Blog Posts

Biology and technology coming together
  • JAC

The Cyborg-Technology Provider Relationship, Part III

Updated: Sep 24, 2018

Continued from Part II

V. Holding IB-X liable

With the economic participation and security stakes so high relating to a cyborg’s reliance on a cerebral processor, there is a compelling reason for courts to articulate common-law protections against the cyborgs’ technology providers. As applied for Adam, if the court views the hack as a battery, a claim by Adam against IB-X would at least survive a standing challenge. Unlike in Reilly and Krottner, a court would not have to evaluate the likelihood of data misuse as a sufficient injury. Rather, the injury becomes established by the fact of the battery, even if recovery would only include nominal damages. Thereafter, Adam’s challenge becomes successfully arguing to a court that IB-X was liable for not patching its outdated cerebral processors.

The particular problem facing Adam is that courts generally treat a consumer’s purchase of an electronic product as an arms-length transaction under contract law. If this reasoning is applied in Adam’s case, it would be difficult to argue that a company’s decision to not update an outdated product when it offers better, newer versions for sale as negligent behavior. However, the importance of cerebral processors in Adam’s society supports viewing Adam’s relationship with IB-X as more similar to a doctor–patient relationship. Under this view, IB-X may be held liable for breach of a fiduciary duty.

A. The Problem With Contract Law

As can be seen in Adam’s world, having a functioning and secure cerebral processor is all but necessary to life. However, the practical necessity of a computer-like product for social participation is not unique to Adam’s situation. In current society, computers are the foundation of the state of the economy. In business, computers manage activities including “[w]ord processing, technical data analysis, spread-sheets, inventory control, production and sales reports, communications, invoices, and purchase orders.”[1] In this environment, the inability to obtain a computer system or the failure of a computer system can severely harm a business.[2] In effect, the necessity of computers gives computer hardware and software providers significantly more bargaining power than their consumers. This is exemplified in courts’ upholding of “click-wrap” agreements, where the terms of a software contract are imposed on the consumer in a take-it-or-leave-it fashion.[3]

In contact law, the party with the most bargaining power tends to obtain the most favorable terms in the contract.[4] Among these favorable terms can be a wide variety of liability and warranty waivers. Without any outside controls and viewing subsequent contracts as purely arms-length transactions, these technology providers thus become the gatekeepers to the economy—accept their terms or forego social participation. As applied to Adam, his job and information security relied on the good-graces of IB-X. IB-X’s decision to not update Adam’s version of its cerebral processors was contractually allowed and a risk Adam was forced to take.

Contract law does, however, provide some cover for consumers in Adam’s position. It does this through the doctrine of unconscionability. This doctrine states that

[i]f a contract or term thereof is unconscionable at the time the contract is made a court may refuse to enforce the contract, or may enforce the remainder of the contract without the unconscionable term, or may so limit the application of any unconscionable term as to avoid any unconscionable result.[5]

However, there is no bright-line standard for what constitutes and unconscionable contract or term; instead, the Restatement describes it as fact-specific determination:

[T]he policy against unconscionable contracts or terms applies to a wide variety of types of conduct. The determination that a contract or term is or is not unconscionable is made in the light of its setting, purpose and effect. Relevant factors include weaknesses in the contracting process like those involved in more specific rules as to contractual capacity, fraud, and other invalidating causes; the policy also overlaps with rules which render particular bargains or terms unenforceable on grounds of public policy. Policing against unconscionable contracts or terms has sometimes been accomplished “by adverse construction of language, by manipulation of the rules of offer and acceptance or by determinations that the clause is contrary to public policy or to the dominant purpose of the contract.” Uniform Commercial Code § 2-302 Comment 1. Particularly in the case of standardized agreements, the rule of this Section permits the court to pass directly on the unconscionability of the contract or clause rather than to avoid unconscionable results by interpretation.[6]

But how is a court to evaluate the unconscionability of a contract regarding security patches? It may be contrary to public policy to allow a cerebral-processor producer to disclaim all security liabilities, but it is a much closer call if the company limits its liability past a certain period of time. IB-X’s disclaimer, should it have had one, of providing security patches for products over ten-years old may be reasonable; IB-X has a right to resources to make new products and profits just as much as Adam has to get a job.

The uncertainty of contract provisions makes this approach unworkable for defining and regulating the relationship Adam has with IB-X. Indeed, what is reasonable on a contractual basis may still be incongruent with the needs of greater society. Instead, to offer cyborgs the appropriate level of protection, it is best to view their technology providers as fiduciaries.

B. IB-X’s Fiduciary Duty To Adam

According to Black’s Law Dictionary, a fiduciary is “one who owes to another the duties of good faith, trust, confidence, and candor.”[7] Judge Cardozo explained the nature of a fiduciary’s duties as follows:

Many forms of conduct permissible in a workaday world for those acting at arm's length, are forbidden to those bound by fiduciary ties. A [fiduciary] is held to something stricter than the morals of the market place. Not honesty alone, but the punctilio of an honor the most sensitive, is then the standard of behavior. As to this there has developed a tradition that is unbending and inveterate. Uncompromising rigidity has been the attitude of courts of equity when petitioned to undermine the rule of undivided loyalty by the ‘disintegrating erosion’ of particular exceptions. Only thus has the level of conduct for fiduciaries been kept at a level higher than that trodden by the crowd. It will not consciously be lowered by any judgment of this court.[8]

And as one scholar explains, courts impose fiduciary duties where it is necessary for the proper functioning of society:

Fiduciary obligations are imposed in relationships in which one party, the fiduciary, is in a position to take advantage of the other party, . . . the beneficiary . . . , and in which the interests of the [beneficiaries] that are at stake are important to society and sometimes vital to the [beneficiaries’] welfare. If the relationship were at arm's length, [beneficiaries] would be unable to reduce the risk of being taken advantage of except by expending significant resources to monitor the superior party, and those resources would not be available to the [beneficiaries] to purchase the welfare-enhancing services or property the securing of which is the reason for the relationship. In order to maximize the utility of the relationship to the [beneficiary] by minimizing monitoring costs, the law therefore imposes on the superior party the status of a fiduciary. Instead of being free to maximize their own self-interest as they would be in an arm's-length relationship, fiduciaries are required to further the [beneficiaries] interests and to make restitution and pay punitive damages if they fail to do so.[9]

Indeed, “[a] fiduciary obligation’s scope is a complex product of the interaction of the agreement clearly reached by the parties, obligations implied from their conduct, and obligations imposed by law.”[10] In practice, courts have held fiduciaries to numerous, specific duties. These duties include a duty of care in dealing with property, a prohibition against self-dealing, restrictions in delegating away entrusted discretion, bans against individual self-benefit taking, and a duty of confidentiality.[11] Of these duties, the duty of loyalty is perhaps the most important. At its base, the duty of loyalty requires that the fiduciary may not advance his or her own interests above those of the beneficiary.[12]

However, these duties may be contractually disclaimed.[13] But this is a difficult road for the fiduciary to travel. For a disclaimer to be valid, the “beneficiary’s consent must be knowing, requiring the beneficiary not to be incapacitated, underage, or subject to coercion . . . . [And] the fiduciary must have fully and clearly disclosed all relevant information to the beneficiary.”[14]

Regarding their origins, fiduciary relationships and obligations have emerged from courts of equity.[15] While courts generally required that one affirmatively accept the obligations of a fiduciary relationship before such relationship is created, the resulting consequences from a breach of the fiduciary relationship thereafter robotically follow as a matter of law.[16] In that end, the fiduciary has the burden to show that any challenged action was fair.[17] This is in contrast to the lesser “confidential relationship” where the individual asserting a breach has the burden of proving that he or she reposed trust or confidence in the fiduciary.[18] Even with these disclosures, “the fiduciary’s conduct must [ultimately] be objectively fair and reasonable.”[19]

The typical remedy for the breach of a fiduciary duty is disgorgement of profits.[20] As noted by Scallen, this remedy may result even when the beneficiary has not suffered any actual pecuniary loss, suggesting that the breach of a fiduciary duty is recognized by the courts as a “betrayal of trust [that] is qualitatively different from an ordinary breach of promise . . . .”[21] Along that line, the remedy may also include punitive damages, which, in some cases, are intended to serve a deterrent function.[22]

1. IB-X’s General Fiduciary Duty to Adam

While it is widely viewed that the rise of new categories of fiduciary duties is a rare occurrence, Scallen advocates for “the new fiduciary principle,” which offers a pragmatic and flexible framework for identifying new fiduciary relationships.[23] According to the new fiduciary principle,

a fiduciary relationship exists when there is (1) dependence or vulnerability by one party on the other, that (2) results in power being conferred on the other (3) such that the entrusting party is not able to protect itself effectively, by “cover” or otherwise, and (4) this entrustment has been solicited or accepted by the party on which the fiduciary obligation is imposed.[24]

According to Scallen, the first two elements of the new fiduciary principle parallel the courts’ historical focus on trust when determining whether a fiduciary relationship exists in a particular context.[25] Specifically, these elements stand in contrast to relationships consisting of “arm’s length” transactions.[26] The third element, “cover,” recognizes the fact that courts are loath to abandon the notion of “self-reliance” by a contracting party.[27] This value of self-reliance is exemplified in the contractual concept of mitigation of damages.[28] Yet, “the reality,” says Scallen, “is that there are often situations in which a party’s ability for self-protection is limited to the initial choice of agreeing or refusing to contract.”[29] Finally, the fourth element requires that the fiduciary accept such a role; however, Scallen asserts that an individual’s agreement to become a fiduciary may be made either explicitly or implicitly.[30]

Each of Scallen’s elements fit the technology provider–cyborg relationship. Looking at this relationship from Adam’s point-of-view, he is particularly dependent on IB-X. This is because Adam’s cerebral processor is IB-X’s proprietary product. Adam did not have the authority or ability to create the security patch himself. In effect, Adam’s inability to cover himself against problems with his cerebral processor puts a lot of power in IB-X’s hands—Adam trusts IB-X to protect his brain. And it would be difficult for IB-X to argue that it has not accepted its fiduciary status. This is because of the nature of its product; IB-X sells a product that physically arguments a person’s brain, allowing that person to participate in society. It is difficult to imagine this being anything but an acceptance of a fiduciary duty. This also supports the rejection of any attempt to contractually waive these duties at the time of sale of its product.

In fact, application of the new fiduciary principle to Adam’s case mirrors and is buttressed by the manner in which courts recognized the doctor–patient relationship. Indeed, courts are increasingly recognizing that doctors are fiduciaries to their patients.[31] And, according to Maxwell J. Mehlman, this trend makes sense as the doctor–patient relationship appears to meet all the considerations for fiduciary relationships.[32] In these relationships, physicians certainly are capable of leveraging their knowledge and experience over patients to the physicians’ own advantage.[33] This is particularly true when patients are ill or otherwise incapable of adequately attending to their own best interests.[34] And even if patients did seek to protect their interests, such as obtaining second opinions, these would be high and “consum[e] resources that otherwise would be available to purchase the health care patients[’] need[s].”[35] Overall, the proper functioning of this relationship serves the important societal need of health care.[36]

By analogy, technology providers are doctors to cyborgs. The technologic health of Adam’s cerebral processor is substantially similar to the organic health of his “human brain.” Also like doctors, technology providers have a significant knowledge advantage over their clients. Just like how a patient cannot treat his or her own ills as compared to a doctor, a cyborg cannot update his or her cerebral processor as could the technology provider. And, as has been stated above, both are health concerns and greatly impact important social needs. Therefore, it is reasonable to impose a fiduciary duty on IB-X as owed to Adam.

2. Adam’s Resolution

Finding that IB-X owed a fiduciary duty to Adam, it looks like IB-X breached its duty by not patching Adam’s cerebral processor. As noted above, a fiduciary may not take a financial benefit at the expense of the beneficiary. In Adam’s case, IB-X chose to forego the expense of patching its older product in favor of producing new products for sale. As this puts the benefits of new sales above the expense of patching old products, IB-X put its financial interests ahead of both Adam’s economic and security interests. While not necessary to recover for breach of fiduciary duty, IB-X’s actions did cause Adam to suffer damages. These damages include the battery Adam suffered as a result of the hack and the loss of employment Adam suffered due the insecurity of his cerebral processor.

The remedy for Adam would be for IB-X to disgorge its profits it made by not patching Adam’s cerebral processor. This is an appropriate resolution. The severity of the stakes warrant severe liability. And as is the intended purpose, the danger of disgorgement (rather than what would be relatively small contractual damages) should be enough to entice IB-X to not repeat its bad actions.

II. Conclusion

The singularity will bring about many changes in society. Some changes can be anticipated and others cannot. But what can be assumed with relative certainty is that the singularity will bring to the courts many novel issues. One of the issues courts can expect to confront is whether the merger of body and technology (thus creating cyborgs) requires a reimagination of bodily integrity. Further, should the proper function of society and the economy depend on the mass-existence of cyborgs, who in turn rely on technology providers, the courts will have to determine the extent of duties and care technology provider owes its cyborg clients.

This article argues that technology providers will owe a fiduciary duty to cyborgs in the continued maintenance of the cyborgs’ technological bodily security. Fiduciary relationships arise where one party or a relationship has significantly more power than the other party and it is for the social good to place heighted duties of care on the more powerful party. This is the case for the technology provider–cyborg relationship. Indeed, the technology providers would be in a unique position to protect the bodily integrity of cyborgs, which in turn important to society’s proper functioning.

After the singularity, cyborgs will rely on the technology providers to maintain the security of their cerebral processors. This protection is important to cyborgs because a hack of their cerebral processors constitutes a battery, and the cyborgs would not be in a position for self-protection—they must rely on the proprietary expertise of the technology provider. In turn, the security of cyborgs would be important to society. It can be anticipated that after the singularity, individual participation in society and the economy will depend on one being a cyborg. As such, the failure of a technology provider to maintain the security of the cyborg could have a significant impact the nation at large.

In the end, the technology provider–cyborg relationship would be substantially similar to the doctor–patient relationship, which is a fiduciary relationship. For these reasons, technology providers will owe fiduciary duties to cyborgs as related to cybersecurity.

[1] S. Revelle Gwyn and Alan T. Rogers, Negotiating and Litigating Computer Contracts: Selected Issues, Alabama Lawyer (1992).

[2] See id.

[3] See, e.g., Hancock v. American Tel. and Tel. Co., Inc., 701 F.3d 1248 (2012).

[4] See Daniel D. Barnhizer, Inequality of Bargaining Power, 76 U. Colo. L. Rev. 139, 182 (2005).

[5] Restatement (Second) of Contracts § 208 (1981). See also Unif. Comm. Code § 2-302.

[6] Id.