- Email: [email protected]
Legal considerations affecting information management
Briefings
Legal Considerations Affecting Information Management J.T. Westermeier, Jr.
1. Introduction
Arent, Fox, Kfntner, Plotkin and Kahn, 1815 H Street, N. W., Washington,D.C. 20006, USA
Legal considerations are fast becoming major determinants in the design, development and management of information systems. This is true with private sector systems and it is especially true with government systems and in systems supporting governmental activities at all levels. Information system boundaries are often determined by legal constraints just as the jurisdiction of a governmental agency is &limited by the authority it has been delegated. Data base structures, fde maintenance procedures, system inputs and outputs arid management controls in various information areas have been prescribed or restricted by statutory enactments or common law requirements. Thus, today potential legal exposure may often be a necessary consideration in the analysis, design, implementation. operation, management and audit of information systems both in and without government.
Today legal considerations may greatly affect the design, development and management of information systems. Recent court rulings in the United States have signaledinformation managers that liability may be assessed for improp erly relying upon computerized output. Furthermore, the trend appears to be in favor of holding information managers responsible for errors as a matter of policy because the information manager is in the best position to avoid the error and the potential harm. Thus, prudent information management requires a comprehensive risk analysis focusing on a system’s key decision points and the substantive law related to those decisions to reduce potential legal exposures associated with possible harm-producing situations which may result from erroneous computerized output. Keywords: Potential legal liability, potential legal exposure, legal analysis, potential harm-producing situations, negligence, erroneous computeroutput, decision points, improper reliance, risk analysis, reliance, aura of credibility, warn systemusers, detrimental reliance, precautionary measures, error.
-
-
----
J.T. Westermeier is an attorney in +he law firm of Arent, Fox, Kintner, Plotkin and Kahln, Washington, DC. where he is engaged in the practice of computer law and trade regulation. He graduated from the United States Military Academy in 1963. He has an M.B.A. in computer management from George Washington University: a J.D. from American University; ilnd an LL.M. from George Washington University. da I Certificate in Data Processing (CDP) He by the Institute for the Certification of Computer Professionals. He is the Chairman of the American Bar Association Subcommittee on Professionalism and Malpractice of Computer Specialists. He is the author of several articles which have been published in trade and legal journails and is a frequent speaker on various computer law subjectr.
@‘North-HollandPublishingCompany Information & Management 2 (1979) 79-84 79
80
Briefings
2. Consideration of errors
Of fundamental importance in the legal analysis of system is the liability that may be assessed for injuries or damages resulting from an error in an information system. This analysis is grounded on the &om for information systems that if an error can occur in a system it will. Errors can result from faulty system design, programming or hardware. And, of course, the proverbial input error is a common management concern. There may be errors in the source document or errors may occur in the one or more steps involved in data reduction. Given the inevitably of errors and the nature of automated systems the potential legal liability for a system operator may be quite significant, if not mind-boggling. For example, in large dats communications systems erroneous information may be transmitted to users in all parts of the world in nano-seconds. Simply stated, computers allow us to make more errors faster and because of the repetitive nature of data processing, errors can be repeated cycle after cycle if they are not corrected. These attributes common to computerized information processing have the tendency from a legal exposure analysis perspective of increasing the probability t5at a potential harm-producing event mat result when erroneous output is produced. As computerized operations become increasingly more complex and advanced it is reasonable to expect that this likelihood may increase. Furthermore, the trend, at least in the United States, seems to be in the direction of imposing liability on information managers for errors as a matter of policy because the informalion manager is the party in the best position to avoid the error and the potential harm. While system errors may serve as a basis for a contract-rela-ed cause of action they are more likely to be covered by the branch of law called negligence.
any
3. Cmsideration of ne@igence To understand the potential legal liability that may be preEent in a system it is important to understand the applicability of the law of negligence. Usually government agencies and government officials are not shielded from legal attack against them premised on nt@gent acts. For example, in the United
States they can be reached under the Federal Tort Claims Act. Under that Act Federal government employees are subject to the same standards that private ’ citizens are in determining their neghgence unless Congress has provided them special protection in connection with specific activities. Furthermore, the standard Federal Government ADP contract provision requiring the contractor to assume responsibility for injuries resulting from his negligence or equipment will not save a govrmment agency from legal condemnation for the negltgence of its employees. Legal liability for negligence generally requires the precence of four elements. (1) There must be a legally recognized obligation for a person to conform to a certain standard of concorduct so that others are protected against unreasonable risks. (2) There must be a failure to conform to the required standard. (3) There must be a reasonably close connection between the conduct in question and the resulting “injury.” (4) The resulting “injury” must be an actual loss or damage to the interests of another. While none of these four elements can be properly stated without the other three, negligence law is founded on the concept of a required standard of conduct - the standard of care that a reasonable person would exercise under the circumstances of a particular case. This is an objective standard imposed by society stated in general terms to cover all forms of conduct under any circumstance. It recognizes that unreasonable danger to others can be brought about by behavior which lacks the due care required by the circumstances. Several court rulings in the United States, notwithstanding their limited scope, give insight into the standard of care that must be observed by those responsible for information systems. These cases concern the extent to which computerized output can be relied upon as a matter of law. In Memphis Light, Gas and Water Division v. Craft (ref. [ 11J) the United States Supreme Court recently examined a municipal utility company’s billing and service termination practices, and its complete reliance on its computer to perform these functions, The Crafts’ residence had formerly been a duplex before they moved in and it had two sets of meters.
J. T. Weestermeier,Jr. / Legal Considerations
The utility company Mas erroneously double-billing the Crafts based on readings from both gas and electric meters. Even though the Crafts had made a goodfaith effort to resolve the double-billing problem, their utility service was terminated five times for nonpayment of bills. Each of the computer-generated bills contained a “Final Notice” stating that payment was overdue and that service would be discontinued if payment was not made by a certain date, but did not apprise the Crafts of the company’s procedures for resolving disputed bills. Under these circumstances, the Court held that the Crafts were being deprived of essential services without due process of law. The company’s reliance on computers in this case did not adequately protect its customers against the risk of having essential services arbitrarily or erroneously withheld. Thus, while this ruling is not premised on negligence grounds it does serve notice to the information community that some decisions cannot be delegated to a computer to be performed in a preprogrammed mode. Another utility company case that further illuminates this principle is Pabner v. Columbia Gas of Ohio, Inc. (ref. [7]). In this case, the United States Court of Appeals for the Sixth Circuit was faced with a similar situation in Toledo, Ohio. While the company served over 140,000 customers in the Toledo area, all of its billings were handled by the company’s computer in Columbus, Ohio. Whenever a monthly gas bill was not paid, the amount due was carried forward and added to the customer’s next bill. If the second month’s bill was not paid within five days after the due date and the amount owed was $20 or more, the company sent the customer a “shutoff notice.” If the company was not paid within five days of the date the shut-off notice was issued, the customer’s service was terminated. This procedure was tempered somewhat, however, because when special arrangements for installment payments w&e ,made, the company told the customer tl, disregard the “shutaff notice” sent them, There was no actual notice given the customer of the proposed termination. The court found this procedure in practice to have caused numerous unwarranted service terminations. Indeed, the United States district court concluded after a full trial proceeding in the Palmer case that the evidence as a whole revealed a rather shockingly
61
callous and impersonai attitude upon the part of the utility company which relied uncritically upon its computer, located in a distant city. The court found the highly computerized collection and termination practices used by the company to be based on a singular corporate concern for efficiency and asset protection. To remedy the practices found to exist, the court ordered management intervention in the collection system for the purpose of resolving billing disputes on a personal basis with the consumer. The court deemed manager ial involvement necessary to remove the collection-oriented and clerical employees from the critical decision-making procedures. An important case on the potential legal exposu.rlz that may result when information managers improperly rely on erroneous computer-generated output is Ford Motor Credit Co. v. Swarens(ref [S]) where the Court of Appeals for Kentucky approved an award of punitive damages for improper reliance on computerized records. Here Swarens had purchased a car which was subject to a security agreement calling for monthly installment payments. One month Swarens was visited by two employees from one of Ford’s collection offices claiming that he was delinquent. Swarens showed them his canc@lled checks which clearly established the currency of his account. Two months later, Swarens was again erroneously accused of being delinquent in his payments. When the collectors returned a third time, Swarens met them with a shotgun and told them he would show them no more records. A month or so later, Ford repossessed the car Swarens used and at trial Ford admitted liability but sought to limit its exposure by blaming the computer. To this the court aptly said: Ford explains that this whole incident occurred because of a mistake by a computer. Men feed data to a computer and men interpret the answer the computer spews forth. In this computerized age, the law must require that mer in the use of computerized data regard those with whom they an’ dealing as more important than a perforation r,11a card. Trust in the infallibility of a computer as hardly a defense, when i:he opportunity to avoid the error is as apparent and repeated as was here presented. (447 S.W.2d at 57). All three of these cases decided by United States Courrs involved bGnd reliance on computerized systems where management knew, or should have
82
Briefings
known, considering the substantial risk of serious injuries to individual property rights that may occur if the computerized information ls erroneous, that such reliance was improper, They suggest that there are critical decision points in rnafl;i’ systems where it may be improper to delegate th$::decision to a con-t* puter considering the risks involved. Such decisions require exception processing and may even require individualized management attentiJ n.
4. Risk analysis
While these cases are arguably extreme situations which can be distinguished from most other computelized systems, they point out the need for a risk
analysis conducted by management and legal counsel to determine the extent to which computerized output can be reasonably relied upon at key decision points in a given computer application. Today the necessar;f risk analysis is being performed by most information managers subconsciously. While the analysis is founded on reasonableness and common sense, knowledge of the relevant case law and a more rigorous analytical approach are desireable. It requires balancing the gravity and probability of injury with thy utility and type of conduct which an injured party ma) claim could have been performed to avoid the injury. This form of analysis was aptly explained in I947 by Judge Learned Hand in a case which had nothing to do with the management of information systems - United States v. Carroll Towing Co. (ref. [ 121). This case involved a bargee’s liability for failure to watch over a barge which broke away from a pier after another barge’s crew had shifted its mooring lines. The unattended, run-away barge ran into a tanker causing it to lose its cargo and sink. Under these circumstances, Judge Learned Hand indicated that the barge owner’s duty to provide against resulting injuries, as in other similar situations, is a function of three variables: (1) The probability the barge will break away from its moorings; (2) the gravity of the resulting injury; and (3) the burden of adequate precautions.
The relationship among these variables was expressed in the following algebraic terms: If the probability be called P, the injury L; and the burden, B; liability depends upon whether B is less than L multiplied by P; i.e., whether B
J. T. Westermeier,Jr. /Legal Co~nsidmtbns
the system can be designed and implemented to handle them.
5, Precautionarymeasures Once the probability of the injury aspect of the reliance question h3s been determined, the burden and propriety of performing conduct to guard against the danger and the resulting loss should be considered. These safeguards should be considered in terms of the total system. What procedures, controls, audits, tests, or training could reasonably be adopted to avoid potential harm-producing situations, Failure to adopt reasonable practices to guard against the dangers may be treated as legally culpable conduct for which the injured party may recover. Indeed, the trend is in direction of holding information managers responsible for errors because they are probably in the best position to avoid errors and potential harm. By permitting innocent parties who rely upon erroneous information to recover, the courts are trying to promote cautionary practices among information managers. One precautionary measure that an information aystems manager can take to reduce his legal exposure for errors is to warn system-users of a potential danger. The aura of credibility that attaches to computer-generated reports gives rise, in the fact of foreseeable detrimental reliance, to a responsibility on the part of information systems managers to warn users about deficiencies in a report that are not apparent to. the user. One company, for example, provides on the face of financial reports it sends subscll Abers that some of the information is compiled from sources outside of the company’s control and has not been verified, and that the company does not guarantee the accuracy, completeness, or timeliness of the information provided. Simply stated, information system managers should assure that system-users are not misled into believing that “garbage in is gospel out.” Such warnings should greatly reduce the likelihood of detrimental reliance. While the case law relevant to liability for errors in computerized systems is only beginning to take shape, the United States courts have clearly signaled that liability may be assessed where the risk of injury resulting from reliance on erroneous computerized
03
output is not insubstantial. Certainly, management must initiate corrective action when they know an error is present because potential liability in such situations appears much more likely. As computerized systems become more pervasr’veand reliance on such systems becomes more extensive, le,sal attacks for errors in information systems grounded onenegligence princ#iples can be expected to increase. Legal exposure to this kind of lawsuit may be minimized by conducting a comprehensive risk analysis, whereby the probability and gravity of injuries resulting from errors are balanced against the utility of various precautionary measures which may be reasonably adopted. If after weighing the costs, benefits, and risks, the burden of providing for human intervention at critical decision points or other conirol mechanisms in a computerized system is less cos-;ly than the risk of potential injury, serious consideration should be given to adopting such precautionary measures notwithstanding the adverse impact on thruput.
6. Conclusion
The trend is in favor of imposing liability on information managers for erroneous computerized output as a ma8er of policy because they are in the best position to avoid the errors and guard against potential harm-producing situations. As the reliance on computerized systems becomes more extensive and pervasive the potential legal exposures of information managers cannot help but increase. Indeed, recent court rulings in the United States should serve as a danger signal to information managers. Prudent information management includes the consideration of potential legal exposure in all aspects of the design, development and management of an information system: Special attention should be paid to analyzing the liability that may result if erroneous output is pr~.~duced.Protective measures against the r&k of potential harm-producing situations associated with erroneous output should be considered. If the potential injill& are greater than the costs to be incurred in providing protection against such injuries, the precauticnary measures should be adopted as a matter of substantive law. If errors are identified they should be promptly corrected because legal exposure may increase commensurate with management’s fail-
84
Briej&s
ure to take correctiveaction. Potent& legal exposure may be reduced by ‘warning system user2 of possible system output deficiencies .so as tG minimize the likelihood of detrimental relianceby users.
References Journal articles [l] P. DeRensis, The Civil Liabilities of Data Base Operators, 24 The Practical Lawyer 25-38 (July 15,1978). [2] B. Ducker, Liability for Computer Software, 26 Business Lawyer. 1081 (1971). [3] R. Freed, Products Liability in the Computer Age, 17 Jurimetrics Journal 270-285 (1978). [4] W. Moorhead, Limiting Liability in Electronic Data Processing Service Contracts, 4 Rutgers Journai of Computers and the Law 141-162 (1974).
(S] J. Westermeier, DP and the Law: Don’t Neglect Ne ligence, 16 Data Nwagement 42-44 (March 1978).
[6] Clement8 Auto Co. v. Serviw 169 (8th C’ir,1971 [ 71 Palmer v. Columb 1973). (81 Ford Motor Credit Co. v. Sw~ens,443 S.W. 26 53 IKy. App. 1969). [9) Price v. Ford Motor Credit Co., 530 S.W. 2d 249 (MO. App. 1975). [lo) IBM v. Catamore, 542 F. 2d 1065 (1st Cir. 1976). [ 11) Memphis L&@t,Gas and Water Divisionv. Craft, 436 U.S. l(1978). [ 12) United States v. Carroll To Co. 159 F. 2d 169 (2d Cir. 1947). [ 13) Independent School Dirt&t v. Statistieul Tabuhtirq Corp., 359 F. supp. 1095 (ND. Ill. 1973).
Legal Considerations Affecting Information Management J.T. Westermeier, Jr.
1. Introduction
Arent, Fox, Kfntner, Plotkin and Kahn, 1815 H Street, N. W., Washington,D.C. 20006, USA
Legal considerations are fast becoming major determinants in the design, development and management of information systems. This is true with private sector systems and it is especially true with government systems and in systems supporting governmental activities at all levels. Information system boundaries are often determined by legal constraints just as the jurisdiction of a governmental agency is &limited by the authority it has been delegated. Data base structures, fde maintenance procedures, system inputs and outputs arid management controls in various information areas have been prescribed or restricted by statutory enactments or common law requirements. Thus, today potential legal exposure may often be a necessary consideration in the analysis, design, implementation. operation, management and audit of information systems both in and without government.
Today legal considerations may greatly affect the design, development and management of information systems. Recent court rulings in the United States have signaledinformation managers that liability may be assessed for improp erly relying upon computerized output. Furthermore, the trend appears to be in favor of holding information managers responsible for errors as a matter of policy because the information manager is in the best position to avoid the error and the potential harm. Thus, prudent information management requires a comprehensive risk analysis focusing on a system’s key decision points and the substantive law related to those decisions to reduce potential legal exposures associated with possible harm-producing situations which may result from erroneous computerized output. Keywords: Potential legal liability, potential legal exposure, legal analysis, potential harm-producing situations, negligence, erroneous computeroutput, decision points, improper reliance, risk analysis, reliance, aura of credibility, warn systemusers, detrimental reliance, precautionary measures, error.
-
-
----
J.T. Westermeier is an attorney in +he law firm of Arent, Fox, Kintner, Plotkin and Kahln, Washington, DC. where he is engaged in the practice of computer law and trade regulation. He graduated from the United States Military Academy in 1963. He has an M.B.A. in computer management from George Washington University: a J.D. from American University; ilnd an LL.M. from George Washington University. da I Certificate in Data Processing (CDP) He by the Institute for the Certification of Computer Professionals. He is the Chairman of the American Bar Association Subcommittee on Professionalism and Malpractice of Computer Specialists. He is the author of several articles which have been published in trade and legal journails and is a frequent speaker on various computer law subjectr.
@‘North-HollandPublishingCompany Information & Management 2 (1979) 79-84 79
80
Briefings
2. Consideration of errors
Of fundamental importance in the legal analysis of system is the liability that may be assessed for injuries or damages resulting from an error in an information system. This analysis is grounded on the &om for information systems that if an error can occur in a system it will. Errors can result from faulty system design, programming or hardware. And, of course, the proverbial input error is a common management concern. There may be errors in the source document or errors may occur in the one or more steps involved in data reduction. Given the inevitably of errors and the nature of automated systems the potential legal liability for a system operator may be quite significant, if not mind-boggling. For example, in large dats communications systems erroneous information may be transmitted to users in all parts of the world in nano-seconds. Simply stated, computers allow us to make more errors faster and because of the repetitive nature of data processing, errors can be repeated cycle after cycle if they are not corrected. These attributes common to computerized information processing have the tendency from a legal exposure analysis perspective of increasing the probability t5at a potential harm-producing event mat result when erroneous output is produced. As computerized operations become increasingly more complex and advanced it is reasonable to expect that this likelihood may increase. Furthermore, the trend, at least in the United States, seems to be in the direction of imposing liability on information managers for errors as a matter of policy because the informalion manager is the party in the best position to avoid the error and the potential harm. While system errors may serve as a basis for a contract-rela-ed cause of action they are more likely to be covered by the branch of law called negligence.
any
3. Cmsideration of ne@igence To understand the potential legal liability that may be preEent in a system it is important to understand the applicability of the law of negligence. Usually government agencies and government officials are not shielded from legal attack against them premised on nt@gent acts. For example, in the United
States they can be reached under the Federal Tort Claims Act. Under that Act Federal government employees are subject to the same standards that private ’ citizens are in determining their neghgence unless Congress has provided them special protection in connection with specific activities. Furthermore, the standard Federal Government ADP contract provision requiring the contractor to assume responsibility for injuries resulting from his negligence or equipment will not save a govrmment agency from legal condemnation for the negltgence of its employees. Legal liability for negligence generally requires the precence of four elements. (1) There must be a legally recognized obligation for a person to conform to a certain standard of concorduct so that others are protected against unreasonable risks. (2) There must be a failure to conform to the required standard. (3) There must be a reasonably close connection between the conduct in question and the resulting “injury.” (4) The resulting “injury” must be an actual loss or damage to the interests of another. While none of these four elements can be properly stated without the other three, negligence law is founded on the concept of a required standard of conduct - the standard of care that a reasonable person would exercise under the circumstances of a particular case. This is an objective standard imposed by society stated in general terms to cover all forms of conduct under any circumstance. It recognizes that unreasonable danger to others can be brought about by behavior which lacks the due care required by the circumstances. Several court rulings in the United States, notwithstanding their limited scope, give insight into the standard of care that must be observed by those responsible for information systems. These cases concern the extent to which computerized output can be relied upon as a matter of law. In Memphis Light, Gas and Water Division v. Craft (ref. [ 11J) the United States Supreme Court recently examined a municipal utility company’s billing and service termination practices, and its complete reliance on its computer to perform these functions, The Crafts’ residence had formerly been a duplex before they moved in and it had two sets of meters.
J. T. Weestermeier,Jr. / Legal Considerations
The utility company Mas erroneously double-billing the Crafts based on readings from both gas and electric meters. Even though the Crafts had made a goodfaith effort to resolve the double-billing problem, their utility service was terminated five times for nonpayment of bills. Each of the computer-generated bills contained a “Final Notice” stating that payment was overdue and that service would be discontinued if payment was not made by a certain date, but did not apprise the Crafts of the company’s procedures for resolving disputed bills. Under these circumstances, the Court held that the Crafts were being deprived of essential services without due process of law. The company’s reliance on computers in this case did not adequately protect its customers against the risk of having essential services arbitrarily or erroneously withheld. Thus, while this ruling is not premised on negligence grounds it does serve notice to the information community that some decisions cannot be delegated to a computer to be performed in a preprogrammed mode. Another utility company case that further illuminates this principle is Pabner v. Columbia Gas of Ohio, Inc. (ref. [7]). In this case, the United States Court of Appeals for the Sixth Circuit was faced with a similar situation in Toledo, Ohio. While the company served over 140,000 customers in the Toledo area, all of its billings were handled by the company’s computer in Columbus, Ohio. Whenever a monthly gas bill was not paid, the amount due was carried forward and added to the customer’s next bill. If the second month’s bill was not paid within five days after the due date and the amount owed was $20 or more, the company sent the customer a “shutoff notice.” If the company was not paid within five days of the date the shut-off notice was issued, the customer’s service was terminated. This procedure was tempered somewhat, however, because when special arrangements for installment payments w&e ,made, the company told the customer tl, disregard the “shutaff notice” sent them, There was no actual notice given the customer of the proposed termination. The court found this procedure in practice to have caused numerous unwarranted service terminations. Indeed, the United States district court concluded after a full trial proceeding in the Palmer case that the evidence as a whole revealed a rather shockingly
61
callous and impersonai attitude upon the part of the utility company which relied uncritically upon its computer, located in a distant city. The court found the highly computerized collection and termination practices used by the company to be based on a singular corporate concern for efficiency and asset protection. To remedy the practices found to exist, the court ordered management intervention in the collection system for the purpose of resolving billing disputes on a personal basis with the consumer. The court deemed manager ial involvement necessary to remove the collection-oriented and clerical employees from the critical decision-making procedures. An important case on the potential legal exposu.rlz that may result when information managers improperly rely on erroneous computer-generated output is Ford Motor Credit Co. v. Swarens(ref [S]) where the Court of Appeals for Kentucky approved an award of punitive damages for improper reliance on computerized records. Here Swarens had purchased a car which was subject to a security agreement calling for monthly installment payments. One month Swarens was visited by two employees from one of Ford’s collection offices claiming that he was delinquent. Swarens showed them his canc@lled checks which clearly established the currency of his account. Two months later, Swarens was again erroneously accused of being delinquent in his payments. When the collectors returned a third time, Swarens met them with a shotgun and told them he would show them no more records. A month or so later, Ford repossessed the car Swarens used and at trial Ford admitted liability but sought to limit its exposure by blaming the computer. To this the court aptly said: Ford explains that this whole incident occurred because of a mistake by a computer. Men feed data to a computer and men interpret the answer the computer spews forth. In this computerized age, the law must require that mer in the use of computerized data regard those with whom they an’ dealing as more important than a perforation r,11a card. Trust in the infallibility of a computer as hardly a defense, when i:he opportunity to avoid the error is as apparent and repeated as was here presented. (447 S.W.2d at 57). All three of these cases decided by United States Courrs involved bGnd reliance on computerized systems where management knew, or should have
82
Briefings
known, considering the substantial risk of serious injuries to individual property rights that may occur if the computerized information ls erroneous, that such reliance was improper, They suggest that there are critical decision points in rnafl;i’ systems where it may be improper to delegate th$::decision to a con-t* puter considering the risks involved. Such decisions require exception processing and may even require individualized management attentiJ n.
4. Risk analysis
While these cases are arguably extreme situations which can be distinguished from most other computelized systems, they point out the need for a risk
analysis conducted by management and legal counsel to determine the extent to which computerized output can be reasonably relied upon at key decision points in a given computer application. Today the necessar;f risk analysis is being performed by most information managers subconsciously. While the analysis is founded on reasonableness and common sense, knowledge of the relevant case law and a more rigorous analytical approach are desireable. It requires balancing the gravity and probability of injury with thy utility and type of conduct which an injured party ma) claim could have been performed to avoid the injury. This form of analysis was aptly explained in I947 by Judge Learned Hand in a case which had nothing to do with the management of information systems - United States v. Carroll Towing Co. (ref. [ 121). This case involved a bargee’s liability for failure to watch over a barge which broke away from a pier after another barge’s crew had shifted its mooring lines. The unattended, run-away barge ran into a tanker causing it to lose its cargo and sink. Under these circumstances, Judge Learned Hand indicated that the barge owner’s duty to provide against resulting injuries, as in other similar situations, is a function of three variables: (1) The probability the barge will break away from its moorings; (2) the gravity of the resulting injury; and (3) the burden of adequate precautions.
The relationship among these variables was expressed in the following algebraic terms: If the probability be called P, the injury L; and the burden, B; liability depends upon whether B is less than L multiplied by P; i.e., whether B
J. T. Westermeier,Jr. /Legal Co~nsidmtbns
the system can be designed and implemented to handle them.
5, Precautionarymeasures Once the probability of the injury aspect of the reliance question h3s been determined, the burden and propriety of performing conduct to guard against the danger and the resulting loss should be considered. These safeguards should be considered in terms of the total system. What procedures, controls, audits, tests, or training could reasonably be adopted to avoid potential harm-producing situations, Failure to adopt reasonable practices to guard against the dangers may be treated as legally culpable conduct for which the injured party may recover. Indeed, the trend is in direction of holding information managers responsible for errors because they are probably in the best position to avoid errors and potential harm. By permitting innocent parties who rely upon erroneous information to recover, the courts are trying to promote cautionary practices among information managers. One precautionary measure that an information aystems manager can take to reduce his legal exposure for errors is to warn system-users of a potential danger. The aura of credibility that attaches to computer-generated reports gives rise, in the fact of foreseeable detrimental reliance, to a responsibility on the part of information systems managers to warn users about deficiencies in a report that are not apparent to. the user. One company, for example, provides on the face of financial reports it sends subscll Abers that some of the information is compiled from sources outside of the company’s control and has not been verified, and that the company does not guarantee the accuracy, completeness, or timeliness of the information provided. Simply stated, information system managers should assure that system-users are not misled into believing that “garbage in is gospel out.” Such warnings should greatly reduce the likelihood of detrimental reliance. While the case law relevant to liability for errors in computerized systems is only beginning to take shape, the United States courts have clearly signaled that liability may be assessed where the risk of injury resulting from reliance on erroneous computerized
03
output is not insubstantial. Certainly, management must initiate corrective action when they know an error is present because potential liability in such situations appears much more likely. As computerized systems become more pervasr’veand reliance on such systems becomes more extensive, le,sal attacks for errors in information systems grounded onenegligence princ#iples can be expected to increase. Legal exposure to this kind of lawsuit may be minimized by conducting a comprehensive risk analysis, whereby the probability and gravity of injuries resulting from errors are balanced against the utility of various precautionary measures which may be reasonably adopted. If after weighing the costs, benefits, and risks, the burden of providing for human intervention at critical decision points or other conirol mechanisms in a computerized system is less cos-;ly than the risk of potential injury, serious consideration should be given to adopting such precautionary measures notwithstanding the adverse impact on thruput.
6. Conclusion
The trend is in favor of imposing liability on information managers for erroneous computerized output as a ma8er of policy because they are in the best position to avoid the errors and guard against potential harm-producing situations. As the reliance on computerized systems becomes more extensive and pervasive the potential legal exposures of information managers cannot help but increase. Indeed, recent court rulings in the United States should serve as a danger signal to information managers. Prudent information management includes the consideration of potential legal exposure in all aspects of the design, development and management of an information system: Special attention should be paid to analyzing the liability that may result if erroneous output is pr~.~duced.Protective measures against the r&k of potential harm-producing situations associated with erroneous output should be considered. If the potential injill& are greater than the costs to be incurred in providing protection against such injuries, the precauticnary measures should be adopted as a matter of substantive law. If errors are identified they should be promptly corrected because legal exposure may increase commensurate with management’s fail-
84
Briej&s
ure to take correctiveaction. Potent& legal exposure may be reduced by ‘warning system user2 of possible system output deficiencies .so as tG minimize the likelihood of detrimental relianceby users.
References Journal articles [l] P. DeRensis, The Civil Liabilities of Data Base Operators, 24 The Practical Lawyer 25-38 (July 15,1978). [2] B. Ducker, Liability for Computer Software, 26 Business Lawyer. 1081 (1971). [3] R. Freed, Products Liability in the Computer Age, 17 Jurimetrics Journal 270-285 (1978). [4] W. Moorhead, Limiting Liability in Electronic Data Processing Service Contracts, 4 Rutgers Journai of Computers and the Law 141-162 (1974).
(S] J. Westermeier, DP and the Law: Don’t Neglect Ne ligence, 16 Data Nwagement 42-44 (March 1978).
[6] Clement8 Auto Co. v. Serviw 169 (8th C’ir,1971 [ 71 Palmer v. Columb 1973). (81 Ford Motor Credit Co. v. Sw~ens,443 S.W. 26 53 IKy. App. 1969). [9) Price v. Ford Motor Credit Co., 530 S.W. 2d 249 (MO. App. 1975). [lo) IBM v. Catamore, 542 F. 2d 1065 (1st Cir. 1976). [ 11) Memphis L&@t,Gas and Water Divisionv. Craft, 436 U.S. l(1978). [ 12) United States v. Carroll To Co. 159 F. 2d 169 (2d Cir. 1947). [ 13) Independent School Dirt&t v. Statistieul Tabuhtirq Corp., 359 F. supp. 1095 (ND. Ill. 1973).