InformationWeek
Defining The Business Value Of Technology
August 24, 1998
Keep The Lawyers At Bay
Lawsuits may be bigger year 2000 issues than system
By Edward Cone
s if IT managers don't have enough to worry about as the millennium approaches, here's another year 2000 headache: lawsuits.Any number of parties may seek redress for costs associated with year 2000 date-field failures, including investors who blame ill-prepared managers for a dip in profits and share prices; customers who suffer economic damages when goods and services aren't delivered on schedule; and companies up and down the supply chain with contracts that go unfulfilled as systems fail.
While forestalling these suits is a companywide job, IT managers have an important role to play, and it goes beyond fixing the technical problem: They must get full management support for a comprehensive year 2000 program. "CIOs have to make sure that chief financial officers and CEOs thoroughly understand where the company is in the process and what the risks are," says Stephen Hock, an attorney with Phelan, Reid, & Priest LLP, a law firm in San Francisco and New York.
Most CIOs are unlikely to be named in suits; typically, they're not executive officers of their companies, so they're sheltered from legal actions over breach of fiduciary duties or meeting securities requirements. But IT managers may get dragged into suits as witnesses and be subject to internal company discipline if they are seen to have been ill-prepared for year 2000 problems (see story, "Will You Swear To Tell The 'Expert' Truth?"). And, of course, legal hassles that drag down a company aren't good for anyone working there. "Some companies won't survive, because they will get sued out of existence," says attorney Steve Krulin of consulting firm Law and Technology Partners Inc.
Fortunately, there are several steps companies can take to avoid-or prepare for-litigation. The rules of the legal game are simple: Debug, debrief and disclose, and document. And once those are done, plan ahead for contingencies within the company (see story, "Avoid A Year 2000 Nightmare"), and with partners (see story, "The Business Partner Connection").
DebugThe best way to avoid getting sued is to fix the problem before it causes any harm. Prudential Insurance Co. of America, for example, started its year 2000 program three years ago and anticipates having all systems compliant well before the deadline. "The entire view we have on year 2000 is that it's a nonevent to our customers," says Irene Dec, a VP of corporate IT at Prudential, in Newark, N.J., and program manager of the companywide year 2000 program.
NationsBank in Charlotte, N.C., also has been aggressive in its approach to year 2000 problems. "Our objective is to identify and fix everything within our control, and do it well, so that there are no grounds for legitimate litigation," says Bob Large, executive director of the bank's year 2000 project.
But even companies with few anticipated internal problems need to focus on possible legal issues. For example, NationsBank says that even when it solves its own problems, it could still face the wrath of, say, a tiny accounting firm that suffered a loss because it failed to update its end of a direct-deposit link.
That scenario sounds unfair, but it's likely to be played out in many cases as companies try to pass the blame in hope of getting somebody else to pay the bill. "You can resolve all your internal IT issues and still have severe business problems as a result of year 2000," says Bill Zucker, an attorney with the Boston law firm of Gadsby & Hannah, who is heading up a year 2000 consulting firm, G & H Solutions LLC, within the firm.
Debrief and Disclose
Of course, debugging is important, but it's just the first step in avoiding lawsuits. To solve the technical problems and prepare for legal issues, a company needs to share information on year 2000 issues internally, as well as with suppliers and customers.
Every department within a company-including top management, IT, finance, sales, and production-has to participate in the free flow of information. This will allow a company to identify vital business functions, which, in turn, lets the IT department prioritize the technical problems. To make this happen, senior management has to get on board quickly. "The most important event for us was when CEO Art Ryan identified the year 2000 as a critical problem to Prudential and got us moving on it," Dec says.
On the legal front, open communication shows that a company is acting responsibly to work through the problem. "To avoid a suit, or have the best defense if one is brought, a company needs to make sure the board and top management are actively involved in leading the conversion process," says Hock, of Phelan, Reid, & Priest. "If they are involved in decision-making, it's unlikely that they'll be held liable for breach of fiduciary duty. The CIO has to apply pressure to make sure this happens."
Companies also need to disclose to their suppliers and customers what they're doing to fix year 2000 problems. This can help prevent lawsuits, which often result from unpleasant surprises. Some lawyers advise against outside communications for fear of incurring liability over promises or implied warranties, but Hock disagrees with this advice. "I encourage open communication with customers and the supply chain about the status of conversion efforts," he says. "You need to look for ways to cooperate and assist each other. Discouraging communication is counterproductive."
NationsBank has made communication a priority. It's almost ready to launch a year 2000 page on its Web site (www.nationsbank.com) and is producing a customer brochure discussing the nature of the problem and the scope and progress of NationsBank's solution.
But it's not enough for companies to disclose what they're doing to fix year 2000 problems. They also need to know what their customers are doing-or at least document their efforts to find out what they're doing-so the customers can't turn around and sue them when things go wrong.
Many companies, including Levi Strauss, NationsBank, and Prudential, are querying business partners on their year 2000 preparedness. Often, companies send out special letters or surveys, though this may not be an effective method given the volume of inquiries companies receive. "Most businesses are getting only a 25% response rate, and maybe 4% accuracy," attorney Zucker says. Still, in case of a lawsuit, it let the company that conducted the survey say it tried to communicate with its partners.
Document
Finally, all the steps a company takes to debug, and to debrief and disclose year 2000 problems should be meticulously documented to underpin arguments of preparedness in the event of legal action. In addition, companies should have an outside consultant or lawyer review their programs and authenticate their work. While several major consulting firms, including Andersen Consulting and Ernst & Young, are limiting the amount of year 2000 work they accept because they fear potential lawsuits, legal firms that specialize in the problem are booming.
The effort a company spends documenting year 2000 procedures may pay off in court, says Larry Eisenstein, chairman of the year 2000 committee at the Washington law firm of Swidler & Berlin. "You are recording your diligence in tackling the issue," he says. "It's a triage process, where you might not be able to get to everything. If a system that's been left to fail fails, you should have a rationale on paper for why that decision was made."
Eisenstein also cautions that documentation should be done right. "You need in-house training on legal issues," he says. "Train on the evidentiary importance of documents, so people understand that their
E-mail to the guy down the hall could be an exhibit in a trial. Be sensitive to that, and put things in context so they don't become a smoking gun in litigation." Companies can use their own counsel or hire an outside lawyer to conduct such training.
Chas Snyder, director of the year 2000 program for Levi Strauss & Co., in San Francisco, says it's unlikely his company will face lawsuits. "Our supply chain is not very automated, we have a relatively small number of suppliers, our product liability is limited, and we're privately held," he says.
Still, Snyder says there's no resting easy. "Our lawyers work very closely with us so that our software vendors get the message on compliance and our contracts are clear. We have had some attorneys on retainer for year 2000 and also use our in-house attorneys. We document everything." Why so cautious? "Well, there are things beyond our control-for instance, the government and utilities and communications companies could bring business to a halt."
If a company addresses all the issues, it should be in a good position to avoid lawsuits. But it's wise to anticipate that things could go wrong, especially since people who do lose money are likely to look for someone to share their costs. That's why an orderly legal strategy can put a company in a winning position should it be slapped with a lawsuit. These issues belong to the entire company, and IT managers should be a proactive part of the solution.
| SOLUTION SERIES |
|
|
Back to This Week's Issue
Send Us Your Feedback
Top of the Page
Featured Microsite
