In mid-January of 2010, France, following Germany’s example, issued a bulletin to all French computer users through Certa, a French government agency charged with protecting against cyber threats. The bulletin advised that the current and all versions of Internet Explorer had a serious security flaw making them vulnerable to hackers. Further, the bulletin recommended that computer users switch to a different browser as soon as possible. The bulletin followed a Microsoft admission the previous week that its browser was the weak link that allowed hackers to open the e-mail accounts of human rights activists in China. Could Microsoft be held liable for invasions of the privacy of its users as a consequence? Why or why not?