Who pays the price of computer software failure?

• Author: Perlman, Daniel T.

INTRODUCTION

Computers and their accompanying software are omnipresent in today's society. Over a relatively short period of time, computers have developed into important and necessary tools of modern living.(1) An ever increasing number of people deal with and, to some degree, rely on computers in their everyday lives. In fact, it has been suggested that it would be hard to imagine that any electronic device in the near future would be independent of computer technology.(2) Moreover, the emergence of the Internet has been heralded as "eventually bring[ing] global information and computing to most homes, schools, businesses, and other institutions."(3) Consequently, computers and the once exotic use of computer programs are now an essential part of modern day business everywhere.(4)

Additionally, the use of computers by professionals has become virtually essential in order to keep pace with their clients' needs and expectations. For instance, clients expect designers to keep pace with the fast-moving world of computers by using design-based computer software programs that reduce the amount of time required to perform certain design tasks. While professional designers, such as architects and various established disciplines of engineers, are aware of the time-saving benefits offered by computer programs, they also recognize that the licenses that they hold in their respective fields subject them to a professional standard of care.(5)

This Note sets forth the rationale for holding computer software engineers(6) liable to the higher standard of care for professionals. Specifically, this Note argues for the licensing of software engineers. Software engineering requires extraordinary technical competence; consequently, the public deserves a way to discern properly trained professional programmers from hackers, so as to be better insulated from possible incompetence, dishonesty, and fraud.(7) The licensing of software engineers as professionals will provide the needed redress against such wrongful actions.(8) Moreover, licensure provides for industry standards through the enforcement of statutory penalties, such as revocation of the license, and aids in the communication of scientific and technological developments to licensees practicing within the field.(9)

In modern times, an argument for licensure rooted in public policy is a bit unconventional. It is more common for a demand for state licensure to come from within an industry as a way to obtain desirable regulatory legislation for their own advancement and protection, rather than from a public response to a perceived or proven need.(10) Industries often seek regulation because "[c]oncomitant with licensing comes a certain amount of prestige and restriction of entry into the occupation."(11)

The universal application of computers in modern society bespeaks a dependence upon the use of computer technology, and it is important to note that "the computer is powerless without programming."(12) Computer software is currently responsible for many important societal functions, including counting electoral votes for political offices, monitoring the well being of hospital patients, and balancing the assets of major corporations.(13) The general public, including those involved in the areas of use just mentioned, "may fail to distinguish between incompetence and competence, between honorable and dishonorable programmers, or to recognize fraud. The public clearly needs protection of its health, safety and well being. As the sheer computing powers of society increase, so does the resulting danger."(14)

Previously, proponents of licensing have argued for licensure of all individuals involved in any programming process that may "critically" affect the public.(15) This Note promotes a less rigorous approach that would require licensure of only those software engineers who direct, plan, or supervise systems created for managing certain critical areas, but does not go so far as to suggest that licensure is necessary for those acting in the capacity of system analysts who merely perform routine functions on such "critical" computer systems.(16) Mass-marketed,(17) off-the-shelf software products, despite a few exceptions, are generally reliable and usually debugged.(18) Thus, mass-marketed software is beyond the scope of this Note. However, not all software falls within this category. The problem of software failure arises when businesses rely on customized software to perform certain business functions.(19)

When software controls missile defenses, radiation equipment

and other life-and-death machines or processes, the consequences

of failure are self-evident. For the more common software

systems primarily affecting business health and well-being,

software failure is a major economic issue and potentially

a matter of corporate survival. When business systems fail, the

costs to the user often far exceed its investment in the software

or even its total system investment, including hardware, conversion

and training. Software automates manual functions and

performs other functions that are impractical or impossible to

perform on a manual basis. Much of its appeal is achieved by

promising to transform the way a user does business. It invites,

and requires, dependency. When key software fails, this de

pendency often results in major losses.(20)

When customized software failure produces damages, such damages are recoverable only through provisions of the Uniform Commercial Code ("U.C.C.") or common law tort (negligence) liability.(21)

"Software failure" has been defined as the occurrence of either deficient functionality, where the program fails to perform a required function, or deficient performance, where the program performs a required function too slow or in an insufficient manner.(22) Failure may also occur when software is not compatible with other software or hardware, or it is difficult to maintain or upgrade due to insufficient care by the designer.(23) This Note suggests that an integral part of licensing software engineers as professionals requires the existence of a proper standard of formal education objectives, which in turn should have the attendant effect of decreasing the amount of software failures.(24)

Part I of this Note examines the insufficiencies of the current standards of liability that are imposed upon software engineers. This analysis of current liability is performed through a step-by-step review of the U.C.C. remedies. The U.C.C. is the law governing transactions of "goods."(25) Next, the available tort remedies are analyzed by reviewing the insufficiencies of product liability and common law negligence liability with regard to their use in protecting customized commercial software purchasers. Part I concludes with a discussion of why software engineers are not currently considered professionals, which results in the inapplicability of malpractice liability as a theory of recovery against software engineers. Part II, in turn, describes a "professional," both definitionally and historically with regard to the law. Part III examines the factors associated with other professional designers that gave rise to their status as licensed professionals who are subject to the professional standard of care for performance of their expected functions. Part IV analyzes those factors in light of the present state of the field of computer science, and determines whether licensure within that field is appropriate. Finally, this Note concludes with the postulation that society needs and deserves to have software engineers held to the higher standard of care, and thus, it is appropriate and necessary to license computer software engineers as professionals.

1. CURRENT STANDARDS OF LIABILITY ARE INSUFFICIENT TO SATISFY THE PUBLIC NEED FOR PROTECTION

   1. Computer Software as a "Good" Under the Uniform Commercial Code

      Most computer-related transactions are considered a sale of "goods" and, as a result, are covered under the provisions of the Uniform Commercial Code.(26) The U.C.C.'s warranties, along with the express terms of the contract, preempt the possibility of a negligence claim that might have been brought under a tort theory of liability.(27) Therefore, negligence claims will not commonly be applied to measure the standard of performance between the immediate contracting parties.(28) Moreover, negligence claims are generally not proper where only economic losses are involved.(29) Contracts covering software agreements typically include strategic standard form exculpatory terms such as integration clauses,(30) warranty disclaimers(31) and provisions commonly limiting remedies to the repair or replacement of defects. The use of these contract provisions shifts the risk of software failure from the seller to the user.(33)

      Based on specific proof offered by claimants, some courts have held that integration clauses are invalid because of the U.C.C.'s emphasis on the intended "bargain in fact" between the parties.(34) Such a decision by a court requires an in depth factual investigation into the dealings between the contracting parties. This type of investigation is costly and a claimant will often not be willing to risk the high cost against the speculative outcome.

      The U.C.C. recognizes both express warranties(35) and implied warranties.(36) Express warranties and implied warranties are at different ends of the spectrum with regard to how readily they may be disclaimed. Implied warranties may be excluded by such common terms and expressions "like `as is,' `with all faults' or other language which in common understanding calls the buyer's attention to the exclusion of warranties and makes plain that there is no implied warranty."(37) If the implied warranty disclaimer meets the required language standard, then as long as it is conspicuous,(38) it is unlikely that it will be found to be unconscionable.(39) Express warranties, on the other hand, are "virtually...