Sign In Sign-Up

Welcome!

Close

Would you like to make this site your homepage? It's fast and easy...

Yes, Please make this my home page!

No Thanks

  Don't show this to me again.

Close

Legal Issues And Risks Of The Year 2000 Problem

By Rauer L. Meyer and Steven L. Hock -- Thelen Reid & Priest LLP

The Year 2000 problem is rightfully regarded as a technical one -- your first priority must be to fix the problem within your own company. This priority, however, is only the tip of the iceberg. There are many legal issues and risks requiring attention at the highest levels of executive management. These aspects shouldn't be overlooked as you manage the technical solutions.

The following are some thoughts on avoiding legal liability, as well as a checklist of issues to keep in mind.

Your Investors

By law, investors in your company -- shareholders, partners, long-term debtholders -- are entitled to know all "material" facts when they decide to invest. Companies subject to federal reporting duties are required by the SEC ("Securities & Exchange Commission") to disclose material future anticipated liabilities. Financial reporting rules of the accounting profession may also require disclosure. All companies -- even private ones -- are subject to investor fraud claims for material nondisclosures. Accordingly, evaluate your impact analysis, and engage legal assistance to determine what disclosures must be made. It's cheap insurance against investor claims.

In addition, corporate management has a legal duty to shareholders to act responsibly in protecting their companies. Act now to meet applicable legal standards of diligence, prudence, and good business judgment in dealing with it. Consider coverage under your Directors and Officers ("D&O") insurance. With assistance of counsel, create a written record of diligence that can withstand the scrutiny of a nontechnical judge and jury.

Your Customers

Your failure to fix the Year 2000 problem may hurt your customers as well if your operations are affected. Identify critical contracts that put you at risk and protect yourself with carefully drafted force majeure (out-of-control developments), warranty disclaimer, and liability cap provisions. The law in this area is complex.

As appropriate, notify customers in writing of potential problems and work with them on back-up and parallel systems. Demonstrate your own diligence and suggest workarounds.

If you anticipate that your suppliers or subcontractors may not become Year 2000 compliant, alert them to the problem, work with them in solving it, and take the legal steps necessary to ensure that they do.

Other Third Parties

Anyone else who relies on the integrity of your system or data -- employees, subcontractors, etc. -- should be considered. What if your applications fail? Using your impact analysis, identify all areas involving legal risks of potential third-party damage that may result from your affected data. As appropriate, suggest back-up alternatives and discourage "blind" reliance on your vulnerable applications.

Insurers

A particularly effective way to shift your Year 2000 exposure might be through your general liability, errors and omissions or first-party business insurance coverage. A careful review of your insurance assets may reveal coverage for accounts receivable or other important computerized data affected by Year 2000 failures. If you don't have the right coverage, get it. The law in this area is just evolving, so it is important that you stay on top of developments.

Software Vendors

Are your existing software vendors legally responsible for making their products Year 2000 compliant? The answer depends on the nature of your contracts with them. The typical vendor-written contract contains warranty disclaimers and liability caps. Under many circumstances, however, such disclaimers and caps are not ironclad, and require careful legal analysis. In addition, the law requires vendors in many circumstances to honor presale representations about their products (e.g., in letters, marketing pieces, demos, even oral statements), and to meet the user's reasonable expectations, without liability caps, regardless of what is in the written contract.

If you think that products you purchased or licensed risk failure, (1) conduct a legal analysis of your contracts and licenses, (2) inventory all representations made by the vendor outside the contract for express or implied statements that the product was compliant, and (3) place vendors on appropriate legal notice of your expectations.

Going forward, confirm that each new software product you purchase or license is compliant and that future contracts with vendors contain as few escape clauses as possible.

Software Maintenance Providers

Are outside parties who maintain your software applications (typically original vendors, but not always) legally responsible to fix Year 2000 noncompliance problems? Again, this depends largely on the service contract. There is often a difference between modifications to fix bugs, for which the vendor pays, and customer-requested enhancements, for which the end user pays. The responsibility for major modification projects like Year 2000, which are outside the contemplated scope of the original deal, will likely be negotiated. The result will depend greatly on the strength of your legal position.

Non-Software Suppliers

If your operations rely on certain suppliers of ordinary goods and services, their Year 2000 problem may become your problem. This is even more true if your software applications interact. Talk to the suppliers about their compliance, run tests, and reach your own comfort level. Check your contracts, particularly the force majeure and liability limitation clauses, to see how their nonperformance might be legally excused or limited. If appropriate, place them on legal notice that their failure to fix will not excuse nonperformance. Are you bound to them by long-term exclusivity? Their inability to demonstrate compliance in advance might give you legal justification to use another supplier.

The Year 2000 problem is not just a hardware or software problem. It is a serious social problem, which, in this information-hungry society, could easily grow to the same scale as the savings & loan, environment and asbestos crises. To avoid potentially expensive and crippling Year 2000 problems, companies must ensure not only that their own ship is in order, but that every company on which they rely solves its own Year 2000 problems as well.

CHECKLIST OF LEGAL IMPLICATIONS

•Contract Auditing - What are the rights and duties of system users relative to maintenance contractors, software suppliers and licensors?

•Contract Negotiating and Drafting - What should you do to minimize the risk under future agreements relating to hardware, software and IT services?

•Insurance/Indemnity - Do you have coverage under your existing insurance portfolio?

•Financial Disclosure - Do financial costs associated with Year 2000 problems create SEC compliance issues in the preparation of audited financial statements?

•Officers' and Directors' Liability - What is senior management doing, and what D&O (Directors and Officers) coverage exists?

•Mergers and Acquisitions - What due diligence and other measures should you take in current and contemplated M&A transactions to protect against inheriting Year 2000 problems and compounding your own?

•Protection of Trade Secrets and Intellectual Property - Year 2000 compliance may require inter-company access to information that is sensitive and proprietary. How will you protect your intellectual property and obtain access to what you need from others?

•Labor and Employment - What liabilities arise from employment actions necessary to correct applications? Will the company need to modify or supplement any personnel policies as a result of Year 2000 changes?

•Litigation - How will internal documentation being generated now affect your chances in court in the future? What steps need to be taken to head off litigation and at the same time prepare for it?