Tag: Tort Law

Torts v. Contracts: Can Microsoft Be Held Liable to Home Consumers for Its Security Flaws? – Note by Emily Kuwahara

From Volume 80, Number 5 (July 2007)
DOWNLOAD PDF

In January 2003, the Slammer worm hit the Internet. Five of the Internet’s thirteen root-name servers shut down. Three hundred thousand cable modems in Portugal went offline, all of South Korea’s cell phone and Internet services went down, and Continental Airlines cancelled flights from its Newark hub due to its inability to process tickets. It took only six months after the disclosure of a security flaw for a virus writer to write the 376 byte virus. When it unleashed, it took ten minutes to infect ninety percent of vulnerable systems.

The flaw was a buffer overflow in the Microsoft SQL Server 2000 software. Because the code is embedded in other Microsoft products, not all users were even aware that their systems were running a version of SQL Server. Unfortunately, this was a well-known, preventable security flaw. Moreover, Microsoft had released a patch for the flaw exploited by Slammer six months before the attack. Despite the widespread effects, no flood of lawsuits ensued.

 

80_997

Reservoirs of Danger: The Evolution of Public and Private Law at the Dawn of the Information Age – Article by Danielle Keats Citron

From Volume 80, Number 2 (January 2007)
DOWNLOAD PDF

A defining problem of the Information Age is securing computer databases of ultrasensitive personal information. These reservoirs of data fuel our Internet economy but endanger individuals when their information escapes into the hands of cyber-criminals. This juxtaposition of opportunities for rapid economic growth and novel dangers recalls similar challenges society and law faced at the outset of the Industrial Age. Then, reservoirs collected water to power textile mills: the water was harmless in repose but wrought havoc when it escaped. After initially resisting Rylands v. Fletcher’s strict-liability standard as undermining economic development, American courts and scholars embraced it once the economy matured and catastrophes such as the Johnstown Flood made those hazards impossible to ignore.

Public choice analysis suggests that a meaningful public law response to insecure databases is as unlikely now as it was in the early Industrial Age. The Industrial Age’s experience can, however, help guide us to an appropriate private law remedy for the new risks and new types of harm of the early Information Age. Just as the Industrial Revolution’s maturation tipped the balance in favor of early tort theorists arguing that America needed, and could afford, a Rylands solution, so too the Information Revolution’s deep roots in American society and many strains of contemporary tort theory support strict liability for bursting cyber-reservoirs of personal data instead of a negligence regime overmatched by fast-changing technology. More broadly, the early Industrial Age offers valuable lessons for addressing other important Information Age problems.

 

80_241

Abusing “Duty” – Article by Dilan A. Esper & Gregory C. Keating

From Volume 79, Number 2 (January 2006)
DOWNLOAD PDF

“Duty” occupies an odd place in contemporary negligence law. On the one hand, it is hornbook law that duty – along with breach, actual and proximate cause, and injury – is one of the elements of a plaintiff’s prima facie case. As the first element of a plaintiff’s case – and the only element whose existence is a matter of law for the court – duty seems to stand out even among the elements of the prima facie case. If a plaintiff cannot establish that the defendant was under a duty to exercise at least some care to ensure that its actions did not impose an unreasonable risk of injury on the plaintiff, then we need not ask if the defendant breached its duty of care and if that breach was the actual and “proximate” cause of the plaintiff’s injury. Duty, in short, seems important.

 

79_265

Shielding Duty: How Attending to Assumption of Risk, Attractive Nuisance, and Other “Quaint” Doctrines Can Improve Decisionmaking in Negligence Cases – Article by John C.P. Goldberg & Benjamin C. Zipursky

From Volume 79, Number 2 (January 2006)
DOWNLOAD PDF

From 1950 to 1980 the California Supreme Court set as one of its main tasks the project of modernizing negligence law. This program had two main facets. With respect to substantive doctrine, the court sought to purge what it regarded as vestiges of politically regressive common law, particularly limited-duty or “no duty” rules that governed premises liability claims, nonphysical harm claims, and claims alleging nonfeasance. In terms of method, the court adopted and advocated an antiformalist, reductively instrumentalist approach to judicial decisionmaking.

These efforts were thought to be complementary. The view was that nineteenth century negligence doctrine, including duty doctrines, as well as the defenses of assumption of risk and contributory negligence, systematically accorded undue protection to landowners and firms, either out of medieval notions of privilege (in the case of the former) or a pro-entrepreneur, every-man-for-himself ideology (in the case of the latter). Seizing on these doctrines, late nineteenth century judges had been all too prone to issue matter-of-law rulings that, for a given class of negligence claims, either assigned responsibility for victims’ injuries to the fault or choices of victims, or wrote them off as harms not traceable to anyone’s wrong. Antiformalism permitted judges to undermine this deep bias in the law by redefining the question being posed to judges in negligence cases. Thus, nominally legal questions that seemed rather obviously to raise issues of responsibility – questions of duty, fault, assumption of risk, etc. – were “revealed” instead to be open-ended policy questions about appropriate levels of liability: whether it would serve the cause of justice or the common good to leave it open to juries to award damages in the class of cases represented by a given case.

 

79_329