What seems to be at play here is the capability of open source that has enabled great software reuse by large commercial ventures is under threat by lawmakers that don't seem to fully grasp the landscape of open source.
The liability of software and products should be with the builders of that product. This is a bit of a tricky situation, because if you're building a skyscraper a it falls down because of faulty concrete pylon footings, who's at fault, who is liable? You or the company that poured the pylons?
What seems to be at play here is the capability of open source that has enabled great software reuse by large commercial ventures is under threat by lawmakers that don't seem to fully grasp the landscape of open source.
The liability of software and products should be with the builders of that product. This is a bit of a tricky situation, because if you're building a skyscraper a it falls down because of faulty concrete pylon footings, who's at fault, who is liable? You or the company that poured the pylons?
What seems to be at play here is the capability of open source that has enabled great software reuse by large commercial ventures is under threat by lawmakers that don't seem to fully grasp the landscape of open source.
The liability of software and products should be with the builders of that product. This is a bit of a tricky situation, because if you're building a skyscraper a it falls down because of faulty concrete pylon footings, who's at fault, who is liable? You or the company that poured the pylons?
Also, open source provides an avenue for companies to launder their own responsibilities. That loophole should be closed.
Anyway, it's not an open and shut caae of "absolutely no liability for open source developers ever." Frankly, software quality would improve tenfold virtually overnight if developers knew they could be sued for doing lousy work. That's not a "chilling effect", it's responsible regulation of potentially dangerous products.
Also, open source provides an avenue for companies to launder their own responsibilities. That loophole should be closed.
Anyway, it's not an open and shut caae of "absolutely no liability for open source developers ever." Frankly, software quality would improve tenfold virtually overnight if developers knew they could be sied for doing lousy work. That's not a "chilling effect", it's responsible regulation of potentially dangerous products.
We Germans always have to make an analogy with cars đ , so here you go: If thereâs a guy on the street offering you a car and he says, âoh, maybe itâll drive, maybe itâll explode, who knows â either way, the risk is yours, Iâm just offering itâ, you might still be interested in using that car for certain things. But you wouldnât use it as an ambulance car or a taxi or whatever. Or you might actually do that after carefully inspecting it and/or fixing some things.
So, if there actually are any liability issues here in the current laws â I know nothing about that field, especially not when it comes to *corporations* â, I think this should be fixed at the userâs end. You run a hospital? Then there are certain standards for you and youâre liable for certain things. If that implies that you can no longer use, say, nginx, then thatâs not nginxâs problem, but yours.
I would argue that you *cannot* hold programmers liable if they contribute to a free software project that is publicly available, because you donât know how this software is going to be used.
(Plus, I have a hard time imagining how you as a programmer could prove that youâve done a good job. Whatâs the criterium here? Clearly, it canât be âno bugs everâ. So, what is it, âno damage above 1000 dollarsâ or something like that? What does the EU thingy say here?)
We Germans always have to make an analogy with cars đ , so here you go: If thereâs a guy on the street offering you a car and he says, âoh, maybe itâll drive, maybe itâll explode, who knows â either way, the risk is yours, Iâm just offering itâ, you might still be interested in using that car for certain things. But you wouldnât use it as an ambulance car or a taxi or whatever. Or you might actually do that after carefully inspecting it and/or fixing some things.
So, if there actually are any liability issues here in the current laws â I know nothing about that field, especially not when it comes to *corporations* â, I think this should be fixed at the userâs end. You run a hospital? Then there are certain standards for you and youâre liable for certain things. If that implies that you can no longer use, say, nginx, then thatâs not nginxâs problem, but yours.
I would argue that you *cannot* hold programmers liable if they contribute to a free software project that is publicly available, because you donât know how this software is going to be used.
(Plus, I have a hard time imagining how you as a programmer could prove that youâve done a good job. Whatâs the criterium here? Clearly, it canât be âno bugs everâ. So, what is it, âno damage above 1000 dollarsâ or something like that? What does the EU thingy say here?)
We Germans always have to make an analogy with cars đ , so here you go: If thereâs a guy on the street offering you a car and he says, âoh, maybe itâll drive, maybe itâll explode, who knows â either way, the risk is yours, Iâm just offering itâ, you might still be interested in using that car for certain things. But you wouldnât use it as an ambulance car or a taxi or whatever. Or you might actually do that after carefully inspecting it and/or fixing some things.
So, if there actually are any liability issues here in the current laws â I know nothing about that field, especially not when it comes to *corporations* â, I think this should be fixed at the userâs end. You run a hospital? Then there are certain standards for you and youâre liable for certain things. If that implies that you can no longer use, say, nginx, then thatâs not nginxâs problem, but yours.
I would argue that you *cannot* hold programmers liable if they contribute to a free software project that is publicly available, because you donât know how this software is going to be used.
(Plus, I have a hard time imagining how you as a programmer could prove that youâve done a good job. Whatâs the criterium here? Clearly, it canât be âno bugs everâ. So, what is it, âno damage above 1000 dollarsâ or something like that? What does the EU thingy say here?)
Firstly, contributing software to an open source project cannot be a blanket "get out of jail free" card. That's a sociopathic stance, on its face, and just cannot be accepted.
Secondly, the fact that software licenses state that the software is provided without warranty/liability is meaningless until those clauses are tested in court cases. If judges say "bullshit" to the "no warranty" clauses, and hold developers accountable anyway, then those clauses become meaningless (at least in the US, where case law and precedent matter).
But thirdly, and most importantly, there is always context that absolutely has to be taken into consideration. Sure, you'd be foolish to jump into a random person's for-rent car thinking it'll be a good ambulance. But if the car has "Ambulance" painted on it, and the driver repeatedly tells you they also drive ambulances for the city hospital, and there's a siren on top, that person can and should be held liable for falsely presenting themselves as an ambulance. Even if they do have a tiny little note somewhere that says "not an actual ambulance".
And the same should happen in software. If people are working on an open source project that has been used in dangerous situations, and they are fully aware that this could happen again, then they absolutely should face liability if their code kills somebody (for instance). We literally do this *in almost every other aspect of life*, so why should software developers be free from all responsibility? Engineers who design buildings have to take out liability insurance because they can be personally sued if their designs cause harm. Doctors take out malpractice insurance in case their advice causes harm.
Firstly, contributing software to an open source project cannot be a blanket "get out of jail free" card. That's a sociopathic stance, on its face, and just cannot be accepted.
Secondly, the fact that software licenses state that the software is provided without warranty/liability is meaningless until those clauses are tested in court cases. If judges say "bullshit" to the "no warranty" clauses, and hold developers accountable anyway, then those clauses become meaningless (at least in the US, where case law and precedent matter).
But thirdly, and most importantly, there is always context that absolutely has to be taken into consideration. Sure, you'd be foolish to jump into a random person's for-rent car thinking it'll be a good ambulance. But if the car has "Ambulance" painted on it, and the driver repeatedly tells you they also drive ambulances for the city hospital, and there's a siren on top, that person can and should be held liable for falsely presenting themselves as an ambulance. Even if they do have a tiny little note somewhere that says "not an actual ambulance".
And the same should happen in software. If people are working on an open source project that has been used in dangerous situations, and they are fully aware that this could happen again, then they absolutely should face liability if their code kills somebody (for instance). We literally do this *in almost every other aspect of life*, so why should software developers be free from all responsibility? Engineers who design buildings have to take out liability insurance because they can be personally sued if their designs cause harm. Doctors take out malpractice insurance in case their advice causes harm. But software developers get to commit all manner of bullshit, and never face any consequences? No way, that's stupid.
> Firstly, contributing software to an open source project cannot be a blanket "get out of jail free" card. That's a sociopathic stance, on its face, and just cannot be accepted.
I donât understand. Why is that sociopathic? (Language barrier here? I really donât get what you mean.)
> But thirdly, [âŚ] And the same should happen in software. [âŚ]
How do you *really know* if a project has been used in dangerous situations? (If this changes in the future, are programmers that contributed in the past â when this project was not yet used in dangerous situations â also liable?)
> Firstly, contributing software to an open source project cannot be a blanket "get out of jail free" card. That's a sociopathic stance, on its face, and just cannot be accepted.
I donât understand. Why is that sociopathic? (Language barrier here? I really donât get what you mean.)
> But thirdly, [âŚ] And the same should happen in software. [âŚ]
How do you *really know* if a project has been used in dangerous situations? (If this changes in the future, are programmers that contributed in the past â when this project was not yet used in dangerous situations â also liable?)
> Firstly, contributing software to an open source project cannot be a blanket "get out of jail free" card. That's a sociopathic stance, on its face, and just cannot be accepted.
I donât understand. Why is that sociopathic? (Language barrier here? I really donât get what you mean.)
> But thirdly, [âŚ] And the same should happen in software. [âŚ]
How do you *really know* if a project has been used in dangerous situations? (If this changes in the future, are programmers that contributed in the past â when this project was not yet used in dangerous situations â also liable?)
>> Firstly, contributing software to an open source project cannot be a blanket âget out of jail freeâ card. Thatâs a sociopathic stance, on its face, and just cannot be accepted.
> I donât understand. Why is that sociopathic? (Language barrier here? I really donât get what you mean.)
Imagine an open source software project that is designed, from day 1, to produce software to drive a planet-destroying weapon. The fact that it is an open source project does not allow the software developers involved to freely make the software for the planet-destroying weapon without any responsibility for the consequences of using the weapon. They are directly involved in an activity that will destroy the planet, and they should be treated as such.
That is extreme, obviously, but the point is that there is a line somewhere. A hobby project is obviously not dangerous to anyone. A planet-destroying weapon is. It is sociopathic--literally, deadly to society--to pretend otherwise. I *all other sphere of life*, we are careful to distinguish which behaviors are dangerous from which behaviors are not. Why should open source software development be any different?
It should not be different. Some open source software development is dangerous, and should be treated appropriately.
Yeah, we probably have to agree to disagree here.
I still think it would be better to put the burden of liability on the users â no matter if theyâre private individuals or big companies. (And isnât that already the case? Do we even have to solve a *legal liability problem*? Not talking about software quality here, thatâs a whole other issue.)
> Trust me, if people got sued or went to jail, the tech industry would figure out really fast how to make these determinations.
Yeah, they would. Itâs simple: No more free software, no more publicly available projects. The only software that would ever exist is software made by large corporations who can afford the appropriate insurances and lawyers.
What youâre proposing is either classifying software in advance as âdangerousâ or âharmlessâ (Iâd argue thatâs impossible â as an extreme, think of libraries, theyâd *all* be âpotentially dangerousâ), or threatening free software projects with lawsuits if, at some point in the future, these projects caused an accident.
Why would anyone publish free software or contribute to it under these conditions?
> Why should open source software development be any different?
IMHO because you can make software publicly available and anyone can use it for whatever they want, which the author has zero control over.
Anyway, have a good night, Iâm gonna enjoy a couple of movies now. đ đ
Yeah, we probably have to agree to disagree here.
I still think it would be better to put the burden of liability on the users â no matter if theyâre private individuals or big companies. (And isnât that already the case? Do we even have to solve a *legal liability problem*? Not talking about software quality here, thatâs a whole other issue.)
> Trust me, if people got sued or went to jail, the tech industry would figure out really fast how to make these determinations.
Yeah, they would. Itâs simple: No more free software, no more publicly available projects. The only software that would ever exist is software made by large corporations who can afford the appropriate insurances and lawyers.
What youâre proposing is either classifying software in advance as âdangerousâ or âharmlessâ (Iâd argue thatâs impossible â as an extreme, think of libraries, theyâd *all* be âpotentially dangerousâ), or threatening free software projects with lawsuits if, at some point in the future, these projects caused an accident.
Why would anyone publish free software or contribute to it under these conditions?
> Why should open source software development be any different?
IMHO because you can make software publicly available and anyone can use it for whatever they want, which the author has zero control over.
Anyway, have a good night, Iâm gonna enjoy a couple of movies now. đ đ
Yeah, we probably have to agree to disagree here.
I still think it would be better to put the burden of liability on the users â no matter if theyâre private individuals or big companies. (And isnât that already the case? Do we even have to solve a *legal liability problem*? Not talking about software quality here, thatâs a whole other issue.)
> Trust me, if people got sued or went to jail, the tech industry would figure out really fast how to make these determinations.
Yeah, they would. Itâs simple: No more free software, no more publicly available projects. The only software that would ever exist is software made by large corporations who can afford the appropriate insurances and lawyers.
What youâre proposing is either classifying software in advance as âdangerousâ or âharmlessâ (Iâd argue thatâs impossible â as an extreme, think of libraries, theyâd *all* be âpotentially dangerousâ), or threatening free software projects with lawsuits if, at some point in the future, these projects caused an accident.
Why would anyone publish free software or contribute to it under these conditions?
> Why should open source software development be any different?
IMHO because you can make software publicly available and anyone can use it for whatever they want, which the author has zero control over.
Anyway, have a good night, Iâm gonna enjoy a couple of movies now. đ đ
> I still think it would be better to put the burden of liability on the users â no matter if theyâre private individuals or big companies.
Before seatbelts and other safety equipment was required in cars by law, what you say above was the exact argument used by carmakers against adding safety measures. The responsibility should be put onto the drivers--the users of cars--not the car manufacturers. Many people died needlessly, compared to today. Is this *really* the position you're taking?
Seatbelts and cars are so much simpler than software. It is easy to see that you might crash your car into a tree and that a belt will help you here (if youâre going slow enough, yadda yadda).
If I write a library for a compression algorithm, how can I ever prepare for someone using this in, I donât know, a medical device in a hospital, but then my code has a bug, crashes that device and a person dies? There are so many more indirections here than with cars and seatbelts. It is completely out of my control.
Anyway, I think we both made our points clear. Iâm out, cheers! đ đĽ
Seatbelts and cars are so much simpler than software. It is easy to see that you might crash your car into a tree and that a belt will help you here (if youâre going slow enough, yadda yadda).
If I write a library for a compression algorithm, how can I ever prepare for someone using this in, I donât know, a medical device in a hospital, but then my code has a bug, crashes that device and a person dies? There are so many more indirections here than with cars and seatbelts. It is completely out of my control.
Anyway, I think we both made our points clear. Iâm out, cheers! đ đĽ
Seatbelts and cars are so much simpler than software. It is easy to see that you might crash your car into a tree and that a belt will help you here (if youâre going slow enough, yadda yadda).
If I write a library for a compression algorithm, how can I ever prepare for someone using this in, I donât know, a medical device in a hospital, but then my code has a bug, crashes that device and a person dies? There are so many more indirections here than with cars and seatbelts. It is completely out of my control.
Anyway, I think we both made our points clear. Iâm out, cheers! đ đĽ
> In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.
> In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.
> In order not to hamper innovation or research, free and open-source software developed or supplied outside the course of a commercial activity should not be covered by this Regulation. This is in particular the case for software, including its source code and modified versions, that is openly shared and freely accessible, usable, modifiable and redistributable. In the context of software, a commercial activity might be characterized not only by charging a price for a product, but also by charging a price for technical support services, by providing a software platform through which the manufacturer monetises other services, or by the use of personal data for reasons other than exclusively for improving the security, compatibility or interoperability of the software.
This âď¸
This âď¸
This âď¸