In-Depth
Round Table: Year 2000 Litigation
In Enterprise Systems Journal’s exclusive Round Table, five respected legal, technical, business and financial experts tackle the unprecedented, often confusing and sometimes frightening world of Year 2000 litigation.
Participants included:
*Thomas Costello Jr., Vice President, Secretary and General Counsel of Compuware Corporation, a worldwide provider of software and technology services.
*James E. Gordon, a Managing Director of The Investigative Group International, who is an expert in conducting internal, corporate compliance, environmental, cost and insurance recovery investigations.
*Dennis G. Grabow, Founder and CEO of The Millennium Investment and a leading authority on global financial implications and opportunities offered by the technological issues surrounding the Year 2000.
*Vito C. Peraino, Partner at Hancock Rothert and Bunshoft LLP, where he serves as chairman of the firm’s Year 2000 Working Group. Mr. Peraino has testified before the U.S. Congress on legal issues associated with Y2K.
*Barbara M. Wheeler, Legislative Advocate, Association for California Tort Reform . Ms Wheeler is involved in pioneering legislative proposals to help limit and control Year 2000 damages.
ESJ: Capers Jones estimates that for every dollar not spent on Year 2000 compliance, there will be 10 dollars spent on litigation. Any comments on this number?
VITO: My background is disaster litigation and I’ve found Capers’ numbers a little overstated. But people shouldn’t come away thinking this won’t be a large litigation. Our best estimation is that this is going to be problem on par with, say the pollution litigation, or on par with the asbestos litigation. So I’m thinking somewhere in the range of $250 billion dollars for litigation is not unreasonable -- as an estimate. It’s an unreasonable number.
THOMAS: I agree with Vito. But speaking as a potential target for litigation, it will be a specialty litigation, such as environmental, so it will take time and money, with experts involved. And cost a lot of management time. So it’s not just going to be the cost of handing dollars to lawyers.
JAMES: Speaking from the investigative perspective, $250 billion is, again, not unreasonable. But I think the only wild card is, what happens internationally and what happens with embedded chip problems. The IT problems are fairly identifiable and solvable. With the embedded chips, no one knows what’s going to happen and no one knows what will happen internationally between countries. And this is how large, not that any of this is small, the scope of the situation. Bopal, for example, where a valve got stuck open for 70 seconds, not that this will necessarily occur, but there are thousands of embedded chips out there.
BARBARA: From the legislative perspective, it’s a potential that the cost could become outrageously high; not only that, but going back to what Tom said, the cost of lost business, not just paying lawyers. It very well may be that legislation will be passed that will certainly limit the types of damages.
ESJ: Forty-eight state legislations have allowed insurance companies to opt to not pay for claims for business loss as a result of the Year 2000. Any comments?
VITO: More accurately, what’s happening is 48 states have approved a form of Year 2000 exclusion. That doesn’t necessarily mean that the insurers will use the exclusion. Another thing to keep in mind is that it’s a very soft insurance market. So the next three months will be the critical time frame to see where the insurance industry will go with Year 2000 exclusions. I do think it’s fair to say that the insurance industry is likely to be very vigorous in denying their Year 2000 claims for a host of technical insurance policy reasons that I won’t bore you with. But I think there’s going to be a lot of litigation and a lot of action against insurers over this.
BARBARA: A lot of litigation will be over whether the exclusion applies. If you get past that and it’s determined that the insurance company should pay, then there will be the next wave whether there is a defect that needs to be paid. So, it could be in two parts.
JAMES: Vito, what do you see as the trigger which will get past the exclusion?
VITO: Again, it’s the environmental and asbestos paradigm that works here. The issue is that if you bought insurance over a period of time, can you take advantage over all the policies that cover you over the period of time? And that’s going to be one of the big battles; do you get the limit in just the year where the failure occurs or whether you get a broader span of coverage? I expect the insurers will again vigorously resist having the broad span.
ESJ: I understand that the insurers will not be obligated to pre-release their Y2K intentions to their customers?
VITO: That’s probably right. Until a claim is filed, the insurer is not obligated to tell its policy holder how it will interpret the policy. So in all likelihood, people won’t know until they actually file a claim. But the insurers are being public about their view that this is not a covered lost, so it shouldn’t come as a surprise to anyone.
BARBARA: It probably will though.
VITO: Yeah, no doubt. That’s exactly right. Famous last words.
ESJ: James, you mentioned the international "wild card." What do U.S. firms have to worry about when it comes to international compliance litigation?
JAMES: Let me make a few observations: One it is generally accepted that Asia, Japan in particular is way behind the curve of assessment and remediation; and although domestically our financial institutions have done an extraordinarily good job of being compliant, with all of our trading partners in Europe and Asia, there is tremendous opportunity for corruption of data and tremendous opportunity for failures. That in itself can lead to substantial economic damages, and litigation just simply tends to follow the dollars.
The other thing U.S. companies need to keep an eye on is the class action plaintiffs bar. I would suspect that they are organizing firms throughout the world. I think we’ll see a new phenomenon, which is your global class action, using the net to give notice or to get be signed up. I don’t know if they will be successful, but I clearly see them coming, and that’s a whole new game.
BARBARA: Will they be filed in U.S., or in international U.N. courts?
JAMES: My understanding is that it will be global class actions that will involve U.S. companies as its targets, and will; therefore, probably use favorable jurisdiction, which will be in the U.S.
THOMAS: Yes, U.S. firms should be concerned. What you’re going to find is litigation started in different countries. The laws are completed different, discovery is different. You’ll find some companies with their international operations being sued and depending on jurisdictions, you may find some companies, if they get hit with a big judgment, turning over the keys to the office, saying, ‘just shut down Spain or Italy, and we’ll run that with distributor out of France.’
VITO: We’ve put together an alliance of firms internationally that are Year 2000 savvy to create what we’re calling a virtual Year 2000 law firm, to position ourselves so that when these global litigations start, we’ll have a network of people who can step in and assist in countries we think will be active.
ESJ: Will it be enough for corporate officers and CIOs to simply say, "We trusted our third-party provider or consultant to fix the problem and they didn’t?"
VITO: Generally speaking from a management liability perspective, management does have the option to rely on an outside expert. As long as they undertake an effort to understand what is happening with the Year 2000, they’ve discharged their duty. But that doesn’t mean that the company might not still be liable if there’s a failure. If I can’t fulfill my contracts it doesn’t matter how I got there.
From the providers perspective, they generally have strong contractual limitations that are going to provide a real barrier to their liability. So it’s all going to fall back into the lap of the corporation. From a business perspective, you don’t want to risk your business and rely on the lawyer to dig you back out ... That’s never a good business model.
DENNIS: I would add that companies today are going to go to an un-enriched business system. If they have a complex system that can’t get remediated in time, you can’t sit and watch your business disintegrate. They will go to some simple, rudimentary system to get through the millennium. For example, take a large software company like IBM that has hundreds of thousands of companies that have customized software over the years. For the companies that haven’t done the remediation work it’s virtually impossible to solve all these custom applications.
So as we move into 1999, companies will adopt simple standardized packages just to get through the period.
ESJ: Speaking of IBM, any thoughts on its mailings stating that it has various products that are not Year 2000-compliant, and it has no intention of "fixing" them?
VITO: I think the letter was a very savvy move on IBM’s part. It wouldn’t surprise me to learn that there was a team of lawyers who took a real hard look at that letter, if not every word of every draft of that letter.
I think what IBM was attempting to accomplish was to put their customer base on notice of a potential problem so that in the event of a failure business losses should not be recovered against them. I think they will argue that in certain situations it began the statute of limitations to run. And they will argue that they placed the duty on the client to act. Whether this holds up will be up to the courts, but in terms of a savvy legal move I tip my hat to them.
ESJ: Will there be a special statute of limitation governing the Year 2000?
BARBARA: It depends on the "cause for action" as well. In California for instance, it’s how you present the lawsuit as to what the statute would be. For example, breach of warranty and expressed warranty. If I buy software from Egghead, for example, under an expressed warranty and it says it is Year 2000-compliant, well I won’t know it is until the year 2000. Well, my expressed warranty is gone; so there’s an idea that has been tossed around that there should be an extension to statute there. Possibly in exchange for some limitations in liability.
THOMAS: Another reason to have a special limitation is so people won’t be rushing the courthouse. And maybe people will sit back and think about resolving the situation short of litigation. It’s also been suggested that we set up a separate settlement system, because the courts will be clogged with the Year 2000.
JAMES: Unlike the litigation of the past, the information that you need to assess each party’s responsibility can be developed outside as well in conjunction with traditional methods. Information concerning who knew what when, and what actions were taken is out in the cyberworld. Looking for the programmers who worked on a system five, 10, 15 years ago, you’re going to find them out on the Net.
E-mails that are floating around. E-mails tend to never disappear from the company system. These e-mails will be critical. There will be more e-mails determining the outcome of a case than you’ve had elsewhere. The plus side is that for those companies that are experienced with this type of supply chain litigation, is the ability to develop enough information quickly to do what Tom suggested, to sit down and provide a business model for quick resolution. Because with the traditional model . . . well you can spend 15 years to try an environmental case.
VITO: In the massive litigation, it can take 10 or 15 years of trial, which just doesn’t work.. But the statute of limitations is one of the areas that is being misanalyzed across the board. A lot of statutes are being blown without people paying attention to them and people aren’t doing a good job of analyzing their rights and what they should do to begin a dialogue with their partners to secure those rights.
It’s why we developed what we call "Legal Audit," to help people begin to think through from a legal perspective where they stand: where their liabilities are, where their rights are, where they should begin negotiating to try to avoid going to court; because once you’re in court, that’s where the hemorrhage of money really starts happening and that’s not in the best interest of the business world.
BARBARA: Picking up on what Tom said, I think in the courts, especially in California, no one’s actually talked to the judges to find out what the view of the judiciary is on this onslaught, or believed onslaught, of litigation. And I think there is going to be a push toward some type of adjustment specific to Y2K; maybe some discovery that will determine whether this was some kind of defect and if so, when; when can we determine it was a defect or when can we say it was standard procedure that would be acceptable, but I think the courts are going to look to trying to resolve a lot of these cases outside of actual trials. I don’t think the court system is set up to handle the amount of litigation that some believe is going to happen.
THOMAS: And I think some quick process is going to be needed because what you’re going to find is a number of these companies have been founded for this specific issue and if they don’t have the staying power after the Year 2000 and they’ve been hit with hundreds of lawsuits then there is going to be no revenue for anybody - there’s going to be no money, there’s going to be no company, there’s going to be no solution.
JAMES: Economically, if some of the projections are right and, Dennis can speak more to this, if we do enter a global recession, with maybe a series of regional depressions to tie up our ability and our energy to get back on track and build what would probably be the new e-commerce of the future we can’t have corporations’ resources and people’s attention tied up into going from a survival mode on January 1 to a litigation survival mode for the next five years. It just won’t work; the economic impact would be substantial.
DENNIS: From a businessman’s standpoint, there’s going to reach a time where you have to put aside the legal issues and literally try to develop a framework to make your business work through an extended period of time of more than months with the potential of a couple of years for this transition to occur.
If you break down the economy between the larger Fortune 500 companies, those that have access to legal resources that are doing the legal audits, and really compare them, that’s one segment of the corporate population. But if you focus on the $25 million-$50 million dollar-$100 million dollar company, that doesn’t really have the cash flow to go to large law firms and analyze and determine where they are, it’s going to be a different picture; and those are the types of companies that really support the economy and are the vendors to the larger companies. Unfortunately, the way the laws are and the warranties are, people will be forced into litigation whether they want to go there or not in some cases.
VITO: Just so we’re not bashing litigation too much.. . .[As all laugh]
DENNIS: I tried to be fair Vito . . .
VITO: All the comments are fair, but let’s not lose sight of the fact that the courts are there to resolve disputes and there are going to be serious disputes arising over the Year 2000. As Tom said there’s a whole Year 2000 fix it community, with a portion of that community who are not qualified to do the job and they are causing damage, engaged in fraud, causing companies to be on the brink of going down the tubes. And the courts are there to help those people.
DENNIS: I agree with all that, I would amplify that with that, as Vito said, there are people out there perpetrating fraud. For some, bankruptcy is their business strategy. There are a lot of companies that do not intend or not able to remediate, and are not being honest.
ESJ: So, who is going to get sued? And what for?
VITO: The first phase of litigation is already being seen. The computer purchaser who is suing the vendor who fails to give a free upgrade. This will expand to beyond the consumer to the business purchaser. That may take everyone from the reseller back to the manufacturer.
The second phase will be the shareholders suing a company that hasn’t revealed it’s true Year 2000 compliance. And as a result there is a stock performance impact. The SEC has recently imposed extremely vigorous guidelines on what needs to be disclosed for the Year 2000. And this Fall, you’ll see an avalanche of disclosures from the publicly traded world.
The third phase is "failure litigation." This is when people are actually injured when the Year 2000 blows up. This will be the bank depositor, the insurance policy holder, the parts supplier, the accounting vendor - everyone in the chain - as well as the embedded chip failures, the catastrophic kind of refinery blow up, nuclear power meltdown.
The fourth phase will be the Year 2000 "fix it" vendor. When everybody realizes I paid hundreds of millions of dollars to have my systems fixed and it doesn’t work. Watch out because people will be banging down the courthouse doors. The final phase will be between the policy holders and their insurers.
THOMAS: Then you’ll have the clients who’ll say their lawyer didn’t do a good job looking at the Year 2000 contract and suing them for malpractice.
JAMES: It’s interesting to see the IT industry looking at what liabilities they have. It’s a technology problem that’s going to effect all businesses. You have the accounting firm, that has a consulting arm that advised a corporation to buy a $500 million package back in 1990. There will be strong arguments as to whether they should have known about Y2K. Then the remediation people come in 1995 to get 98 percent compliance rate, then the auditing arm, which is under obligation to disclose the relationship, then the attorneys who advised the firm 6 months ago that they were Y2K-compliant. All these factions will be brought into the litigation.
BARBARA: The only "non-defendant" will be the individual home PC owner who doesn’t use the PC for business. They’ll be a potential plaintiff.
VITO: One thing that amazes me is, this is the first time where the legal industry and the IT industry has intersected. It’s amazing that an organization will spend $25 million on a software application and not have a lot of legal involvement in the purchase. If it were a real estate purchase for that much, lawyers would be crawling all over the contracts. The IT industry is a litigation virgin. It doesn’t understand the time to move is yesterday. And people not watching the legal ball are going to get crushed.
THOMAS: We’ve discussed defendants, but plaintiffs have some responsibility. This isn’t just something that’s popped up today. They’ve known about this problem. They are well acquainted with their shops and what needs to be triaged and fixed.
VITO: That’s an excellent point. No one will come to the table with their hands completely clean.
JAMES: We’re doing a historical investigation to develop a benchmark as to what the industry knew and when it knew it pertaining to the Year 2000. On a preliminary basis, it clearly goes back many many years - certainly to the ’80s. It’s going to be an issue within corporations because the people who were aware of it but, and, subsequently, went to work for many corporations to head up their IT departments, and should have known to request compliance when ordering products.
VITO: Jim makes a great point. People need to be aware that the investigative community is already active in delving into historical literature. The positioning for litigation has been occurring for the last year and a half. People should be aware that that dance has begun and acting accordingly, and not thinking this is all going to start on January 2, 2000.
ESJ: Will e-mails and memos, official or not, be brought in as evidence?
VITO: Absolutely. This problem unlike other technical problems tends to force people to feel compelled to cover their rears, because they don’t feel they are getting support within the organization. So the e-mails to the CIO saying, "Oh this is terrible, you didn’t approve my budget, there’s no way we’re going to make it," are out there. And these e-mails are the smoking guns.
JAMES: We’re using a reverse search engine to go out on the Web into chat rooms and home made Web sites on an international basis to find and collect these messages and e-mails on medical devises that are not compliant, documenting failures, sending letters out to other institutions and keeping track of their responses.
It’s a Catch 22. Employees feel frustrated that they aren’t getting the support they need so their instinct is to go to the Web for information. And there are chat rooms with people saying I work for company XYZ, but, it’s pretty easy to figure to company XYZ with the dot-com address at the top. They’re revealing the problems and complaining. All this is going to come back to haunt them.
VITO: When I first spoke at a technical conference the two big questions I was asked when people learned I was a lawyer were: "Can I be held personally liable when my corporation doesn’t give me the support I need?" And the second was "What are the tax consequences if I take all my money out of 401K? Can I liquidate my mutual fund, because I don’t think my retirement money will be in place."
This drove home to me that people are personalizing this issue.
ESJ: Will anyone go to jail over this?
THOMAS: Yes. Like environmental crimes. You’ll see someone that got too much of a dosage at a hospital because their file was incorrect or piece of equipment failed and they died. The question will be asked, "Did someone have a duty that they didn’t discharge properly?"
JAMES: I would imagine that if you were a company president and you knew of an embedded chip problem, and that you are dealing with something under pressure or heated and it exploded, and you did nothing to mitigate the damage ...
THOMAS: Sure. I mean you can make a legal argument it’s not; but you get in front of a jury, and someone could go to jail.
VITO: It’s certainly possible. But the more likely places you’ll see criminal litigation will be the SEC, stock fraud enforcement angle - where people are not stepping up.
DENNIS: As an investment person, I find it amazing the amount of information out there now. When you compare that to what companies are disclosing, and there’s a big gap. When it finally comes out it will be extremely telling. Certain manufacturers will not be manufacturing in January 2000. Certain facilities will be, I hope, closed for public safety reasons. Therefore, shareholders will have a rude awakening. 1999 in total will be a difficult year in financial markets.
ESJ: What is the "drop-dead" date for filing disclosures with SEC?
DENNIS: Any filing with the SEC has to go through a very detailed process of disclosing where you are in remediation, what contingency planning you have, costs, reliance on other vendors, et cetera.
VITO: End of third quarter this year [in fact it has passed, September 30, 1998, was the date]. The most amazing aspect of this disclosure is that companies have to layout their "most reasonable likely worst-case scenario." This is a huge and unprecedentally dangerous requirement from the SEC.
DENNIS: In defense of the shareholders, it’s the only way to be fair. Throughout the whole Year 2000 concept shareholders have not had reasonable and fair access to what’s happening in the organization.
Corporations are going from a one- or two-paragraph disclosure to four or five pages.
VITO: I drafted one out of the box for a company that volunteered disclosure back in August and it went form one to four-and-a-half pages.
BARBARA: How do you describe worst case scenario?
VITO: We spent a full week debating that …
THOMAS: How to you describe scorched earth?
VITO: It’s difficult. I agree costs and where you are, clearly ought to be out there; but your worst case scenario has the potential of being a game plan for the plaintiffs and it gives your competition extremely sensitive information and it can precipitate litigation. Because companies will be conservative with their predictions, and when the failure is worse than their predictions -- well, that’s when you light the match and put it in the gasoline can. The litigation is just going to explode. The SEC is doing a disservice by letting the pendulum swing just a little too far.
BARBARA: One thing we were trying to do in California, with litigation, was in the end, you need to have resources to fix the problems and not just put companies out of business. What do you want to do? Let money line lawyers’ pockets? Do you want to put Intel out of business? Do you want to put the Mom and Pop shops out of business?
Another area no one is addressing is bankruptcy laws. Because they can’t handle the onslaught of litigation, many companies are going to say, "You know what? BK, I’m heading that way, so see ya."
On the global picture we need to address what is the first priority? And it’s keeping the economy going through supply chain distribution through making sure we have water, power and other utilities all the way down. So, we’re not trying to take away the person right to sue, just put some parameters on the types of damages you could get. We are taking something away, but the paramount concern is to keep our country running.
JAMES: Corporations need to do their due diligence when hiring the vendor, checking contracts, doing background investigations ...
VITO: Barbara’s points are important because dialogue about how the liabilities will play through is an issue that hasn’t been forced to the table around the country and frankly nor has it been forced to the table with Congress.
THOMAS: To tag on what Barbara says, there are companies, that have been in the industry for years. We’ve built ourselves on relations. We want to continue beyond the year 2000, so that all goes into "the don’t rush to the courthouse." Try to resolve.
JAMES: The only wild card you have there is the systematic failure. That’s where it gets unfair.
ESJ: The disclosure issue will be an awakening for many corporate officers and directors and IS managers. What would you advise them as to what they should be doing now?
VITO: Although the SEC action may have gone too far, it is a defining moment. The SEC is making clear as to what you must say. In fact, the typical disclosure we’ve been seeing: "We have a plan, we’re working on it. We’re right on schedule." Just isn’t going to cut it. They want specific information about your costs, about your progress, your failure scenario and contingency plan. There’s no room to hide. So companies have to step up and be honest and frank about where they are going. The SEC will use it’s enforcement arm to bring companies to task that don’t step up.
ESJ: It seems that no one wants to be first to step up. Is it better to be first now, than first in court?
VITO: This is why it’s critical to have expert council on Year 2000. This is no place to be guessing.
JAMES: This has always been treated as an IT problem, when it really was and is a business and legal issue, and should be treated as such.
One bit of advise I’d like to offer, it’s something industry isn’t looking at is code that has been remediated off-site and off-shore. There is tremendous danger to corporations who outsource. A lot of this code has made computers accessible to outside hackers. There are overseas countries who will use this code to enter back doors that have been created in firewalls, subsource programs that allow outsiders in through e-mail to control corporate development information. There’s going to be a lot of corporate espionage and fraud.
Not that businesses don’t have enough to worry about, but this is another serious issue that business must contend with. Because even if they make a successful Y2K convergence, it doesn’t do them any good if people are lifting information from their servers. Or if someone systematically moves $100 million out of their organization.
ESJ: Will the federal government take action for encryption technology export violations?
VITO: Yes, there is a big concern for this. I’ve heard representatives from the CIA saying they are concerned that there is a great potential for mischief once this code goes off-shore, with people you don’t know having access to your code.
THOMAS: And what’s your recourse when something is wrong? Do you sue a consulting firm in India.
ESJ: Can the Year 2000 be interpreted as a virus? Either as an offense or defense for litigation?
VITO: That’s going to be one of the great debates. Is it a virus or is it a defect?
BARBARA: And if a defect, when did it become a defect?
VITO: People should know that in the absence of legislative intervention, this is going to be a very long battle. We’re going to spend the next several years in the courthouse, answering the questions you laid out this morning.