Skip to main content
Home

Main navigation

  • Centers & Programs
    • Centers
      • Center for Energy Studies
      • Center for Health and Biosciences
      • Center for the Middle East
      • Center for Public Finance
      • Center for the U.S. and Mexico
      • McNair Center
      Center for Energy Studies
      Providing new insights on the role of economics, policy and regulation in the performance and evolution of energy markets.
      More Details
      The globe at night, lights in populated areas illuminated
      Center for Health and Biosciences
      Advancing data-based policies that promote health and well-being in the U.S. and around the world.
      More Details
      Female healthcare worker lifts finger to press digital buttons featuring topical iconography
      Edward P. Djerejian Center for the Middle East
      Developing pragmatic policy approaches to the region’s enduring political, economic and societal concerns.
      More Details
      Topographic map of Middle East
      Center for Public Finance
      Delivering research and analysis on the effects of major U.S. fiscal policies.
      More Details
      Stack of coins with mathematical figure overlays
      Center for the U.S. and Mexico
      Strengthening the binational relationship by addressing major concerns on both sides of the border.
      More Details
      Textured flags of America and Mexico
      McNair Center for Entrepreneurship and Economic Growth
      Providing actionable policy analysis and recommendations that aim to expand the economy through private enterprise.
      More Details
      Professionals gather around a large table with laptops, printed documents and coffee cups for a business meeting
    • Programs
      • China Studies
      • Drug Policy
      • International Economics
      • Presidential Elections
      • Religion & Public Policy
      • Science & Technology Policy
      • Space Policy
      China Studies
      Analyzing the influence of the transnational circulation of people, technologies, commodities and ideas in China.
      Read More
      Person walks alongside large banner with Chinese characters
      Drug Policy
      Pursuing research and open debate to develop pragmatic drug policies based on common sense and driven by human rights interests.
      Read More
      Marijuana
      International Economics
      Studying timely issues in global economic policy as well as developmental policy in foreign countries.
      Read More
      International paper currencies stacked together, showing range of colors and styles
      Presidential Elections
      Offering nonpartisan analysis of elections to better understand the changing dynamics of presidential campaigns.
      Read More
      An assortment of campaign buttons from a variety of US elections and political pursuits are displayed in a collage
      Religion and Public Policy
      Exploring how religion and cultural factors interact with public policy issues.
      Read More
      A worn path stretches between rows of olive trees
      Science and Technology Policy
      Addressing a broad range of policy issues that affect scientists and their research.
      Read More
      A scientist picks up test tubes from a rack.
      Space Policy
      Focusing on U.S. space policy and the future of space travel.
      Read More
      The International Space Station (ISS) orbits the Earth at sunrise
  • Events
    Analyzing market trends
    McNair Center for Entrepreneurship and Economic Growth
    Mon, Apr. 03, 2023 | 12 pm - 1 pm
    Free Enterprise Lunch & Learn: Why Capitalism Is the Most Ethical Economic System See Details
    Electric car concept
    Roundtable
    Tue, Apr. 04, 2023 | 4 pm - 5:30 pm
    Baker Briefing: Tesla, Taxes and Texas See Details
    Innovators design new technology
    McNair Center for Entrepreneurship and Economic Growth | Science and Technology Policy
    Wed, Apr. 05, 2023 | 2 pm - 3 pm
    Accelerating Research into Innovation: What Universities and the US Patent Office Can Do to Pick Up the Pace See Details
  • Experts
    • Biomedical Research
    • Child Health
    • China
    • Conflict Resolution in the Middle East
    • Domestic Health Policy
    • Drug Policy
    • Energy
    • Entrepreneurship and Economic Growth
    • Global Health
    • Health and Biosciences
    • Human Rights and Refugees
    • International Economics
    • Islam and Politics
    • Latin American Energy
    • Middle East
    • Political Economy of the Arab Gulf
    • Presidential Elections
    • Public Finance
    • Religion and Public Policy
    • Science and Technology
    • Space Policy
    • Texas Politics
    • U.S. and Iran
    • U.S. and Mexico
    • See All Experts
    • Experts in the News
  • Support
    • Join the Baker Roundtable
      Join the Baker Roundtable
      Learn more about the Baker Institute’s membership forum, which supports the mission of the institute and offers members exclusive access to experts and events.
      Read More
      RT
    • Major Gifts
      Major Gifts
      Major gifts provide the funds necessary for the Baker Institute to explore new areas of study and research, and expand current programs.
      Read More
      Wallace S. Wilson meeting with former British Prime Minister Tony Blair
    • Endowments
      Endowments
      Endowment gifts provide the Baker Institute with permanent resources that support research programs, fellows and scholars.
      Read More
      Pictured from left are William Martin, Katharine Neill Harris, Ambassador Edward Djerejian, Alfred C. Glassell, III, and Pam Lindberg
    • Planned Giving
      Planned Giving

      Plan a gift that will ensure lasting, meaningful support for policy programs important to you.

       

      Read More
      meeting
    • Corporate Support
      Corporate Support
      Corporations can become involved with the institute in a number of ways and see the benefit from the research conducted by our fellows and scholars.
      Read More
      Wide shot of the Doré Commons during a Shell Distinguished Lecture Series event featuring Wim Thomas
  • About
    • People
      People
      Learn more about the Baker Institute's leadership and get contact information for the administrative staff.
      Read More
      Secretary James A. Baker, III, stands with a portion of the Berlin Wall, outside of Baker Hall
    • Student Opportunities
      Student Opportunities
      Through the internships on campus and beyond, Rice students can explore careers in public policy, or simply become better informed about important issues of the day.
      Read More
      Amb. Edward P. Djerejian speaks with students outside Baker Hall
    • Annual Report
    • Blog
    • Contact
      Contact Us
      Complete a form for event, media or other inquiries, and get directions and parking information for the Baker Institute.
      Read More
      The front of Baker Hall, from across the plaza, with fountain in foreground
  • Contact
  • Research
    • Economics & Finance
      Economics & Finance
      Read More
    • Energy
      Latest Energy Research
      Summary on Latest Energy Research
      Read More
    • Foreign Policy
      Foreign Policy
      Read More
    • Domestic Policy
      Domestic Policy
      Read More
    • Health & Science
      Health & Science
      Read More
    • All Publications
  • Facebook
  • Youtube
  • Twitter
  • Linkedin
  • Economics & Finance
  • Energy
  • Foreign Policy
  • Domestic Policy
  • Health & Science
  • All Publications
Science and Technology Policy | Commentary

Accountability and Liability in Computing

November 16, 2022 | Moshe Vardi
Digital Security

Table of Contents

Author(s)

Headshot of Moshe Vardi.
Moshe Vardi
Rice Faculty Scholar, Science and Technology Policy | Karen Ostrum George Distinguished Service Professor in Computational Engineering | University Professor
Read More

Share this Publication

  • Facebook
  • Twitter
  • Email
  • Linkedin
  • Print This Publication

Tags

Computer scienceCybersecurity

In 2017, I wrote:a "So here we are, 70 years into the computer age and after three ACM Turing Awards in the area of cryptography (but none in cybersecurity), and we still do not seem to know how to build secure information systems." What would I write today? Clearly, I would write: "75 years," but I would not change a word in the rest of the sentence. In fact, one could argue that the cybersecurity threat has increased, as critical infrastructure is now vulnerable to cyberattacks. Indeed, in May 2021 the U.S. oil pipeline system Colonial Pipeline came under a ransomware attack that forced it to halt all pipeline operations to contain the attack.

The slow progress in cybersecurity is leading many to conclude the problem is not due to just a lack of technical solution but reflects a market failure, which disincentivizes those who may be able to fix serious security vulnerabilities from doing so. As I arguedb in 2020, the computing fields tend to focus on efficiency at the expense of resilience. Security usually comes at a cost in terms of performance, a cost that market players seem reluctant to pay.

To discuss the market-failure issue and how to address it, the Computing Community Consortium organized in August this year a visioning workshop on Mechanism Design for Improving Hardware Security.c The opening talk was given by Paul Rosenzweig, an attorney who specializes in national security law. He argued that technological development is founded, at the end, on human behavior. So, the key to good cybersecurity is to incentivize humans. Thus, the answer lies in the economics of cybersecurity, which is, mostly, a private domain with lots of externalities, where prices do not capture all costs.

One such glaring externality is the lack of accountability in the computing marketplace. Whenever we use a computing system, we must consent to a click-through license that almost always include language such as "To the extent not prohibited by applicable law, in no event shall XXX be liable for personal injury or any incidental, special, indirect, or consequential damages whatsoever." Since computing is rarely covered by "applicable law," it follows that computing is not being covered by the standard rules for strict liability, which does not depend on actual negligence or intent to harm. As the philosopher Helen Nissenbaum pointed out in a 1996 article,d while computing vendors are responsible for the reliability and safety of their product, the lack of liability results in lack of accountability. She warned us more than 25 years ago about eroding accountability in computerized societies. The development of the "move-fast-and-break-things" culture in this century shows that her warning was on the mark.

A typical response from the tech industry to such complaints is to wave the consent flag. "You clicked through the license, so you accepted the terms," they say. "So, what are you complaining about?" But this argument is a red herring! A contract where the parties are of such disproportionate bargaining power that the party of weaker bargaining power could not have negotiated for variations in the terms of the contract is known, in legal terms, as an "adhesion contract." Courts have a long history of striking terms from such contracts or voiding the contract entirely when they determine the terms to be especially egregious to standards of fair play. In my opinion, such prevailing waivers of liability, which may have been appropriate when computing was young and all computing systems could have been viewed as experimental, ought to be considered today as especially egregious to standards of fair play.

It is not clear to me why the legal system has yet to address this glaring externality in the computing marketplace. Since it has not, it is time to address it using laws and regulations. There is a long tradition of the law imposing strict liability on vendors. As Nissenbaum pointed out, almost 4,000 years ago, the Hammurabi Code stated: "If a builder has built a house for a man and has not made his work sound, and the house that he has built has fallen down and so caused the death of the householder, that builder shall be put to death."

The tech industry has been traditionally hostile to regulation. "Regulation stifles innovation," is the refrain. But innovation is not an end, innovation is a means. The end was declared by Hammurabi to be "to further the well-being of mankind." If we want to address the cyber-insecurity issue, we should start by welcoming liability into computing.

 

This article originally appeared in Communications of the ACM.

 

Footnotes

a. https://cacm.acm.org/magazines/2017/5/216316-cyber-insecurity-and-cyber-libertarianism/fulltext

b. https://cacm.acm.org/magazines/2020/5/244316-efficiency-vs-resilience/fulltext

c. https://cra.org/ccc/events/mechanism-design-for-improving-hardware-security/

d. https://nissenbaum.tech.cornell.edu/papers/accountability.pdf

  • Print This Publication
  • Share
    • Facebook
    • Twitter
    • Email
    • Linkedin

Related Research

Blue stem cell under microscope
Science and Technology Policy | Journal

Unproven Stem Cell-Based Interventions: Addressing Patients’ Unmet Needs or Causing Patient Harms?

Read More
US and China Flags
Science and Technology Policy | Journal

How Not to Win a Tech War

Read More
Microscope
Science and Technology Policy | Commentary

The Many Challenges Facing Arati Prabhakar as She Takes Over Biden’s Science Policy Office

Read More
  • Facebook
  • Youtube
  • Twitter
  • Linkedin
  • Donate Now
  • Media Inquiries
  • Membership
  • About the Institute
  • Rice.edu
Contact Us

6100 Main Street
Baker Hall MS-40, Suite 120
Houston, TX 77005

Email: bipp@rice.edu
Phone: 713-348-4683
Fax: 713-348-5993

Baker Institute Newsletter

The email newsletter of Rice University's Baker Institute for Public Policy provides a snapshot of institute news, research and upcoming events.

Sign Up

  • © Rice University's Baker Institute for Public Policy
  • Web Accessibility
  • Privacy Policy