Who will be held liable for business losses caused by the millennium bug? The first trials are starting and lawyers expect busy years ahead.
British industry is treating the millennium time bomb issue with cavalier complacency. So say the experts who warn of dire business consequences for those whose computer systems fail to master the change from the year 1999 to the year 2000. 'Some businessmen still seem to view this whole issue as a joke,' says Robin Guenier, executive director of Taskforce 2000, a government-backed organisation set up to raise awareness of the issue. 'But it may not seem so funny when their business fails and they are held personally liable for its losses.'
To date, much of the debate about the year 2000 problem has dwelt either upon the Armageddon scenario of worldwide business collapse or on eye-catching estimates of the colossal costs involved.
(Experts estimate that fixing the problem will cost £31 billion in the UK and $1.5 trillion worldwide). Now attention is turning to more prosaic concerns. In America, a small supermarket owner in Michigan is bringing the world's first lawsuit over the millennium time bomb. Tec-America, the Atlanta-based supplier of cash registers is being sued for allegedly providing computerised tills that cannot recognise the year 2000. Countless other computer systems worldwide are predicted to crash on 1 January 2000, if not before. And businesses will certainly fail as a result. So who is going to be liable, and for what? And, when the writs start flying, as Guenier insists they will, could any of them land in the laps of company directors themselves?
Lawyers are bracing themselves for a busy few years ahead. Rob McCallough of international legal firm Masons anticipates a rapid rise in the dispute work surrounding year 2000 issues. 'Views are mixed about how much there will be,' he says. 'But certainly in the States, a great deal are expected.' And it's not just the suppliers of mainframe computers who could be facing law suits. Karl Fielder, head of Chichester-based year 2000 consultancy Greenwich Mean Time, has investigated the year 2000 status of 4,000 best-selling PC software programs. Almost two-thirds of them, he claims, will run into problems in 2000. Yet, of these, 28% are claimed by their manufacturers to be year 2000-compliant (ie neither performance nor functionality is affected by dates prior to, during and after the year 2000). Fielder concludes that many companies, particularly the small and medium-sized ones, are currently using software which won't input dates after 31 December 1999.
All year 2000 problems can be fixed through software updates, technical tinkering or the purchase of new systems (average costs range from £400 for a small firm to upgrade or replace software to £300 per employee for larger organisations). But time is running out - for many experts a realistic deadline for fixing the problem is the end of 1998, and for some industries which work far ahead, it is even earlier. Relying on insurance to cover any costs incurred by systems which fail to master the millennium date change is not an option. Year 2000 insurance cover is very costly - at present £100 million of cover costs £80 million - and, says Charles Henderson of global insurance brokers Willis Corroon, many insurers are now considering changing the terms of their policies to exclude any year 2000 liability.
Many companies will be relying on their IT supplier - although IBM in particular has come under fire for concentrating its efforts on mainframe users and not being proactive in alerting its smaller users to the problem.
At Sage, the world's largest PC accounting software supplier, public relations manager Georgina Cameron admits: 'Some of our older products are not currently compliant.' However, she insists the company is committed to contacting all 180,000 UK customers over the next six months to assess their year 2000 requirements and to ensure their Sage accounting software is compliant. Free upgrades will be offered to all 100,000 customers who subscribe to Sagecover - Sage's maintenance programme. The rest, says Cameron, will be offered solutions at a nominal charge.
But what if IT suppliers refuse to play ball? What about taking them to court? If the product concerned is a new one, your chances of success are good. Due to the efforts of organisations such as Taskforce 2000, awareness of century date-change problems is now widespread. All new software should be genuinely 2000-compliant. If not, consumers can seek protection under general consumer legislation such as the Sale of Goods Act 1979 and the Supply of Goods and Services Act 1982. The former allows goods to be returned on the grounds that they are not fit for the purpose they were bought for, or they are not of satisfactory quality. Unless a supplier states otherwise at the time the sale is made, software bought in 1997 which fails to master the date change cannot be considered fit for purpose.
For companies using existing custom-built software and hardware or standard packages and computer systems, however, the legal waters are muddier.
In these cases, says Peter Stevens, partner in charge of the information technology group at leading City law firm Manches & Co, much will depend on the wording of the contract or warranty. 'If there is an express warranty or agreement concerning 2000-compliancy then the user has an unequivocal right to sue the supplier for breach of contract,' he says. Even if there isn't, a court may judge that an implied warranty exists although it is likely that the supplier would argue otherwise.
One point on which there is likely to be much debate is the exact date after which software manufacturers may have been reasonably expected to supply only year 2000-compliant programs. While 1995 is frequently quoted by industry pundits as the reasonable cut-off point, the British courts have yet to make a judgment. Until that date is established, users will find it hard to know the strength of their own case. Moreover, as McCallough explains: 'Although the courts may seek to impose an objective test as to when it was best industry practice to supply year 2000-compliant software, each case will be determined on its own facts.'
Another important consideration will be the use to which the product has been put. For example, a supplier of software may argue that, used on its own, the package was fit for purpose. It was only when it was linked with other packages that problems occurred. As Gavin Pickering of law firm Radcliffes Crossman Block explains: 'Unless a user specified at the time of purchase which other products he intended to use the package with, it may prove very difficult to establish a claim.' Microsoft, for example, insists that all its software products are 'ready for the year 2000' but refuses to provide warranties to this effect - a decision it justifies in a recent release with the following explanation: 'Contractual warranties specific to year 2000 readiness are not appropriate given the true nature of year 2000 issues and the simple fact that a single technology provider cannot solve all issues related to the transition to the year 2000.'
Microsoft isn't the only company to write exclusion clauses into its warranties - whether it will stand up in court, however, is another matter.
Potential litigants may find some comfort in the Unfair Contract Terms Act 1977, which aims to exclude limitations which are not 'reasonable'.
But, warns Fielder, 'the major suppliers have enormous funds available to fight these types of claims. It scarcely seems likely that small companies will have the clout required to wage protracted legal battles against the industry big boys and win.'
The time for taking legal action may also be rather more limited than many people might think. 'Those wishing to sue for breach of contract must bring the action within six years of the date of the breach,' explains McCallough. 'In terms of suing for non-compliant software, the limit is therefore six years from the date of supply, not from the time the problems occur.' If, on the other hand, the user chooses to sue for negligence, actions must begin six years from the date that damage occurs. Negligence, however, can be trickier to prove than breach of contract.
Even if a company has what appears to be an otherwise cast-iron case against a supplier, it will have to show that it did all it could to mitigate any loss by taking the proper steps to deal with the problem before the year 2000 deadline. 'Any plaintiff has a duty to try and mitigate his loss,' says Pickering. 'He can't just blunder on and wait for damage to occur in the belief that he has a claim against the supplier. Attempts must be made to limit the damage.' Failure to do so could substantially reduce the level of damages awarded.
A client company which fails to do all it can to deal with the problem may also find itself on the receiving end of legal action. For example, if it fails to supply goods or services due to computer failure, its customers could sue for breach of contract. While the unfortunate supplier may try and claim force majeure, ie that it was impossible to fulfil the contract, the courts may dismiss this claim on the grounds that the cause was not outside their 'reasonable control' but could have been avoided by taking adequate steps to ensure their computer systems were year 2000-ready.
An even more worrying aspect for company directors is that they could be held personally liable if their company fails because of a year 2000-related computer problem. 'There is no doubt that directors are going to be sued over failure to contain the year 2000 problem,' insists Pickering.
'If it is not already here, the point will come soon where directors will be presumed to know they should have done something to fix the problem.
From that point onwards directors are going to be liable and it will take only one example to set the scene for many claims against them.' And since practically anything with an embedded chip is now under suspicion including security systems and medical equipment, that could even mean criminal charges. According to a report in Computing magazine, NHS trust bosses could face manslaughter charges if chips, such as those in life-support systems, fail and cause fatalities.
Directors are therefore advised to keep a record of the action they are currently taking to address year 2000 problems, in case any claims are made against them. A first step is to audit all the company's current date-dependent systems and examine all the relevant warranties and contracts.
Any future contracts should include clauses on millennium compliance.
'The purpose of looking at liability at this stage is to see how strong the cards in your hand are when negotiating with suppliers or consultants,' says Robin Baron of Radcliffes Crossman Black. Ultimately, he says, organisations will have to look for someone to blame, but that time may not yet have arrived. 'The vital thing right now is to get these problems solved. If the problem isn't solved by the millennium, then it probably is not going to be solved at all. Fix now, sue later - is the message.'
USEFUL WEB SITES/SOURCES OF FURTHER INFORMATION
www.sage.com Sage's site which includes Sage's year 2000 policy statement and will maintain a year 2000 knowledge base to be updated with relevant information
www.bcs.org.uk/millen.htm British Computer Society site. Includes an overview of the year 2000 problem, plus links to other useful sites
www.year2000.com Year 2000 Information Centre site, co-sponsored by Peter de Jager, one of the world's leading year 2000 experts
www.bsi.org.uk British Standards Institute site. Includes the BSI's Definition of the Year 2000 Conformity Requirements
www.open.gov.uk/ccta/mill/mbhome.htm Site of the Central Computer and Telecommunications Agency (CCTA), the Government's IT agency. Includes guidelines aimed at helping organisations tackle the year 2000 problem
www.taskforce2000.co.uk Taskforce 2000 is a government-backed body directed by the heads of the Confederation of British Industry (CBI) and the Computer Software and Services Association (CSSA) to raise awareness of the year 2000 problem
www.ncc.co.uk/y2k.html National Computing Centre site offers a number of products and services to assist organisations in addressing the year 2000 issue
www.microsoft.com Microsoft's home page www.novell.com Novell's home page
www.software.ibm.com/year 2000/index.html IBM's year 2000 support centre
www.cssa.co.uk/cssa Site of the Computing Services and Software Association, trade association for the UK's software and IT industries
www.computerexperts.co.uk Site of Computer Experts, producers of the Millennium Bug Toolkit
www.rightime.com Site of RightTime, producers of various toolkits for Year 2000 auditing. Also includes links to many other related sites
www.gmt-2000.com Site of Greenwich Mean Time, producers of the Check 2000 auditing tools.