Understanding this distinction is essential for consumers, companies and the functioning of the Justice system itself.
Digital fraud is no longer a one-off episode but has become part of everyday consumer relations. Banking scams, account cloning, fake links, fake call centers and sophisticated social engineering techniques have become part of the risky environment of digital relationships.
Not all fraud, however, generates automatic liability. Understanding this distinction is essential for consumers, companies and the functioning of the Justice system itself.
Faced with the multiplication of scams, an understandable but dangerous temptation has emerged: to treat every fraudulent event as an automatic failure of the supplier. This logic, although intuitive, deflates the concept of civil liability and transforms the legal system into a mechanism for unrestricted risk transfer, without the necessary causal filtering.
Responsibility without distinguishing does not strengthen consumer protection. On the contrary. It weakens the coherence of the system, encourages distortions and reduces the predictability essential to the sustainability of consumer relations in the digital environment.
Internal fortuitous vs. external fortuitous: why this distinction matters
The distinction between internal fortuitous and external fortuitous has never been an academic detail. It defines the extent of objective responsibility in consumer relations.
Internal accident it is linked to the risk of the activity itself: systemic failures, predictable vulnerabilities, operational errors and problems inherent to the business model. Already the external fortuitous involves unpredictable events that are unrelated to the supplier’s activity, especially acts by sophisticated third parties unrelated to the company’s operations.
In cases of fraud, this difference became decisive. Not all fraud results from system failure. In many contexts, this is an event constructed outside the supplier’s control environment, with deliberate strategies to mislead the consumer.
Social engineering and causation
Social engineering represents a turning point in this debate. Unlike traditional technical failures, it is based on the manipulation of human behavior, exploiting trust, urgency and fear.
Scammers replicate legitimate communications and induce consumers to perform voluntary acts, such as providing passwords, authorizing transactions or clicking on external links. In these cases, the damage results from the actions of third parties, combined with the consumer’s own conduct, breaking the causal link essential for liability, including in the objective regime.
Ignoring this rupture means artificially increasing the risk of the activity, giving companies the duty to prevent human conduct that is beyond their technical and organizational control.
Consumer fault and limits of liability
The presumption of consumer vulnerability has never meant absolute irresponsibility. The maturity of the Judiciary has revived the analysis of exclusive or concurrent guilt, without blaming the victim, but technically applying the civil liability system.
The active participation of the consumer in the production of damage, by ignoring clear warnings or validating atypical operations, cannot be legally irrelevant, as the protection remains, but is no longer automatic.
The objective liability provided for in the CDC is not unlimited either. The Code does not establish a comprehensive risk regime. Exclusions such as third party fault, consumer fault and lack of causal link remain fully applicable.
What does this evolution reveal
Recent jurisprudence signals a silent but structural change. The Judiciary began to value evidence, distinguish contexts and filter demands that treat fraud as a homogeneous event.
This movement also has a pedagogical effect. The process is not an automatic shortcut to compensation, but a technical instrument that presupposes responsibility and good faith. The consumer system is not backing down. It is adjusting to the digital reality, preserving consumer protection without sacrificing the legal security of companies.
In the digital environment, protecting is not transferring risks indiscriminately, but applying the Law with precision, so that Justice acts as a balancing instrument, and not as a distorting factor.
*This text does not necessarily reflect the opinion of Jovem Pan.
