LEGISLATION: Annoyed by flawed Microsoft operating systems and software, industry and government critics are calling for software to be held to the same standards as other products
Microsoft, a company known for its popular software and its very deep pockets - but also for glitches in some products - is a liability lawyer's dream: the big-game target that always gets away.
For decades, software makers have been protected from lawsuits as US courts have struggled with the task of defining something as abstract and fast-changing as computer code. But now a growing number of voices within the industry and government are arguing for software to be held to the same standards as other products, a potential reform that puts the world's largest software vendor squarely in the firing line.
Although it's hard to put a dollar figure on the potential risk to Microsoft, with almost $39 billion in cash and short-term investments, the company would be the obvious deep-pocketed target, said Mr Mark Rasch, a computer and Internet policy lawyer in Bethesda, Maryland, and former head of the US Department of Justice's computer crime unit.
"They've got such a huge market penetration. They're a huge, deep pocket. Their software has a lot of vulnerabilities and defects in it and people tend to use a whole suite of their software," Mr Rasch said.
"It is the homogeneity of the environment that means that a particular vulnerability in one piece of software can expose a company to a lot of damages," he said. "So Microsoft is target number one for this potential litigation."
Although calls for reform are increasing, it's not likely to happen anytime soon, given that laws typically lag technology, Rasch and other experts concede. Debate over the issue is as old as the software industry itself.
If and when it comes, Microsoft, no stranger to titanic legal battles, will be prepared, having weathered long-running anti-trust litigation in both the United States and a parallel probe in Europe.
But this time, the company has also taken pre-emptive steps against a backdrop of increasing complaints to improve the security of its software.
In general, Microsoft says it is unfairly targeted because of the popularity of its software, which runs everything from PCs and hand-held devices to servers and game consoles.
Products are even less "buggy" than others, in terms of per capita usage, Microsoft chief executive Mr Steve Ballmer has said.
And with software increasingly becoming more interconnected with other systems, it's often hard to tell exactly where problems are coming from, said Mr Craig Mundie, Microsoft's chief technical officer.
"Society has benefited from high-volume, low-cost software and a rapidly evolving ecosystem" where disparate computer systems, software and hardware link up, Mr Mundie said. "Microsoft can't control that process. If the printer driver tanks the system, who do you hold liable?"
But some clients have reached the limits of their tolerance. Air Force chief information officer Mr John Gilligan has complained to Microsoft and other companies, for example. "I'm spending more money patching and fixing than we did to buy the software," he said in a recent interview. "I can't afford to do this any more."
The complaints run far and wide. "It's a confusing point to me that Microsoft can release a product, which has fundamental flaws, and they're in no way held accountable for that," said Mr Tim Wright, chief technology officer and chief information officer of Terra Lycos.
"It's like Boeing making planes that crash and saying it's [waiver of responsibility is] in the disclaimer,"Mr Wright said.
Even market researchers and insurance companies - themselves harbingers for the legal community - have weighed in.
Problems with Microsoft's Internet Information Server (IIS) were so dramatic that, last summer, Mr John Pescatore, analyst at leading technology research firm Gartner, recommended that users of this critical piece of website software switch to alternative Web-server software.
British-based J.S. Wurzler, an insurance underwriter for Lloyds of London, last year raised its rates for IIS users, citing the large number of security holes affecting it. "Today, Firestone can produce a tyre with a systemic flaw and they're liable," says Mr Bruce Schneier, chief technology officer of network monitoring firm Counterpane Internet Security, who has been calling for software liability reform for years. "But Microsoft can produce an operating system with multiple systemic flaws per week and not be liable."