What you need to know about software liability

Brought to you by Insureon Small Business Blog: Risk management insights and more for your business.
Several high-profile software defects at large companies have prompted expensive lawsuits, but bugs can affect businesses of any size. Here’s what you should know about software product liability and how to protect your business.
A software developer writing code

When everything from airplanes to household appliances relies on software, bugs can cause disasters. 

Given the high stakes, software liability is a larger concern than ever. As a small software development business you might wonder:

These questions aren’t hypothetical. You can be sued for negligence in software development if your application crashes at an inopportune time. 

Thankfully, state laws and license agreements usually limit your liability. But that doesn’t leave you off the hook.

Developers can be held liable for their code in the same way companies are accountable for a manufacturing defect or defective products.

Current software product liability laws

When it comes to product liability, software is like other types of products that you buy, says attorney Peri Berger, associate at Harris Beach PLLC. Generally, if a business or individual can prove that software caused harm, they will likely recover damages in court.

For someone to sue a software developer for negligence, Berger says that the case must meet the following criteria:

  • The software vendor owed the user a duty to provide functioning software;
  • The software did not live up to that standard;
  • The user suffered harm; and
  • The software caused that harm.

These criteria apply when there’s no contract between the developer and client, according to standard tort law.

The importance of software licenses

Most software vendors use contracts or end user license agreements (EULAs) to define the terms of the relationship. 

“Increasingly, these contracts contain provisions that limit the liability of the software vendor, even if the software fails entirely,” Berger says. “Speaking broadly, these provisions are generally enforceable.”

What, exactly, does that mean? “In other words,” Berger says, “a general negligence claim is generally not available when the parties have reduced their relationship to a contract.”

Your contract or EULA might limit or eliminate your liability if someone decides to sue you for a software defect.

“There is some noise out there about product liability in the context of software,” Berger continues. “But I do not think that is something that is generally accepted by the courts.”

Compare software developer business insurance quotes online

When software causes third-party injuries

With a strong license agreement between the user and software developer, product liability is largely reduced. But that doesn’t mean you’re in the clear if someone is physically injured.

“Flaws in software that cause an injury to person or property may absolutely result in liability to the software developer,” says Tom Flores, senior corporate counsel of Azul Systems.

Flores offers an example:

A software development company is hired to write code that controls a boat’s engines. The software developer hard-codes a test to run the boat’s engines on full throttle for 15 minutes at a certain date and time. During the test, a boat passenger suffers physical harm. 

In this case, the software development business and the boat manufacturer might both be liable for damages to the injured party.

Quality control is key to preventing software-related injury

“When safety is at issue, the software should be rigorously and thoroughly tested,” Flores says.

He stresses the importance of quality control. “As an attorney for software companies, the more QA, red team exercises, and data security measures my client employs, the better I sleep at night. In my opinion, extremism in the name of quality assurance and consumer safety is no vice.”

Flores points out that defective software can even be lethal, as in the case of the Therac 25 radiation machine in the mid-1980s. Those software engineering errors led to massive overdoses of radiation treatment.

Though software developers enjoy a larger degree of protection than medical device companies, Flores says that contracts and license agreements may not always shield you from all personal injury and tort claims. And sometimes, complex circumstances leave a developer vulnerable.

For example, 3D printing uses software and hardware to create a physical product. If a software defect caused the 3D printer to produce a flawed product that physically injured someone, the developer could face a lawsuit.

Large companies found liable for major software failures

Software defects can be catastrophic. These examples show how bad code can lead to disasters for the general public and companies. 

Toyota Prius

In late 2018, Toyota recalled nearly 2.5 million Prius vehicles after finding a software glitch that could cause the cars to stall at high speeds. Four years earlier, the company recalled 1 million cars because of a similar bug.

Toyota’s alleged failure to properly patch the software generated several lawsuits.

In 2019, a jury ordered the company to pay $15.8 million in damages to a California car dealer who claimed Prius safety concerns caused his business to lose profits. 

Boeing 737 MAX

The Federal Aviation Administration points to software defects as the root of two fatal Boeing 737 MAX airplane crashes due to automatic control system malfunctions. 

According to Reuters, families of the victims of the October 2018 Lion Air crash in Indonesia and the March 2019 Ethiopian Air disaster have filed hundreds of lawsuits against Boeing. 

The company settled the first lawsuits in the fall of 2019 and is expected to be held liable for more wrongful death claims.

Fortune reports that Boeing shareholders are currently suing the company’s directors for negligence when rushing the aircraft to market. Boeing has since grounded all 737 MAX aircrafts, which led to a January 2020 settlement with American Airlines.

How to protect your business with software product liability insurance

Defective software can have serious implications for businesses of any size. For that reason, software developers typically carry some combination of these insurance policies:

  • General liability insurance: Most small businesses purchase general liability insurance to protect against claims of bodily injury and property damage to a third party.  General liability insurance sometimes includes coverage for product liability claims. Check your policy documents or contact your insurance agent to see if you have software liability coverage. 
  • Software product liability insurance: If your general liability policy does not protect you from application defects, you may need to purchase additional software product liability insurance. This policy will cover the costs of lawsuits caused by software defects, even if the lawsuit is meritless.
  • Errors and omissions insurance: Businesses hired to develop white-label or custom applications for a product, hardware, or software manufacturer may be required to carry errors and omissions (E&O) insurance

If an engineer writes faulty code that results in an economic loss for the client, E&O insurance will help pay for the costs of a lawsuit, including court and attorney fees and any damages.

Limits and exclusions vary from policy to policy. Talk with your insurance agent about what your policies cover and if you need to add a rider to protect against a specific event.

You may also consult an insurance attorney before deciding on a policy. Since technology evolves quickly, legal advice could be key to understanding how your business could be held liable and taking steps to protect it.

Save money by comparing insurance quotes from multiple carriers