Whether you’re making widgets, writing software, running a cloud platform (i.e., a Software-as-a-Service or SaaS), or offering AI-as-a-Service (AIaaS), your customers—and also other parties you have no relationship to—may be harmed. As we move from tangible goods to intangible services, the number of interconnected players that potentially share responsibility—from suppliers to end users—only increases. And the nature and the interconnectedness of their respective contributions—and thus their respective liabilities for them—gets more complex. Let us walk through history of this legal maze that is third-party liability from tangible goods to Software to Artificial Intelligence in this multi-part article.¹

Let’s first examine how software liability came to be placed on a track entirely different from that for of products (i.e., tangible goods) and how this makes it—for better and for worse—fundamentally more difficult for those harmed to be made whole from any resultant harms.

I. When Software Fails: The Challenges of Proving Liability

Our nascent AI Age—brought to the popular consciousness by OpenAI’s release of ChatGPT in late 2022—is built on the Information Technology Age before it. It marks a transition into a new era where intelligent systems take a central role in processing, analyzing, and acting on information. It can be thought of as software 2.0, not only for its technological foundations but for its legal foundations as well.

In order to understand and mitigate the risks and liabilities posed by AI—both for individual parties and for society as a whole—let’s start by exploring the development of third-party liability law for software.

A. Why strict product liability doesn’t compute for software

“Products liability law is geared to the tangible world.”²

For various reasons, strict product liability has not been on the table in the software context to date, except for in the specific context of “embedded software.”³

Instead, courts typically assess software-related harm under contract law (including breach of warranty) or tort/negligence claims. And unlike for product liability, each of these available sources of liability for software harms can be and are readily limited by contract.

1. The assembly line of accountability for products

For the legal doctrine of “product liability,” the focus is on the product: if a product is defective or unsafe, and it causes the harm, then there is liability. A defective toaster, for instance, that ignites a countertop inferno will trigger a cascade of lawsuits. The manufacturer might face the brunt, but parts suppliers, distributors, and retailers are hardly exempt.

With products, consumers expect a certain level of safety and functionality. Physical products are subject to the laws of the physical world, which are largely deterministic and predictable. When a physical product fails, the cause can typically be determined and compared with well-established safety standards that have been developed over time. In product liability cases, in particular for abnormally dangerous activities (e.g., the use of explosives), courts routinely invoke the doctrine of “strict liability” which demands accountability without regard to fault or any direct contractual relationship.⁴

Strict product liability prioritizes making the injured party whole and incentivizes those engaging in hazardous activities to take the highest possible precautions to minimize risk to the public.

0

And why should we not mitigate the risks of AI by doing the same…?x

2. Why strict liability is generally limited to tangible goods and does not apply to intangible offerings.

The application of strict liability for product manufacturers regardless of any negligence only goes back around sixty years to the seminal California Supreme Court case, Greenman v. Yuba Power Products, Inc.⁵ The Restatement (Second) of Torts was published soon afterwards, introducing strict liability in Section 402A, stating that:

• a seller is strictly liable for “physical harm,”
• caused by a defective “product,”
• sold in an “unreasonably dangerous” condition,
• even if:
  • the seller “exercised all possible care in the preparation and sale of [the] product,” and
  • “the user or consumer has not bought the product from or entered into any contractual relation with the seller.”⁶

Strict liability applies only to tangible products and not to services, in part because:

• products were mass-produced and distributed, and consumers do not have the ability to inspect or test the products themselves
• services were typically tailored to individual circumstances and not standardized or mass-produced.⁷

Plaintiffs have tried to expand product liability to intangible offerings in the decades since, to very limited positive effect.⁸ [cont’d ↗]

A floppy disc assembly line

Self-schedule a free 20-min. video or phone consult with Jim W. Ko of Ko IP and AI Law PLLC here.

There are at least three main rationales for why strict product liability is not applied to services:

a. Strict liability concepts should not be applied to “pure thought and expression”

In the oft-quoted 9^th Circuit opinion in Winter v. G.P. Putnam’s Sons, the court famously distinguished liability for tangible goods v. intangible offerings as follows:

A book containing Shakespeare’s sonnets consists of two parts, the material and print therein, and the ideas and expression thereof. The first may be a product, but the second is not. The latter, were Shakespeare alive, would be governed by copyright laws; the laws of libel, to the extent consistent with the First Amendment; and the laws of misrepresentation, negligent misrepresentation, negligence, and mistake. These doctrines applicable to the second part are aimed at the delicate issues that arise with respect to intangibles such as ideas and expression. Products liability law is geared to the tangible world.^{9 10}

In Winter, plaintiffs relied on information in The Encyclopedia of Mushrooms and became severely ill from picking and eating poisonous mushrooms. The 9^th Circuit affirmed the grant of summary judgment for the defendant-publisher including with respect to plaintiff’s claim based on product liability. The court noted that some graphical depictions of technical, mechanical data like aeronautical charts have been deemed “products” for the purpose of products liability law, a “How to Use book” is pure thought and expression and should not be.¹¹ This is because society “place[s] a high priority on the unfettered exchange of ideas.”¹²

b. Outcome not guaranteed: The nature of services

With services in general, in particular professional services, e.g., medical procedures or legal advice, it is generally understood that outcomes may vary and success is not guaranteed. The risks associated with services often stem from the skill, care, or judgment of the provider, that are traditionally governed by negligence principles focusing on a party’s failure to act with due care.¹³

The level of required services and the consequences for when they are not met are inherently more variable, depending on the provider’s expertise and the customer’s unique and subjective needs.

0

If a given AI output replaces professional services, does this strengthen or weaken the argument that strict product liability principles should not apply?x

c. Mass-produced products: Let’s share (and prepay) the costs

One of the economic rationales for strict liability is that for mass produced products, it helps distribute the cost of injuries for any design or manufacturing defects across all consumers through pricing.^{14 15} Because services have historically typically lacked such a broad consumer base, strict liability has been deemed inapplicable to services.

3. Is “on-premise” software a service or a product?

Liability for harms resulting from software is on an entirely different track from strict product liability, because software is presumptively considered a “service,” not a “product.” As such, strict liability principles are presumptively off the table for software liability. Any liability for harms resulting from software are generally governed by principles of negligence and contract law instead.

There is some logic to this. Software is intangible like services and unlike physical goods. Application software is designed to perform specific tasks for the user, by providing or processing information in some form. Software can be thought of as replacing many services that would otherwise have been—and in earlier times actually were—provided by a human.

But the Restatement (Second) of Torts, still the cornerstone of tort law in most U.S. states today, was published a decade or so before the rise of the personal computer in the 1970s and 80s. Any notion of modern computing or software for all intents and purposes simply did not exist when it was drafted.¹⁶

And one of the stated reasons in the Restatement (Second) of Torts for strict liability to not apply to services was that services were historically between two parties, whereas products were mass-produce.¹⁷ Today, this simply does not reflect the reality of software, which has been mass-produced and distributed in the traditional on-premise software model (i.e., sold and transferred on physical media, e.g. CD-ROM, DVD-Rom, or USB drive and installed onsite) predominant until the 2010s. Numerous attempts to expand the definition of “products” and the applicability of product liability principles to intangible things like data and software have been raised in the decades since. They have virtually all failed.¹⁸ Software and computer system products have continued to be construed under the Restatement of Torts, the Uniform Commercial Code (UCC), etc. as services, rather than products.¹⁹

4. Exception: “Embedded software” is subject to strict product liability

But there is a notable exception to this rule for “embedded software.” In Holbrook v. Prodomax Automation,a federal district court held in an unpublished opinion that the software controlling a robotic assembly line was part of that physical assembly line and thus subject to product liability under a state product liability statute.²⁰ This follows more modern principles, as set forth in the Restatement (Third) of Torts: Product Liability issued in 1998²¹ and in the UCC as amended in 2005.²² Other cases embodying this principle come from the automobile industry²³ and medical devices.²⁴ [cont’d ↗]

This is for my safety as much as it is for yours…

5. Software-as-a-Service is even more presumptively treated as a “service.”

The evolution of software delivery—from on-premise software to cloud-based software services (i.e., SaaS), has put even more of a thumb on the scales of treating software as a “service” and precluding the application of product liability principles. Under the now predominant SaaS model for software delivery, the software is not sold or transferred in any tangible form; it is instead run by the SaaS provider “in the cloud” and accessed by the customer via the internet, typically on a subscription basis.

And SaaS even has “service” in its name!

0

But is software distributed via physical media really more tangible than that distributed via the cloud…?x

*Parting thought: The bar is already higher for establishing liability for software (and it’ll get even higher for AI…)

The sum of it is there is a higher bar for establishing liability for harms caused by software than there is for tangible goods—as a general rule, a plaintiff must prove the legal cause of the harm was caused by the AI and that it was foreseeable.

There are strong principled arguments that this is as it should be, and we will walk through them in Part II of this series in next week’s article focused on the theories of third party liability that have traditionally been applied for harm caused by software: the application of tort/negligence principles and of contract law principles. But there is a cost to it as well. And those costs will only increase in our incipient AI age if left entirely to their own devices, as we will explore later in this series.

© 2024 Ko IP & AI Law PLLC

1. Note: This article will focus on tangible and intangible harms caused by generative AI other than intellectual property infringements. For a detailed discussion of the various types of intellectual property harms to which the advent of GenAI gives rise, see Jim W. Ko & Hon. Paul R. Michel, Testing the Limits of the IP Legal Regimes: Unique Challenges of Artificial Intelligence, 25 Sedona Conf. J. 389 (Aug. 2024). ↩︎
2. Winter v. G.P. Putnam’s Sons, 938 F.2d 1033, 1034 (9^th Cir. 1991). ↩︎
3. For discussion of “embedded software,” see infra, Sec. I.A.4. ↩︎
4. The groundwork for modern product liability law and negligence principles in torts was laid in the early 20^th century by the New York Court of Appeals in MacPherson v. Buick Motor Co., 217 N.Y. 382 (N.Y. 1916). This case established that manufacturers owe a duty of care to consumers when it is “reasonably foreseeable” that a product, if defective, could cause harm, even without a direct contractual relationship (i.e., without “privity of contract”). ↩︎
5. Greenman v. Yuba Power Products, Inc., 377 P.2d 897 (Cal. 1963). Consumer protection statutes incorporating the principle of product liability without regard to fault has been a growing global norm since then. ↩︎
6. Restatement (Second) of Torts (1965), at § 402A (citing Greenman as one of the primary cases underpinning the doctrinal shift). ↩︎
7. Id. at § 402A, Comment (c). ↩︎
8. For a comprehensive survey of federal and state law on the largely ill-fated attempts to expand product liability to intangible offerings to date, see James M. Beck, How the Fifty States View Electronic Data as a “Product,” Drug & Device Law Blog (July 31, 2023), https://www.druganddevicelawblog.com/2023/07/how-the-fifty-states-view-electronic-data-as-a-product.html. ↩︎
9. Winter v. G.P. Putnam’s Sons, 938 F.2d 1033, 1034 (9^th Cir. 1991). ↩︎
10. There are interesting parallels between the disparate treatments 1.) for liability for harms caused by tangible goods v. intangible offerings and 2.) regarding the patentability of physical inventions v. abstract ideas, with software slipping through the cracks of both of them. I may do a deeper dive on this in a future blog article. ↩︎
11. Winter, 938 F.2d at 1036. ↩︎
12. Id. at 1035. A notable exception to these principles is intellectual property infringement, which is generally a strict liability offense. ↩︎
13. For discussion of negligence liability for software harms, see Part II of this article series next week. ↩︎
14. Greenman v. Yuba Power Products, Inc., 59 Cal.2d 57, 63 (Cal. 1963) (noting that the purpose of strict liability is “to insure that the costs of injuries resulting from defective products are borne by the manufacturers that put such products on the market rather than by the injured persons who are powerless to protect themselves”); Restatement (Second) of Torts (1965), at § 402A, Comment (c) (incorporating the same). ↩︎
15. Class action suits play a significant role in product liability cases, offering a mechanism for consumers with individual claims that might be too small to pursue independently to collectively seek legal redress. Substantial settlements or verdicts in class actions can serve as a deterrent for any negligence or misconduct in the design or manufacture of products in the first place. ↩︎
16. The Restatement (Third) of Torts: Product Liability, issued in 1998, was intended to supersede § 402A of the Restatement (Second) of Torts on product liability. It offers a more flexible and modern framework for addressing software liability, departing from the Second Restatement’s strict focus on tangible products and noting that “electricity” and “software” can be considered “products when the context of their distribution and use is sufficiently analogous to the distribution and use of tangible personal property.” Restatement (Third) of Torts: Products Liability § 19(a), Comments (b) & (c) (1998); see also Uniform Commercial Code §9-102, Commentary, at 4(a) (“The definitions of “goods” and “software” are also mutually exclusive. Computer programs usually constitute “software,” and, as such, are not “goods” as this Article uses the terms. However, under the circumstances specified in the definition of “goods,” computer programs embedded in goods are part of the “goods” and are not “software.”).
    
    But the Third Restatement simultaneously departs from strict liability principles for all products, in favor of a “risk-utility” balancing test for liability requiring consideration of alternative designs. Restatement (Third) of Torts: Products Liability, § 2(b) & Comment (d).
    
    In any event, most states still follow the Restatement (Second) of Torts and its guidance on strict products liability. ↩︎
17. See Charles E. Cantu, The Illusive Meaning of the Term “Product” Under Section 402A of the Restatement (Second) of Torts, 44 Okla. L. Rev. 635, 640 (1991). ↩︎
18. E.g., Winter v. G.P. Putnam’s Sons, 938 F.2d 1033 (9th Cir. 1991) (refusing to extend “products” to include “how to” books); James v. Meow Media, Inc., 300 F.3d 683 (6th Cir. 2001) (refusing to extend “products” to include video games). ↩︎
19. Charlotte A. Tschider, Humans Outside the Loop, 26 Yale J. L. & Tech. 324, 371 (2024). ↩︎
20. See Holbrook v. Prodomax Automation Ltd., No. 1:17-cv-219, 2021 WL 4260622 (W.D. Mich. Sept. 20, 2021); see also Corley v. Stryker Corp., 2014 WL 3375596, at *4 (Mag. W.D. La. May 27, 2014) (denying a motion to dismiss the use of a proprietary 3D imaging software to develop a pre-operative surgical plan for each patient, because it was a “necessary part” of the entire “product and was therefore subject to strict liability for unreasonably dangerous design due to the alleged software defects). ↩︎
21. Restatement (Third) of Torts: Products Liability § 19 (1998) (defining a “product” to include tangible goods and their component parts, including intangible elements like software embedded in a product that is sold or otherwise distributed for use or consumption). ↩︎
22. U.C.C. §9-102(44) (2005) (defining “goods” as now including “a computer program embedded in goods”). ↩︎
23. E.g., In re Toyota Motor Corp. Unintended Acceleration Marketing, Sales Practices, and Products Liability Litigation, 754 F.Supp.2d 1145 (C.D. Cal. 2010); the Tesla Autopilot Cases, involving a series of lawsuits filed against Tesla, Inc. alleging defects in its Autopilot and Full Self-Driving (FSD) systems (for discussion, see Part III of this article, forthcoming). ↩︎
24. E.g., the Therac-25 cases, in which a software-controlled radiation therapy machine massively overdosed six people. See N. G. Leveson, The Therac-25: 30 Years Later,Computer, vol. 50, no. 11, pp. 8-11, November 2017, doi: 10.1109/MC.2017.4041349, https://doi.ieeecomputersociety.org/10.1109/MC.2017.4041349. ↩︎

Name

Email

Are You a Human? 9 + 6 =