Engadget is reporting that IO Data Device Corporation announced that certain models in their â€œHDP-Uâ€ line of portable hard drives were shipped with the â€œW32/Tompai-Aâ€ trojan. Engadget took issue with how IO Data Device handled the problem – they didnâ€™t release the serial numbers of infected drives until some 14 hours after the announcement of the infection.
This news item got me thinking. Assuming a customer suffers damage, would a manufacturer of a hardware product be able to assert any type of contractual defense to limit their liability? Unlike software that requires a license in order to use the product, and which almost always comes with a shrink wrap or click through license agreement, it is not as easy for hardware manufacturers to create an enforceable contract to protect against tort claims made by an end user purchaser. Should the allocation of risk in a technology-related transaction be determined by the nature of the technology (in other words, whether it is capable of forcing the purchaser to carry out an affirmative act to signify acceptance of contractual terms) or should we have a mechanism that is technology neutral?