2

Forbes recently started to block people who use an adblocker from accessing their website. The irony is that only a couple of days later, the ad network they use started spreading malware, ransomware to be exact, through the ads.

Suppose a Forbes user gets ransomware because of malicious ads on the Forbes website and loses important data (or at least valuable time while restoring the backup).

  1. Who is responsible for the malware infection?

    • Forbes, because they're the website the user visited?
    • The ad network that provided a vector for infection and didn't properly check their content?
    • Or the makers of the ad, because they made the ad with malicious intent?

  2. Can the user sue the responsible party for damages?

  3. Does it make a difference whether the user has taken due diligence with software updates and patches?

The main jurisdictions I wonder about are Belgium and the USA.

Nzall
  • 1,591
  • 11
  • 19

1 Answers1

3

There is no real answer to that question at this point.

If on filed such a suit, it would probably be under a negligence theory. You would sue:

Forbes, because they're the website the user visited?

The ad network that provided a vector for infection and didn't properly check their content?

The makers of the ad, because they made the ad with malicious intent?

and anyone else who might have been negligent. You then have to prove they were negligent.

Can the user sue the responsible party for damages?

You can sue anyone for anything. The problem is winning.

Does it make a difference whether the user has taken due diligence with software updates and patches?

It might. Contributory negligence would be an obvious defense to such a suit.

Community
  • 1
user3344003
  • 1,728
  • 8
  • 8