something like this, although admittedly this is very simplified: 1. Plaintiff used the product according to directions. 2. Plaintiff was injured. That's pretty much it. This is why safety is a big deal in automobile design and why gun manufacturers have managed to duck major products liability issues for the most part (misuse). Since automobile design flaws of sufficient magnitude can cause death and big money law suits, the market has incorporated that component of the risk into the design cost of the product either ex ante (during the design process) or ex post (by compensating the aggrieved parties). Costs are shifted onto the market when they are passed on (ex ante or ex post) in the form of product cost. I had to read this about a dozen times before it made sense to me, here's why: there's an implicit assumption here that the damages awarded in liability lawsuits acurately reflects the actual damages suffered by the plaintiff. The impression I get is that awards tend to be orders of magnitude larger than they should be. This is the way that strict liability specifically, and the legal process in general, tends to spur on innovation. The effect is to make safety profitable- or more accurately, to make unsafety unprofitable. Right. Safety at all costs. The cost of safety is already too high in most industries IMNSHO. Well, I would argue that it is self adjusted by the market when we are talking about products liability. The market has put a price on safety by forcing producers either to design safe, and limit ex post costs incurred by litigation in favor of ex ante costs, or minimize safety spending and catch the costs ex post. Either way the costs are spread over the market and at least mostly linked to the actual effect of safety provisions in reducing harm/accidents/etc. If a mini-van is too costly to make safe then it will not be produced. That's the point of strict liability. Force the actor to spend more time evaluating the wisdom of the action. This often necessitates more RD and hence more innovation. (Faster airbags, better seat belts, etc.) Saying the cost of safety is already too high is probably misplaced- at least in this isolated example of automotive manufacture. I really don't think so. I think we're at the point where around 10-50 million dollars are spent per life saved, and I don't think most people are worth anything near that. I wouldn't even value my own life that highly; that is to say, I probably wouldn't take certain death for 50 million, because I'm not sure what I'd spend the money on if I were dead, booze and hookers would do me no good, but I'd probably take a 10% chance of death for 5 million. I suspect when you do the economical analysis, if you assume your damages awarded actually equal damages suffered, with strict liability you end up with the same products on the market and the same corporate profits as you would in a world where you assume no strict liability but that assume customers are able to correctly evaluate risks in their purchasing decisions, the main difference being that with strict liability the costs are smeared over all consumers and without it the costs are born solely by the ones that suffer mishaps. George