[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[infowar.de] Microsoft wegen Sicherheitslücken und Monopolstellung verklagt
Infowar.de, http://userpage.fu-berlin.de/~bendrath/liste.html
-------------------------------------------------------------
Die Diskussion über Produkthaftung auch für Hersteller von Software und
mit haftungsausschließenden Lizenzvereinbarungen war ja hier schon
mehrfach Thema. Nun macht jemand ernst und klagt. Interessant: Als
zusätzliches Argument sozusagen für die "Schwere der Tat" wird die
Monopolstellung von MS angeführt.
RB
http://news.zdnet.co.uk/software/applications/0,39020384,39116969,00.htm
Lawsuit opens new can of worms for Microsoft
Robert Lemos and Ina Fried
CNET News.com
October 07, 2003, 11:50 BST
A lawsuit faulting Microsoft for security defects in its products has
added a new front in the software giant's battle against vulnerabilities
in its software.
The proposed class-action suit, filed this week in Los Angeles Superior
Court, comes as the company is admitting that its reliance on software
patches for fixing security problems hasn't worked. The suit contends
that by failing to secure its software, Microsoft subjected its
customers to having their private data made public. The lawsuit was
filed on behalf of Marcy Hamilton, a Los Angeles resident, who claims a
flaw allowed a digital thief to steal her personal information.
Microsoft said on Friday that it plans to fight the action on several
legal grounds, noting that it has invested considerable resources in
responding to problems and trying to prevent future vulnerabilities.
"It is pretty clear that Microsoft has made security a priority," said
company spokesman Sean Sundwall.
However, those efforts have failed to stop a rash of recent attacks,
with the company itself set to announce next week a revised strategy
that moves beyond the notion that customers will take responsibility for
patching their own systems.
On the legal front, Microsoft's first step will be to fight the effort
to have the case certified as a class-action suit. The company is
expected to point out that not everyone hit by hackers has been affected
in the same way -- a pretty good argument, according to one legal
expert, who wished to remain anonymous.
"Each person is going to be vastly differently affected by the theft of
personal information," said the lawyer, who regularly fights such
class-action suits.
Microsoft is also taking issue with the notion that it is liable for the
actions of hackers, saying the company has taken reasonable steps to
secure its software. In January 2001, Microsoft kicked off its
Trustworthy Computing Initiative, a companywide move to increase the
security of its products, better handle customer privacy, and repair the
giant's tarnished image in those areas. Next week, Microsoft also
intends to announce new plans for helping users of its products more
easily secure their systems.
>From a legal standpoint, the lawsuit raises a number of key issues,
including whether Microsoft faces special obligations because of its
monopoly position in the operating systems market.
Historically, courts have upheld software makers' right to subject
customers to licence agreements that waive the right to sue over
defects. One law professor recently said that unless someone is killed
or injured, it is basically impossible to win a case against a software
publisher.
No choice and no rights?
But those bringing the suit argue that Microsoft may not enjoy the same
right to make such a restrictive contract, since consumers have limited
choices when it comes to choosing the operating system for their PC.
"If you had 20 vendors of a product, and there was broad consumer and
business choice, and people could evaluate them on their merit, that
would be one factual setting," said Dana Taschner, the attorney who
filed the case against Microsoft. "Instead, you have one company that is
dominating the marketplace to such an extent that you really have no
choice."
Taschner argues that customers should not be forced to give up their
rights by a monopolist.
"The majority of consumers use this product (Windows), but the contract
provides that there are no warranties or promises; essentially it's
'buyer beware,'" Taschner said.
Microsoft dismissed the issues, saying that its licence agreement is
typical of software makers, and furthermore, that it is those that write
viruses, not legitimate software makers, who are liable for any damage.
"We do have a responsibility to make software as secure as possible,"
Sundwall said. But "the problems caused by viruses... are the result of
criminal attacks," he said
Still, Microsoft can't completely dodge the responsibility for the
insecurity of the omnipresent Windows PC, said Bruce Schneier, chief
technical officer of Counterpane Internet Security.
"To me it is clear that Microsoft doesn't bear 100 percent of the
responsibility for worms and viruses," Schneier said, "but they aren't 0
percent" responsible either. Schneier is one of seven well-known
security professionals who authored a report arguing that Microsoft's
dominance endangers national security. Several arguments in the suit
against the software giant mirror those in the security report.
Sundwall declined to say whether the report was responsible for the
suit.
"I can't comment to the motives of the people who wrote the report,"
Sundwall said. The suit "certainly appears to mirror that paper," he
said.
The suit also represents an important test for a new California law that
requires e-commerce companies to warn consumers when their personal
information may have been stolen.
"It's a fairly new law," Sundwall said. "Ultimately these things have to
be court tested."
Taschner said that his suit stemmed from a person who came to his office
saying her identity had been stolen as a result of a recent virus.
"Garden-variety consumers are not aware of the catastrophic consequences
of being attacked," Taschner said. "We thought this was the appropriate
time to present this type of issue, because there is a noted escalation
of these types of problems."
---------------------------------------------------------------
Liste verlassen:
Mail an infowar -
de-request -!
- infopeace -
de mit "unsubscribe" im Text.