Year 2000 Compliance: An Issue for All Businesses

Virtually every business, almost without exception, must face the reality that it will have to take steps to become "Year 2000 compliant" or face potential liability in the coming years. The source of the Year 2000 compliance problem is the practice which had been used in writing business application software programs and in source code embedded in microcontrollers in non-computer equipment, such as elevators, HVAC, and security systems, of a 2-digit field instead of a 4-digit field to signify the year of a date. Consequently, the year "00" could be interpreted as the year "1900" instead of the year "2000" thereby resulting in miscalculations and potential crashes of systems. It is estimated that many existing computers and other systems, including some sold as recently as 1996, are likely to be affected by this problem and will need to be upgraded or replaced in order to be Year 2000 compliant.

Spurred on by the federal regulatory agencies, most lending institutions today are requiring Year 2000 compliance warranties in their loan documents. In addition, buyers are seeking Year 2000 compliance warranties for products sold in commerce, and companies seeking to acquire other companies are including Year 2000 compliance warranties in their purchase and sale documents. New state and federal accounting standards and audit requirements, as well as tax and securities laws, require companies to exercise due diligence to investigate and disclose material information about the potential adverse effects of internal or external Year 2000 failures.

The effect of the regulatory and legal requirements being imposed on companies, together with the technical nature of how computers exchange information, has created the need for companies to seek and receive assurances from their vendors and suppliers and to respond to requests from their customers and buyers concerning the Year 2000 compliance of their software and hardware systems. Typically, these inquiries involve sending a survey to each of a company's vendors requesting information, including whether the existing product is affected by Year 2000 issues, and if so, whether the product is Year 2000 compliant or can be made Year 2000 compliant by a date certain. A practical issue is whether the cost to upgrade the product to become Year 2000 compliant is covered under normal product maintenance or is to be treated as an add-on cost. Simply obtaining these surveys is not enough; in addition, companies should test all of their existing systems under certain Year 2000 scenarios to ensure that the systems will function once the millennium has arrived and afterwards.

The difficulty of obtaining adequate assurances of Year 2000 compliance are magnified by the fact that many computer products are used in larger systems which interact with other computers. A failure of any one component of a larger system to properly function could adversely affect all of the other components, even if they individually are, in fact, Year 2000 compliant. For example, a computer which receives information from a source which is not Year 2000 compliant may fail to process the information, or produce error messages when the contaminated data is received from the third party. Companies, therefore, need to create a complete data processing flowchart of the source of information within each of their systems and to take steps to ensure that such information is being provided by sources which are themselves Year 2000 compliant.

Year 2000 Information and Readiness Disclosure Act

Besides the loss of time and the cost involved in fixing their own systems, companies must be concerned about liability to third parties in the event their systems fail due to Year 2000 compliance problems. Fortunately, Congress has recently enacted legislation titled the "Year 2000 Information and Readiness Disclosure Act" which is designed to eliminate third party liability to companies that make statements concerning their Year 2000 compliance status by making certain of such statements (defined as "Year 2000 Readiness Disclosures") inadmissible in court, provided that the use of the statement did not amount to bad faith or fraud. Known as the "Good Samaritan" Act, the legislation also precludes liability under federal and state law for false "Year 2000 Statements", including the defamation and libel statutes for republication of another party's Year 2000 Statements, provided that the Statements are not knowingly false or made with an intent to deceive or mislead; clarifies that Year 2000 Statements shall not be deemed to amend existing contracts or product warranties, and provides exemptions from the federal and state anti-trust laws to allow companies to freely share information concerning their Year 2000 compliance issues. Generally, the Good Samaritan Act applies to communications which are either "Year 2000 Statements" or "Year 2000 Readiness Disclosures". A "Year 2000 Statement" includes any communication or other conveyance of information made by a party to any other party which concerns (i) an assessment, projection or estimate concerning Year 2000 processing capabilities of an entity, product or service, (ii) plans, objectives or timetables for implementing or verifying Year 2000 processing capabilities of an entity, product or service, or (iii) test plans, test dates, or test results relating to Year 2000 processing capabilities of a product or service. A "Year 2000 Readiness Disclosure" is any Year 2000 Statement that is identified as such, is inscribed on a tangible medium or stored in an electronic or other medium in "perceivable" form and is issued or published by a company with respect to its own Year 2000 processing capabilities or own products or services.

The Act safeguards all Year 2000 Statements made on or after July 14, 1998 through July 14, 2001, and all Year 2000 Readiness Disclosures made after the date of enactment of the Act (which occurred October 19, 1998) through July 14, 2001. To gain retroactive protection for statements made prior to the date of enactment of the Good Samaritan Act and as far back as January 1, 1996, provided the statement would otherwise fit within the definition of a Year 2000 Readiness Disclosure, a company must within 45 days of passage of the legislation either (A) notify each statement recipient that the statement is being designated as a Year 2000 Readiness Disclosure and provide a copy of the statement, or (B) post a similar notice on its corporate Year 2000 website for a minimum of 45 days and utilize the same method of notification as was originally provided to the recipients of the statement.

Accordingly, in order to take advantage of the provisions of the Good Samaritan Act for statements previously made, companies must act quickly. All future statements concerning Year 2000 compliance should be reviewed to assure compliance with the provisions of the law. As part of the legislation, the U.S. Government is required to maintain a national Year 2000 Web Site to promote to customers, small businesses and local governments means to obtain information on the Year 2000 compliance issue. This Web Site is located at www.itpolicy.gsa.gov/mks/yr2000/y2khome.htm.

It remains to be seen whether the coming of January 1, 2000 will be remembered as the beginning of the golden era for trial lawyers or not. What is clear is that all businesses in 1998 are affected by the ground-swell of activity surrounding the Year 2000 problem and should take appropriate steps to become Year 2000 compliant.