John Oxley
Barrister & Strategy Associate at Vardags
Technology and infidelity
A French entrepreneur has brought a legal action against Uber, seeking $45 million from the taxi app, saying that it triggered his divorce. The man, who has filed a suit in the Cote D’Azur courts, alleges that a glitch in the app notified his wife of a number of illicit journeys, ultimately revealing his affair. The man seeks to recover the costs of his divorce pay-out from the tech firm.
As a divorce lawyer, the case feels absurd. It is over a century and a half since English law allowed someone to claim damages from their spouse’s seducer, or sue a third party for precipitating their divorce – though the option does persist in North Carolina. In our modern marital law the apportionment of blame is never considered alongside the financial settlement, and parties must accept the reality of whatever mess their own actions have got them into.
The Uber suit does, however, raise interesting questions of when new technology comes into contact with the law. Looking at the confidentiality and data protection aspects of the case, there are strong reasons why an app-maker should become liable for the consequences of a bug and a data breach like this.
Organisations who have access to our data – be they doctors surgeries, lawyers offices or others – face strict penalties when breaches occur. They can be fined by regulators, but also punished by court actions for breach of confidence and for negligence. Many brick-and-mortar businesses have faced legal action for failing to secure themselves properly.
The bug in the app, which meant that the wife’s phone sent out notifications from the husband’s account even when he was no longer logged in on that device, could easily be seen as breaching the husband’s confidence and data rights. Though the revelation of his affair, and the marital pay-out which came from it, is unlikely to be seen as foreseeable or causally linked – key parts of a claim for negligence or breach of confidence in English law – there are perhaps circumstances where Uber could legitimately be liable.
Just as companies which build physical products are held liable for the damages caused by their failures, so too must software companies. Where they have negligently failed to keep customers data secure, or where bugs in the app have had foreseeable and measurable real world consequences, damages must follow. Without a proper legal framework, we could all become vulnerable to failures in apps.
The primary legislation which covers this in the UK is the Data Protection Act 1998. We (and Europe more generally) are working with a legal framework which is nearly twenty years old. Though set to be replaced by much tougher European rules in 2018, it is unclear how these will apply to a post-Brexit Britain.
Even more uncertain is how legislators and lawyers will cope with the rapid technologic advances of the future. The use of connected technologies and the “Internet of Things”, which have been shown to suffer from security issues, could lead to vast amounts of personal data being improperly stored. The records from automated cars or digital assistants like Amazon’s Alexa (which monitors sound around the device) could easily make users vulnerable to highly revealing hacks.
It is easy to laugh at the French lothario caught out by an Uber error, but imagine if the bug had revealed the new refuge of a domestic abuse victim to the former partner she was hiding from. The consequences could have been terrible. Other organisations have been found negligent for making such wrongful disclosures, and there is no reason why an app company should be exempt. In an ever more connected world, software companies have a clear duty to ensure that their products are secure.
Uber will probably successfully argue that it was the Frenchman’s infidelity which caused the marriage to end, not the app’s inadvertent unveiling of it. The lawsuit stretches any possible culpability beyond breaking point, certainly if English law were being applied. For app-makers, however, negligent data breaches and glitches are likely to be a recurring legal problem. Even where the products are intangible, the consequences of their failures could be very real.
