Lawyers wind up as time runs out
Y2K's legal problems may be worse than its technical ones
Sunday, November 08, 1998
By Michael Newman, Post-Gazette Staff Writer
If there's anything worse than a simple yet maddening software glitch that threatens to wreak economic havoc on a global scale, will cost many billions of dollars to fix and could cause an acute shortage of canned goods and survivalist gear at the turn of the millennium, it is this:
A simple yet maddening software glitch that threatens to wreak economic havoc on a global scale, will cost many billions of dollars to fix and could cause an acute shortage of canned goods and survivalist gear at the turn of the millennium - and now the lawyers are involved.
Such is the case with the ever-popular Year 2000 Computer Bug, capitalized out of fear and respect, in which computers are unable to understand the dates of the 21st century. The so-called Y2K bug has long been recognized as a technological problem. But its fame may rest on its status as a legal issue.
"If this Y2K problem is as complicated as some people say, then maybe everybody's responsible," says Thomas Vartanian, a Washington lawyer and chairman of the American Bar Association's Committee on Cyberspace Law. "I don't know whether the net result of that is a lot of litigation or none at all."
Chances are, it's the first possibility. At the ABA convention in Toronto last summer, there was speculation that the legal claims arising from the problem could reach $1 trillion. That's more than even the most extravagant estimate, $600 billion, of the costs of fixing it.
Litigation everywhere
First, the obligatory explanation of the Y2K problem itself. It stems from the fact that most older computers read dates in two-digit increments, such as 11/08/98. They assume the first two digits of the year are "19."
When the date rolls over to Jan. 1, 2000, the computer will thus record it as 01/01/00 - and wrongly interpret it as Jan. 1, 1900, perhaps shutting down or otherwise malfunctioning as a result.
Fixing this problem is not especially challenging, but it is enormously time-consuming.
First there is the problem of identifying which programs, computers and devices are vulnerable to the problem. Then there is the process of "remediation," actually fixing the lines of code in a software program that are date-sensitive. This is followed by testing the programs and devices to ensure they work properly.
Finally there is the certification procedure: Letting the world (and your customers) know that you are, to use the proper technical phrase, "Y2K compliant." This is very important, because as the millennium approaches, the question of whether a system, program or device will continue to function becomes, well, very important.
This last step is also where the lawyers come in. "It's caused this paper blizzard," says Kerry Kearney of Reed Smith Shaw & McClay, Downtown.
"That's all it is. Just thousands of letters going back and forth: Are you compliant? Are you compliant? Are you compliant? And no one responds - they just give the letters to their lawyers and they sanitize their response."
The paper blizzard has abated somewhat in recent months, she says, as companies have become more familiar with the issue. Still, companies are wary. As it turns out, simply declaring that you are Y2K-compliant is risky.
"You have to be darn careful what you say," says Mark Willard of Eckert Seamans Cherin & Mellott, Downtown. "Because if something is amiss on Jan. 1, 2000, you can be darn sure it'll be Exhibit A."
It is one of the only certainties, it seems, in this whole affair. "There's going to be government litigation, there's going to be shareholder litigation, there's going to be customer litigation," Kearney says. "There's going to be all kinds of litigation."
Yes, of course, but what kinds, exactly? Vartanian of the ABA counts at least three:
A company can be sued because it violated terms of its contract: The contract, signed in 1992, says the computer system will be good for 10 years, but on Jan. 1, 2000, it goes kaput.
A company can be sued because it was negligent - it "failed to take steps any prudent businessperson would take under the circumstances," he says: It ignored this whole issue, dismissing it as just more media hype, until December 1999, and on Jan. 1, 2000, the system goes kaput.
A company can be sued because it made "false and intentionally deceiving statements" about its products: It told everyone its software was OK, but on Jan. 1, 2000 ... you know the rest.
Understandably, all these items beginning with "A company can be sued because" have a tendency to make companies nervous. Especially when they can be sued over a problem they don't quite understand.
In order to alleviate these concerns, and to help companies better understand the problem, the federal government is beginning to play a role.
Feds and confusion
Helping companies better understand the Y2K bug is the easy part. Last month the Small Business Administration sponsored a "National Y2K Action Week." Bureaucrats fanned out to district offices to lead seminars, senators held field hearings, and the vice president delivered several moving speeches on the subject.
A more perplexing effort, however, was the Year 2000 Information and Readiness Disclosure Act, signed into law by President Clinton on Oct. 19.
Under the law, a company's statements about its Y2K compliance "shall [not] be admissible in any civil action arising under federal and state law against the maker of the disclosure to prove the accuracy or truth of any year 2000 statement in such disclosure," except under certain circumstances.
For once, lawyers are as perplexed as anyone.
"It's a very peculiar statute," Reed Smith's Kearney says. It is the principal subject of concern on an Internet legal-issues mailing list that she subscribes to. "On any given day, there will be more than 40 comments by lawyers trying to figure out what the law means."
The purpose of the law, at least, is clear: It is meant to encourage companies to share information about how ready (or not) they are for the year 2000. As we have seen, they may be reluctant to do so for fear of lawsuits.
As a further encouragement, the law also offers protection to companies for statements they've already made. Call it the "husband's excuse" clause: It allows them to look back on past remarks and say, "No, I didn't mean it that way."
There's a catch, though. They have to say they didn't mean it by Dec. 3. The law gives them only 45 days to go back and reclassify their statements as falling under the law's protection.
This has caused a rush to judgment, or at least a rush to retroactive judgment, as lawyers and companies look over what they've said and try to decide whether to protect it under the new law.
It presents a dilemma, lawyers say. On the one hand, companies want protection for any statements that may be suspect, and so may decide to reclassify them. On the other hand, they do not want to call attention to their suspect statements, and so may decide just to keep quiet.
What's more, the law does not provide Lewinsky-level immunity from past statements. It simply "prevents the admission into evidence of statements to prove their truth," Kearney says. "It's a very lawyerly concept. It's not something laypeople can readily appreciate."
Lawyers could still introduce such statements in a lawsuit against a company that fails to make its system Y2K compliant, or claims it is when it isn't. They just couldn't rely solely on the statement to prove their case.
"It's kind of a technical argument," Kearney says. "It doesn't help a whole lot."
Fun with analogies
Why all this attention, anyway, on such a mundane software bug? And why are the legal issues surrounding the Y2K so much more complicated than, say, the issues surrounding a defective car?
First, Kearney says, the Y2K issue is complicated because "it's not clear who the bad guy is": It's entirely possible that many companies will find themselves to be both plaintiffs and defendants in the new millennium.
That's because most companies use software and computers from hundreds of suppliers, small and large. Those suppliers, in turn, rely on other companies - including, in some cases, their customers - to design their systems.
Perhaps a better way to understand Y2K's legal complexity is through metaphor. If you have a car - let's say a Jeep - that malfunctions, you simply return it to the garage for fixing.
If the problem with the Jeep is some kind of manufacturing defect, then the manufacturer pays for it; usually the manufacturer has a list of all known defects. If the problem is not a known defect, the mechanic has to figure it out.
Now let's try to translate this problem to the realm of cyberspace.
"Let's say you're having trouble with your brakes," says Terry Budd of Kirkpatrick & Lockhart, Downtown. "But you can't tell whether its the rotors or the pads."
Budd, conveniently enough, has had the same problem with his Jeep - and his mechanic said it was the pads. A friendly sort, he tells you this, so "you don't have to pay your mechanic to spend half a day to determine whether its the pads or the rotors."
All well and good. But what if, horror of horrors, the problem turns out not to be the pads? Who's to blame then? Your mechanic, for fixing the wrong thing? Budd, for telling him to fix it? Budd's mechanic, for telling Budd to tell him to fix it?
Even worse, what if, upon driving away from the garage, you get into an accident? Then you're really in trouble, and not just because your insurance rates are sure to rise.
Now, because you relied on bad information, "you're not only facing the problem of having paid the mechanic to make the wrong repairs, but you're also looking at potential liabilities for injuring somebody in the car accident," Budd says.
"If you'd just left the Jeep for the mechanic on your own and let him analyze it, he might have figured out what he problem was," he says.
Bringing our metaphorical exercise full circle: If we substitute computer software for the Jeep, we see the many legal quandaries presented by the Y2K bug.
When something goes wrong, as it undoubtedly will, there will be an orgy of blame. The people who claimed to have analyzed the software, the people who claimed to have fixed the software, the people who claimed to have tested the software, the people who sold the software - all of them will be vulnerable to a lawsuit, to one degree or another.
Paraphrasing former U.S. Appeals Court Judge Ruggiero J. Aldisert, Kearney says, "When people are wronged in this country, they don't turn the other cheek, they serve process. We're a nation of suers."
What to do?
America, as no less an authority than Mick Jagger once said, is a very litigious country. The Y2K problem is compelling evidence of this.
Still, even lawyers are wary of the coming litigation free-for-all. And even lawyers evince some reluctance about their role.
"It would be such a catastrophic waste of resources to litigate this when we should be fixing it," Kearney says. For companies, she says, "lawyers are not your first need. Your first need is to fix it."
Vartanian, a partner in the Washington firm of Fried, Frank, Harris, Shriver & Jacobson, sees the law's role as "taking an efficient and practical look at the problem, and coming up with an efficient and practical solution.
"If that means we have to have further laws and regulation about this problem," then so be it, he says.
The Securities and Exchange Commission, for example, has already issued unusually detailed guidelines about corporate disclosure, and Congress is sure to hold further hearings on Y2K when it convenes next year.
"It's a difficult problem to approach from a legal point of view," he says. The goal should be to formulate "the most reasonable and socially responsible theories on which to base legal action."
"It's not in anybody's interest to have total gridlock and massive litigation arising out of Y2K," he says.
|
