Skip to main content
Find a Lawyer

The Need for Immediate Action at the Highest Corporate Levels to Solve The Year 2000 Software Crisis

This article was edited and reviewed by FindLaw Attorney Writers | Last reviewed March 26, 2008

This article has been written and reviewed for legal accuracy, clarity, and style by FindLaw’s team of legal writers and attorneys and in accordance with our editorial standards.

The last updated date refers to the last time this article was reviewed by FindLaw or one of our contributing authors. We make every effort to keep our articles updated. For information regarding a specific legal issue affecting you, please contact an attorney in your area.


American Lawyer (Special Edition, November 1996) and Comlinks Magazine (November 1996)

Background. After festering for years behind the scenes in computer technology circles, the Year 2000 software crisis has finally emerged as a hot topic in the business and popular media. (1) Much of what you read and hear will be unduly dramatic and doomsday-like. But much will also be unjustifiably complacent and ostrich-like. There lies the danger.

What is the problem? Dates play a key role in dependable functioning of the software systems our companies rely upon in day-to-day operations for innumerable computerized tasks, including any tasks requiring date dependent arithmetic calculations, sorting and sequencing data, and many other functions. To oversimplify the problem a bit, most software developed during the past two decades for mainframes, client/server and personal computers recognizes years by only two digits ("96" for 1996) instead of four digits. (2) Unfortunately, when the system is asked to perform a date sensitive function involving the year 2000 ("00") or beyond, the system may crash or yield inaccurate and often wildly unpredictable results. Any doubts about this can be put to rest by calling in a competent testing service to run various scenarios on a company's system or, worse yet, purely in a controlled testing environment, reset the system clock (the device that tells the system today's date) to 11:58 p.m. on December 31, 1999, wait a couple of minutes and just watch what happens. (3)

The Need For Immediate Action At The Highest Corporate Levels. Amidst the emerging noise in the media, several points have become non-debatable among those who comprehend the nature and magnitude of the Year 2000 software crisis:

  • Directors, executive management and corporate counsel at all companies must become personally involved now in proactively leading the effort and committing the resources necessary to solve the problem in time. The deadline is non-negotiable, and time is growing short. (4) Estimates are that less than 20% of American companies have begun to come to grips with the problem in ways serious enough to solve it in time. (5)

  • The Year 2000 software crisis has an estimated $300 to $600 billion price tag just to fix the problem. (6) The problem cuts across all industry boundaries. In scale, it is like the S&L crisis, the environment, and asbestos. In kind, it is different because it affects almost all companies.

  • Even though the problem may sound simple, it is extraordinarily difficult, labor intensive and time consuming to fix. (7) No "silver bullet" technological solution has emerged, and despite the ever-accelerating rate of scientific innovation (combined with very strong economic incentives) it is unlikely that one will. Any company that adopts a Year 2000 strategy of waiting for the "silver bullet" will probably find itself on the losing end of a game of Russian roulette.

  • Despite their best efforts, a significant number of companies will fail to solve the problem. (8) The costs of failure will be extremely high: business disruption and in some cases extinction, liability to third parties such as customers damaged by the failure, and embroilment in years of litigation.

Key Legal Issues And Strategies. When confronting and solving the Year 2000 software crisis, directors, officers and counsel must bear in mind a host of legal issues, summarized below.

Directors' And Officers' Liability And Securities Law Issues. To avoid personal liability, directors and officers are required to meet the applicable legal standards of care in taking action to solve the Year 2000 problem at their company. Directors' and officers' efforts should be carefully documented to strengthen defenses under the due diligence and business judgment rules in the event of litigation over the company's failure to solve the problem in whole or in part.

Even if directors and officers take all appropriate action and the company eventually solves its Year 2000 problem, more may be required. If a company's Year 2000 problem is significant (in terms of possible effect on the business or fix costs) failure to disclose currently the existence of the problem and the potential costs of dealing with it (1) in connection with sale of securities or (2) in Management's Discussion and Analysis of Financial Condition and Results of Operations (MD&A), poses a serious risk of liability on the part of the company, directors and officers under federal and state securities laws.

Officers, directors and corporate counsel should not grasp for a false sense of security in the Private Securities Litigation Reform Act of 1995. Although the Act includes "reforms" concerning class action representatives, pleading with particularity, and some protection for "forward looking statements", plaintiffs' securities lawyers are salivating over the prospect of Year 2000 lawsuits, and with good reason. (9)

Tax Law Issues. Over the next few years most companies face Year 2000 costs ranging from several million dollars to tens of millions of dollars, and some companies face costs in the hundreds of millions of dollars. (10) The federal and state tax law treatment of these costs (as opposed to the financial accounting and reporting treatment, which is governed by GAAP rather than tax law) will in most cases have a significant impact on the company's after-tax income.

From a tax standpoint, the preferred result is generally a current year tax deduction of the costs as incurred rather than capitalization and amortization, and if the costs must be capitalized in whole or in part, amortization over as short a period as possible. Year 2000 costs will only be tax deductible currently under federal tax law if they qualify as "repairs" or as "research and development" costs for self-developed property under a special provision of tax law.

To maximize the prospects for favorable tax treatment, companies must develop a coherent tax strategy, including careful structuring of agreements with outside vendors, careful documentation of the plans for solving the Year 2000 problem, and careful documentation of costs as incurred. The IRS has not yet stated a position on Year 2000 costs, but given the amount of money at stake it is reasonable to expect that the agency will resist current year deductibility.

Legal Rights Under Existing Licensing, Maintenance, Outsourcing And Other Agreements. One of the most important company assets available to defray Year 2000 costs consists of agreements with third parties relating to the company's computer systems, hardware and software licenses, system maintenance agreements, data processing outsourcing agreements and others.

The company should undertake a comprehensive inventory of all hardware and all software currently in use; locate and identify all licenses and other agreements for each hardware component and software program; conduct a legal analysis of each agreement, including scope, warranties, representations, limitations on liability and other key provisions; identify third party vendors who may have a legal responsibility to participate in solving the problem or contribute to defraying the costs; and put them on appropriate legal notice in writing as soon as possible. Companies should not overlook providers of hardware and software-related services, especially system maintenance vendors and contractors and outsourcing companies, who may be legally obligated to participate in the fix. The inventory and review of all existing licenses and agreements is a complex undertaking, requiring careful legal analysis, but in many cases will pay handsome dividends.

Legal Issues Relating To Future Licenses And Agreements With Vendors Of Computer-Related Products And Services. The Year 2000 crisis is common knowledge among all but the most unsophisticated suppliers of computer-related products and services. In negotiation of all future licenses and agreements Year 2000 compliance should be a key subject of negotiation and should be addressed expressly and explicitly in the contracts. If at all possible, express warranties and representations should be obtained. Warranties and representations with vague references to Year 2000 compliance will not suffice. Drafting sufficient warranties and representations regarding Year 2000 compliance requires a unique blend of technical and legal know-how, so that fulfillment of the representation or warranty is objectively verifiable and enforceable. Even if the right warranties are obtained, all software products licensed over the next few years should be tested in a live operating environment to determine compliance.

Insurance Law Issues. Another important company asset potentially available to defray Year 2000 fix costs, as well as to protect against liability for Year 2000-related failures, consists of the company's insurance policies. The company should locate and inventory all policies (including first party property and casualty and business coverage, third party liability, errors and omissions, directors and officers coverage, and fiduciary policies). The company should then conduct a careful legal analysis of each policy to determine (1) whether any policies provide coverage for fix costs, and (2) whether the company and its directors and officers are adequately protected from potential claims arising from Year 2000 system failures.

First party property and casualty policies may provide coverage for fix costs under insuring clauses relating to property damage (11) and accounts receivable and other valuable records. (12) Again, putting carriers on appropriate written notice as soon as possible is imperative. Looking further down the road, the company needs to be as certain as possible that the wide variety of claims by third parties potentially resulting from Year 2000 system failures are covered. Where gaps in coverage exist, fill them. At the same time, when renewing policies or applying for new policies, careful legal attention is required to possible obligations to disclose Year 2000-related problems.

Legal Issues Regarding Mergers And Acquisitions. If a company is currently involved in or is planning an M&A transaction, what due diligence has the company done or planned regarding Year 2000 issues? Completing an M&A transaction without due diligence and contractual safeguards on Year 2000 issues is a prescription for inheriting a potentially enormous liability and compounding a company's existing Year 2000 problems.

The due diligence process requires expert assistance to determine reliably the nature, extent and potential costs of Year 2000 problems the company may inherit. The M&A contracts should include representations, warranties and indemnities on the subject, and, where appropriate, escape clauses in the event post-acquisition due diligence reveals problems larger than anticipated. The company should approach Year 2000 due diligence no differently than environmental due diligence is now customarily conducted, but with even greater care because the potential liabilities are larger.

Trade Secret And Intellectual Property Law Issues. In many instances, achieving Year 2000 compliance will require inter-company access to information that is sensitive and proprietary. Protecting the company's trade secrets and intellectual property, while at the same time obtaining necessary access to other companies' proprietary information, is not a simple matter of drafting and signing non-disclosure agreements. Establishing the legal framework for innovative escrow arrangements, monitored access and usage procedures and other new legal mechanisms will be required. Given that trade secrets and intellectual property are increasingly the life blood of many companies, this challenge will be overcome only through legal creativity and an unprecedented degree of inter-company cooperation.

Labor And Employment Law Issues. Unless a technological "silver bullet" miraculously emerges, most Year 2000 "fix" projects will be labor intensive and must be accomplished within a finite period of time. Companies will be required to staff up and then staff down within a relatively short period of time via new hires, independent contractors or "leased" employees. Any company that has experienced significant short term fluctuations in work force knows the inevitable result: labor and employment claims. Advance planning and a number of legal steps are necessary to minimize such claims.

Legal Issues Relating To Relationships With Non-Technology Companies. Almost every company relies on suppliers of ordinary goods and services. Their Year 2000 problems may eventually become the company's problem, especially if the company's software systems interact with suppliers' systems or if the suppliers' businesses are susceptible to disruption in the event they fail to solve their own Year 2000 problems.

The company needs to communicate with suppliers about their plans for Year 2000 compliance, run tests, and reach a comfort level. From a legal standpoint, the company needs to inventory and analyze supply contracts, including force majeure and liability limitation clauses, to determine how suppliers' nonperformance might be legally excused or limited. If appropriate, the company should place suppliers on written notice that their failure to achieve Year 2000 compliance will not excuse performance. If the company is bound to a supplier by long term exclusivity, the supplier's inability to demonstrate compliance may give the company legal justification to change suppliers.

A company's Year 2000 problem resides not only in its own systems, but in the systems of all other companies whose performance is essential to the conduct of the company's business. Companies whose systems interface with government systems or are uniquely reliant on government systems should be especially wary (see discussion below). The business and legal steps necessary to address this broader problem should not be delayed.

Litigation Issues. Given the amounts of money at stake, the complexities of the problem, and the relative certainty that some degree of failure is inevitable, a wide variety of litigation concerning the Year 2000 problem seems inevitable. No other business problem of similar scale has been resolved completely outside the judicial process. Companies must bear in mind that their efforts to solve the problem, and the internal documentation they create in doing so, may some day be held up to the bright light of a courtroom. Companies should manage their efforts and internal document control accordingly.

Legal And Non-Legal Issues Regarding Government. As of this writing, it does not appear that any federal or state statutes or regulations have been enacted requiring companies in the private sector to achieve Year 2000 compliance. As public media coverage of the Year 2000 software crisis inevitably mounts, however, ambitious politicians will undoubtedly seize the issue and seek press coverage and prominence by attempting to impose legislative and regulatory mandates on the private sector. Federal or state statutes and regulations would, of course, multiply the already complex legal issues surrounding the problem. Private sector companies will no doubt be on the alert for such legislative and regulatory efforts and respond appropriately.

The concept of government mandates to the private sector regarding the Year 2000 problem is ironic. Those most familiar with the problem agree that government agencies at both the federal and state level are extremely dependent on antiquated computer systems; that those systems are as rife, if not more rife, with the Year 2000 problem than in the private sector; that most agencies of government have done little, if anything, to fix the problem in their own back yard; and that they are less well equipped and funded than private sector companies to achieve Year 2000 compliance in time. (13) The consequences of government's failure to become Year 2000 compliant are beyond the scope of this briefing paper, but the subject is one that should be of interest and concern to business leaders.

The Problem As An Opportunity. The Year 2000 software crisis is unquestionably a big problem. But as Henry Kaiser once put it, "Every problem is an opportunity dressed in work clothes." The good news about the Year 2000 software crisis is that it also presents big opportunities to forward-looking companies:

  • Companies that act quickly to solve the problem will achieve a strong advantage over their competitors who lag behind. Becoming "Year 2000 compliant" not only will become an increasingly decisive edge in marketing, but will engender confidence among business partners and investors.
  • Companies that confront the problem head on in creative ways will not only fix the problem, but take the opportunity to reevaluate their long-term information technology strategies and lay the groundwork for more efficient systems moving into the 21st Century -- a doubly decisive competitive advantage.

Conclusion. To put it bluntly, as a matter of responsibility to their companies, customers, employees, shareholders and society, the directors, executive management and corporate counsel of all companies must take decisive action now to provide the leadership and commit the resources necessary to solve the Year 2000 software crisis.

About Thelen's Year 2000 Team

Contact us by e-mail at Year 2000 Team

(1) A few examples are "A Date With Disaster On January 1, 2000?", Washington Post (October 25, 1996); "The Year 2000 And The CEO's Big Secret", Wall Street Journal (July 25, 1996); "Panic In The Year Zero Zero", Business Week (August 12, 1996); "The Story of '00'", Fortune (August 19, 1996).
Back

(2) This is, indeed, an oversimplification, since it does not address the existence of the problem in certain hardware components such as chips programmed for date math with registers for only two digits per year; operating systems with clocking algorithms accommodating only two digits; and the infernal complexity of the interaction of application programs, database managers and databases, all rife with two digit date fields for the year.
Back

(3) Suffice it for present purposes to point out a few plausible consequences of failure: accounting systems, including payables and receivables, may shut down or malfunction; electronic funds transfers may be disrupted; and industrial plant maintenance systems may make errors that jeopardize employee and community safety. The list of potential malfunctions that may disrupt businesses and/or cause damages to third parties is almost endless.
Back

(4) Experts are generally in agreement that the process of "fixing" a company's systems to become "Year 2000 compliant" must be complete no later than the end of 1998, in order to allow at least one year for testing and removing bugs before the end of 1999. Anyone familiar with large scale software conversion or modification projects will agree that this is an extremely tight schedule.
Back

(5) Estimated by the Gartner Group, a Stamford, Connecticut-based technology research firm. See "A Date With Disaster On January 1, 2000", Washington Post (October 25, 1996). A recent survey of 161 organizations that are members of the Society for Information Management revealed that IS managers reported that CEOs, internal auditors, boards of directors and corporate legal departments were the least cognizant of the Year 2000 problem. See "New Rule Tightens Year 2000 Noose", Computerworld (September 16, 1996). Another recent survey disclosed that one out of six senior executives had not even heard of the Year 2000 problem. See "Millennium Bug: Most Companies Preparing For 'Year 2000' Systems Issue", Edge: Working Group Report (Edge Publishing, June 3, 1996). Many in executive management tend to view the Year 2000 problem as nothing more than a hole into which they are being asked to pour money with no resulting benefit. Repeated reports in trade journals and at Year 2000 conferences and seminars indicate that many companies have created "Year 2000 task forces" or the like, but that such task forces, comprised largely of middle managers and IS professionals, are ineffectual because they do not have the visible backing of executive management and corporate counsel. While it may be tempting to dismiss this chorus of voices as just another instance of the IS folks crying wolf about a "technical" problem, doing so regarding the Year 2000 problem would be a mistake with serious consequences. This time there is a big wolf at the door.
Back

(6) Estimated by the Gartner Group. The $300 to $600 billion estimate does not include the potential costs of failure, including business disruption, liability to third parties damaged as a result of software system crashes and errors, or litigation costs. Mid-sized companies can expect to spend several million dollars just to fix the problem. See "Time Isn't On Our Side", Washington Post National Weekly Edition (September 30-October 6, 1996) For larger companies, fix costs will run into the hundreds of millions. See "The Year 2000 And The CEO's Big Secret", Wall Street Journal (July 25, 1996).
Back

(7) The process of fixing the problem in company systems of even moderate complexity involves identifying and upgrading hardware components with only two registers; identifying clocking algorithms in operating systems with two digit year fields and upgrading or replacing them; modifying databases and database managers to accept the additional digits; modifying application programs to display four digit years and altering their data access methods to accommodate the extra digits. This process is hardly simple. Much of the software in business use today is written in old programming languages unfamiliar to today's programmers, and many of the original programmers are not around to help (dead, retired, uninterested or just unavailable); the software is often poorly documented (meaning that a programmer has no "road map" to understand the logic and structure of the program or how it gets from point A to B); source code and compilers may be unavailable; vendors may be gone or unable (or unwilling) to support or upgrade the software. As a result, large numbers of programmers must exhaustively reverse-engineer the software, meaning that they must literally review and tear apart millions of lines of code in order to root out the problem in the innumerable places it is built into the software.
Back

(8) The Gartner Group estimates that as many as 20% of companies will go out of business due to their failure to solve their Year 2000 problems.
Back

(9) See "The Year 2000 And The CEO's Big Secret", Wall Street Journal (July 25, 1996).
Back

(10) See fn. 6 above.
Back

(11) The law in this area is evolving, but most jurisdictions already recognize that the incorporation of a defective component into a wider host product constitutes physical damage to the host product, and case law has begun to apply this rule in the context of computer hardware and software products and systems. Combining this evolving law with the sophisticated testing technology now becoming available to discover that "non-Year 2000 compliant" components or programs have been incorporated into a company's computer systems gives rise to interesting coverage theories.
Back

(12) For many years, such policies have provided coverage to "gather, reconstruct and assemble" accounts receivable and other valuable business records, but this coverage is often overlooked in the context of computerized data.
Back

(13) Representative Stephen Horn (R-Calif.) handed out grades of "D" or "F" to fourteen out of 24 Cabinet departments and federal agencies whose Year 2000 "fix" plans were evaluated at congressional hearings in the summer of 1996. The IRS, for example, faces the almost impossible task of dealing with over 60 million lines of undocumented code. Experts familiar with federal government efforts view Horn as an easy grader, and go on to predict that 75% of the states will not make the necessary changes in time. In California, for example, where over 120 agencies reportedly utilize over 100,000 computers, the process of coming to grips with the problem is just starting. California's Department of Information Technology is reportedly spending nearly $5 million just to survey the State's other 100 plus agencies in order to determine what needs to be done and to begin estimating how much a total fix will cost.

Was this helpful?

Copied to clipboard