LIABILITY FOR DEFECTIVE HARDWARE AND SOFTWARE

Were you one of the lucky ones who managed to place your bet at the TAB for the 1996 Melbourne Cup? There is little doubt that the paper based book makers at the track were too busy to consider the fate of the software developer, network administrator and the hardware supplier involved. Did you?

What happens when the millennium bug rolls in?

The failure of TAB's computerised betting network to cope with the demand on Cup Day is a good example of how disastrous a system crash can be. At least no lives were lost in this case, unlike a failure in a radar control system, an operating theatre or a computer controlled chemical mixing factory.

Software and hardware developers must realise that they will be amongst the first parties to be involved in the case of system failures. The strength of their defence may ultimately rest on their contractual documentation and/or their documented methodologies of testing. Some may not wish to take the chance and prefer to insure.

This paper will examine the possible loss and damage which may be suffered, who may be left bearing that loss, the possible causes of action and practical measures to minimise and shift the loss.

System crashes or security breaches can result in:

• Loss of data
• Loss of time (consider the cost of having one operator's terminal down for a day, let alone a whole system)
• Business interruption and economic loss (both expectation and reliance loss)
• Physical destruction of equipment
• Personal injury
• Reputation loss
• Privacy/Confidential Information loss and damage

These matters have been found to constitute proper heads of loss and damage.

Possible parties to be sued include the software developer, the hardware or software supplier, the hardware manufacturer, the systems integrator, the maintenance company and the user. Employees of the various parties may in certain circumstance be included personally in the litigation. In fact, all parties who remain standing at the end of an information technology disaster will be considered potential parties.

Typical causes of action arise from :

• breach of contract
• the Copyright Act 1968 (Cth), the Patents Act 1990 (Cth) etc
• the Trade Practices Act (1974) (Cth) ( “the TPA” )
• other relevant legislation such as the Goods Act (Vic) 1958 ( “the Goods Act” )
• the Privacy Act 1988 (Cth)
• tort

If a condition or essential term of a contract is breached then there may be a claim for damages for losses incurred as well as the common law right to terminate the contract. A condition or essential term is a term of the contract going to the very root of the contract.

“The test of essentiality is whether it appears from the general nature of the contract considered as a whole, or from some particular term or terms that the promise is of such importance to the promisee that he would not have entered into the contract unless he had been assured of strict or a substantial performance of the promise and that this ought to have been apparent to the promisor.”

Terms which are of such importance in Information Technology projects may include (depending on degree):

• failure to get the software or hardware up and running (implementation or integration problems or simply bad design)
• failure of performance or functional requirements (hopefully, but not necessarily, as set out in annexures or schedules to the contract).
• the ability to change or modify the software or hardware
• failure of essential support obligations.
• excessive down time
• Intellectual Property rights infringement

Recoverable damages may include a claim for money to put the customer in the same situation as if the contract had been performed including loss of bargain (expectation loss) and damage suffered and expenditure incurred in reliance of the contract (reliance loss).

If the term is a warranty only then a claim only arises for damages or for rectification of the problem. Typical warranty breaches may include (depending on degree):

• reduction in hours of support.
• inability to correct minor faults.
• delays in providing support.
• inability to supply certain types of support.
• failure to provide minor functionality or performance requirements.

Clearly it may be desirable to have such breaches of warranties considered as a breach of a fundamental term and accordingly it is an option to have a supply contract which contains a termination clause which includes the right to terminate for breach of warranty.

The difference between a warranty and a fundamental term is of primary importance when a party no longer wishes to deal with the party in breach.

Unauthorised modifications to the software may be a breach of condition or warranty depending upon the contractual relationship between the parties and the extent of the modifications.

However, it would be difficult for a customer to rely upon a failure of its modifications or the failure of the supplier to support the customer's modifications as a breach of the contract unless special circumstances existed.

Such modifications may indeed relieve the supplier from all further maintenance obligations as to provide such maintenance would be outside the scope of the maintenance obligation and may be practically very difficult. Ideally the situation with respect to the respective obligations of the parties and ownership of such changes should be established before such modifications are made. Further, in appropriate circumstances, the insurer should be notified of such changes.

The inclusion of time outs or time bombs without release codes being supplied may amount to a breach of fundamental implied term which is not relieved, justified or condoned by a failure of the customer to pay licence fees. The supplier of such a program may well be exposed to a suit for, amongst others, breach of contract. Damages may in such circumstances include the loss of business during such interruption.

The TPA and the various parallel state statutes give rise to implied terms that goods will correspond with their description where they are sold by description, be of a merchantable quality and fit for a particular purpose where one is specified. Legislation such as the Goods Act also gives rise to further rights in relation to the sale of certain goods.

In connection with contracts of hire or supply of services, in certain circumstances there is an implied warranty that there must be care and skill expended in providing the services and where services are requested for a particular purpose or result then there is an implied warranty that the services will be reasonably fit for that purpose.

The statutory protection provided by the TPA to those involved in the sale and purchase of goods and services depends upon, amongst other things, the category in which the product in question falls as well as whether or not the customer is a “consumer” of goods or services.

The definition of “consumer” under the TPA includes goods or services for less than $40,000 or alternatively that the goods or services were of a kind ordinarily acquired for personal, domestic or household use or consumption.

The categorisation of computer software as goods or services for relief under the TPA is not clearly defined.

In Section 4 of the TPA the following definitions appear:

“Goods” includes ships, aircraft and other vehicles animals including fish minerals, trees and crops, whether on, under or attached to land or not; and gas and electricity

“Services” includes any rights (including rights in relation to, and interests in real or personal property), benefits, privileges or facilities that are to be provided, granted or conferred in trade or commerce, and without limiting the generality of the foregoing, includes the rights, benefits, privileges or facilities that are, or are able to be, provided, granted or conferred under -

a contract for or in relation to -

the performance of work (including work of a professional nature) whether with or without the supply of goods;

the provision of, or the use or enjoyment of facilities for, amusement, entertainment, recreation or instruction; or

the conferring of rights, benefits or privileges for which remuneration is payable in the form of a royalty, tribute, levy or similar extraction;

a contract of insurance

a contract between a banker and customer entered into in the course of the carrying on by the banker of the business of banking; or

any contract for or in relation to the lending of moneys

but does not include rights or benefits being the supply of goods or performance of work under a contract of service

In the Goods Act:

“goods” include all chattels personal other than things in action and money. [The term includes emblements and things attached to or forming part of the land which are agreed to be severed before sale or under the contract of sale]

“Services” means services by way of -

the construction, maintenance, repair, treatment, processing, cleaning or alteration of goods or fixtures on land;

the alteration of the physical state of land; or

the transportation of goods otherwise than for the purposes of a business, trade profession or occupation carried on or engaged in by the person for whom the goods are transported.

In Toby Constructions Products Pty Ltd v Computa Bar (Sales) Pty Ltd it was decided that the supply of computer hardware and software bundled together could constitute a sale of goods for the purposes of the TPA and the Sale of Goods Act 1932 (NSW) (which has the same definition as the Goods Act) but left open the question of whether a software package supplied independently of hardware may constitute a sale of goods. His Honour reasoning was that there was a sale of tangible chattels, a transfer of identifiable physical property in the supply of bundled hardware and software.

In the case of St Albans v City and District Council and International Computers Ltd Mr Justice Scott Baker found at page 21 :

“Strictly speaking I do not think that the point falls to be decided in the present case because I think, as I have earlier set out, that the defendants' obligations were expressly agreed, rendering reliance on the Sale of Goods Act unnecessary.

However, I am of the view that software is probably goods within the Act. Programs are, as has been pointed out, of necessity contained in some physical medium, otherwise they are useless. As Mr Mawrey put it, it is just as much a supply of goods as if paint were applied to a wall or printing ink to a blank page. It is not simply an abstract information passed by word of mouth. Entering software alters the contents of hardware.

If the supply of software is not a supply of goods it is difficult to see what it can be other than something to which non statutory rules apply, thus leaving the recipient unprotected in the absence of express agreement. My conclusion is that it is a supply of goods and that Mr Mawrey's arguments are correct.”

The Sale of Goods Act 1923 (UK) has a similar definition of “goods” as the Goods Act.

A further problem arises when there is no physical media of supply. Many products are now either installed or supplied electronically via the Internet, BBS or via the vendor's Online systems. Such installation will continue to increase as a cost effective distribution medium. It is not difficult to see various EPROMS in motor vehicles for instance being upgraded electronically by visiting an authorised garage. In such circumstances it is difficult to justify “software” as goods.

In Caslec Industries Pty Ltd v. Windhover Data Systems Gummow J found that breaches of Section 74(2) of the TPA had occurred with the supply of an “off the shelf” package and additional services. No detailed consideration was given to whether or not software was goods save that it was appropriate to apply Section 74(2).

The view of the author is that “services” would appear to be the most appropriate classification for software, however, the implications of that opinion, if correct, would be to deprive certain customers of a wide range of rights.

This view has been recently confirmed in Trumpet Software Pty Ltd v. OzEmail Pty Ltd by Heerey J who found that, amongst other things, that “the grant of a copyright licence and the benefits thereby conveyed is a “service””. That case involved the use of a “shareware” program outside the scope of its licence in circumstances in which the conduct could be said to be misleading and deceptive. eg. no acknowledgment of the copyright owners' rights or any other related fees which need to be paid prior to use. The program was available on the Internet.

Whilst this area of the law would seem rife for statutory amendment as suggested by Rogers J in the Toby Constructions case one can speculate that such amendment is not likely until prompted by a further international treaty. (Thirteen years have now elapsed since that judgment without action). Further, the delays in copyright reform leave little hope for amendments in the near future. The question is also relevant for the resale price maintenance provisions of the TPA, which have recently been amended, and insurance policies.

Part V Division 1A of the TPA provides powers for the publication of warning notices by the government in relation to dangerous goods, the banning of goods that do not comply with prescribed product safety standards, the banning of unsafe goods, the compliance with consumer product information standards, the compulsory recall of unsafe goods and notification to the government of voluntary recalls.

Obviously, a critical definition is whether or not software falls within the definition of goods for the purposes of Part V. There does not appear to be prescribed consumer product standards for software save for the Office of Film and Literature classifications which prima facie do not appear to be prescribed standards. There are software development and maintenance standards (AS3900.3) as part of ISO9001 but these standards are different to the prescribed standards contemplated by the TPA.

Part V Division 2A provides for actions against manufacturers and importers of goods which do not correspond with description, are of unmerchantable quality, which do not conform to sample, are unfit for purpose or manufacturers who do not comply with express warranties.

Section 74F is of interest in that it obliges, in some circumstances, a corporation to act reasonably in providing facilities and parts for the repair of goods ordinarily acquired for personal or domestic use. A corporation can, however, expressly disclaim such a responsibility if before the time of acquisition the lack of facilities and parts is made clear.

Part VA of the TPA is a strict product liability regime based on strict liability for loss suffered as a result of a defective goods and that are ordinarily acquired for private use.

The claimable loss is limited to personal injury, damage to goods or land, buildings and fixtures.

Under section 74A and section 75AB a “manufacturer” includes a corporation who holds itself out to the public to be a manufacturer or permits the name of the corporation or a brand or mark to be applied on the goods, or imported the goods. There are also mechanisms for obtaining information about the identity of a manufacturer.

Defences include that the defect did not exist when the goods were supplied, that the defect occurred because of a mandatory standard, that the defect could not have been discovered given the state of technical knowledge when the manufacturer supplied the goods and if the defect is in finished goods any relevant markings or instructions supplied with the goods.

One way manufacturers can manage their liability once their products have left their control is by product markings such as warnings and instructions. Although this will not limit or exclude the liability arising under statute, it may prevent that liability from arising in the first place.

Section 52 claims under the TPA for misleading and deceptive conduct and section 53 claims for false representations are potent causes of action against suppliers. They can also be used in conjunction with section 75B as a mechanism to pursue non-contracting parties in appropriate circumstances.

The scope of those sections is very wide and not to be under estimated. Of particular concern to the supplier is section 51A which makes the supplier liable for future representations for which it did not have reasonable grounds to make. Such representations may include the ability of the supplier to provide support services, encryption keys and access to source code that may be required for amendments. Pre-sales literature and representations can often be misleading and consequently expensive for the supplier.

In addition, parties may have common law rights to rescind a contract for misrepresentation. Representations as to the performance of a computer made in good faith can still be a negligent misrepresentation.

In Chippendale Printing Co v. Spunaline Pty Ltd , a software product which was supplied without the proper licence and which was unable to comply with the pre sales representations was found to breach Section 52 and Section 53 of the TPA.

In DSL Group Limited v Unisys it was found that the defendant had acted deceitfully, negligently and in breach of warranty in relation to the supply of a Mapper 10 computer and operating system. Specific allegations which were proven included:

• no new database design was required for the migration;
• no special training was required to develop Mapper 10 applications;
• the hardware and software was suitable for a migration of the existing systems; and
• that the plaintiff's design was adequate.

The exclusion clause in that case was not proven to exist. There was no formal contract.

At common law parties are free to structure their arrangements as they see fit. However, under the TPA and Part IV of the Goods Act any attempt to exclude or limit contractual liability that cannot be excluded or limited is void. The TPA does provide a limited exclusion of liability for the supply of goods and services other than a kind ordinarily acquired for personal, domestic or household use or consumption, subject to certain criteria.

Even if those criteria are satisfied, circumstances can arise to prevent strict reliance upon such exclusion clauses. First, the exclusion clauses are construed strictly against the party seeking to rely upon same if an ambiguity exists and in any event according to their natural and ordinary meaning read in the light of the contract as a whole thereby giving due weight to the context in which the clause appears including the nature and object of the contract .

Secondly, the clause cannot avoid certain terms implied by statute (see above) including misleading and deceptive conduct. In Westsub v Idaps the plaintiff had contracted the defendant to implement a new computer system. Due to representations made by the defendant the court found, amongst other things, that the defendant had engaged in misleading and deceptive conduct under section 52 of the TPA and was unable to rely upon its exclusion clause.

In brief, an action in the tort of negligence requires :

• a duty of care to be owed by the tortfeasor to the plaintiff
• that there has been a breach of that duty
• that as a result of that breach the plaintiff has suffered damage which is not too remote.

The standard of care required usually adopted is that of a reasonable man. (which is almost a contradiction in terms in the software industry) In considering whether a standard of reasonable care has been met the Court may consider issues such as the size of the risk, the likelihood of injury, the severity of the consequences, the cost and practicality of minimising the risk, the common practice of persons engaged in similar conduct and statutory guidelines regarding the required code of conduct (Query how much software development complies with AS 3900.3).

A problem that often arises with IT projects is that due to the complexity, speed of delivery and secrecy of the products involved customers often have limited knowledge of the goods and services being offered. Reliance is therefore placed on the advice of vendors, who know that their advice is being relied upon and fail to qualify it. In other commercial transactions such advice may neither be sought nor offered. It is only in recent years that IT vendors have become aware of their duty which may often conflict with their own interests and on large projects may approach almost a fiduciary duty in appropriate circumstances.

Further, tort is not limited to contractual situations and indeed extends beyond the vendor and its customers to parties who are not too remote.

In the past, courts around the world have viewed economic loss as being not as foreseeable or more remote as compared to loss and damages resulting from physical injury or direct damage. However in the recent case Bryan v Maloney an owner of a house (who was the third owner of the property) who had had no dealings with the builder of the house was awarded damages against the original builder of the house for economic loss due to faulty footings. The builder's appeal failed in the High Court and it was upheld that the builder owed a duty of care to subsequent purchasers for economic loss and that there was sufficient proximity to give rise to such a duty.

Although some of the judges made it clear that they did not intend to extend the judgment to chattels, it remains to be seen if further extensions of the law of negligence will be supported by the court. However, software developers would be well advised to confirm in writing that no allowance was being made for operation or testing of the program past the year 2000 for instance. Accordingly, the limited retainer must be spelt out.

Previous claims in tort have included :

• computerised name searches failing to find appropriate corporate entities or other information
• inaccurate selling/margin prices
• misleading financial information
• incorrect title information
• failure to renew leases, patents or other renewable items
• inaccurate information in Online services
• automatic reports being defamatory
• being informed that money had been paid or won when it was not so due
• inaccurate reservations
• inaccurate records leading to wrongful repossession
• public utilities wrongfully disconnected
• failure to make municipal estimates
• errors in flight control systems
• failure to maintain weather reporting systems
• computer controlled traffic control systems

However, tortuous liability for negligent misstatement can be excluded in certain circumstances by making it clear that the information or service provider is not assuming a duty of care. Typical efforts include warnings of limitations of liability at logon and during use of the service including warnings on all printed materials.

The damages which may be recovered from the supplier will be the amount of money necessary to restore the customer to the position it was in before the statement, subject to the loss being foreseeable.

At common law there is a duty on a party to mitigate the loss suffered by breach of contract and negligence. That obligation may extend as far as cooperating with the other party to resolve problems and is often overlooked in heat of the dispute. Further, “Trust in the infallibility of a computer is hardly a defence when the opportunity to avoid the error is apparent”

Perhaps the most fundamental of all risk management systems is ensuring that adequate backups are taken at regular intervals. Just because having a backup system is not common practice in some industries it does not mean you will be excused from having one by the courts. The law expects that people in positions of responsibility will take all reasonable steps to minimise the effects of a disaster.

Further, backups must be frequently audited by actual recovery runs on an independent site. Even minute changes of environment, hardware or software, can result in backups not being adequately recovered. Audit or report logs do not appear to be always reliable or sufficient. Further adequate recovery planning should include things such as the transport time to recover tapes from a remote site.

A key aspect to reporting errors is in locating the fault. To locate the fault it is important to record the following information each time a fault occurs :

• a general description of the fault
• the symptoms of the fault
• what happened before, during and after the fault
• the time and date of the fault
• the program reporting the error (including release and update levels)
• the program(s) running at the time of the fault (including release and update levels)
• the operating system including release levels and update levels
• the error number reported and any other relevant information displayed. error registers etc
• collect memory dumps, audit logs, error logs, message logs, transaction logs and any other information no matter how irrelevant. In serious failures an entire tape backup (if possible) should be taken for later evidence.
• a complete list of all hardware components including part numbers and BIOS levels
• Has the operation worked before?
• If so, what has changed?
• Can the fault be reproduced?

Your supplier may also have further information which it requires to be collected.

Version control can be critical to fault isolation and determination and it is important that versions are appropriately marked for both correcting the fault and subsequent possible litigation.

You should also report faults as soon as possible.

In the St Albans case, the fact the faulty program printed all zeros on a printed report (indicating a fault) was not sufficient to relieve the defendant from its subsequent negligent misstatement that the figures from the screen could be adequately relied upon, as, the fault was expressly reported to the defendant for attention.

Who will be initially called upon to fix the fault? Often the supplier that may be sued will be the first in attendance collecting evidence. Customers should take careful notes of all hardware items replaced and any other relevant information that may be obtained. Customers should also be wary of comments such as “Unable to ascertain the fault”. Suppliers likewise should be loathe to admit fault which would be most likely used against them in later litigation. For examples of some undesirable comments made by a supplier see Stephen Peter Byrne v. University of Melbourne.

If litigation ensues the availability of the information referred to above will become critical. It may be beneficial for the supplier to routinely erase all error tapes and records submitted and thus make such information unavailable for further study after discovery. This could be advantageous to the supplier for a number of reasons including storage of the media. However, to destroy only unfavourable records or data may lead to an inference that evidence is being destroyed. Further, such records cannot be produced in support of the supplier if they are no longer in existence.

What steps did you take to record evidence of the failure? With the number of software modules and hardware components in a modern computer system how are you going to identify your defendant. How many systems come from the one manufacturer/developer? Have a look inside a brand name computer and/or software system and you will be surprised at the number of countries and companies which can be found!

Often staff will fail to notice faults as they occur. Further, staff may notice faults but fail to act for a number of reasons including no formal fault notification scheme. Staff training and having adequate reporting systems can go a long way to alleviating these difficulties and create a good evidence trial for the litigation process. Minor faults with time critical systems should be acted upon to minimise any potential loss by such errors being reported to the appropriate people.

If your organisation's security depends on using passwords or encryption data it is necessary to manage the passwords and/or encryption keys. In designing your security system consideration should be given to all the system entry points including passwords and access to encryption keys.

Defensive practices should include:

• built in checks aimed at preventing and detecting unauthorised access, keeping in mind that there will be differing reasons for attack ranging from financial gain to sabotage
• ensuring that staff follow operating rules and procedures recommended by the designers
• an emphasis on security of hardware and operating systems when purchasing equipment
• allocating of responsibility so that no one has access to all resources required to perpetrate a crime
• ensuring physical security of computers & communication equipment including integrity of cabling
• inspection and certification of software
• ensuring that your supply contracts warrant that software is free of extraneous and/or dangerous code
• using hardware and/or software which cannot be penetrated by programmers for independent program development work.
• the control or removal of data recording material.
• employing system auditors or system engineers to evaluate the security of the system at the time of design and before final acceptance.

Additional problems include:

• the increased scope for a security breach
• Crashes
• Crime
• Privacy breaches
• Confidential Information loss and damage
• the increase scope for a defamation claim
• the inability to control/anticipate demand
• Jurisdictional issues

Defensive practices should include:

• firewalls
• consideration of the implications of running foreign code
• isolation of intranets
• Email policies
• How much load can your site handle?
• Are you using the same site for marketing and operations?

• What checks and balances do you have for publishing company materials?

Escrow of source code and associated materials may provide essential protection to a licensee. It involves the developer providing an independent third party with copies of source code and other relevant materials. In the event of certain triggering conditions such as the developer becoming subject to external administration (insolvent) the code and materials will be released to the customer who may then work with the code as and when required. It is also important for the express licence to modify and use such code be incorporated into any such agreement.

To be effective progress verification and inspection of the code and materials is required to ensure the adequate and proper code is being held in escrow. Such verification may include an external verification of the materials, random or full testing and a more technical examination if appropriate.

Many companies take out specific insurance policies to cover computer related risks. It is important to determine whether this area is adequately covered by your existing insurance policies. Your product liability or professional indemnity policies may not be adequate in this area. Professional indemnity insurance may not cover you if the policy does not cover loss arising from the sale or supply of goods and chattels. Public and Product Liability insurance may only cover you for personal injury and property damage. Damages for economic loss needs to be expressly considered.

Consumers purchasing computer hardware or software should carefully negotiate express warranties and minimise the exclusion of liability provisions in their supply contracts. Insurance policies may not cover you for damages which have resulted from the goods not being of the quality contracted for, or for the cost of repair or replacement or for the loss of use and similar consequential or commercial losses flowing from such a claim. Insurance policies may be limited to liability to pay compensation for personal injury or damage to property caused by any breach of duty in respect of goods and consequential losses.

Points to consider in choosing appropriate insurance coverage include:

• What is the duty of care upon the supplier?
• Does your policy extend to overseas coverage?
• The fact that design defects or defects in installation may not be covered.
• Are you covered for breach of contract?
• Is damage to your property or property in your charge or control covered if it is not subject to the liability insurance?
• Is your premium properly adjusted for increase in sales and/or product range?

Our ever increasing reliance on computer hardware and software is bound to be associated with a surge in litigation arising from “computer down time”. It is important for parties to clearly define who is responsible for which problems arising from system crashes and breaches and for the respective parties to have adequate insurance which will protect them from “down time liability”.

STEVE WHITE
WHITE SW COMPUTER LAW
DECEMBER 1996

www.computerlaw.com.au

© White SW Computer Law 1996

This article is a guide only and should not be used as a substitute for proper legal advice, readers should make their own enquiries and seek appropriate legal advice.