Christian Laux / Jan Widmer, Produkthaftung für Open-Source Software?, in: Bernd Lutter-beck/Matthias Bärwolff/Robert A. Gehring (Hrsg.), Open Source Jahrbuch 2007, pp. 495–510 (Berlin 2007).
Laux_Widmer – Open Source Software
Background
The text is an extract from «Open Source Jahrbuch 2007» (translated: «Open Source Yearbook 2007»). The yearbook is divided into the following parts: (1) Open Source «fasziniert» (translated: Open Source «fascinates») (2) Open Source «funktioniert» (translated: Open Source «functions») (3) Open Source «inspiriert» (translated: Open Source «inspires»). The book contains 564 pages and was edited by Bernd Lutterbeck, Matthias Bärwolff, and Robert A. Gehring. The editors state that society is based on the social relations of its members. Open source is an example of the Internet acting as a catalyst of social processes. According to the editors, a free exchange of thoughts, ideas and texts is an important foundation for this yearbook.
The text by Laux and Widmer discusses the question of whether there is a liability for open source software. The text is part of «Open Source inspires» and gives an interesting overview of the relevant liability issues. The authors state that open source is well established since many enterprises have focused on open source as a business case. But until 2007, no court cases regarding the liability and warranty of open source software were yet available. Therefore, the text examines whether the developers can be made liable for uploading open source software on a public website. According to Laux and Widmer, both the German and Swiss legal frameworks regarding product liability do not exactly fit with open source.
Christian Laux is an attorney-at-law admitted to practice in Switzerland since 2004. In his daily work he focuses on matters of IT law and has extensive experience with technology-related and e-commerce issues. Jan Widmer is general counsel of Microsoft Schweiz GmbH, being responsible for Switzerland and Austria, and a member of the executive management team.
Summary
The text starts with the basic principles of open source software. Laux and Widmer discuss the legal relationships in the context of open source software distribution, addressing the software license and the open source license as relevant legal relations. The software license is based on a contract and includes the receiver’s access to the software. In order to benefit from the open source software in its entirety, an open source license is needed. These types of license agreements are often free of charge and provide anonymity to the license holder.
In a further section, the authors describe the importance of anonymity in the legal relations. The receiver of the software often does not know that he keeps various relations with a variety of developers. Similar to the open source license, the anonymity plays an essential role in software licenses. Laux and Widmer state that the developers typically do not notice that the software has been downloaded from a public platform. In addition, Laux and Widmer underline that in the context of software license, it must be distinguished between a passive and an active distribution. If the download takes place on initiative of the software’s receiver, it can be described as passive distribution. In contrast, active distribution is given when specialised service providers (e.g. RedHat or Novell) are responsible for the open source software.
Furthermore, the authors’ text initiates the discussion on liability issues of open source with basic thoughts. Laux and Widmer explain that there is a tendency to interpret software as a product in the legislative sense of words (in Switzerland: Federal Law on Product Liability). The authors do not question this tendency; however, the term «software» is not mentioned as a subject of product liability in the relevant legal rules. According to the prevailing doctrine, open source software can be particularly appropriate in the context of product liability. The authors criticise this doctrine since the product liability is not adequate in the context of passive distribution of open source software.
The authors’ first argument is called risk allocation. It is often said that software developers, as cheapest cost avoiders, are in a position to avoid possible damage; therefore, they should bear the damage. Laux and Widmer state that in the context of passive distribution, developers who upload their software on a public repository cannot foresee to what purpose the software is used. In addition, the missing foreseeability of damage leads to the authors’ observation that developers cannot be held liable for any possible damage. Another argument is benefit; it is often said that the beneficiary of an asset should bear the damage. However, in the case of passive distribution, the beneficiary of the software is the user and not the developer. Furthermore, Laux and Widmer describe the option to insure the occurrence of damage and the costs of transaction as further aspects that are not suitable for the passive distribution of open source software.
In the next section, the authors’ text illustrates the «defense arguments» of the developer in case of product liability. If there is no relationship between the developer and the injured party, the following arguments can be raised by the developer: (i) the source code has to be qualified as information that is objectively harmless; (ii) since the open source software is an ongoing process of development, the necessary production characteristic is missing; (iii) from a legal perspective the software is not placed in the market; (iv) since everybody can download the software the developer cannot foresee the installation environment in which the software is used; (v) the chain of causation between faulty behaviour and possible damage is insufficient; (vi) depending on the case, the developer can argue that he has developed the software for non-commercial purposes. Furthermore, if there is a contractual relation, the developer may raise the argument that the contracting party could not have legitimate safety expectations.
Laux and Widmer also describe the product liability regarding the active distribution of open source software. They state that the mentioned arguments are not appropriate; however, the authors underline that even in case of active distribution, there are situations that do not lead to a liability for the developer. The authors illustrate these «non-liability situations» that have, however, minimal practical consequences.
In a nutshell, the authors come to the conclusion that the risk of a developer’s liability is overestimated. According to Laux and Widmer, the concept of product liability does not exactly fit with the open source software. In the context of passive distribution, a liability can only apply if the open source software is an independent and executable application or if a special situation occurs. Even if the distribution of open source software is active, the authors state that the legal concept of product liability cannot always apply.