Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

So sue me

by tlm (Prior)
on Apr 09, 2005 at 15:35 UTC ( #446251=monkdiscuss: print w/ replies, xml ) Need Help??

While we are on the subject of legal issues, upon chasing one of the links (merlyn and the 5000-line perl-4 style "auction" script) in The Lighter Side of Perl Culture (Part I): Introduction, I came across this quote by merlyn (read the original here):

Even worse, suppose a server got 0wn3d by running your code. Do you have enough lawyers to defend yourself in court? Are you prepared to do so? In fact, now that I've pointed out the potential security hole to you, you can no longer claim neglect. You are now liable for knowingly providing bad code. I suggest you remove your program immediately to prevent further tort exposure, especially since our correspondence here is a matter of public record now.
It got me thinking about the liability of posting code online.

Granted, one has to keep in mind that I found this quote by following a link in the section "Mailing List Theatre" of TLSOPCI, so maybe merlyn was just hamming it up a bit to get the guy to yank some bad code from circulation. But if it's all theatrics, he's doing a pretty convincing job of it. Granted also, the code that merlyn was commenting on was apparently atrocious (I actually haven't looked at it, but I take his word for it). But a subtle bug has the potential for being as damaging as an obvious one.

I tried to Google this topic but I came up empty. Basically everything I found on the liability of posting code had to with posting proprietary code or code that could be used to circumvent anti-piracy schemes, etc. Nothing on the issue alluded by the quote above, i.e. liability due to posting buggy code that may cause some significant damages to its users. (Of course, license agreements including legal disclaimers on free software are common, but here I'm referring to source code directly posted at sites like PM, rather than full-blown applications). I'm sure that there is some legal blurb about this out there somewhere; I just haven't found just the right search strategy.

I found nothing via SuperSearch either, which leads me to my next point. Should we start sticking legal disclaimers in our posts? Would it make sense to have some PM Legal Disclaimer Node with some boilerplate disclaimer we can link to with a little See legal disclaimer in our signatures? Something like this perhaps (which I adapted1 from one of the item's in Perl's Artistic License):

ALL SOURCE CODE POSTED IN WWW.PERLMONKS.ORG IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
(It sounds a little ridiculous, I agree, but I think this is par for the course for the legal disclaimer genre.)

Last summer I went out on a group hike that started with legal forms being passed around for everyone to read and sign, releasing the organizers from all liability. It was an awful way to start what was meant to be a fun event, literally "a walk in the woods", not some extreme adventure. This sort of thing is increasingly pervasive, at least in the US, and I hate to be part of it. What do you all think? Do you know of any legal precedent for the scenario that merlyn alludes to in the quote above?

1 Does this make me a PLAGIARIST??? Maybe I should get some breakfast...

the lowliest monk

Comment on So sue me
Re: So sue me
by itub (Priest) on Apr 09, 2005 at 16:00 UTC
    There's something I've always wondered, maybe someone here knows... why do the disclamer paragraphs in licenses ARE ALMOST ALWAYS IN ALL CAPS? Is there some law or legal precedent that makes clauses in ALL CAPS more binding?

      My vote is that many attorneys are lazy, many are plagiarists, and many don't want to rewrite decent (for various odd values of the word) existing contract language. Don't ask me how those sets overlap.

      All caps is harder for people to read. Unnecessary legal jargon makes it harder to understand. I would assume that this is a defensive measure to ensure that the person signing the document doesn't have an chance to completely read and comprehend the document, as their mind goes into a sort of 'flight or fight' response, whereby, they either give up, and sign the document, or refuse to sign what they don't agree with.

      As many people aren't willing to admit that they don't understand something, they just go ahead and sign away their rights.

      I've recently discovered, that when I bought my house, and went through the many, many pages of forms (I think it took me over 2 hrs), I missed one number, which wouldn't seem to significant (the appraised value of the house), but because they got the number wrong, I've been paying PMI for the last 5 years. To this day, I have no idea if that was intentionally done, as they tried to sneak something past me, and run up the profit made on the loan, or if it was a simple mistake. But well, I signed it, so I had to pay it.

      ps -- I've only ever had one class on contracts, about 10 years ago. I'm not a lawyer, but I was raised by one, so I've learned the art of convenient rationalization.

      I've heard that there was actually a case where it was ruled that a vendor had deliberately buried a legal disclaimer in the "fine print" to keep the buyer from being aware of it. Therefore the buyer hadn't really agreed to it and wasn't bound by those provisions. Because of that precedent, certain things have been put in capital letters so that people can't argue that the disclaimers were deliberately buried.

      I don't know if that is true, but if it were, it would be on par with what I've come to expect from the legal system.

      Yes, caps are sort of more binding. The Uniform Commercial Code (UCC), a set of laws about contracts and commerce that has been adopted by all the states in order to normalize comemrcial law in the US, requires that certain parts of a contract be "conspicuous," because they go contrary to the legal "default settings."

      For example, competently written contracts will usually have all caps or large font for the disclaimer of the two implied warranties (merchantability and fitness for a particular purpose), because wherever the UCC is the law of the land, a seller implicitly warrants those two qualities in what he sells. He must conspicuously disclaim them in the contract.

      This is why, e.g., in the brief form of the GPL included with programs it reads:

      "This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details."

      Specifically, the two implied warranties are disclaimed in caps. See http://www.law.cornell.edu/ucc/2/2-316.html for more

Re: So sue me
by Popcorn Dave (Abbot) on Apr 09, 2005 at 19:11 UTC
    While I see your point completely, I don't know that PerlMonks needs the disclaimer. All you're going to get here is code. What you do with it is up to you. It's not being paid for - anyone can come here and take what they want - and since that's the case, who do you litigate against for what basically amount to opinions?

    Sometimes all it takes to get the lawyers to go away is to call their bluff. Slashdot had link to this article today about someone who called MS's bluff and won.

    Unfortunately, sometimes lawyers are a necessary evil. But I long for the days when people actually discussed their disagreemens before bothering to head to court.

    Useless trivia: In the 2004 Las Vegas phone book there are approximately 28 pages of ads for massage, but almost 200 for lawyers.
Re: So sue me
by chas (Priest) on Apr 09, 2005 at 20:25 UTC
    The suggestion that it might make sense to have a "PM Legal Disclaimer Node" seems quite reasonable to me (although providing a link in all code posts is likely overkill.) It seems that one can be sued for almost anything these days, and a suit can cause a lot of expense and grief even if it is completely frivolous and without merit. I'm not an attorney and have no idea if opinions expressed on PM could be the basis of a legitimate suit (although I did read the Camel book at a Holiday Inn Express once), but that's probably irrelevant for the reason indicated in the previous sentence.
    By the way, I've always wondered if one could use the fact that it is not generally possible to check program correctness to defend against suits involving damages related to use of software. Although I have no great love for some large software vendors, I have always felt that it's somewhat unfair to make them liable for bugs in large pieces of software (e.g. OS's) (unless it could really be proved that they deliberately released software that they knew was dangerous to the user.)
    (On a related but lighter note, I've always liked the following "definitions" of software versions:
    alpha version - "doesn't work"; beta version - "still doesn't work".)
    chas
    (Update: Actually, I don't know whether or not there already exists some kind of disclaimer on PM. Someone else can undoubtedly answer that.)
Re: So sue me
by FuBaR (Acolyte) on Apr 10, 2005 at 04:12 UTC
    I think that it would be a real stretch for any lawyer to sucsessfuly sue a poster from here for a snippit of code that someone else used in a program/script.
    A lot of times it's just psudo code anyway. Here in Canada the junk lawsuits aren't as bad (yet) as they are in the US.
    Having said that, a disclaimer on the site couldn't hurt. I doubt it would help though, there are to many cases where disclaimers/contracts were taken to court anyway.

    I have written a lot of software for a lot of different people/companies and I have met a few that I said "no thanks" to and let the next programmer get sued.
    In a nutshell, if someone really wants to sue you there isn't a damn thing that you can do about it. With a lawsiut even if you win you loose.
Re: So sue me
by Anonymous Monk on Apr 11, 2005 at 08:56 UTC
    Has anyone been sued and lost the case for code posting to Perlmonks? Or for code posted to Usenet, which has existed for much longer, and covers many more languages than Perlmonks does? As long as Matt Wright walks around a free man, I really don't think this is an issue. Besides, if you now put a disclaimer here, it kind of suggests you are accepting liability for code posted here in the past.

    But if PM were to put a disclaimer here to avoid posters from being sued, I suggest they would hire a lawyer to write the legalize - it would be bad to pick a wording that isn't going to hold up in court.

    Alternatively, post all your code as AM. ;-)

Re: So sue me
by Fletch (Chancellor) on Apr 14, 2005 at 16:40 UTC

    Man, this reminds me I still haven't picked up Web & Software Development: A Legal Guide ( ISBN 1413300871 ) that someone mentioned the last time a similar topic came up here.

Re: So sue me
by kwaping (Priest) on Apr 15, 2005 at 19:39 UTC
    Caveat emptor. 'Nuff said. :)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: monkdiscuss [id://446251]
Approved by Joost
Front-paged by Joost
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (12)
As of 2014-12-29 16:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Is guessing a good strategy for surviving in the IT business?





    Results (193 votes), past polls