Smart Device Manufacturer liability and redress for third-party cyberattack victims

Research output: Contribution to journalArticle (journal)peer-review

38 Downloads (Pure)


Smart Devices are used to facilitate cyberattacks against both their users and third parties. While users are generally able to seek redress following a cyberattack via data protection legislation, there is no equivalent pathway available to third-party victims who suffer harm at the hands of a cyberattacker. Given how these cyberattacks are usually conducted by exploiting a publicly known and yet un-remediated bug in the Smart Device’s code, this lacuna is unreasonable. This paper scrutinizes recent judgments from both the Supreme Court of the United Kingdom and the Supreme Court of the Republic of Ireland to ascertain whether these rulings pave the way for third-party victims to pursue negligence claims against the manufacturers of Smart Devices. From this analysis, a narrow pathway, which outlines how given a limited set of circumstances, a duty of care can be established between the third-party victim and the manufacturer of the Smart Device is proposed.
Original languageEnglish
Pages (from-to)1-31
JournalEuropean Journal of Law and Technology
Issue number3
Early online date31 Dec 2023
Publication statusPublished - 31 Dec 2023


  • Cybersecurity
  • Omissions
  • Duty of Care
  • Smart Devices
  • Cyberattacks


Dive into the research topics of 'Smart Device Manufacturer liability and redress for third-party cyberattack victims'. Together they form a unique fingerprint.

Cite this