I'm no lawyer, but I know that a lot of UK product liability law has been carried on the back of a snail. The snail in question is, and was, dead - decomposing, in fact. It died in 1928, probably as a result of being bottled along with some ginger beer that was subsequently sold to a Mrs May Donoghue, who discovered the morbid mollusc only after she'd drunk half her drink.
Donoghue sued and her case went all the way to the House of Lords, which ultimately decided that the drink's maker was guilty of negligence. The judgment spelled out a fundamental principle that has swayed decisions ever since: "You must take reasonable care to avoid acts or omissions which you can reasonably foresee would be likely to injure your neighbour."
There are two measures of reasonableness in that sentence, highlighting the fact that responsibility for error is always a matter for extensive debate.
In the US, product liability is quite different, of course, despite being ultimately similar in principle. The case that looms largest is probably that brought against Ford in 1977 over its Pinto car. In that instance, Ford executives were aware of a flaw in the Pinto's design that would cause it to erupt in a fireball in relatively low-speed collisions. They decided to do nothing after calculating that compensating victims and their families would be cheaper than fixing fuel tanks.
Ford's unreasonable risk-benefit analysis led to huge punitive damages in the courts, a costly recall, and immeasurable loss of business through bad publicity.
Risk-benefit analysis hasn't gone away, of course, because it's about the only way a company can make tough decisions. In fact, Ford's sums favoured an unreasonable decision only because they omitted the risk of being found out.
Today, vendors of all sorts still make trade-offs between flaws and costs. Hopefully better trade-offs.
You might think, for example, that software is shipped when the vendor believes all the bugs have been removed. Actually, you probably don't think that unless you're an idiot, but not every software buyer is aware that commercial software is routinely released with known bugs numbering in the hundreds. I know of at least one billion-dollar software company - not Microsoft - that sets shipping dates when the bug discovery rate has fallen below a threshold that is nothing like zero.
As we highlighted on our cover last week, the signing-off of Windows Server 2003 fell awkwardly close to the discovery of a major bug in a core Windows component. Only 19 days passed between the announcement of the WebDAV flaw and the release of code to manufacturing.
Microsoft's UK security chief, Stuart Okin, was hazy on the subject last week but it appears now that the affected component is in the new operating system, but has been fixed.
WebDAV aside, there will still be plenty of known bugs in Windows Server 2003 when people start paying for it. To be an early adopter of the new platform will require faith that Microsoft's decisions over risks and benefits - including the cost of delaying a big-budget launch - were reasonable.
It will no doubt be wise to adopt a snail's-pace approach to the new operating system, avoiding adoption until the first Service Pack or beyond. But then you knew that already. It's only reasonable.
reader comments