Michael L. Rustad and Thomas H. Koenig propose a new tort of negligent enablement which will hold software vendors accountable for defective products and services that pave the way for third party cybercriminals who exploit known vulnerabilities. At present, the software industry has externalized the costs of making code safe for its intended environment of use onto its end users through one-sided mass market agreements. The proposed negligent enablement tort fills the void left by the failure of contract law to give meaningful remedies for the unacceptably high levels of risk of computer intrusions due to defective software. The public policy rationale for imposing secondary tort liability on software publishers who aid and abet cybercriminals is to reduce the rate of cybercrime. The proposed negligent enablement tort draws upon wellestablished principles of the Uniform Commercial Code (UCC) Article 2 warranties, premises liability, and negligence-based product liability to construct a modified duty of care to produce safe software suitable for its environment of use. This Article examines the elements of duty, breach, causation, and damages for the proposed negligent enablement tort as well as defenses, procedure, and possible policy-based objections. © 2005 Michael L. Rustad & Thomas H. Koenig f Michael L. Rustad Ph.D., J.D., LL.M. is the Thomas F. Lambert Jr. Professor of Law and Co-Director of the Intellectual Property Law Concentration at Suffolk University Law School in Boston, Massachusetts. t Professor Thomas H. Koenig chairs Northeastern University's Sociology and Anthropology Department and is on the Executive Committee of its Law, Policy & Society Doctoral Program. We appreciate the editorial work and substantive suggestions of Chryss J. Knowles on this piece. Our research assistants, Shannon Downey, Kara Frato, John Hebb, and Conway Kennedy, worked diligently and creatively. Diane D'Angelo, a research librarian at Suffolk University Law School, provided us with extraordinary substantive assistance. Thank you also to the members of the Berkeley Technology Law Journal who contributed to the editing of this piece. BERKELEY TECHNOLOGY LAW JOURNAL
Read full abstract