Y2K Liability Future Remains Hazy

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread


29 Jun 1999, 9:53 AM CST By Robert MacMillan, Newsbytes. WASHINGTON, DC, U.S.A.,

Although Senate Commerce Committee Chairman John McCain, R-Ariz., stressed to members and staff alike on the Year 2000 conference committee that he wants a deal on Year 2000 liability legislation as of several hours ago, Congress members and staff continue to bicker over particulars at an undisclosed location.

McCain at last Thursday's initial conference committee meeting said he wanted the deal by the time they were scheduled to convene on Tuesday, but the notice from McCain's staff that greeted reporters Tuesday morning was: "Meeting postponed. Negotiations continue."

McCain staffers were unavailable for comment, but an aide to conferee Sen. Christopher Dodd, D-Conn., told Newsbytes that at least several issues continued to bedevil the conference process.

Despite meetings between congressional staff members and White House officials on Friday, Monday and today, no agreement has been reached on developing a Year 2000 litigation bill that President Clinton would sign.

"We think we've given just about all we can," said a House staffer. "Going any further is not really much of an option."

The staffer said that discussions are not stalled, adding, however, that "Talking is the easy part; negotiating is the hard part."

Two separate meetings were held on Friday, including at least one with White House Chief of Staff John Podesta, who, on June 24, contacted the sponsors of the Senate bill, saying the White House wants to work out a deal.

Whether a veto from President Clinton still is the only option left for Year 2000 legislation remains uncertain, but since all sides at least agree that they want to pass some sort of liability limitation bill, the negotiations go on.

At issue are varying ways of frustrating a large number of Year 2000-related lawsuits, including whether to impose punitive damage caps, allow joint and several liability, and exactly what kind of lawsuits that would be restricted.

The conference committee session ostensibly is a compromise process between the House and Senate versions of the bill. In this case, however, the argument more resembles an attempt by backers of the bill to get a piece of legislation approved that the White House will support.

The problem for House staffers and members who approved the House bill is that the Senate version, which they can live with, is already weaker than they would prefer - and this still does not appease President Clinton.

"They've been working with us, and we've been doing a lot of listening to each other. I can't say exactly how much agreeing we're doing and how much disagreeing we're doing," the House staffer said. "I can say that we are concerned because, as the House conferees, we took a huge step last week by pretty much letting all the work we did in the house go, and taking the Senate version. We're open to talking, but we're not making any promises about how much further we will go."

McCain, at the initial conference committee meeting on Thursday, lambasted the White House for refusing to work with him, Dodd and Sen. Ron Wyden, D-Ore., who fashioned a compromise version of S. 96 that passed the Senate 62-37. He characterized the White House as obdurate and uncommunicative, saying that they need to work together in short order to come up with a bill the president could pass.

Rep. Robert Goodlatte, R-Va., also criticized the White House at the conference committee meeting, for not contacting the sponsors of H.R. 775, a Year 2000 litigation liability bill that is somewhat stronger in protecting high-tech companies from lawsuits than is S. 96.

White House officials have said Clinton will veto either of the Year 2000 bills in their current form because they do not provide enough recourse for individuals and small businesses to sue companies for Year 2000-related damages, but had made little attempt to work out a compromise with the backers of S. 96 and H.R. 775. Instead, they threw in their lot with a Democratic alternative that was rejected in the Senate.

Reported by Newsbytes.com, http://www.newsbytes.com .

09:53 CST Reposted 10:49 CST


Copyright (c) Post-Newsweek Business Information, Inc. All rights reserved.

-- regular (zzz@z.z), June 29, 1999


Although I'm not a 'friend of Bill', I believe he is on the right track in this case. I've copied the statement Leon Kappleman gave before the House in April for those of you haven't read it (it's in Adobe format which is why I place it here since many are Adobe challenged)...

http://www.year 2000.unt.edu/kappelma/HR_775.htm

Prepared Statement for the Committee on the Judiciary House of Representatives, Congress of the United States Hearing Scheduled for April 13, 1999, 10:00 AM EST Hearing concerning H.R. 775 the Year 2000 Readiness and Responsibility Act. Prepared by Leon A. Kappelman, Ph.D.  Associate Professor, Business Computer Information Systems  Associate Director, Center for Quality & Productivity College of Business Administration, University of North Texas Voice: 940-565-4698 Fax: 940-369-7623 Email: kapp@unt.edu Website: http://www.coba.unt.edu/bcis/faculty/kappelma  Co-chair, Society for Information Management (SIM) Year 2000 Working Group  Senior Advisor for Issues Advocacy, Society for Information Management  Steering Committee, YES Corps, International Y2K Cooperation Center Thank you for this opportunity to testify before the esteemed membership of the Judiciary Committee concerning H.R. 775, the Year 2000 Readiness and Responsibility Act. I am here today to offer you the perspective of someone who has been involved with information technology (I/T) since the mid 1960s and who has been helping government and industry solve their Y2K problems since early 1995. I have conducted several Y2K-related research projects, including a study that since 1996 has tracked the Y2K progress and practices of a sample of enterprises representing more than one-tenth of U.S. GDP (Gross Domestic Product); worked first hand with scores Y2K program directors from the public and private sectors; written several books, monographs, and dozens of articles; and made countless presentations all over the world. Since its inception in 1996, I have co-chaired the Society for Information Management's (SIM) Year 2000 Working Group, with members from major I/T consumer, I/T vendor, federal agency, state government, academic, religious, and legal organizations. Moreover, I am currently involved in the actual solving of Y2K problems at the corporate, city, state, and national levels through my participation in a Y2K community preparedness project with the 84 cities in Los Angeles County, a project that is also sharing its best practices with cities all over the world; my participation in the monthly conference call of state Y2K coordinators; as a participant in the Information Technology Association of Americas (ITAA) monthly Y2K Task Group meetings as well as their legal/legislative task group meetings; and as one of the founding members of the 3-person steering committee of the UN and World Bank sponsored YES (Y2K Expert Service) Volunteer Corps of the International Y2K Cooperation Center. Unintended Consequences of H.R. 775 Although there are positive roles that legislation can play, legislation can not provide a simple solution or a quick fix to this complex set of interrelated problems we call Y2K. I am here today because I am convinced that some of the provisions in this Year 2000 Readiness and House Judiciary Committee Responsibility Act currently under your consideration will have dreadful unintended consequences. These unintended consequences will result in more Y2K damages to your constituents and to our national economy because there are provisions in this bill that will greatly reduce the incentives to responsibly address Y2K, and will thereby promote less Y2K readiness and less Y2K responsibility. Possibly even worse because of the long-term and far-reaching unintentional effects, these anti-readiness and anti-responsibility provisions will fundamentally damage the future development of the reliable information-based society that the United States is pioneering. Civil society is based on trust and accountability, and the purpose of law is to ensure it. The purpose of H.R. 775 seems largely to grant accountability exemptions for those special interests who created and sustained the Y2K problem for the sake of their own short-term profitability. Eighty-one percent (81%) of commercial packaged software is NOT Y2K compliant according to a Gartner Group study released last month (March 1999)! Is there any good public policy reason to reward such behavior on the part of software manufacturers? Nothing Special about Y2K or I/T Products to Merit Special Laws A primary objective of H.R. 775 appears to be to take I/T and related high-technology products out of the realm of established legal precedents that have so far governed our society's ability to adapt to new technologies such as steam engines, railroads, automobiles, airplanes, electric power, pharmaceuticals, and so on. It is my understanding that in each of these cases, warranties and liabilities were enforced, exemptions were not granted before damages were incurred, and insurance coverage was sought as a way of transferring the risks. There is nothing special about I/T products, or Y2K for that matter, that in any way suggests that they deserve special treatment under the law. The "software is an art form" theory is just an excuse for poor quality workmanship and shoddy goods. Software is no more an art form than good architecture, or good medicine, or good scientific research are art forms  They all have their creative side, but they're also rigorously disciplined endeavors. So too is good software development. If this were any other product you would be considering recalls and lemon laws  But I/T IS just another product. Please, don't be fooled in to believing otherwise. I am reminded of a quote attributed to Thomas Paine, patriot, political philosopher of the American Revolution, and author of Common Sense, A long habit of not thinking a thing wrong gives it a superficial appearance of being right. If software is an art form, then we have bet our future economic well being, perhaps our very survival, on this art form  Certainly we are not that foolish or frivolous. H.R. 775 offers to I/T and related high-tech products a wide-ranging set of exemptions and legal "dispensations" from full economic accountability for damages they caused to others. Since the consequences of what could be damages arising from Y2K-related faulty dates could continue for decades, H.R. 775 offers relief from the usual accountability we have so far held for those who develop, deliver, and use technological innovations. It is as if legislators would have passed a bill in 1914 placing wide-ranging limitations on the accountability for unspecified damages, a priori, that may someday be caused by automobile manufacturers and by automobile drivers. Would you have supported such a bill? I think not. Cause, Effect, and Human Nature Crafting laws is not my expertise. I do, however, know a bit about human motivation, have studied it in organizations, have developed instruments to measure it and some of the things that contribute to it, and have published several refereed journal articles about it. My concerns regarding H.R. 775 are largely related to provisions that will seriously reduce the incentives that enterprises have to reduce Y2K risks, get Y2K work done, and be prepared for Y2K contingencies. I do not believe that the U.S. Congress would seriously consider legislation that would tie the hands of the FDIC (Federal Deposit Insurance Corporation) or the SEC (Security and Exchange Commission) in keeping the pressure to reduce Y2K risks on the enterprises they regulate. It seems that the plaintiff's bar and the threat of litigation essentially provides that same external motivation to do the right thing, especially in less-regulated industries. Certainly Congress does not want to tie the hands of these pseudo-regulators by reducing the potential penalties on those who fail to do the right thing about reducing and managing Y2K risks? It's just basic human motivation, granted a negative incentive, but it works  Look how good the banks regulated by the FDIC are doing with reducing their Y2K risks; and how poorly the largely unregulated chemical processing industry is doing, or small businesses. And negative motivations (i.e., deterrents) are why we have laws against robbery, murder, assault, and things like that too. Ask yourself why U.S. banks are in such good shape (e.g., less that 5% on the FDIC's unsatisfactory list, based on clearly define and published criteria, verified by external FDIC audits) when compared with U.S. electric utilities (e.g., 28% did not even have plans as of the January 11, 1999 North Electric Reliability Council/Department of Energy report, based on self-reported answers to vaguely worded question) or small businesses (e.g., 40% plan to do nothing according to a National Federation of Independent Business/Gallup study)? A big part of the answer is the pressure of external regulation, and the threat of externally imposed pain by the FDIC versus nothing whatsoever (in most every case) by state utility regulators. To risk reducing the present motivations to do the right thing about imminent Y2K risks, that we all agree are real although we may disagree as to their degree, in the name of preventing or controlling or reducing some possible future litigation that may or may not be frivolous and that may or may not ever even happen, especially if people do the right thing, seems callously reckless. If Congress were advised that the flow of illegal drugs into the U.S. was going to increase ten fold next year, would you pass a bill reducing the penalties on drug dealing? Of course not, its ridiculous to consider such nonsense. Would you consider protective legislation if any legal industry came to Congress and pleaded for relief from future damages caused by their defective products? No, because that is equally ridiculous. Why then would you consider reducing the penalties on hurting U.S. citizens and businesses with defective I/T products? Is it any less ridiculous? I think not. And consider the long-term unintended dire consequences that would come from legislatively protecting the poor quality practices of most software developers. In physics we have the law of cause and effect, action and reaction. Remove the law of gravity and things float away. In the economics of this information age, if you remove the gravity of the consequences for manufacturing shoddy I/T goods, then quality will further deteriorate and you will get more shoddy I/T goods. It really wasnt any different in the industrial age, and that is why we did not exempt industries or technologies from accountability for their actions. Why would we choose to do so now? Can we can build a sound economic future on a poor quality art form? Certainly we are not that foolish or frivolous either. Anti-Readiness & Anti-Responsibility Provisions Among the provisions that seem to run the greatest risk of unintended negative consequences by inadvertently creating disincentives to get Y2K work done are the following three: (1) Eliminating or reducing officers and directors liability in Y2K cases: For too many Y2K projects it's just been too hard getting the attention of these executives and the resources they control allocated to Y2K work. The threat of litigation is a threat to their productive time (in depositions, court, and so on). There's is no good public policy reason to take the pressure off executives to do the right thing, in fact the SEC and FDIC and stepping up their pressures. Remove the gravity of the consequences if you fail to properly act in dealing with Y2K and spending for Y2K work will float away. Do your really want to promote, even reward, negligent behavior with these perpetrator protection provisions of H.R. 775? (2) Creating a cooling-off period: At first it sounded like a wonderful idea, but what it will do is artificially extend the deadline for vendors and others to get their Y2K work done while customers (i.e., your neighbors, constituents, and voters) sit there in financial meltdown, hopelessly helpless, and going out of business. Seems the only thing it cools off is the pressure on vendors to get their Y2K repairs done in time while those who were depending on them to be done on time will be left to suffer. Picture this unintended consequence of H.R. 775: A small business person in your community, one of your supporters, buys a software product tomorrow and is told that it is year 2000 compliant by the manufacturer. On January 1, 2000 the software locks up, corrupts their data, and refuses to work. Your constituent cannot do business and yet, thanks to H.R. 775, cannot take any legal action either to remedy their plight. They can not afford to hold out, their business fails, jobs are lost, and the software vendor gets to keep selling shoddy products and providing erroneous information about them. Is this really the outcome you want  Protecting the guilty at the expense of the innocent? This is likely to be the outcome we will get with H.R. 775's cooling-off periods. (3) Anything else that would reduce the penalties on harming others, like limits on punitive damages. Is there any good public policy reason to make murder or robbery or fraud legal if one commits such crimes with a computer? Of course not, but that is exactly what you are being asked to do in supporting these kinds of provisions in H.R. 775. Further, if enacted, such provisions would punish consumers and business owners of all sizes by making them financially responsible for the Y2K repairs caused by the poor programming and poor planning of those they depended upon in I/T and other high-tech companies. Moreover, these liability limits would unintentionally serve as "disincentives" to corporate America to fix their Y2K problems; now. After all, what's worse, the specter of a lawsuit with a $250,000 cap and other favorable legislated litigation biases, or developing a multimillion dollar fix for a systemic Y2K problem? And perhaps the potentially most devastating unintended consequence to the long-term economic well being of the our country, and the information economy, is the provision that excludes damages to data entirely, since actual damages in H.R. 775 appear to include only injury to tangible property and data are often not considered tangible property. Think of it, the destruction or corruption of data, a principal asset of the information age economy, second only in importance to people and their knowledge (which is sometimes embodied in software products), is protected if you do it with non-Y2K- ready I/T products. Destroy data with a match or a scissors and youre headed for jail, but do it with software and youre off free and clear. Is that the intended consequence of this legislation? Of course not, but that will be the unintended outcome if such provisions become law. Conclusions The sad reality of the year 2000 problem is that this is the first time our information-based society is confronted with paying a demonstrable bill for the shoddy practices of information systems management and software development that have been with us for more than four decades. The fortuitous opportunity of the Y2K problem is that it provides us the motivation to change these enormously wasteful and unsustainable practices. In fact we are starting to see some positive trends in this regard already, and there are provisions in H.R. 775 that threaten to destroy the incentives for such improvements, and thereby unintentionally threaten the productivity, quality, and sustainability of U.S. economic well being. U.S. economic well being, as well as national security, rely on a dependable and fully accountable information infrastructure. Congress is being asked via H.R. 775 and similar bills to place elaborate limitations on the recourse any injured parties would have in the case of I/T created economic damages. The passage of H.R. 775 will have the unintended consequence of injuring technology progress by giving a special and unique set of exemptions from accountability that no prior technologies have ever received. There are possible positive roles for Y2K legislation, like encouraging alternative dispute resolution, achieving more fairness in proportionate liability, or somehow extending statutes of limitations so that the current focus can be on mitigation instead of litigation. Even corporate welfare provisions of questionable desirability like Y2K tax incentives can have positive motivational outcomes, assuming one can ensure that the dollars are spent on actually mitigating Y2K risks. But H.R. 775 is a bill with provisions that will have some very detrimental and damaging unintended consequences. Dire consequences that will hurt many American consumers, small business owners, and investors. Even worse, are the dreadful unintended consequences that could compromise the ability of the U.S. to succeed in this age of information. If these anti-Y2K-responsibility and anti-Y2K-readiness provisions prevail, when history books are written our descendants will look at this as the time when the U.S. decided to yield our technological and economic progress to special interests seeking absolution from accountability for the consequences of their actions. If you happen to be a reader of Toynbee's history, you will recall that he singles out the institutionalization of special interest exemptions from taxes, legal obligations, and accountability for crimes as one of the contributors to the break down of once adventurous and vigorous civilizations. Software and other I/T products should be treated like any other products. Please, do not legalize hurting others or committing crimes with high technology in the name of trying to help with Y2K problems or in the hopes of furthering general tort reforms. Y2K places far too much at risk already and we have neither time nor resources to waste on such diversions. If I can answer any of your questions or provide you with any additional information, I am at your service.

-- Shelia (Shelia@active-stream.com), June 29, 1999.

(1) If Y2K is just a bump in the road, there won't be any lawsuits (forget the ones that are already filed), so there won't be a problem with the legislation.

(2) If Y2K is as bad as many of us think, the last thing we need is to saddle our society with a crippling mass of lawsuits.

In either case, we should probably pass it...

-- Mad Monk (madmonk@hawaiian.net), June 30, 1999.

Moderation questions? read the FAQ