How widely is "where failure could result in death, injury, or damage" interpreted?

Question

Crowdstrike, whose Falcon Platform is responsible for significant disruption, has in their Terms and conditions:

The offerings and CrowdStrike tools are not fault-tolerant and are not designed or intended for use in any hazardous environment requiring fail-safe performance or operation. Neither the offerings nor crowdstrike tools are for use in the operation of aircraft navigation, nuclear facilities, communication systems, weapons systems, direct or indirect life-support systems, air traffic control, or any application or installation where failure could result in death, severe physical injury, or property damage.

Two systems that have quite famously gone down are Varian Medical Systems which is responsible for delivering radiotherapy treatments to cancer patients and EMIS, an appointment and patient record system, which is causing disruption in the majority of GP practices. These both have a clear potential for failure to result in death or injury.

How is this sort of phrase interpreted in law?

Answer 1

How is this sort of phrase interpreted in law?

It means that if people die or are injured or suffer property damage because the software screws up, that this is the fault of the user for using the service in an inappropriate way when they were told that this would happen.

A low tech analogy would be using wires that have a disclosed failure temperature of 180ºF to power an alarm system that only activates when the temperature is 212ºF (a case that I litigated and won IRL). When the alarm system doesn't work, it the fault of the person who used the wrong materials for the job.

A humorous tangentially related comic illustrates the idea for software generally. The money quote:

I don't know quite how to put this, but our entire field is bad at what we do, and if you rely on us, everyone will die.

Answer 2

canada

Contractual interpretation is conducted in light of context, purpose, and the surrounding circumstances of the contract. See Sattva Capital Corp. v. Creston Moly Corp., 2014 SCC 33, para. 58 (citations omitted):

The nature of the evidence that can be relied upon under the rubric of “surrounding circumstances” will necessarily vary from case to case. It does, however, have its limits. It should consist only of objective evidence of the background facts at the time of the execution of the contract, that is, knowledge that was or reasonably ought to have been within the knowledge of both parties at or before the date of contracting. Subject to these requirements and the parol evidence rule discussed below, this includes, in the words of Lord Hoffmann, “absolutely anything which would have affected the way in which the language of the document would have been understood by a reasonable [person]”. Whether something was or reasonably ought to have been within the common knowledge of the parties at the time of execution of the contract is a question of fact.

So the term will be construed to be consistent with what the parties should have understood it to capture, considering the context, purpose, and surrounding circumstances of the contract.

This principle applies to all contractual interpretation in Canada.

Without knowing all of the context, purpose, and background circumstances, my own naïve, first impression is that the clause containing the bolded phrase is not creating any contractual obligation, but rather, seems to be disclaiming warranty. And the scope of that disclaimer would follow from the interpretive approach I've presented above; ohwilleke gives one plausible reading.

The particular example you've presented may have more relevance for assessing whether the practitioners were breaching the standard of care owed to their patients.

Answer 3

How is this sort of phrase [where failure could result in death, injury, or damage] interpreted in law?

It is interpreted and applied by regulatory agencies responsible for public safety.

In the example of aviation, the FAA requires a System Safety Analysis that will specifically quantify hazards and produce detailed risk matrices such as this example.

Depending on the product and it's effect on safety, a Design (or Development) Assurance Level (DAL) will be assigned, and an industry standard process such as DO-178 will need to be followed in order to obtain approval and certification. Obviously the seat back entertainment system would require a lower level of rigor that the terrain alert and warning system.

In the medical example you mentioned, although radiation equipment may be an important part of a treatment program for cancer patients, a temporary outage would not pose a direct threat, or be the cause of immediate loss of life. A machine that circulates blood during a heart transplant would however, so they would require different levels of certification of the machine and any software required to make it function properly in a fail safe manner.

Those who operate either aviation or medical equipment should know this, and you really have to be intentional to use uncertified equipment and software. The disclaimer you quoted is really just a CYA statement of the obvious to alert those who may be less familiar with specific requirements.