Printed from www.pcpro.co.uk
Make Microsoft pay for Windows holes, say Lords
Posted on 10 Aug 2007 at 13:14
Microsoft and other software vendors should he held legally liable for security flaws in their software, according to the House of Lords Science and Technology Committee.
The Lords claim that software vendors should be held responsible when it can be shown that their negligence has compromised users' security, at the presentation of their report into Personal Internet Security. Click here for full details of the report.
"We recommend that the government begin discussion, at European level, with a view to establishing the principle of vendor liability in the IT industry," said the chairman of the committee, Lord Broers. "The time for introducing vendor liability may not be now - but it will come, and it will be an essential element of a mature industry," he claimed.
When pressed on whether this meant holding Microsoft liable for security flaws in Windows, Lord Borers replied: "One would have to show Microsoft was fully aware that problem was there and allowed it to continue."
The Lords admit, however, that no piece of software can ever be 100% secure. "Clearly there's no totally fool-proof system," said Broers. "If they leave them [flaws] there and do nothing about it, they should be liable."
Microsoft could not be reached for comment at the time of publication.
The issue of liability would cause particular concern for open-source software, which is often distributed for free. The committee's technical expert, Dr Richard Clayton, said consumers might ultimately face the dilemma of running free software or paying for software that they know has full legal liability.
But Dr Clayton says software makers cannot continue to take no financial responsibility when their products fail.
"With almost every other product that consumers use, you wouldn't expect a company to just say sorry that hurt you [and not pay compensation]," he claimed. "We've grown up with the notion that software is like that. We have to buy firewalls and antivirus because we can't trust the software."
Software vendors are, predictably, opposed to the move. "We are concerned by the call to legislate specifically on liability in the IT industry," said Ilias Chantzos, senior principal government relations analyst at Symantec "Such an approach does not take into account the complexity of the IT industry.
"The introduction of new legislation should deal with malicious behaviour, such as the buying and selling of botnets. An approach along the line suggested in the report on the issue of liability could result in the opposite effect and risk reducing consumer choice and end users security and privacy."
Author: Barry Collins
advertisement
- Need a bit of extra Christmas cash? Grass up your boss, says BSA
- Photoshop Mobile on Android review: first look
- ATI Radeon HD 5970: 42% more expensive in the UK
- Office 2010 Beta – 32-bit or 64-bit – The Choice is Clear
- Why Britain's watchdogs have fewer teeth than goldfish
- Tabbed documents: how to make Office 2010 great
- Outlook 2010 People Pane – does it spell death to Xobni
- Microsoft Outlook 2010 screenshots
- Co-Authoring in Word 2010 and SharePoint Foundation 2010
- Microsoft Outlook 2010 screenshots: Backstage view
- Getting to grips with Microsoft's IT Health Environment Scanner
- Virtualise your servers
- The changing face of travel gadgets
- Build your own distributed file system
- The bulletproof Dell that costs an arm and a leg
- Microsoft Office 2010 Technical Preview: Q&A
- Lawnmowers, the TyTN II and one odd insurance request
- There'll never be a bulletproof OS
- How far can we trust apps?
- Five nice touches in Outlook 2010
advertisement
