The pervasive publicity afforded to the "Year 2000 Problem" resulting from the inability of many computers, software and embedded chips to recognize and/or process a four-digit year, causing them to function incorrectly or not at all, has given it a status akin to that of those celebrities who "need no introduction." Opinions still vary on what will happen when the century rolls over, with some virtually predicting the end of the world as we know it and others asserting that the extent of Y2K problems has been overhyped by those who stand to profit from the panic.
There seems to be much greater consensus that one way or another, businesses, governments and other institutions are running up a lot of bills to address Y2K problems, real and perceived, and most of them will be looking for someone else to pick up the tab. Insurance companies have always been an attractive deep pocket (consider asbestos and Superfund, among many others), and Y2K will likely be no exception.
However, the Year 2000 crisis is not the same as a natural disaster or a mass tort product liability crisis or even delayed-onset toxic exposure or environmental liabilities. Although courts have not yet been called upon to decide any specifically Y2K-related insurance coverage disputes, a picture of Y2K litigation is already beginning to develop which suggests that insurance coverage is far from a sure bet.
Y2K, The World's First Mass Contract Claim
Y2K is not now a mass tort, and it is too early to tell if it will become one through widespread occurrence of consequential damages, i.e. injury to the persons or property of third parties, caused by malfunctioning hardware, software and chips. Rather, it appears that Y2K claims are the world's first "mass breach of contract claims," because most claims in the first instance are commercial claims sounding in breach of contract and/or breach of warranty. Nearly all of the existing Y2K lawsuits are primarily warranty or contract claims.1 Many are class actions by software users seeking to recover the costs of upgrading to a Year 2000 compliant product. Where consequential damages have been alleged, they have typically been in the nature of lost profits and the like. The "economic loss rule" prevalent in most jurisdictions bars tort recovery, as opposed to breach of contract recovery, where purely economic losses are alleged.
Liability insurance is likely to offer little succor to the mass contract defendant. A long-standing principle of insurance law holds that insurance is not designed to afford coverage for economic losses attributable to business risks. Liability policies usually exclude coverage for loss or damage to the insured's own work or own product, as well as liability arising from breach of contract or failure of the insured's work or product to perform as specified. For example, assume that a supplier's computers fail to process orders properly in January 2000, causing significant delays in shipping component parts to a manufacturer, resulting in the shutdown of the manufacturer's production line and loss of sales by the manufacturer. The manufacturer's damage claims against the supplier will not be covered under the typical general liability policy. The supplier's exposure to liability for failure to ship goods on time is an uncovered business risk.2 It is often said that the general liability policy is not intended to be a performance bond guaranteeing the success of the insured's business. Similarly, coverage under first party property and business interruption coverages for economic losses is doubtful, because those coverages are not intended to cover the normal costs of doing business, or normal expenses for maintenance, upgrading and replacement of outmoded, worn or poorly maintained equipment.
Is the Year 2000 Problem an Insurable Event?
Even in those cases where some consequential damage to other persons or their property exists, the fundamental coverage issue remains as to whether an insurable event exists. General liability policies provide coverage only for an "occurrence," which is usually defined as an accident, including continued or repeated exposure to conditions, that results in bodily injury or property damage during the policy period. Furthermore, coverage is excluded for damage that is "expected or intended" from the standpoint of the insured.
Closely related to the concept of "occurrence," but of broader applicability, is the fortuity doctrine. The bedrock principle that insurance is intended only for "fortuitous" losses, i.e. events which, so far as the parties are aware, are dependent on chance, applies not only to occurrence-based liability coverage, but also to offense-based liability coverage (e.g., personal injury and advertising injury coverage), other liability coverage such as D&O or E&O policies, and first-party property, "all risk" or business interruption policies as well.
Y2K-related losses are unlike any mass tort or catastrophe that has come before in that the losses are, arguably, not just foreseeable but predictable down to a pinpoint moment, and preventable by taking remedial steps that are known and well-publicized. Programmers and software designers knew at the time they developed programs and systems using two-digit date fields that they would not function properly in the next century unless they were modified. Computer industry journals and other business publications documented the problem at least as early as the mid-1980s, and in 1988, the New York Times quoted an official with the U.S. Social Security Administration as saying "Those who don't take it seriously are going to be faced with a real problem in the late 1990's," and another information professional as saying "It could be an absolute horror show for anyone with mainframe computers."3 It is thus difficult to describe most Y2K claims as "accidents" or "fortuitous" events. On the other hand, even the most diligent efforts at Y2K remediation are not assured of total success. Although businesses faced with third-party damage claims despite reasonable efforts to exterminate the Y2K bug should have many defenses to such claims, their insurers may be faced with claims for defense costs on the ground such losses were indeed "accidental."
Are Y2K Failures "Property Damage"?
Many claims for coverage will involve situations where the "Millennium Bug" has caused a computer system to lose data, generate incorrect results or cease operating entirely. Coverage under either first-party policies or liability policies will often turn on whether the damage involved constitutes "property damage" within the meaning of the policy.
"Property damage" has consistently been interpreted as loss or injury to tangible property. Therefore, economic losses are not property damage, nor are intellectual property rights (such as patents and copyrights), or injuries to good will or reputation. The more novel question that is presented by many anticipated Y2K claims, as well as by other claims relating to computers, software and other electronic media, is when the loss of data, the presence of erroneous data or the improper processing of data can, if ever, constitute injury to "tangible property."
Some argue that a malfunction in which data is lost involves a change in the physical configuration of the disk or other storage medium, and therefore tangible property has been damaged. However, other types of failure may not change the data on a disk, but the computer no longer processes data properly and/or no longer accepts and stores new data. In one recent case, not involving a Year 2000 claim but of obvious potential applicability, a California federal court ruled that the incorporation of defective disk drives into computers did not cause physical damage to the computers for purposes of "property damage" coverage.4 In another analogous decision, a California state court held that the inadvertent inclusion of indecent material on educational videotapes did not constitute "property damage" to the tapes.5
Where damage to the functionality of a third party's computers occurs, however, the insured may seek coverage on a slightly different ground, namely that the definition of "property damage" frequently includes "loss of use" of property that has not been physically injured. The issue of what level of impairment constitutes "loss of use" has been explored with respect to buildings and structures, and it will arise again where the Y2K malfunction affects certain uses of a system but does not cause a complete "crash." These highly technical questions raise the unusual prospect that scientific expert testimony may be required in coverage disputes to determine whether the loss involves covered "property damage."
Year 2000 Exclusions and the "Trigger" Issue
Many insurers are now using policy endorsements that provide for a total exclusion of all Y2K-related losses or provide for specifically delineated coverage.6 Insurance regulators in most states have approved the use of these endorsements, although their use has frequently been restricted to commercial policies (as opposed to personal lines).7 The presence of such exclusionary endorsements now may lead to the question whether coverage exists under earlier policies. However, in addition to the basic substantive coverage issues such as those discussed above, any effort to reach back to policies in place before a Y2K-related failure occurs (such as policies in effect when systems were designed, sold or installed) runs into the problem that no injury occurs before the system malfunctions. Y2K claims cannot be fit easily into the "multiple-trigger" model some jurisdictions apply in cases of toxic exposures or environmental contamina- tion, because the affected systems performed properly for many years, without causing any damage, before they are first called upon to perform an operation involving a post-2000 date. Additionally, the inability to handle the century change was an inherent feature of such systems from installation; it did not develop gradually over time or result from a process of gradual and progressive deterioration.
Conclusion
As part of your own Y2K exposure analysis, all of your insurance policies should be examined. You may want to talk further to your broker concerning the Y2K exclusion if it is being added to your policy. If you are among the many Americans who can foresee liability and possible future litigation as a result of Y2K issues, you probably will not be able to count on your existing insurance coverage to cure your year 2000 problems.
1. See listing of pending Y2K lawsuits on the website of the Federation of Insurance and Corporate Counsel at http://www.thefederation.org/Public/Y2k/lawsuits.htm.
2. A discussion of whether the hypothetical supplier would be liable for the manufacturer's consequential damages is beyond the scope of this piece. It is quite likely that the supplier would have sought contractually to limit its liability for consequential damages. The enforceability of such contractual limitations is not an issue peculiar to the Y2K context. Similar issues arise with respect to the question as to whether the liability could be shifted further back to the supplier's software vendor.
3. For Computers, the Year 2000 May Prove a Bit Traumatic, NEW YORK TIMES, May 7, 1988, p.1.
4. Seagate Technology, Inc. v. St. Paul Fire and Marine Ins. Co. and CIGNA Property and Cas. Ins. Co., No. C-94-1999DLJ, 1998 WL 428980 (N.D.Cal. May 15, 1998).
5. Schaefer/Karpf Productions v. CNA Ins. Cos., No. B109989 (Cal.Ct.App. 2d Dist., June 18, 1998).
6. See ISO endorsements IL 09 35 (Exclusion of Certain Computer-Related Losses), CP 15 57 (Business Income and/or Extra Expense Coverage for Year 2000 Computer-Related and other Electronic Problems, CG 21 60 (Exclusion -- Year 2000 Computer-Related and Other Electronic Problems), CG 21 62 (Exclusion -- Year 2000 Computer-Related and Other Electronic Problems -- With Exception for Bodily Injury on Your Premises), discussed in Michael McCracken, Will the Sky Fall on Jan. 1, 2000?, NATIONAL UNDERWRITER, August 10, 1998, at 9, 19.7. On the other hand, some companies are writing specific Y2K policies. For example, AIG is offering a policy which requires substantial up-front funding, with the prospect of a partial premium refund depending on loss experience. Another product offered by Marsh & McLennan and underwritten by the London Market is more of a traditional risk transfer policy. Such coverage is necessarily conditioned on a stringent Y2K compliance audit.