[SystemSafety] Personal and corporate liabilities as a consequence of safety, security and other mistakes of similar importance

Olwen Morgan olwen at phaedsys.com
Mon Oct 8 15:27:50 CEST 2018 

All,

First: SORRY FOR ANY INADVERTENT DUPLICATION

My new email address has been misbehaving - AFAI can see owing to local 
routing glitches in rural Wales -  so this might duplicate a reply that 
I'm not sure has actually been sent. Here goes:

At least two questions in engineer liability can be identified:

(1)    Is the engineer an employee and thereby deemed to be acting under 
the direction of his/her employer?

(2)    Is a plaintiff's legal case pleaded in contract or in tort?

If you are deemed to be acting under the direction of your employer, 
it's unlikely that you'll be held liable for your work unless you have 
misled him or otherwise failed to discharge a duty that could is 
reasonably expected of an employee with your terms of employment. Even 
then, the English courts are typically suspicious of employers who 
appear to be offloading all responsibilities onto their staff.

If a case is pleaded in contract, it will turn on the terms of the 
contract leaving out any that a court rules to be struck out or 
otherwise to be ignored. If a case is pleaded in tort, the crux of the 
matter is whether there has been negligence. An employee *can* get 
caught here, since the categories of negligence are, from a legal point 
of view, always open.

Matters are different where the individual is acting as a consultant, 
where the potential liabilities are much more onerous. I've always had 
professional indemnity cover for any work that I did directly for a 
client under my own terms of contract.

As regards disclaimers of warranty (as in FOSS licenses) there are again 
at least two considerations of which engineers are often unaware:

1.    Under what laws are the terms of the license to be construed, and

2.    Which courts have jurisdiction in any relevant legal action.

It is perfectly possible for a license construed under the laws of 
country A to be the subject of an action in a different country B. This 
can make outcomes of legal cases somewhat unpredictable in critical 
cases. Moreover, disclaimers of warranty are often scrutinised by courts 
to see if they are trying to limit the categories of negligence under 
which an action may be brought. My own client contracts have always 
specified explicitly that they are to be construed under the laws of 
England and that any disputes arising thereunder were to be submitted to 
the exclusive jurisdiction of the English courts.

Overall *tentative* conclusions:

In the UK, you're probably least likely to cop liability if you are an 
employee with a contract of employment made under UK law and you are 
following reasonably diligent customs and practices in your country and 
firm. In any circumstances other than that, I'd assume that I 
potentially had at least some personal liability.

CAVEAT: I'M NOT LEGALLY QUALIFIED AND THE ABOVE IS ONLY MY OPINION AND 
NOT A SUBSTITUTE FOR PROFESSIONAL LEGAL ADVICE.

I have worked on projects as a consultant where, after consideration and 
consultation with fellow professionals, I have advised clients that 
their practices were negligent, unlawful or both. In each of these cases 
I have given written notice of withdrawal from the project and informed 
the relevant safety assessment bodies.


Olwen



On 04/10/18 12:23, Paul Sherwood wrote:
> Hi all,
> in recent discussions the topic of 'who goes to jail' has arisen in 
> the context of fallout from software design/development/deployment 
> mistakes.
>
> I'm hoping that I'm misunderstanding the situation, because the 
> picture that is emerging for me seems to lead to a disconnect between
>
> - the need for evidence of what was done and
> - the need for people to be able to work in a safe environment, 
> without fear
>
> It may be FUD, but I believe I heard recently that "any engineer 
> contributing to an automotive project may ultimately be considered 
> personally liable for impacts of their work". Impacts in automotive 
> could include recalls and road accidents, obviously. If that's true, 
> why would any sane engineer ever agree to contribute to an automotive 
> project?
>
> And then there's the FOSS/public work consideration. I recently asked 
> a colleague to contribute to a public project, and during spinup this 
> question of liability arose, expressly phrased as
>
> "If I contribute, is there any possibility that I or Codethink might 
> ultimately be liable for (say) harm resulting from road accidents?"
>
> In the ensuing discussion it was pointed out that:
>
> - if the contribution is to a project applying any of the common FOSS 
> licences (Apache, MIT, ISC, GPL etc) then there is expressly NO WARRANTY
> - any subsequent application/distribution of that software by another 
> party which attempts to enforce a warranty claim on the authors has 
> expressly breached the licence, and has effectively stolen and misused 
> the software
>
> While this reasoning is attractive, I'm not convinced it's enough to 
> convince me that there's no potential liability for individuals.
>
> Are any readers able to guide me on existing literature/reasoning for 
> this?
>
> br
> Paul
>
>
>
>
> _______________________________________________
> The System Safety Mailing List
> systemsafety at TechFak.Uni-Bielefeld.DE
>

More information about the systemsafety mailing list