What The Code of Hammurabi Can Teach Us About Hardware and Software Liability
The Information Security community has been debating software reliability for decades. Some say software is too advanced to place guarantees on it. And others say that unless we hold creators/builders responsible, nothing will improve.
Nassim Taleb’s Skin in the Game is what got me thinking about this topic.
As it turns out, the most ancient law that we know of, from 4,000 years ago, has a lot to say about this. The Code of Hammurabi is our earliest known set of official laws, and it comes from Babylonian civilization in Mesopotamia.
What’s remarkable about it is not just how it tells you not to steal or kill, but how it focuses on things like making charges against people without proof, and building and selling things without standing behind them.
It basically says that need to be an upstanding citizen in all affairs. And if you are lazy, selfish, or otherwise do things that cause other people harm, then the law will punish you.
Here are some callout examples related to creating things that other people use.
This is how much you can charge for software.
I can think of a few software products that fell in and killed their owners.
Yep, you’re on clean-up duty. And you’re paying for the damages.
Something something beta software.
If your software starts sinking before a year has elapsed, you need to tighten up that codeboat for free.
That’s pretty potent stuff for 4,000 years ago.
Nassim Taleb points out how deeply these concepts have penetrated our soecieties through time, giving examples like:
Unsupervised Learning — Security, Tech, and AI in 10 minutes…
Get a weekly breakdown of what's happening in security and tech—and why it matters.
Ceasers couldn’t just rule from the throne; they were fighters on the front lines in order to earn that respect back home
Roman commanders would be held accountable for losses
Bridge builders had to sleep under their bridges for a period of time, with their families, to show that they stood behind (under) their work
I do think there is a fundamental difference between a building and a piece of software. The former has quite a small number of variables in it, and it’s much easier to blame the builder when it goes wrong.
With software, it’s so new and ridiculously complex that everyone (including the builder) is surprised it works at all.
The law have been dated to around 1754 BC.
But I think there’s still something to this. Especially as we start talking about building an Internet of Things upon which we’ll stack our new society.
At some point, the software becomes a lot more like a building. Not because it’s easier to build, but because it can actually fall down and kill people.
The central concept here is what Taleb calls Skin in the Game, which seems to be largely what the Code of Hammurabi was about. You couldn’t just claim things, or take things, or make things.
To the extent that your actions affected others, there were consequences.
My Slow-motion IoT Train Crash analogy
I’m not saying that this maps perfectly to building software in 2018, but it will likely become a lot more similar when software failures become matters of public safety.