"The best way to avoid liability is to be responsible" by helping to solve year 2000 problems in the products sold to customers, said Jonathan Cain, who heads the McLean, Va.-based technology practice of Mays & Valentine LLP. Moreover, such responsibility will provide a shield against future lawsuits and "you get your customers to buy an upgrade" that does not contain the software flaw, he said.
The year 2000 software bug is caused by a widespread flaw in the internal calendars of software programs that forces them to assume that all dates are in the 1900s, ensuring that many computers will mistakenly treat 2001 as 1901, so tangling accounting and business operations. The software bug exists because software developers had to write compact code during the 1960s and 1970s at a time when computer processors had only a fraction of the power now available in desktop computers.
Because the flaw is standard throughout industry, individual vendors can't be easily sued for malpractice, said lawyers. "We really only have an obligation to remediate or fix what we have provided over the last two, three years, versus what we have supplied over the last 20 years," said Marc Pearl, vice president for government affairs at the industry-backed Information Technology Association of America, whose members include Microsoft Corp., Redmond, Wash., and IBM Corp., Armonk, N.Y.
A lot of government vendors are locked in by federal maintenance contracts, while some companies have distributed letters to commercial customers saying which products are year 2000-proof and which products the company would no longer support, said Nancy Peters, a vice president for year 2000 at CACI International Inc., Arlington, Va.
But vendors may be sued if they fail to offer any help to their customers, partly because inaction may outrage the customers, said Cain. With that threat in mind, many vendors have established World Wide Web pages or have sent letters to past customers showing which of their products are faulty and which are free of the problem, said Pearl.
Liability issues are much clearer for companies that have contracts - especially maintenance contracts - that require their products to operate past 1999, said Cain. "In that case, I would be doing my best to resolve the issue with my customer now," said Cain.
But companies also should try to renegotiate their contracts to void their year 2000 duties, Robert Kenney, an attorney with the Washington-based office of Hogan & Hartson LLP, told a year 2000 conference in McLean, Va., last week.
"If you can slip that by your customer, just as they will try to slip it past their customers, that would help," he said.
Given some liability, vendors' greatest risk is contingent damages, which may be awarded to compensate the customer and its clients for economic damage caused when the vendors' technology fails, said Cain. For example, an airline may lose millions of dollars if its reservation system goes haywire, and its customers may sue for inconvenience and economic losses caused by their disrupted travel plans, said Kenney and Cain.
One major vulnerability is vendors' e-mail records, said Kenney. These records likely contain alarming messages, which have been sent between middle managers worried about their product's ability to cope with the problem, and which will be revealed by pre-trial subpoenas. "These can be fatal, especially because a lot of them will be accurate," said Kenney. "There's not one, but a thousand, smoking guns" in the e-mail, he said.
To deal with this problem, Kenney advises companies to diligently adhere to companywide document disposal practices for e-mail, while preserving more formal - and complementary - documents that detail how the company is trying to fix the problem. Many companies routinely eliminate their e-mail after 30 days or 60 days, but fail to eliminate all copies of their e-mail records from backup tapes.
But however hard network managers try, network managers often fail to wipe out every copy of each e-mail message, said one industry official at a Northern Virginia high-tech company. To allay this problem, he said his company sends a copy of all year 2000-related messages to company lawyers, so allowing them to defeat subpoenas with a claim of attorney-client privilege.
"If a company does that purposefully ... they end up jeopardizing their attorney-client privilege" on all year 2000 issues, said Cain. Year 2000 "is not a tactical issue. It requires strategic thinking," he said.