[bennyelv]

I was aware of this being the case when dealing with consumers, but had assumed that because B2B contracts are assumed to be between 2 sophisticated parties that there is little legislative protection that could override the terms of the contract.

My understanding of law is generally UK based, but I'm not aware of legislation what would supersede a contract term limiting liability when the event that created the liability was one of general diligence/competence in carrying out the contract rather than relating to health and safety or some other area that is heavily legislated.

For that reason I'm unconvinced on the article's statement that this isn't just a "French Legal System" thing and that the same kind of judgement might be made in other jurisdictions.

[consp]

As the article already states, in most jurisdictions you cannot void gross negligence liability in contracts. It will probably come down to that in those jurisdictions.

If they willfully did not implement staged rollouts that look like negligence to me but ianal. You kill canaries for a reason.

[smcameron]

Kind of looks like they had no canaries. https://securityboulevard.com/2024/07/crowdstrike-pir-canary...

[HeatrayEnjoyer]

Well for starters it did impact health and safety domains; hospitals and emergency services were severely degraded. There absolutely will be preventable deaths directly traceable to Crowdstrike.

[jltsiren]

I think the general idea is that gross negligence is a breach of contract. Every contract implicitly assumes that both parties are making a good faith effort to honor the terms of the contract. If you are not doing that, you may be in breach of contract, and the liability limitations may no longer apply.