Category: Tort

CPB2011 and Tort

I think that there is room for me to do a little law school analysis on how the Computer Professionals Bill 2011 can affect tort/contract and vice-versa.

Some people think that if there are problems with the deployment of a computer system, you can already sue under existing law such as Contract Law. Unfortunately, it may not be so simple to sue someone for breach of contract as clearly illustrated in the Highlands Towers case.

As an illustration, imagine if someone was contracted to design and build a high-availability cluster managing the stock market. The system guy decided to only install one server instead of a dozen and that one server died from the overload. In this case, the breach of contract is clear as the contract was for the installation of a cluster, not a single server.

Unfortunately, Contract Law is quite clear about the remedies. If I remember correctly you cannot sue someone for an arbitrarily high value, and that value must be agreed upon the contract. It would not be fair to hire someone to build the system for RM1mil and then sue them for RM100bil.

You can sue for specific performance, and they can re-install a high-availability cluster. You can sue for liquidated damages, which would need to be agreed upon the signing of the contract and will not amount to anywhere near RM100bil as no company would open up themselves to a RM100bil suit for a RM1mil contract.

Furthermore, if that person installed a proper cluster and the stock market system still crashed due to overload, this is no longer an issue of a breach of contract – particularly if the contract was specific enough that the installer actually did everything as per contract. Good luck trying to sue them under Contract Law.

However, the stock market system still crashed and people lost a lot of money. Some may have lost their livelihoods and others, their lives. In order for justice to be served, someone must pay. The question is whom and how much.

This is where the law of Tort comes in. There is the whole concept of ‘duty of care’ due and the standards for ‘duty of care’ become much higher for professionals and experts. So, it might be arguable that there was a breach of duty if the installer built the system to spec even if the spec was sub-standard.

It could be then argued that any reasonable systems installer should be able to calculate a load and then advise their clients, Bursa, that the high-availability cluster would not be sufficient to cater to the expected and foreseeable load based on the transaction volume for the last few years. That data may not be publicly available but as the guys designing the system, they could have gotten it with reasonable diligence.

In this kind of scenario, it would be better to sue under a breach of duty or negligence as the facts of the matter are that the systems were not up to par to handle the expected load.

Now, even if the systems guys did a wonderful job and did everything humanly possible to build a high-availability cluster for the stock market system it still crashed. Sometimes, shit just happens. In this case, there may still be room for some other tort. Depending on the scenario, maybe strict liability can apply.

So, the CPB2011 would help in terms of liability. It now becomes clear that whomever who sells services to critical sectors must be a registered computing professional. This person would then be held liable in the event that shit happened. That is what it means to be a professional.

Having the CPB2011 elevates that position and raises the bar for ‘duty of care’ owed. That is why I am not against the CPB2011 on principle. However, the devil’s in the details and I’ve already looked at some of the other details in my earlier post.

Tort of Negligence

Did I bite off more than I can chew? Norchaya may hate me for this.

Tort is making my head spin. While the basic principles may seem straight-forward at first, but things are never as simple as they seem. I’ll try to summarise what I have managed to glean thus far. I’ve only gotten through the tort of negligence.

Essentially, you’ve got to show that there is a duty of care, that the duty was breached, that there was some legally recognised damage, and that there was a direct causal link between the breach of duty and the damage. Seems simple enough right?

As they say, the devil’s in the details.

The trick is in trying to determine that there is a prima facie case for duty of care. If that cannot even be proven, there is no tort. The landmark case here is Donoghue v Stevenson where Lord Atkin delivered the now famous judgement of:

There must be, and is, some general conception of relations giving rise to a duty of care, of which the particular cases found in the books are but instances. The rule that you are to love your neighbour becomes in law you must not injure your neighbour; and the lawyer’s question: Who is my neighbour? receives a restricted reply. You must take reasonable care to avoid acts or omissions which you can reasonably foresee would be likely to injure your neighbour. Who, then, in law, is my neighbour? The answer seems to be – persons who are so closely and directly affected by my act that I ought reasonably to have them in contemplation as being so affected when I am directing my mind to the acts or omissions that are called in question. a manufacturer of products, which he sells in such a form as to show that he intends them to reach the ultimate consumer in the form in which they left him with no reasonable possibility of intermediate examination, and with knowledge that the absence of reasonable care in the preparation or putting up of products will result in an injury to the consumer’s life or property, owes a duty to the consumer to take that reasonable care.

Essentially, there has to be the essence of proximity and foreseeability. As the case illustrates, proximity isn’t necessarily about physical distance but also in terms of a direct relationship such as a manufacturer and a consumer. Foreseeability is harder to determine and this brings us to the next related part – breach of duty.

The trick in determining the breach of duty is the reasonable man’s test. The landmark case here is Blyth v Birmingham Waterworks that determined the standard of care to be met. This is particularly applicable to experts in any field.

Given a particular situation, another expert in the field should reasonably come to the same conclusion. The law allows for differing schools of thought such as Emacs vs Vi but a reasonable expert should have acted in a similar way. Otherwise, there is a breach of duty.

However, sometimes a situation presents itself where breach can be determined by simply looking at the facts of the case using the principle of res ipsa loquitur, but this is generally only applied where the defendant does not take the opportunity to defend their own actions.

The only possible defence against this is to show that the plaintiff is responsible for contributory negligence. Otherwise, the case is closed as there is no conceivable way that a surgical knife could end up inside a person’s abdomen unless the surgeon was negligent in a surgery.

The next trick is in determining the direct causal link between the breach of duty and the damage. For this, we are aided by the but for test. The issue can be essentially determined by highlighting that the damage would not have happened ‘but for’ the breach.

There are a lot more little details to deal with but that’s what I essentially learned about negligence.

It’s the People, Stupid!

I had my first law class today – Tort – taught by Prof Norchaya. It was a total eye-opener and I was thoroughly inspired in many ways.

She was so good that she had me thinking of switching my career to law. You see, I suffer from a Messiah complex – the need to save the world from itself. So, law would definitely be one of those ways to do it.

However, I am too passionate about building things to actually do it. But I will definitely integrate what I learn in law school with my engineering work and Tort is definitely relevant when it comes to finding solutions to convoluted problems, which is what engineering is all about.

Now, back to Tort class. After six fun-filled hours of discussing the basics of Tort, I learned a few things from Prof Norchaya.

Firstly, I learned how to be a better teacher. I already consider myself a pretty good teacher when it comes to delivering content and encouraging students to learn. However, she has shown me how I can actually inspire students to throw their mind, body and soul into a subject. I am humbled.

Secondly, I learned that Tort is about people – particularly people-people relationships whether they be individuals or groups. As a result, it can cover pretty much anything and everything, particularly that which is not covered by other specific laws.

Thirdly, I learned that ultimately, it is about justice and remedying any injustice without causing any further harm, which in itself, is not totally black-white because the liability is often shared and things can get super entangled when multiple parties are involved.

Anyway, that’s my basic take-away of the matter.

I’ll probably write more on the subject when I actually get to studying the details of Tort later. I do think that it is going to be interesting as everything is fluid and subject to personal prejudice.