Lemon Law(374 words)

A lemon law for software ?

(Americans use the word lemon to mean a defective item up for sale. A defective car, for instance, is a lemon.)

If Microsoft made cars instead of computer programs, product-liability suits might by now have driven it out of business.

There is no such thing as a bug-free piece of software. Even experienced programmers make on average one error for every ten lines of code. And all it takes is three or four defects per 1,000 lines of code for a program to start doing unpredictable things. With commercial software containing not thousands but increasingly millions of lines of code, the potential for disaster is all too clear.

Software firms prefer to bash out code and then try to catch as many bugs as possible while racing to ship the product. Unfortunately, that means that customers end up doing much of the quality-assurance work-as they track down and report errors, install security patches and buy upgrades. According to the Standish Group, a market research firm, faulty software cost American firms $ 100 billion last year.

Bill Gates, recently instructed his firm’s software developers to put security and privacy above all else. Fine words. But Microsoft has a record of being slow to correct gaping holes in its software and being quick to criticise security experts for publicising them. However, whistle-blowers have a greater responsibility to users, who need to know immediately if the software they depend on to run their businesses, banks or hospitals is compromised in any way. After all, users are on their own, with little in the way of legal redress for any damage caused by faulty software.

Ship and forget:

Unlike makers of cars, cookers, medical devices or anything else, software companies in America and elsewhere are in effect exempt from product-liability and “lemon” laws. They evade responsibility for the quality and safety of their goods by selling licences to use them, not to own them, with a long list of disclaimers if customers open the packet.

The Uniform Computer Information Transactions Act, already enacted by Maryland and Virginia, allows software producers to escape liability for damages caused by defects that they knew existed when the software was shipped, and to prevent customers from openly criticising the product.