Nissenbaum writes that a key difference between accountability and liability is the ground on which each is appraised: liability is appraised on the victim's plight while accountability is on the relationship of an agent to an outcome. Another difference is that accountability is closely linked to the notion of moral blameworthiness which has as one of its necessary conditions that a harm done is brought about by a faulty action by the agent. On the other hand, "to be strictly liable for harm is to be liable to compensate for it even though one did not bring it about through faulty action" (Nissenbaum, p. 15). I see in these differences that accountability is socially binding where it is culturally valued while liability is binding through legal measures.

Accountability and liability are not mutually exclusive. They are often strongly linked in cases where questions of responsibility arise, especially in cases of joint liability and comparative negligence. There could be many people accountable for a harm but only some are liable for it. This is why Nissenbaum suggests decoupling the two because merging them tends to take away the focus on the role of the agent to an outcome and shifts it to ameliorating the plight of the victim. In cases of joint liability, either the compensation to the victim is shared by the agents involved thereby lessening the burden of each agent or the compensation is targeted to a "deep pocket" and the rest of the agents are let off the hook. In either case, the victim has been compensated (financially usually) but the agents may not actually have accepted responsibility for their actions. Although, it is important to separate accountability from liability, Nissenbaum noted that maintaining clear lines of accountability serves as a starting point for assessing liability.

Nissenbaum has explored many cases in which accountability might be applied to the actions of information professionals. These actions have to do with computer systems and programs in which accountability is obscured either by a) the problem of many hands in the design of computer systems, b) the omnipresence of bugs or errors in computer programs, c) the use of computers as scapegoats, and d) ownership without liability.

Nissenbaum used the conditions of fault and causation to assess accountability in these cases. Using Nissenbaum's conditions, we can assess an information professional's accountability with regards to a harm done by framing them in two questions: a) Did his or her actions cause the harm, or constitute a significant causal factor in bringing about the harm; and b) Were his or her actions guided by faulty decisions or intentions?

The conditions of causation and fault can be similarly applied in assessing the liability for negligence of information professionals. The condition of fault is used in a breach of a duty of care, which underpins the other factors necessary for liability for negligence. A breach of a duty of care involves recklessness in which the professional "engages in an action even though he/she foresees harm as its likely consequence but does nothing to prevent it" and in which he/she "carelessly does not consider probable harmful consequences" to his foreseeable client or clients. Causation is an important factor in assessing negligence as there must be a factual link between the conduct of the professional who owes a duty of care and the harm done to the client or the conduct of the professional must be a substantial factor in bringing about the injury to the client. Causation is also used in assessing whether the harm suffered by the client is within the scope of the risk involved.

In Sutton's model of service continuum, we can see that power increases for the professional as vulnerability increases for the client as we move from the "resource provision" end to the "consultative" end of the continuum. According to Weckert and Adeney (1995), a dependent, vulnerable client is one of the factors that define a professional (the other two are an orientation to public good and a specialized knowledge and training). The professional's power over a vulnerable client gives rise to a professional "duty of care." In his Module 2 lecture, Sutton says that this professional "duty of care" is characterized by the following general precepts:

1. A duty to protect against forseeable harm.
2. A duty to act in the client's best interest.
3. A duty to exercise discretionary power responsibly.

Sutton says that "duty of care" is a legal term - the level of care that the law requires when dealing with a vulnerable client. The legal concepts of negligence and strict liability are built around this notion of a duty of care. Information professionals can be held liable for negligence and strict liability as they provide information services and information products. In terms of information services, we see in Sutton's continuum of service that information professionals begin to trigger the causes of action for negligence as the professional-client relationship becomes more one-to-one and the information service provided becomes more tailored to the client's information need as we move from a resource-provision to a consultative model. In terms of information products, information professionals can be held liable for negligence and product liability as they become involved in designing and creating mass-produced and mass-distributed IBOs to meet general needs.

To be liable for negligence in providing information services and information products, a set of "ingredients" must be present or demonstrable in the facts. These are:

1. There must be duty owed (as defined by the notion of a duty of care).
2. This duty must be breached (by unreasonable conduct or failure to conform to the standard of reasonable care).
3. There must be damage to the person to whom a duty of care is owed.
4. There must be a factual link between the conduct of the person who owes a duty of care and the damage done to the person to whom a duty of care is owed. The causation can be tested by the "But For" test - "But for the conduct (of the person with the duty), the injury (to the person owed the duty) would not have happened." Because there may be more than one cause, the conduct should also be determined to be a substantial factor in causing the injury.
5. There must be proximate cause. "Was the harm suffered within the scope of the risk?" Liability can be cut off by the courts as a matter of public policy when the conduct is only remotely connected to the injury.

We see in the above ingredients that it all begins with a duty of care. If there is no duty of care owed by the information professional, then there is no duty to be breached, and the rest of the ingredients for an actionable case of negligence will not hold. This was shown in the Winter v Putnam's Sons case in which a publisher (Putnam) of a book (which contained erroneous information about mushrooms and which has caused serious injuries to some people who relied on the information in the book) was not found liable for negligence because publishers do not have a legal duty to check the accuracy of the books that they publish. But Sutton asks, "What would be the liability issues with the authors of the book?"

Unfortunately, I have had no time to research further on that question. But we could rephrase it in terms of a duty of care and ask, "What duty of care do authors have to people who use their books or other information bearing objects that they authored?" I will extend this question to information professionals who, as Sutton (1996) wrote, will be more involved in an "authoring" function - "the creation of an information architecture or point of view." What would be the liability issues with information professionals as "authors?"