[Owasp-singapore] Finally, an EU proposal that makes software vendors criminally responsible for defective (aka insecure) software products

Wong Onn Chee ocwong at usa.net
Wed Mar 23 11:08:30 EDT 2011


Finally found some like-minded folks in EU!

Check out

In the proposed amendments,

"(12a) The importance of European markets for online digital content is
increasing and therefore it should be clear that goods referred to in
this Directive also include digital products, such as downloads and

"(d) the same or another defect has appeared within a short period of
time after the good was first repaired or replaced."

"(41) The consumer should not bear any costs for remedying the lack of
conformity, particularly the cost of postage, labour and materials.
Furthermore, the consumer should not compensate the trader for the use
of the defective goods. The consumer should be entitled to claim
damages, in accordance with provisions of applicable national law, for
any loss resulting from lack of conformity with the sales contract and
not remedied by the trader. It should be possible for such damages to
include non-pecuniary damages where applicable national law so provides."

That will make most of the EULA of corporate softwares illegal or
contradictory to the proposed directive.

Finally, as consumers (albeit in EU only), we can claim for damages from
use of insecure (==defective) software.
May even be able to claim refunds in "Furthermore, the consumer should
not compensate the trader for the use of the defective good."

In Singlish terms, Hoo Say Ah!


Best Regards
Onn Chee

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/mailman/private/owasp-singapore/attachments/20110323/d47d5a04/attachment.html 

More information about the Owasp-singapore mailing list