December 04, 2003

Why Tort Lawyers Could Stop Viruses

The Economist has a long profile of the virus and spam problem infesting computers.

One person quoted, Bruce Schneier, a leading expert on network security, has suggested the problem is that tort lawyers haven't been suing enough people:

The culprit, in other words, is the licences that require buyers of new software to click their assent that the vendor is not liable for any flaws in its software. As long as software vendors-- and this is not specific to Microsoft-- cannot be held liable for security issues, Mr Schneier says, the economic incentives are stacked toward adding bells and whistles and shipping upgrades fast, rather than toward writing simpler, safer software.

Changing the law so that liability does rest at least in part with vendors, he argues, would align the incentives properly and lead to other good things as well. Software companies, just like firms in other industries, would buy product-liability insurance. Insurance companies would respond by pricing the risk, in effect voting on the security of each product. Just as companies that install sprinklers in their warehouses pay lower premiums and have a competitive edge over rivals that do not, software companies that write safer code would have an economic advantage.

Essentially, it's the fact that Microsoft hasn't had to fear liability suits that explains the spam and viruses infesting your computer.

Actually, this isn't a new argument, although it was made more in a famous joke many years ago about if Microsoft made cars:

[Somewhat shortened]At a recent computer expo, Bill Gates reportedly compared the computer industry with the auto industry and stated: "If GM had kept up with technology like the computer industry has, we would all be driving twenty-five dollar cars that got 1,000 miles to the gallon."

In response to Bill's comments, General Motors issued a press release stating the following: "If GM had developed technology like Microsoft, we would be driving cars with the following characteristics:

1. For no reason whatsoever, your car would crash twice a day.
2. Occasionally, your car would die on the freeway for no reason, and you would accept this, restart, and drive on. For some strange reason, you would just accept this.
3. Occasionally, executing a maneuver such as a left turn would cause your car to shut down and refuse to restart; in which case you would have to reinstall the engine.
4. The oil, water, temperature and alternator warning lights would be replaced by a single 'general car fault' warning light.
5. The airbag system would say 'Are you sure?' before going off.
6. Occasionally, for no reason whatsoever, your car would lock you out and refuse to let you in until you simultaneously lifted the door handle, turned the key and grabbed hold of the radio antenna.

The reasons you don't die as often in your car is thanks to the tort lawyers.

And the reason you live in fear of viruses wiping your hard drive is because Microsoft doesn't fear them enough.

