Legal Implications of the Millennium Bug: The Multiple Roles of Lawyers in Coping with the Fallout from the Trillion-Dollar Computer Glitch
Nations, Howard L., Duke, Mark L., Black, Gary R., Jr., The Review of Litigation
The Year 2000: The Nature of the Beast
A new year, a new century, a new millennium. The year 2000 will be an exciting time that will serve both as a historic milestone and as a technological launch pad for the advancement and progress of society. Yet, with the great expectations and hopes for the future that the new millennium brings, it also carries with it an ominous problem. Deeply embedded inside the cornerstone of our technological progress over the last half century-the computer-is a glitch known as the millennium bug. It stands poised and ready to usher in the new millennium, not in a blaze of glory, but in a morass of technical difficulties and failures that will launch the millennium in a most memorable but inauspicious fashion.
There appears to be a consensus among technological prognosticators that technical difficulties on a grand scale will occur beginning at 12:01 a.m. on January 1, 2000. There is, however, a considerable disparity in the technological community as to the nature and extent of the consequences that will flow from the millennium bug. This computer glitch has been described as the most expensive human error in history, which will result in business failures and equipment failures and lead not only to economic chaos but also "damage or even end the careers of about one-half of the senior executives in the United States."I
If the technicians are correct in their predictions, the catalogue of catastrophes that will be visited upon our computer reliant planet will be incalculable. Dennis Grabow, CEO of The Millennium Investment Corporation and a leading authority on the global financial impact of the Year 2000, characterizes the economic impact of Y2K as "The Greatest Wealth Transfer Event of the Twentieth Century. "2 Mr. Grabow further predicts that "it will be a watershed event that will define economic fortunes for individuals, corporations, institutions, and nations. In essence, Year 2000 will precipitate a significant transfer of wealth throughout the world."3
Predictions are that the Y2K bug will result in not only business failure, but also personal problems ranging from mere inconvenience to serious injuries and deaths.4 For example, a Y2K analyst in London predicts that the failure of medical equipment will lead to approximately fifteen hundred deaths in England alone. Among the leading industries in America, the health care industry is running last in preparation for January 1, 2000.5 In a recent interview, Joel Ackerman, Director of Rx2000, a nonprofit health care consulting group, voiced concern over the lackadaisical attitude of medical devices manufacturers toward solving Y2K problems, citing "a recent survey of an Rx2000 working group [that] found that ninety-four percent saw 'significant' potential for unnecessary death. "6 The Gartner Group, an information technology consulting firm, completed a survey that found that eighty-seven percent of all U.S. healthcare organizations are in danger of systems failures within the next two years.
As inevitably occurs when businesses and technology fail and when personal injuries and deaths occur, the need for legal services will soar. Estimates of the cost of the legal consequences of the millennium bug range from one hundred billion dollars by Capers Jones,8 to the one trillion dollar estimate of legal costs by Allison Rea, a legal analyst.9 The trillion dollar litigation figure was also espoused by Ann Coffou, Managing Director of Giga Information Group, an information technology advisory firm, in testimony before the United States House of Representatives Science Committee.'o While the trillion dollar estimate is astronomically high, reality probably lies much closer to Capers Jones' one hundred billion dollar estimated cost of legal services to solve Y2K problems. Under either scenario, it is obvious that handling the legal issues arising from the Y2K bug will possibly be the largest source of income in the legal profession over the next decade.
One purpose of this Article is to help identify the legal pitfalls that await the company that either willfully or unwittingly has chosen to ignore or underestimate the seriousness of the Y2K bug. Another purpose is to identify the roles that lawyers can play immediately in helping their business clients avoid as many of these legal pitfalls as possible. While the short timeline to January 1, 2000 precludes avoidance of the technological consequences for many who have been delinquent in addressing the problem, there may still be time for preventive law measures to reduce the legal consequences, avoid litigation, and protect officers and board members from exposure to personal liability. Hopefully, this Article will also serve to identify technological reasons why the Y2K problem must be addressed thouroughly and immediately by both government and private sector leaders.
A. What is the Problem?
In the early days of computer programming, memory and space were very expensive, and the year 2000 was in the distant future. In an effort to save memory and money, computer programmers used only two numbers in the date field to represent the year. Thus, in the date fields of most computer programs and microprocessors, the year 1998 would be entered as 98. The computer program assumed that the first two numbers were 19, representing the century. Thus, when the clock rolls over to 12:01 a.m. on 01/01/00 on January 1, 2000 the computer will read the date as 01/01/1900. In many cases, having no functions to perform in the year 1900, the computer will shut down.
Another reason for the decision to ignore the inevitable year 2000 was that programmers forty to fifty years ago who established the two digit standard had no idea that their work would last four to five decades. Interestingly, neither of these excuses is available to programmers who have continued to use the two digit century code in many items that are for sale on the market today despite the possibility-and in many cases, probability-that the products will fail less than two years from now. This headlong rush to continue the sale of noncompliant Y2K products despite the worldwide knowledge of the problem will be a major source of litigation claims within the next decade.
As the January 1, 2000 deadline draws near, the problems arising out of the initial two digit century code are expanding exponentially. Surprisingly, there are chief executive officers in major industries who continue to fail to take into account the following factors that impact the nature and extent of the millennium bug problem:
1. January 1, 2000 will arrive on schedule in a very few months. This is a fixed deadline that absolutely will not change.
2. The Y2K bug cannot be ignored. Every organization that is effected by computer technology has the option to either become Y2K compliant, sell the remaining valuable portion of their company to a compliant company, or eventually go out of business. Ignoring the millennium bug is not an option.
3. The major impact of the millennium bug is exacerbated by the fact that it will not be slowly phased in. The millennium bug's impact will hit the entire planet within a twenty-four hour period.
4. There is no "silver bullet" that will emerge to save the day. The nature of the Y2K problem in most circumstances is not one that can be corrected by purchasing remedial software. Each potential system must be analyzed, tested, reprogrammed, repaired or replaced, and then retested. This is extremely labor intensive and time consuming.
5. This is not a problem that can be solved by large infusions of cash because there are insufficient skilled personnel who are capable of performing the labor intensive work, and those who are capable are already employed on very lucrative terms.
6. Y2K is a global phenomenon and the limited resources available for solving the problem are thinly distributed worldwide. Those who have waited to address the problem must now wait in line to hire remediation teams. Y2K involves interactive production services between manufacturers and suppliers. Even if a manufacturer is fully compliant, if suppliers of needed parts are noncompliant and inoperable the compliant manufacturer will be negatively impacted.
7. Y2K involves interactive electronic transfer of data. If a compliant bank in New York wishes to transfer funds to a noncompliant bank in Hong Kong, such a transaction would fail.
8. The long overlooked fact is that the millennium bug is a management problem that must be addressed at the highest level of business. Many of the corporations that are addressing the problem have the Chief Information Officer (CIO) as head of the Y2K team. Unfortunately, the CIO cannot begin to correct the problem without the budgetary clout of the Chief Executive Officer (CEO), Chief Financial Officer (CFO), and Board of Directors. Each day that top level management neglects to personally address the Y2K problem within their company, the likelihood of future litigation increases.
9. Finally, top level management who are often compensated with stock options and whose personal worth often is tied directly to the value of the company stock must realize that intelligent investors will be viewing Y2K as a major element in their investment paradigm. Those companies who fail or refuse to directly confront Y2K issues and who suffer the inevitable disruptions in business and drop in stock prices will pay the price personally for neglecting this issue.
As stated by Dennis Grabow, CEO of the Millennium Investment Corporation:
Each investor must take a position based on a new investment paradigm: in the near future most companies will face decreased performance due to disruptions within their internal enterprise, disruptions within their vendor/client chain, and disruptions from public infrastructure; and current investment models and current analysis do not accurately account for this Year 2000 condition. II
B. Predicted Repair Costs
The most oft cited estimate places the cost of correcting the Year 2000 problem worldwide at $300 billion to $600 billion.l2 This estimate includes neither legal expenses nor potential judgments. Responsible American businessmen are taking this problem very seriously.
CitiCorp has budgeted $700 million to insure that it is compliant by the year 2000. Federal Express has budgeted $650 million, while numerous other large American corporations have budgets in the hundreds of millions of dollars in order to address this problem. However, there are numerous corporate officers and directors who have waited so late to address the problem that it is not now possible to have their companies fully compliant by December 31, 1999.
The following chart is an examination by Capers Jones of eight critical American industries that reflects their very poor level of preparation for the consequences of the computer glitch.l3 As indicated, only 55.38% of the industries examined are on schedule to be ready to cope with the millennium bug, while 38.50% are behind schedule. The frightening part of the examination of these eight industries is the level of the healthcare industry, which is running 51% behind schedule, and the public utilities, which are running 50% behind schedule. There is a real possibility that there will be power failures in many locations around the country and that there will be numerous deaths and serious injuries as a result of not being Y2K compliant.
Capers Jones also examines the military services and governments in the following chart,l4 which shows that their readiness to cope with the Y2K problem lags behind that of private industry.
It is anticipated that the federal government will suffer numerous failures as demonstrated in a report of the Subcommittee on Government Management, Information and Technology, chaired by Representative Stephen Horn (R-CA). Appendix A lists a Year 2000 Progress Report Card, which represents the latest quarterly report of Representative Horn's committee as of the end of the second quarter, 1998. The report gives the federal government an overall grade of "F" on timely preparation for Y2K compliance.'5 If the federal government is scoring an "F" on mission-critical computer systems, it is a bit disconcerting to think of the condition in which the noncritical systems must be since mission-critical are the first systems in line for remediation.
Representative Horn explains that the twenty-four largest departments and agencies are graded primarily on their ability to achieve timely Y2K compliance of their mission-critical computer systems.lb Additional grading criteria include contingency planning, telecommunication systems, embedded microchips, and external data exchanges 17
In pinpointing the types of problems that can be anticipated, Representative Horn discusses three particular agencies whose failures will have an impact upon the public:
[The] specific agencies grades raise further concerns. The Department of Defense earned a "D" and is still not on track to complete Y2K compliance efforts until two years after the date change. The Department of Transportation merited an "F". This grade includes the Federal Aviation Administration, which provides crucial services to the flying public. Without dramatic improvements, the Nation's air traffic could face serious disruptions for an extended period after December 31, 1999. The Department of Health and Human Services also earned an "F". The Medicare program, among others, depends on the smooth functioning of its computer systems.ls
C. It's Closer Than You Think! Y2K Critical Dates
While the terms "Y2K" and "millennium bug" seem to indicate that the problem will not be upon us until midnight on December 31, 1999, the fact is that the months between now and February 29, 2000 are filled with critical dates. Such matters as the convergence of the GPS rollover and the first super leap year in 400 years combine with numerous default dates and fiscal year dates to create a timeline of potential disasters that would be worthy of a Tom Clancy technothriller.
In fact, technical failures resulting from the millennium bug have already begun, and we have seen examples of what can occur with a computer glitch. An early example occurred at 12:01 a.m. on February 29, 1996 at a steel mill in New Zealand when the computeroperated steel processing machinery ceased to function.l9 As the molten metal in the machines began to harden, management was frantically seeking to determine the cause of the equipment failure. Since the equipment was run by computers, they immediately contacted the technical staff at their computer company who could offer no immediate explanation for the shut down. Two hours later, the identical problem occurred in a steel mill in Australia two time zones away. The same computer company had programmed both steel mills. By the time the source of the equipment shut down was determined, the molten metal had hardened in the machinery and destroyed millions of dollars worth of equipment. The problem was that the computer programmer who initially programmed the computers in both steel mills failed to consider that 1996 was a leap year. He therefore failed to program any functions to be performed by the machinery on February 29, 1996. As the computer clock read 12:01 a.m. on February 29th, the clock in the embedded chip that was controlling the machinery found no instructions for tasks to perform on February 29, 1996, and therefore shut down.
The following is a list of pertinent dates and their significance:
January 1, 1999-Several programs process information by jumping one year ahead and counting backwards from there.20 If these programs have the millennium bug, it is likely that they will fail or operate incorrectly as of this date. January 1, 1999 is one of several default dates that will trigger functions to be performed by numerous computers. A default date is one that is placed into a data field as a default when there is either no applicable date in the future or the applicable date is unknown. For example, when a form calls for the entry of a date of death on an information sheet on a person who is still alive, the programmer would customarily choose a default date to place in the field. Over the past forty years, easy dates such as "01/01/99" or "09/09/99" were frequently inserted. However, now that those dates will soon arrive, whatever activity is programmed for the computer to undertake on those dates will occur.
April 1, 1999-This date signals the beginning of the fiscal year 2000 in Japan. All indications are that the state of Y2K compliance in Japan is not up to par.21 Since the fiscal year entries will call upon the computer to perform functions including fiscal activities up to May 30, 2000, the noncompliant accounting systems could begin failing on April 1, 1999. With the recent downturn of the Japanese markets and its effect on our own economy, it is easy to see that we will feel the effects of the lack of coordinated international Y2K efforts. The global economy that has proven to be such a boom to the American economy will soon be a source of considerable consternation within American business and banking circles because of the level of noncompliance of the remainder of the world.22
August 22, 1999-The Global Positioning System ("GPS") is a network of satellites that continuously signal data that is used to determine the exact location of a receiver on the surface of the earth.23 Tens of thousands of ships and planes and other modes of transportation use the GPS as the cornerstone of their navigation on land, sea, and air. On August 22, 1999, the Global Positioning Satellite, which was launched in 1980 and programmed to run for 1,024 weeks, will hit the magic 1,024th week and rollover to zero, much like the odometer in a car. The United States Navy, which controls the GPS, has indicated that nothing will be done from the transmission end to assure that the satellite signal is still received by the numerous GPS receivers on earth. It is up to the individual users of GPS signals to assure that their receiver is compliant with the rollover and that they will continue to receive the GPS signal when the rollover occurs.
The United States Navy also maintains the "atomic clock," the world's most accurate time piece, and the time is transmitted through the GPS to clocks and computers worldwide.24 One very important function served by the GPS is determining precisely the correct time of transactions conducted by financial institutions. A common example is that banks use this system to calculate the interest paid down to the hundredth of a second. It is incumbent upon each financial institution that is using the "atomic clock" to accurately time financial transactions to be certain that they are rollover compliant by August 22, 1999. Otherwise, the computer calculations of interest will either cease or go completely awry.
September 1, 1999-This is the date of the beginning of the fiscal year 2000 for the federal government. As we have seen, the federal government is far from compliance. By September 1, 1999, all federal government accounting systems that are making calculations in the year 2000 must be fully Y2K compliant.
September 9, 1999-The simplicity of the entry "09/09/99" made this a popular default date for early programmers who needed to fill in unused date fields or indicate that a string of data had come to an end. While this problem does not appear as pervasive as Year 2000 problems, all computers should be checked for both. A typical example of the use of this default date is when prisoners are incarcerated and a computer information sheet is filled out with respect to their anticipated stay as a guest of the state. There is obviously a date on the form for prisoner release. In the case of prisoners sentenced to either life imprisonment or execution, there is no release date. However, the unused date fields had to be filled so the default date of "09/09/99" became the standard for prison systems. Thus, the prison system computers across the country use the standard "09/09/99" default date as a date of release for these prisoners. According to the computer, lifers and death-row inmates should be released on that date. While it is unlikely that the doors of death row will be thrown open, there will be the problem that life and death prisoners will be out of the computer system as of September 10, 1999.
January 1, 2000-There is much speculation as to what will happen at 12:01 a.m. on January 1, 2000.26 For business purposes we can review the various type of software and what effect their failure may mean.
1. Embedded software is actually embedded within a physical device and controls the operation of the device. These embedded chips are at the heart of the most dangerous types of failures that can occur on January 1, 2000. There are numerous embedded chips in aircraft flight control software, medical device software, automobile fuel injection software, and numerous household appliances, including coffee makers and microwave ovens. There are also embedded chips in automobile engines, automobile electronics, and the fancy new automobile braking systems. One area of major concern about embedded chips are those that are located in medical devices. This is a grave concern since the analysis of eight United States industries by Capers Jones indicates that the health care industry is the least prepared for the year 2000, currently running fifty-one percent behind schedule.2
There are medical machines that will fail in [Intensive Care U]nits. There are hospitals that are far enough away from other hospitals that they have no backup, and if they have a failure in some of their machines or in some of their supplies, there will be people who will be affected by that in terms of patient care-very concerned about the health care issue.28
The number of embedded chips involved in today's modern medical devices is frightening to contemplate when viewed in the context of the failure of the health care industry to seriously approach compliance by the year 2000.29
2. Management Information Systems (MIS) software is the area of major concern to financial institutions since MIS are the software applications that handle alphabetical and numerical information.30 MIS applications include tax calculations, insurance claims handling, stock brokerage trading software, payroll systems software, and financial institution applications. Failures of embedded chips in MIS applications can result in banking problems, tax problems, insurance problems, credit problems, and difficulties with stock portfolios.
3. Systems software failures pose the greatest potential problem to the public at large, ranging from the mere nuisance of the inability to use bank automatic teller machines to the dangers inherent in the malfunction of the traffic light synchronization on crowded public streets.31 Systems software is the software that controls some type of physical device such as process or manufacturing control systems, telecommunication switching systems, or computer operating systems such as DOS. The major hazards for the Year 2000 lie in the potential failure of systems software in systems that control such vital facilities as electrical generating plants, nuclear power plants, computer security systems, manufacturing assembly lines, electrical equipment, and medical instruments. One of the most important systems controlled by computers and systems software is the operation of elevators. Imagine the impact on big city business if elevators in our business occupied skyscrapers malfunction or, more likely, fail to function.
4. Commercial software includes such business applications as Microsoft Office and software applications by IBM, Novell, or Oracle. Despite the obvious knowledge by these computer geniuses that the Year 2000 bug was looming on the horizon, most of the software applications sold by these software giants were not Y2K compliant until the end of 1997.32 Any of the commercial software packages in which date and time logic are not Y2K compliant are likely to produce faulty data or no data at all. One potential legal fallout of the pending failure of commercial software will be the explanation under oath of the world's leading computer gurus as to why they were still selling products as late as 1998 that were not Year 2000 compliant.
While most businesses in the United States have taken the threat of the millennium bug seriously, many have waited too late to begin addressing the problem and are now finding that it is too late to timely solve the problems. Problems in the United States are exacerbated by those faced by foreign countries, which are basically ignoring the potential disaster inherent in the Y2K bug.
The leadership role of the United States in the global economy links us to computers worldwide that are not Y2K compliant.33 International monetary and other financial transactions which are normally carried on by computer will be greatly jeopardized in a large portion of the world as a result of the millennium bug. One of the major impacts on January 1, 2000 will be in the European Common Market. First, many European businesses are underestimating the potential difficulties and have simply not addressed the problem. Second, on January 1, 2000, the G8 nations are implementing the common currency known as the Eurodollar. Eurodollar calculations require numerous computer transactions. The combination of the introduction of the Eurodollar on the same day that many of the computers will fail to function in Europe does not bode well for the economic future of the European Common Market.
February 29, 2000-Once businesses think they have identified the nature and extent of the damage suffered from the millennium bug, they will face a phenomenon that happens only once every four hundred years, the "super leap year." Leap year occurs every four years except in years divisible by 100. There was no leap year in 1700, 1800, or 1900. However, in order to compensate for a minor discrepancy in time that develops over the centuries, there is a super leap year in each year that is divisible by 400. Accordingly, computer programmers also had to be aware when programming computers that February 29, 2000 is the extra day that occurs once every 400 years. Thus, we are reliant upon our programmers to know the exception to the exception to the rule. This should make for a very interesting leap year in the year 2000.34
D. Why Doesn't Someone Fix It?
The short answer is that they are trying. The truth of the matter is that the scope of the problem combined with the labor intensive solutions it requires and an immovable deadline make it virtually impossible for there to be complete Y2K compliance by the relevant dates. There is no "silver bullet" fix.35
Existing software fixes do not and cannot account for the problem of embedded chips.36 There are billions of embedded chips that are coded with date and time logic and that will read 01/01/00 as January 1, 1900. The location of many of these chips inside equipment and devices is unknown and cannot be located for alteration, repair or replacement because the source codes of the programmers who installed them forty to fifty years ago are no longer available. There is not enough time, money, skilled programmers, and dedication by top level management to timely address and solve the problem. This problem has been known for decades, and top level executives and government leaders have chosen to ignore it or postpone addressing it. Now that the bug has their attention, they are not able to hire skilled programmers to solve the problem because there are not enough programmers to go around.
The Gartner Group has estimated that nearly 50% of the companies with this problem may not become Year 2000 compliant and will experience computer malfunctions.3 This fact is making it necessary for organizations to triage their systems and bring their mission critical systems into compliance first. Many of these attempts will fail because organizations have waited too long, and their companies will pay the consequences. One area of the law that can expect a great influx of business is bankruptcy since it is anticipated that there will be a large gathering of the procrastinators club at the bankruptcy courts in the year 2000. As the deadline draws closer much time will be devoted to contingency planning for the failures that will inevitably occur. Those failures will lead to a morass of legal problems, many of which will result in litigation. Thus, we will now consider some of the legal implications that may arise from these computer and human failures.
Capers Jones has prioritized the major cost areas arising out of anticipated Y2K failures in a provisional ranking of potential cost elements.38 Of the twenty-seven cost elements that Capers Jones identifies, the five most expensive areas are litigation related. Capers Jones foresees the major areas of litigation in the following priorities: The percentages are for the purposes of comparisons between categories as to the nature and extent of anticipated cost. For example, Jones foresees Year 2000 deaths or injuries at 10,000%, being twice as costly as Year 2000 damages, at 5,000%.
II. Contract Litigation Issues
Parties seeking to examine their legal remedies regarding Year 2000 disputes should turn first to their contract and the Uniform Commercial Code (U.C.C.). Contract law will supply the main framework for resolving Year 2000 disputes. How parties have defined their rights and obligations will often determine who will bear the brunt of the cost of repairing or remediating the Year 2000 problem. What follows is a description of these potential contract claims that could arise in the Year 2000 context.
Leaving out the generic breach of contract cause of action that will permeate this area of litigation, the following represents some possible contract-related causes of action in suits against hardware and software vendors and service providers:
Breach of express warranty that products are Year 2000 compliant or that services will make products Year 2000 compliant;
Breach of express warranty by vendor that software had no viruses, arguing that the Year 2000 is the type of problem contemplated by these warranties;
Breach of various implied warranties, if not waived; Causes of action under consumer protection statutes such as the
Infringement suits by vendors against customers and service providers who deal with unauthorized copies of software for remediation purposes; and
Claims for injunctive relief by licensees when the licensor will not provide the source code necessary to make the Year 2000 fix.39
A. General U. C. C. Contract Issues
In general, software is considered "goods" under the U.C.C.4 Accordingly, standard U.C.C. contract law will be applicable to many Year 2000 contractual disputes. Due to the general public's lack of knowledge concerning the Year 2000 problem, it is likely that most consumers accepted their hardware and software products and waived their rights of rejection under the U.C.C.41 While it is unlikely that consumers will be able to reject the goods at this late date, the test is if the rejection comes within a "reasonable time."42 What constitutes a reasonable time given the unique nature of the Year 2000 problem is anyone's guess. Failure to reject the goods, however, does not preclude the bringing of a straightforward breach of contract claim.43 Breach of contract claims will reach across the spectrum of parties that are dealing with the Year 2000 problem.
B. Warranty Issues
If consumers lose their right to reject the goods, they may still maintain causes of action for breaches of warranties. Warranties can either be express or implied. An express warranty is "any affirmation of fact or promise made by the seller to the buyer which relates to the goods and becomes part of the basis of the bargain." A main concern with all warranty causes of action is the ability of the parties to contractually waive or limit the remedies available under the warranty.45 Damages recoverable under a breach of warranty theory are generally limited to benefit of the bargain damages.46 This raises interesting issues regarding how much benefit a consumer has actually received from the product prior to experiencing Year 2000 problems.
The U.C.C. provides for certain implied warranties as well, such as the implied warranty of merchantability and implied warranty of fitness for a particular purpose.47 The implied warranty of merchantability requires that the goods sold must be "merchantable," that is, fit for their ordinary purpose or capable of passing without objection in the trade of that good.48 The implied warranty of fitness for a particular purpose is not as broad as the implied warranty of merchantability. In essence, if the seller, at the time of contracting, has reason to know of a particular purpose of the buyer and that the buyer is relying on the seller's skill and judgment to select goods suitable for that purpose, an implied warranty exists that the goods will be suitable for the buyer's purpose.49
Like express warranties, these implied warranties are susceptible to being waived. That waiver can be accomplished in one of two ways. First, the U.C.C. implied warranties can be specifically waived by using written, conspicuous, statutorily-designated waiver language. Second, these warranties are also waived by language that clearly indicates that no warranties are being given, such as "as is" or "with all faults. "51
In addition to being susceptible to complete waiver, warranties may also be limited as to the remedies available under them. There are a variety of these potential limitations set forth in the U.C.C., such as liquidated damages clauses and exclusion of incidental and consequential damages.52 However, these damage limitations are construed against the party seeking to enforce them, and are subject to being deemed unenforceable for reasons such as ambiguity or unconscionability.53
C. Deceptive Trade Practices Act
In addition to contract and warranty causes of actions, plaintiffs may rely upon consumer protection statutes such as the Texas Deceptive Trade Practices Act (DTPA). The DTPA protects consumers from false and deceptive practices, which the DTPA enumerates in a laundry list (breaches of warranty and unconscionable actions).54 In order to qualify for the protection of the Act, a prospective plaintiff must qualify as a "consumer." Generally, a consumer is one who seeks or acquires goods or services by lease or purchase.55 Business consumers that have assets of $25 million or more are not consumers under the DTPA.56 Once it is established that one is a consumer, one must then establish a breach of the DTPA. It is likely that the Year 2000 problem will yield causes of action under the DTPA for laundry list violations. The facts and circumstances of each case will determine which of the laundry list provisions are applicable.
To recover for a breach of warranty under the DTPA, a consumer must show that a warranty existed and that it was breached.57 The DTPA creates no warranties; therefore, any warranty a consumer attempts to use to base a DTPA action upon must be created outside of the DTPA.Ss The limitations and waiver issues discussed above concerning warranties are similarly applicable under the DTPA.9 In Texas, however, the implied warranty of good and workmanlike services cannot be waived and therefore may provide a safe harbor for warranty claims under the DTPA.
The DTPA defines unconscionability as an "act or practice which, to a consumer's detriment, takes advantage of the lack of knowledge, ability, experience, or capacity of the consumer to a grossly unfair degree. "6 This particular portion of the DTPA seems to fit well with the Year 2000 problem. In many relationships concerning computer hardware and software there is a clear disparity between the parties in knowledge and sophistication. If the more sophisticated and knowledgeable party takes unfair advantage of the other party, it is possible that the action could be deemed unconscionable under the DTPA.62
One of the advantages to using the DTPA is the elements of damage that may be recovered. The DTPA allows for the recovery of economic damages, but if certain threshold requirements are met the consumer may also recover mental anguish damages and exemplary damages.63 Finally, a successful consumer may recover his or her attorney's fees under the DTPA.6
D. Software License / Copyright Restrictions
As the demand on vendors for corrective work on their products increases, it is likely that companies may be forced to turn to a Year 2000 service provider. The service provider would need a copy of the problematic software to perform the Year 2000 corrective work, but most software licenses contain confidentiality restrictions barring the licensee from providing a copy of the software to any third party without the consent of the licensor. Related licensing agreement provisions prevent companies and Year 2000 service providers from circumventing those confidentiality restrictions by simply "reverse engineering" the software to obtain the source code.6
Section 117 of the United States Copyright Act distinguishes between a purchaser and licensee for purposes of allowing modifications of software in order to be able to correct the Year 2000 problem.68 "[A] licensee of software who is prohibited from modifying the licensed software [will] be expected to honor the license restrictions. "69 Licensees must contact the vendor for a Year 2000 upgrade or modification or obtain the vendor's consent to make the modification itself. This reliance on vendors may confront licensees with a difficult choice if it becomes apparent that their vendors cannot fix the problems. Rather than deal with the host of problems noncompliance may bring, licensees may simply make a conscious breach of the license restriction in order to get their necessary repairs made. Under these circumstances, the licensee's breach of the agreement might appear less egregious.
Any software purchaser or licensee should consider the issue of their maintenance agreement before attempting to effect a Year 2000 repair. Some maintenance agreements provide that warranties as to performance become void if any party other than the software maintenance vendor modifies the system.70 As a result of those issues, service providers offering Year 2000 corrective services may very well offer their services on an "as is" basis and/or require indemnification from their customers against third party licensor suits for infringements.7
III. Tort Litigation Issues
The Year 2000 problem will result in litigation and attorneys will look to apply tort theories in an effort to maximize their client's recovery. In seeking to impose punitive damages to maximize recovery for Year 2000 problems, a threshold showing of fraud or malice will most likely need to be proven for each of the tort theories.72 While inevitably there will be many litigation issues resulting from the Year 2000 problem, what follows is a list of potential tort claims that could arise in the Year 2000 context.3
A. Negligence Claims and Defenses
In suits against hardware and software consultants, negligence, or "computer malpractice," or failure to design a Year 2000 compliant system will be alleged.4 In suits against product manufacturers and entities in the chain of distribution, negligence can be alleged when product failure as a result of the Year 2000 problem results in bodily injury or property damage.
B. Product Defects
In suits against product manufacturers and entities in the chain of distribution, strict products liability may be alleged when noncomputer equipment fails, such as elevators, escalators, and telephone systems with embedded microchips. Strict products liability can be advanced on three separate theories: manufacturing defect, design defect, and failure to warn. Since the Year 2000 problem is not an isolated defect in a batch of otherwise acceptable products, the manufacturing defect theory will probably not be applicable. The other two theories may apply if the product defect results in bodily injury or property damage.75 However, courts are generally reluctant to apply these causes of action when only economic loss is alleged.76
C. Misrepresentations and Fraud
In suits against hardware/software vendors and service providers, fraud may be alleged on the theory that the vendor failed to disclose the Year 2000 defect, despite its knowledge that plaintiff intended to utilize the product past the year 2000. Additionally, fraud claims may be based on the vendor's advertising which states or implies that the vendor will make its products Year 2000 compliant when it is only providing upgrades for newer versions of its products. Fraud may also be alleged unless computer consultants disclose to plaintiffs the Year 2000 problem as part of consultation with respect to purchasing computer equipment.'7 Intentional misrepresentations will also be the basis for deceptive trade practices causes of action.
In many of the same instances when an intentional misrepresentation may be alleged, negligent misrepresentation may also be applicable. While negligent misrepresentation carries a less strict standard of liability than does fraud, the damages recoverable under a negligent misrepresentation theory are limited to the difference between the value received and the price paid, and consequential pecuniary loss.79 This damage limitation generally curbs the use of negligent misrepresentation. However, in the Year 2000 context, the amount of expenses incurred repairing or remediating the problem, coupled with the increased likelihood of insurance coverage for negligent as opposed to intentional misrepresentations, could make this a popular tort allegation.
D. Corporate Mismanagement
In suits against officers and directors of corporations, breach of fiduciary duty theories can be alleged.go These theories are based on the directors' and officers' duties of due care and loyalty.sl Directors may also have duties arising under federal and state banking law, pension laws (e.g., ERISA) and similar laws.sz Additionally, directors and officers of corporations may also be sued for securities law violations for failures to disclose or for fraudulent or inaccurate statements.83 Gross negligence will be the standard for holding an officer or director liable for a breach of their fiduciary duties if they can invoke the protection of the business judgment rule.
IV. Liability of Corporate Officers and Directors
By now, the business community is well aware of the Year 2000 problem, or the millennium bug. Corporate directors and officers are likely answering questions concerning what they did to inform themselves of the problem and what actions they took to address it. Their answers will determine whether they can be held personally liable for a corporation's losses associated with the Year 2000 problem. Corporate directors and officers have always been subject to personal liability for various causes of actions.85 However, the Year 2000 problem presents an increased risk of personal liability to directors and officers because:
1. The publicity which this problem has received and will continue to receive will make it impossible for any director or officer to claim that they were unaware of this issue;
2. The obvious risk of business failure associated with this problem is one that an ordinarily prudent businessperson would recognize;
3. There is an absolute deadline for completing the fix and a limited amount of resources that are capable to fix the problem. Finally, not only does the corporation need its problems corrected, all the entities with whom the corporation does business must treat their problems lest the corporation suffer preventable business disruptions.86
Personal liability of corporate directors and officers is generally predicated on two main areas of obligation. First, directors and officers have fiduciary duties of due care and loyalty that they owe to the corporation.' Second, they have the obligation to make disclosure of financial information or other circumstances that will effect the future performance of the corporation."88 If directors and officers do not fulfill their fiduciary duties or ensure proper disclosures, there is a strong probability that they will be held personally responsible.
A. Fiduciary Duties
Directors have fiduciary duties of loyalty and due care to ensure that the best interests of the shareholders are served.89 To satisfy these fiduciary duties, directors must develop business plans and choose competent officers to implement them. Among other obligations, directors must make corporate policy, evaluate management, review the financial status of the corporation, and submit information about the financial condition of the corporation to the shareholders and government regulators.90 These activities expose directors to personal liability separate and apart from that imposed on the corporation for its acts. The duty of loyalty may become an issue in the Year 2000 context regarding certain disclosure obligations; however, when management's efforts to eliminate the Year 2000 problem come under scrutiny, the duty of care is the fiduciary obligation that will be most relevant.
1. Duty of Due Care. -The duty of due care requires that directors make informed decisions after gathering and considering all material information.9 The adequacy of the information gathering and deliberation process, rather than the result of the decision, is paramount. Under the duty of due care, a director must perform his paramount. Under the duty of due care, a director must perform his duties in good faith, in a manner that the director believes to be in the best interests of the corporation and with such care, diligence, and skill, including reasonable inquiry, as an ordinarily prudent person in a like position would use under similar circumstances. This appears to be a simple negligence standard. However, as the courts are reluctant to put the myriad of business decisions made by a corporate board under the unfairly focused glare of hindsight, directors are generally accorded the protection of the business judgment rule.
2. Business Judgment.-The business judgment rule protects directors who use reasonable diligence to become aware of the issues, to acquire sufficient facts, and to thereafter act in good faith on the basis of those facts.93 This rule requires two things of directors. First, they must make a reasonable inquiry; and, second, after board deliberation they must act. The business judgment rule protects only informed decisions and is therefore inapplicable unless the directors have informed themselves of all reasonably available and relevant information. The directors must then act with the requisite amount of care in the discharge of their duties. Under the business judgment rule, directors who meet this criteria are presumed to have exercised their corporate trust reasonably, in good faith, and for the benefit of the corporation. The burden of proof is then placed upon the party challenging a director to show that the action was in bad faith or, in essence, was grossly negligent.96
In making the reasonable inquiry required by the business judgment rule, directors are generally entitled to rely on the advice of experts, counsel, or corporate committees. Additionally, directors are entitled to rely upon information and corporate reports to assist them in discharging the duty of due care. In other words, directors may discharge their fiduciary duty of due care by delegating and relying on others, but only if the directors remain fully informed and carefully supervise those to whom they delegate responsibility. In fact, it may constitute a breach of the fiduciary duty of care if they fail to obtain advice from outside experts.'
Directors may not abdicate responsibility altogether by delegation. Directors must select officers, subordinates, outside advisors, or committee members that are capable. Directors are further obliged to fully inform their appointees about the task at hand, and ensure that information is provided back to the directors. Directors who choose to delegate must supervise the activities of the entities to whom they have delegated responsibilities.98
Under the corporation laws of some states, corporations may limit or eliminate their directors' (and in some instances of icers') monetary liability for breaches of their fiduciary duties, and may indemnify their directors against expenses, judgments, fines, and settlement payments in third-party actions and derivative actions.99 However, although many state laws permit companies to limit the liability of directors and officers, not all companies have adopted such limitations of liability or incorporated those limitations into their charter documents. Some corporations also have no D&O liability insurance or have policies with low policy limits.
The potential liability of officers and directors of a company that fails to timely become Year 2000 compliant could be considerable. Counsel should review the company's D&O insurance policies, limitation of liability provisions, and indemnification provisions so that they may be revised if necessary. Officers and directors who have received personal indemnification agreements may wish to have their personal counsel re-review the agreements. This, coupled with doing corporate "due diligence," will help avoid problems for the directors and officers.
B. Disclosure Obligations
Corporations are required to make adequate disclosures regarding their financial conditions. For private corporations, failing to disclose material information results in fraud claims.loo Fraud may also be asserted against the directors and officers of a public corporation. Iol If the corporation has federal reporting duties, the directors and officers must comply with the obligations imposed by federal securities laws. The Securities and Exchange Commission recently promulgated guidelines for Year 2000 problem disclosures in its Staff Legal Bulletin No. 5, which reads in pertinent part as follows:
The Year 2000 issue affects virtually all companies and organizations. Many companies must undertake major projects to address the Year 2000 issue. Each company's potential costs and uncertainties will depend on a number of factors, including its software and hardware and the nature of its industry. Companies must also coordinate with other entities with which they electronically interact, both domestically and globally, including suppliers, customers, creditors, borrowers, and financial service organizations. If a company does not successfully address its Year 2000 issues, it may face material adverse consequences.
If a company has not made an assessment of its Year 2000 issues or has not determined whether it has material Year 2000 issues, the staff believes that disclosure of this known uncertainty is required....
[T]he determination as to whether a company's Year 2000 issues should be disclosed should be based on whether the Year 2000 issues are material to a company's business, operations, or financial condition, without regard to related countervailing circumstances (such as Year 2000 remediation programs or contingency plans).'
This disclosure should include the company's general plans to address the Year 2000 issues relating to its business, operations (including operating systems), and, if material, relationships with customers, suppliers, and other constituents, as well as its timetable for carrying out those plans. In addition, the disclosure must be reasonably specific and meaningful rather than standard boilerplate.
Where the SEC leads, the auditors of public companies are sure to follow, as they already have. The American Institute of Certified Public Accountants' Current Accounting and Auditing Guidance,103 although unofficial, contains a suggested Management Letter that companies have already received, advising:
We recommend that you take the necessary actions to immediately begin to identify, modify, and test all systems that may be negatively affected by the Year 2000 Issue, particularly mission-critical systems . . . Also, the company should implement verification procedures to test the accuracy of information received from its vendors, service providers, bankers, customers, and other third-party organizations with whom it exchanges date-dependent information, because these organizations also must become Year 2000 compliant. The company also should satisfy itself that vendors, service providers, bankers, customers, and other third-party organizations will not experience problems relating to the Year 2000 issue that could affect the company's operations or cash flows.104
Directors and officers of public companies can be held personally liable under the Securities Act of 1933 and the Securities Exchange Act of 1934.los The registration of publicly issued securities, reporting obligations on Forms 10-K, 10-Q, and 8-K, soliciting proxies, ongoing disclosures to investors and the dissemination of financial information for inclusion in registration statements and periodic reports are all activities that are covered by the acts.lob Companies are typically required to disclose all material information under these acts.'07 According to the United States Supreme Court, financial information is material if there is "a substantial likelihood that a reasonable shareholder would consider it important" in making decisions about his or her investment in the company.log This general rule applies to both historical facts and prospective events.
These principles must then be applied in Management's Discussion and Analysis of Financial Condition and Results of Operations ("MD&A"). This is required by the integrated disclosure system adopted by the Securities and Exchange Commission.109 The MD&A requires all registrants and reporting companies to disclose the historical performance and current financial condition of the corporation.llo Preparation of the MD&A requires the disclosure of information concerning trends, uncertainties, and other circumstances that may have a material impact in the future. This is particularly relevant in light of the Year 2000 problem. Given some of the cost estimates that major United States corporations are putting forth for their Year 2000 efforts, there can be little doubt these costs and efforts will be considered material.
Under the 1933 Act, director and officers are liable for material misstatements and omissions made in the registration statements to acquire securities issued under the act.lll Underwriters, auditors, and lawyers involved in the issuer's stock offering may also be liable. A "due diligence" defense exists against a Section 11 action.112 An issuer may be held liable for any untrue material statement in a prospectus or the failure to state material facts necessary to keep the prospectus from being misleading. This applies to any public offer or sale of a security, "by means of a prospectus or oral communication.""3 The issuer's due diligence defense exists if the user "did not know, and in the exercise of reasonable care could not have known" of the falsity.ll4
Section 10(b) of the 1934 Act (interpreted by Rule lOb-5 of the SEC) makes it unlawful for any person to sell any security in interstate commerce while employing a "manipulative or deceptive device," which includes making any untrue statement or omitting any statement of a material fact.lls Actions by a purchaser under Section 10(b) and Rule lOb-5 "must allege a material and false representation or omission by the issuer in connection with the purchase and sale of securities, the use of means and instrumentalities of interstate commerce, scienter, . . . reliance by plaintiff and damages suffered by plaintiff."1 This is in contrast to actions under the 1934 Act, which do not require a showing of intent to deceive. Private actions by shareholders are not the only vehicles for enforcement of disclosure under regulations imposed by federal securities laws; the SEC may bring enforcement actions.ll
C. Building Defenses Today
It is clear from analyzing the various possible causes of action against corporate directors and officers that they need to attack this problem directly and immediately. While doing so they should simultaneously be documenting both their efforts at information collection and their actions so as to allow them to claim the protections afforded by the Business Judgment Rule and the due diligence defenses discussed above.
The first step towards building these defenses is to promote awareness of the Year 2000 problem amongst the directors and officers of the corporation. Directors and officers need to be reminded of their fiduciary and disclosure obligations in light of the Year 2000 problem. If the directors are reluctant to act, counsel can point out that other corporations are taking action, and in that climate it is easier to prove that an ordinarily prudent director should act. The directors should create a Year 2000 committee comprised of one or more directors, the CFO, general counsel, and any necessary experts, both legal and technical. This committee should supervise the development and execution of appropriate technical, contingency, and legal plans to combat the company's Year 2000 problem.'l8
A paper trail for all director and officer activities related to the Year 2000 should be established. The Board should receive all memoranda. Board meetings should contain relevant discussions regarding company progress and the sources of information relied upon by the Board. These discussions should be documented in the minutes of the meetings. A document retention policy should be in place to ensure that the paper trail remains in existence. Document control should be discussed and analyzed. The effects of documented criticism of management's handling of the Year 2000 problem should be discussed with all employees. Critical comments that must be made should be addressed so as to be privileged. If it becomes necessary at a later date the critical comments can then be distributed. 19
Finally, the directors should continue to gather information and follow through on their plan of action. Direct reports regarding the progress of the corporation's Year 2000 plan should be made to the Board. This is important, because the Board's actions do not have to be perfect, only informed and in good faith.l20 The Board should continue to gather information after addressing the need to fix the problem, looking at possible areas of assistance with the cost of the fix. Insurance policies should be examined for coverage and limits. Analysis of agreements to determine potential causes of action and indemnification rights will help guide the board in steering the corporation through what will undoubtedly be a difficult period.'2'
In summary, while directors and officers have serious obligations and potential for individual liability stemming from the Year 2000 problem, their fate lies in their own hands. If directors and officers will take the time to immediately inform themselves and then act responsibly to address the problem, they will have gone a long way to fulfilling their corporate obligations and protecting their personal assets.
V. Multi-Party Litigation
Because the Year 2000 problem is so widespread and common to a multitude of plaintiffs, it is likely that a significant portion of the litigation stemming from the year 2000 will be multi-party litigation.
A. Shareholder Derivative Suits
The previous section of the Article examined the various theories that may be pled to hold corporate directors and officers personally liable for losses associated with the Year 2000 problem. Those claims are generally brought in shareholder derivative actions. A shareholder derivative action is a lawsuit by a shareholder or shareholders acting on behalf of the corporation seeking corporate losses caused by the director's or officer's breaches of fiduciary duties or failures to disclose. The corporation is a nominal defendant in the suit, but is the ultimate beneficiary of any recovery.
B. Class Actions
Given the mass distribution of software and hardware products that are all identically defective, plaintiffs will likely seek to pursue class action lawsuits. To bring a claim as a class action, the class must first establish that (1) the class is so numerous that joinder of all members is impracticable; (2) that there are questions of law or fact common to the class; (3) that the claims or defenses of the representative parties are typical of the claims or defenses of the class; and (4) the representative parties will fairly and adequately protect the interests of the class. 122 While Year 2000 litigation will engender many individual fact issues, a common element to Year 2000 claims is that the products are defective. Consolidation of the liability issues concerning Year 2000 litigation would then allow the courts to allow the parties individual opportunities to litigate other issues such as consequential damages. 123
VI. Insurance Coverage Issues
As litigation regarding the Year 2000 problem progresses, defendants are going to be asking the obvious question: Am I insured under my current policies? This important question will likely have to be answered by the courts after litigation. While coverage of all insurance issues is beyond the scope of this Article, what follows is an overview of some of the typical issues concerning the Year 2000 problem. It may be helpful to note, however, that some insurers are offering specific policies to cover the Year 2000 problem. These policies cover such items as business interruptions and directors and officers liability. However, it is unlikely that these policies will be widely implemented as they are generally subject to stringent technical review requirements and are costly.
A. Commercial General Liability
A Commercial General Liability (CGL) policy typically provides coverage for occurrences resulting in bodily injury or property damage. Many companies will turn to this policy looking for coverage for their Year 2000 problems. 124 This process of coverage determination may be thrust upon companies by pending legislation. The CRASH legislation, introduced by Senator Bennett of Utah, will require all publicly traded corporations to make certain disclosures, among them, whether their insurance policies cover Year 2000 losses.lzs However, serious questions exist as to whether a standard CGL policy may provide coverage for the losses associated with the Year 2000 problem.
Many of the costs associated with correcting the Year 2000 problem are going to be associated with investigation, remediation, and testing. Under a standard CGL policy only sums that qualify as damages are potentially covered. The expenses mentioned above do not appear to be readily identifiable as damages from property damage or bodily injury, and as such likely will not fall within the coverage of a standard CGL policy.l26 This also raises the question of whether losses associated with the Year 2000 problem are property damage or bodily injury and not purely economic loss, the former giving rise to coverage, the latter not. 127 Of particular concern is the trigger issue with respect to these policies. If these policies are triggered when the failures actually occur, then it is likely that insureds are going to face policy language either excluding or limiting their ability to claim Year 2000 losses. However, if insureds can successfully argue that the triggering event was the manufacture or sale of the noncompliant product, then long expired policies containing no Year 2000 limitations will be in effect.l28
B. Business Interruption
Business interruption insurance protects against loss of business income and costs after a catastrophe such as fires, or in the Year 2000 context, a "fortuitous event." This coverage was not intended to cover business interruptions caused by third party negligence, and such problems may be specifically excluded. Insurance carriers will inevitably argue that because the Year 2000 problem is and has been known and the vendor controls the ability to correct the problems, it is not a fortuitous event. Thus, it is critical to review policies to determine whether Year 2000 problems would be excluded by the specific language of the policy.l29
C. Errors and Omissions / Professional Liability
Another type of coverage is Errors and Omissions (E&O) insurance. Its coverage extends to "damages and associated defense costs" that an insured may incur as a result of providing certain defined "insured services" to others.' As the name indicates, claims may occur from either an error, an affirmative act, an omission, or a failure to act on the part of the insured.
If the relevant activities of the insured are insured services under the E&O policy, the insurer will face third-party claims involving errors or omissions committed by the insured during covered transaction. If the defendant is a traditional professional, such as a lawyer or an accountant, coverage may be available under malpractice coverage. 31
D. Products Liability
If the insured's products give rise to damages, product liability insurance covering defined damages and defense costs may be applicable. While this may seem a fairly narrow area at first glanceconfined to those companies who manufacture, sell, or distribute software-the embedded chip problem makes this coverage more likely to be pursued. If devices containing embedded chip technology that is date sensitive fail and cause bodily injury, product liability claims surely will be made. An ominous example of this is echoed in the statement of Joel Ackerman, executive director of the Rx2000 Solutions Institute, a nonprofit group that educates healthcare providers on Year 2000 issues: "I do believe there are going to be some unnecessary deaths."132
E. Directors and Officers
If the expense of correcting the Year 2000 problem cuts into corporate profits and the price of the company's stock begins to fall, shareholders will look for someone to blame. Corporate officers and directors are squarely in the line of fire. Directors and Officers (D&O) liability insurance exists to protect directors and officers from personal liability.l33 Without this type of policy the position of director would not be attractive to successful individuals. If a company is unable to cover certain actions taken by directors and officers, the company's D&O policy will likely be called upon.
One issue of importance regarding this type of insurance is the scope of coverage for officers. Just because an individual is a statutory officer or is a designated officer in the articles of incorporation does not determine the issue of coverage. D&O policies typically have an attachment that designates the positions and titles of the covered insureds. This document should be analyzed to determine the scope of coverage, particularly if positions and titles frequently change within the organization.134
Another issue of import concerning this type of policy is that they are generally "claims made" policies. Because these policies cover losses from claims that are made during the policy period, it does not require that underlying facts of the claim occur during the policy period.135 This may allow insurers to attempt to exclude Year 2000 claims by either non-renewal or exclusion. An insured facing either non-renewal or exclusion should consider using the notice provision of its existing policy to give written notice of the circumstances and reasons for anticipating Year 2000 related claims. In this manner, the insured can argue that those claims should be treated as claims that were made during the policy period.136
F. Specific Year 2000 Policies
While the exact details of Y2K policies are beyond the scope of this Article, their basic structure is similar. The insurance generally covers business interruption for failures associated with Year 2000 problems both of the insured and other third parties. They also provide coverage for third party liability, including D&O and E&O, as well as coverage for vicarious liability. Obtaining the coverage is contingent upon passing technical reviews or audits of the potential insured's Year 2000 conversion plan. Coverage is very expensive. For example AIG's policy provides that premiums will vary from sixty-five percent to eighty-five percent of the purchased limits. If there is a good loss experience, there will be a return premium. 137
VII. Legal Audit
An important question that each company must address is what its legal rights and obligations are with respect to Year 2000 problems. In order to accomplish this the relevant documents must be gathered and reviewed with an eye toward Year 2000 issues. This process of gathering and review is what has generally come to be known as a legal audit. While it is important for both vendors of computer goods and services and users of computer goods and services to review their documentation, there are important distinctions between the two groups of documents.
Vendor review documents include:l38
Agreements with companies from which the vendor obtained computer hardware or software, which were incorporated into or bundled with its products, and sold either directly or through various channels of distribution to the customer;
Development agreements with third parties for software or databases that the vendor has incorporated into or bundled with its product;
Maintenance and support agreements with third party vendors; License agreements with customers for vendor software or databases;
Distribution agreements for vendor products; Maintenance and support agreements with customers for vendor products or services;
Computer service agreements with customers;
Third party agreements with trading partners;
Manuals and other documentation for vendor products provided to customers;
Advertising and promotional materials for the vendor's products or services;
Merger and acquisition agreements;
Publicly available disclosure documents filed with public agencies; and
On the other hand, user relevant documents include:l39
Purchase agreements for hardware and computer systems;
License agreements for software or databases;
Development agreements for software or databases;
Maintenance and support agreements;
Computer service agreements;
Third party agreements with trading partners;
Manuals and other documentation for vendor products;
Vendor advertising and promotional materials;
Merger and acquisitions agreements;
Publicly available disclosure documents filed with public agencies by vendors that relate to a vendor's products or services; and
In reviewing these documents both vendor and user will seek to determine essentially the same things:
1. Who might I have rights against? What are my causes of action to enforce those rights? By when must I act to enforce those rights? What are the possible defenses to those causes of actions?
2. Who may have rights against me? What are the potential causes of action against me? By when must these actions be brought against me? What are my defenses to those causes of action?
3. Is there any insurance coverage for these disputes? While each company is different and will undoubtedly present many unique issues to whoever conducts the legal audit, there are common contractual provisions that will recur. These include license rights provisions; express and implied warranties; warranty limitations or disclaimers; liability limitations; integration clauses; confidentiality provisions; force majeure; shortened statute of limitations; Year 2000 compliance; virus, timebomb, or Trojan horse; access to source code; and term and termination.l40
Each of these clauses raises certain issues in the context of the Year 2000 problem. While an in depth examination of the issues that arise from these clauses is beyond the scope of this Article, a brief discussion of each follows.
A. License Rights Provisions
Licence Rights Provisions will have application in the instances when, for whatever reason, the licensee desires to modify computer products, either itself or by hiring a solution provider, to make them Year 2000 compliant. The license rights provisions will define the rights of the licensee with respect to the use or modification of any product and should be carefully reviewed before undertaking any modification or repair. Additionally, modifications and repairs of software raise certain intellectual property issues that will need to be examined, such as "fair use" and Section 117 of the Copyright Act.141
B. Express and Implied Warranties
An express warranty is "[a]ny affirmation of fact or promise made by the seller to the buyer which relates to the goods and becomes part of the basis of the bargain. ss 142 Express warranties that are not stated directly in the contract are generally disclaimed. All pertinent documents should be examined for all express warranties, upon which a company may expect to rely and those that it may have given, which may relate to the Year 2000 issue.
The U.C.C. also provides for an implied warranty of merchantability and the implied warranty of fitness for a particular purpose.143 The implied warranty of merchantability requires in part that the goods sold must be merchantable, that is, fit for their ordinary purpose or capable of passing without objection in the trade of that good."4 The implied warranty of fitness for a particular purpose is not as broad as the implied warranty of merchantability. In essence, if the seller, at the time of contracting, has reason to know of a buyer's particular purpose and that the buyer is relying on the seller's skill and judgment to select goods suitable for that purpose, an implied warranty exists that the goods will be suitable for the buyer's purpose.l45
It is important to note that while express and implied warranties exist, they may also be limited and waived. Attempts to waive the implied warranties must generally meet certain requirements. For example, in order to waive the implied warranty of merchantability, the waiver must be conspicuously in writing and mention the word "merchantability."146 Despite these requirements, blanket waivers such as "as is" will still be effective to waive implied warranties."147
In addition to being susceptible to complete waiver, warranties may also be limited as to the remedies available under them. There are a variety of options for these limitations set forth in the U.C.C. such as liquidated damages clauses and exclusion of incidental and consequential damages."148 These damage limitations should be carefully reviewed as they are generally strictly construed against the person seeking to enforce them and are subject to being deemed unenforceable for a variety of reasons such as ambiguity or unconscionability. 149
C. Integration Clauses
An integration clause is a standard clause that seeks to limit the parties to the four corners of their agreement for the interpretation of that agreement.150 It is a common basis for seeking to exclude claims of extra-contractual representations. Even in the face of an integration clause, the terms of the agreement may be supplemented or explained by custom or trade, or course of performance.' Additionally, exceptions to the parol evidence rule may be used to circumvent the effect of an integration clause.152
D. Confidentiality Provisions
Confidentiality provisions are common and seek to protect the vendor's trade secret and other proprietary material. This provision should be reviewed to determine if attempts to make vendor products Year 2000 compliant constitute a breach. It is especially applicable if a third party is being used to remediate a company's Year 2000 problem.'53
E. Force Majeure
Force Majeure clauses are designed to fend off claims of default when a contracting party fails to perform in the face of an act of God or other unforeseen event beyond the party's control. Given the knowable and correctable nature of the Year 2000 problem, it would appear to be difficult to use this clause as a defense.154
F. Shortened Statute of Limitations
Parties can contract to shorten the statute of limitations for actions related to the contract. The limitations periods and types of claims that can be contracted around will vary from forum to forum. Generally, there will be some minimum period of limitations that may not be contracted away.155
G. Year 2000 Compliance
As attempts to fix the Year 2000 problem gain momentum, parties are going to be looking for assurances that products and services are Year 2000 compliant. It will be essential that the contract language placed in these clauses addresses the various nuances of the Year 2000 and provides a framework for measuring compliance.156
H. Virus, Timebomb, Trojan Horse
Viruses, timebombs, and Trojan horses are types of software problems that vendors sometimes warrant do not exist in their products. If the Year 2000 problem can be classified under one of these categories of software problems, then it could serve as the basis for a breach of contract claim. 157
l. Access to Source Code
Generally, software contracts do not allow the end user direct access to the source code for the software. Without the source code, solving a Y2K problem is difficult at best. Most contracts contain a clause specifying that the source code will be held by a third party and the end user may gain access upon the occurrence of certain specified events, such as bankruptcy or the vendor's going out of business.158
In some contracts there will be a termination provision that will allow the parties to terminate the contract usually after giving a specified amount of notice. This termination may be without regard to any breach of the contract. Parties may attempt to use these provisions to escape possible liability for Year 2000 problems arising under the agreement. However, if the cancellation of the agreement may only be accomplished after a material breach, it will be more difficult. The party seeking the cancellation of the agreement should thoroughly document its reasons for termination so as to be able to demonstrate good faith in seeking the termination.l59
In summary, a legal audit will help guide a company's Year 2000 effort by establishing its rights and obligations. A detailed analysis will help the company position itself so that it is not left holding the bag for the Year 2000 costs it incurs that are legally attributable to third parties. A legal audit should be considered an indispensable part of any Year 2000 effort.
VIII. Defenses to Year 2000 Litigation
The Year 2000 problem will force entities and individuals to evaluate not only the potential causes of action that they may assert, but what defenses may be pled against them. What follows are a few of the defenses that will likely be raised in Year 2000 litigation and a brief description of their elements.
A. Assumption of the Risk
Defendants may assert the defense of assumption of risk of the Year 2000 problem. The defendant can argue that the plaintiff must have known of the Year 2000 problem when it purchased the hardware or software, as the problem has been known for decades and recently has received national attention. Additionally, computers have malfunctioned in the past due to date field problems.'
B. Force Majeure
A force majeure clause protects a contracting party from a claim of default when it fails to perform due to an Act of God or other event beyond the party's reasonable control. The Year 2000 problem is a known problem, that can be corrected, making the applicability of a "force majeure" clause doubtful.16l A more difficult issue would be presented if a Year 2000 compliant party was unable to perform due to another entity's failure to become Year 2000 compliant. This can be expected to occur often. Embedded chips in non-computer equipment may also present a difficult issue. While the standard force majeure clause may be inapplicable, companies may wish to add the Year 2000 problem specifically as a force majeure in their contracts.162
C. Statute of Limitations
The statute of limitations for a cause of action for breach of U.C.C. warranties is four years from the delivery of the goods.163 This period is not affected by the buyer's knowledge of the defect; in other words, the U.C.C. does not employ the discovery rule. The one exception to the U.C.C. statute of limitations is that actions on express warranties that specifically extend the warranty to future performance may be brought more than four years from delivery.165 Most likely, if a consumer purchased hardware and software more than four years ago, she will be barred from bringing a breach of warranty claim under the U.C.C.
This generally will not pose a problem in Texas however, because causes of actions for breach of U.C.C. warranties may be brought under the DTPA and the DTPA's statute of limitations will apply. The DTPA, unlike the U.C.C., does employ the discovery rule.l Thus, the two year statute of limitations set forth in the DTPA does not begin to run until the consumer discovers, or in the exercise of reasonable diligence should have discovered the problem.167 As Year 2000 problems continue to gain attention and publicity, it will become more likely that the consumer should have known of the problem. This may pose potential problems for consumers that wait to file suit after Year 2000 problems actually manifest themselves.
The statute of limitations relating to fraud causes of actions is four years.l68 The discovery rule is applicable to a fraud cause of action as well.169 While negligent misrepresentation is generally associated with fraud, it does not employ a four year statute of limitations. Rather, the two year statute of limitations for torts applies.l7 While the discovery rule applies to causes of action for negligent misrepresentation, the applicability of the rule has been limited by the Texas Supreme Court. "' Claims for computer malpractice and negligence will be governed by this same two year statute of limitations. 172
D. "Due Diligence" and the Business Judgment Rule
The Business Judgment Rule protects directors who are reasonably diligent in making themselves aware of the issues, acquire sufficient facts, and make a good faith decision on that basis.173 This rule requires two things on the part of a director: first they must make reasonable inquiry, and secondly, after board deliberation they must act. The Business Judgment Rule protects only informed decisions and is therefore inapplicable unless the directors have informed themselves of all reasonably available and relevant information. TM The directors then must act with the requisite amount of care in the discharge of their duties. Under the Business Judgment Rule, directors who meet this criteria are presumed to have exercised their corporate trust reasonably, in good faith, and for the benefit of the corporation.175 The burden of proof is then placed upon the party challenging a director to show that the action was in bad faith, or in essence, was grossly negligent.l76
The same basic principles applicable to the Business Judgment Rule, directors gathering information and acting in the best interests of the shareholders, will help directors establish the "due diligence" defense to claims of securities law violations brought under the Securities Exchange Acts of 1933 and 1934.177
E. Disclaimer of Warranties and Limitation of Remedies
Both express warranties and implied warranties are susceptible to waiver, which can be accomplished in one of two ways. First, the U.C.C.'s implied warranties can be specifically waived by using written, conspicuous, statutorily-designated waiver language.lg Second, these warranties are also waived by language that clearly indicates that no warranties are being given such as "as is" or "with all faults."179
In addition to being susceptible to waiver, warranties may also be limited as to the remedies available under them. There are a variety of options for these limitations set forth in the U.C.C. such as liquidated damages clauses and exclusion of incidental and consequential damages. These damage limitations are generally strictly construed against the person seeking to enforce them and are subject to being deemed unenforceable for a variety of reasons such as ambiguity or unconscionability.Is
F. Following Industry Standard Practices
Defendants may urge that they were following industry standard practice in designing computer systems, writing software, and manufacturing microchips using two digit year date fields, and this practice has been shown to be reasonable on a cost-benefit historical analysis. This defense would be analogous to the "state of art" defense to a products liability cause of action.
G. Sovereign Immunity
Governmental entities may rely on the defense of sovereign immunity to bar suits against them for their Year 2000 failures. Additionally, Nevada has passed, and several states are considering, specific statutory immunity from suits against governmental entities for Year 2000 problems."82
Puffing is the general praise of a product or a seller's opinion of a product and is not actionable."3 Whether a particular statement is puffing or an actionable representation depends upon the statement's specificity, the speaker's knowledge, the comparative levels of the buyer's and seller's knowledge, and whether the statement is based upon present facts or relates to the occurrence of future events.184
IX. Health Care Industry
Hospitals and health care systems face Year 2000 problems originating from both internal and external sources. Year 2000 failures "could compromise patient care, disrupt core business functions and create liability exposure.18ls The health care industry is especially susceptible to Year 2000 problems as it is heavily dependent on technology. The health care industry not only relies on technology such as medical devices containing embedded chips, it also relies on the electronic exchange of information.
"Health care facilities will be exposed to disruptions because of failures in computer systems, embedded chips, and business relationships. us 186 Computer system failures will occur in the organization's own systems, as well as in the systems of third parties and governments upon which the institution relies. Health care entities will likely experience problems from the failure of date sensitive embedded chips in medical devices such as pumps in intravenous drips.ls It will also need to deal with problems in monitoring and control systems, fire alarms, security systems, telecommunications equipment and building infrastructure, including Heating Ventilation & Air Conditioning (HVAC).lss Even if a hospital takes care of its own Year 2000 problems, it may still experience business interruptions if third parties upon whom it depends fail to do so. "Health care systems cannot function effectively without reliable support from medical insurance payers, claims clearinghouses, banks, and suppliers of hundreds or thousands of other goods and services, all of which are potentially vulnerable to Year 2000 failures."'89 On this issue, Senator Robert Bennett, (RUtah), the United States Senate's point man on Y2K issues, states, "I am very concerned about the health care system. There are health care entities that may very well go bankrupt because they cannot get reimbursement from Medicare and Medicaid . . ."190
The financial institutions of the world are not immune to the Year 2000 problem and the potential liability exposures that may come with it. The Year 2000 problem could result in a multitude of erroneous financial transactions and breached obligations to customers and others. These problems would include denial of access to accounts, failures of automatic payment systems, the erroneous honoring or dishonoring of checks, and inaccurate account balances.191 Not only will a financial institution need to correct its own Year 2000 issues to avoid these problems, it will have to deal with its myriad of interfaces with other parties.
A. Erroneous Transactions
While the scope of the number of possible failed transactions and causes of action stemming from them are nearly limitless, commentators have suggested that some general observations may be drawn about liabilities and defenses of financial institutions for errors caused by Year 2000 problems.l First, a financial institution will likely not find a computer error defense available to them; rather the courts tend to look at the human act that precipitated the computer error. 193 Second, for many of the same reasons already cited in this Article, financial institutions will unlikely be able to rely upon the force majeure doctrine.l Third, financial institutions will not likely be able to defend against Year 2000 computer errors when the computer error results in a transaction for which the financial institution is generally subjected to strict liability. 95 When faced with a dispute over fault, courts will base liability on two factors: one, the identity of the party who selected the system, and two, the existence of contingency plans or safeguards in place in the event of an error.'96
B. Electronic Funds Transfer
The law concerning Electronic Funds Transfers (EFT) comes from two statutory sources: the Electronic Funds Transfer Act (EFTA)197 and Article 4A of the Uniform Commercial Code. The EFTA applies to consumer transactions such as ATM withdrawals, while Article 4A governs electronic transfers not covered by the EFTA.198 The EFTA is consumer friendly. Liability for fraudulent transactions or unauthorized transfers is limited to $500 occurring up to sixty days after the financial institution sends the consumer a statement showing the unauthorized transaction.l99 If Year 2000 problems cause financial institutions to deny access to consumers' funds at ATM's, section 1693h(a)(2) of the EFTA provides for liability on the part of the financial institution for damages.2
Furthermore, the EFTA may provide a defense to Year 2000 litigation in the form of section 1693h(b).20l A financial institution may receive the protection of section 1693h(b) if either (1) the failure was the result of an Act of God or circumstances beyond the institution's control, and the institution attempted to prevent the failure and acted reasonably when it occurred, or (2) the error is the result of a technical failure of which the consumer was aware at the time it occurred.2' A person bringing an action under the EFTA may sue individually or bring a class action and recover actual damages, penalties, and attorney's fees.203
1. Article 4A of the Uniform Commercial Code.-Once again, the ways that Year 2000 problems could impact obligations under Article 4A are too numerous to set out. However, two aspects of Article 4A stand out with respect to Year 2000 problems. Financial institutions are not subject to liability under Article 4A for electronic transfers that are not accepted, absent an agreement to the contrary, and Article 4A shifts the loss of erroneous or failed transactions through the use of agreed upon security procedures.24 If no security procedures have been agreed upon by the parties, the general security procedures of Article 4A will allocate the loss; when there are agreed security procedures, the party who failed to comply with those procedures will have the loss shifted to them.2s
Under the general security procedures of Article 4A, no liability attaches until the financial institution on the receiving end of the transfer accepts it.2" If the receiving bank refuses to accept the transfer, the sending bank has no liability until the receiving bank accepts payment.2' If the Year 2000 problem causes a rash of errors that erodes institutional confidence in the wire system, it is possible that the wire system itself would become useless as financial institutions refuse to accept transfers due to fear of accepting liability for errors.
Once the receiving financial institution accepts, any errors are essentially assessed against the party that made the error.208 Sending financial institutions that erroneously transmit instructions for an amount greater than that requested by the customer will be liable to the receiving institution for the difference after the receiving institution accepts the transfer.209 If the receiving bank gives the erroneous funds to the beneficiary of the transfer, the sending bank must turn to the law of mistake and restitution to recover the difference from the beneficiary.21 However, this same hypothetical could turn out differently if the sending institution followed the security procedure agreed upon by the parties and the error was still transmitted. In that case, they will not be liable if the receiving bank failed to follow the procedures that would have detected the error.TM
2. Electronic data interchange with financial institutions-Electronic Data Interchange (EDI) is generally defined as the method by which business data may be communicated electronically between computers of independent organizations in standardized formats. While these transactions are generally governed by a contract, those contracts rarely allocate losses in the event of an erroneous transaction. "Absent such an explicit agreement," errors in EDI transactions will generally be governed by the common law of mistake."' If the EDI transaction is completed by the use of a third party service provider, its responsibility for errors will be governed initially by the agreement of the parties. Absent such an agreement, the parties will be faced with fact intensive litigation lacking strong precedence for guidance. The unsettled nature of the law governing EDI transactions makes it imperative to address the relative responsibilities of the parties with regard to any errors in the parties' agreement.TM
The Year 2000 dilemma could cripple every level of government. "The problem is global," says Steve Kolodney, director of the Washington Department of Information Services and head of the Year 2000 Project for the National Association of State Information Resource Executives ("NASIRE").24 Simultaneously, every government will experience a computer system failure caused by an immovable deadline. The task of solving the problem is staggering considering the millions and millions of lines of code to be assessed, checked, corrected, and tested.
According to Gartner Group, an information technology consulting firm, even if one computer system is fixed, it can be contaminated by data from other computers. "The weakest link will break the chain. The real concern now is how to deal with disaster recovery. Things will go wrong, and the key will be to figure out how to quickly correct and get back on track," explains Gartner Group executive George Lindamood.2'5
A. World Government
Latin America has barely begun to address the Year 2000 issue. The good news is there are fewer systems to update. "Some countries are further advanced than others. Brazil and Mexico are probably the most advanced. In Venezuela, Colombia, Chile, and Bolivia there's a lot of work to do," says Alex Ott, Senior Vice President for German software maker SAP's Latin America division.216
Unlike Latin America, Germany is considered a leader in technology and management. Unfortunately, Germany is seriously behind planning for Year 2000 compliance because resources and personnel are scrambling to meet the Eurodollar deadline of January 1, 1999.217
The UK is in the European Y2K forefront. In 1996, the Conservative government set up Action 2000, an organization dedicated to promoting the Y2K effort. However, given its funding of one million pounds, the UK media has labeled it "Inaction 2000. "218
North America is perceived as a leader in Y2K compliance, yet Canada has yet to begin implementation. Nancy Cheng, author of the Year 2000 Report and a principal with the auditor general's office, said, "If they keep going at the same rate, they won't make it. The testing phase generally takes more than half of the overall effort, yet the federal government is hardly into the fixing stage, which is supposed to be done by December 1998...."219
B. Federal Government
The United States Y2K czar, John Koskinen, recently said "virtually all" of the federal mission-critical computer systems would be ready by President Clinton's due date of March 31, 1999.220 However Senator Robert Bennett, who chairs the Senate's Year 2000 Committee, made these statements in a recent issue of Roll Call:
Although the federal government has the best information available of any sector of our economy, we are flying blind. The Office of Management and Budget's self-reporting survey of the agencies shows that much of the information is not reliable. Some agencies report a certain percentage of their Y2K problems are "compliant" when, by their own timetable, they have not yet started to test for compliance.
There exists a substantial void in independent verification and validation for every part of the government. Recently, it was reported that the Office of the Inspector General at the Department of Defense found that systems which had been proclaimed Y2K compliant were not. The GAO has reported similar problems at the Department of Agriculture.
This misinformation stems from the fact that federal agencies have not managed to achieve any semblance of standardization. The applications of the definitions of "Y2K compliant," "Y2K ready," assessment, remediation and testing are not consistent from agency to agency. Standardized tools, reporting formats and methodologies to gain a consistent assessment of the risks faced by the agencies, as well as the industries they regulate, are sorely lacking.221
C. State Government
Pennsylvania is the leader in state Y2K compliance. Pennsylvania's Governor Tom Ridge was the catalyst behind the state's successful compliance plan. State officials recently announced that ninety-eight percent of the mission critical systems are 2000 compliant.222 Larry Olson, deputy secretary of information technology, said that only about five states besides his own are in good shape: Nebraska, Washington, Michigan, Massachusetts, and Ohio.223 He estimates that another 10 have the potential to resolve the situation, but the remaining, he believes, "are going to have real problems. .224
Texas is among several states that are behind the Y2K curve for two primary reasons: lack of leadership and not enough personnel available to do the job. While Pennsylvania began plans for compliance over two years ago, Texas' subcommittee on Y2K held its first monthly meeting several months ago. Texas government also has to compete with the "southern silicon valley" in Austin for computer personnel.225
A new and growing question is, "Who will be liable for Year 2000 state government problems?" Nevada was first to pass legislation limiting the state's liability for damages resulting from faulty dates. Its law prevents claimants and their attorneys from making the taxpayers of Nevada their insurance. Similar legislation was introduced this session in California, Florida, Georgia, Hawaii, Illinois, Indiana, Kansas, New Hampshire, Pennsylvania, South Carolina, Virginia, and Washington.226
No one disputes that preparing and modifying government systems has been underestimated. Government agencies will be challenged to make corrections in time since each state starts their fiscal 2000 accounting year beginning April 1999 through September 1999.
While perusal of this Article obviously portrays a picture of gloom and doom awaiting the world just inside the entrance to the third millennium, we should also acknowledge that there are numerous responsible leaders, both in the private and public sector, who have foreseen, understood, and aggressively attacked this inevitable problem and will be timely prepared. One of the reasons that the procrastinators are currently unable to hire qualified programmers to bail them out at this last moment is because those qualified programmers have been employed full time for years by more responsible leaders to have their companies and government departments timely Y2K compliant.
It was not the intent of the author at the inception of the research for this Article to paint a picture of doom and gloom. However, after extensive research, we can find little, if any responsible data that is empirically supported which would suggest that a major problem will not ensue as a result of the millennium bug.
Thus, the major theme of this Article is that companies are badly in need of legal guidance now which will serve to eliminate or greatly reduce their exposure to legal problems arising out of the Y2K glitch. The other theme of this Article is that regardless of the ultimate outcome, as in the handling of all of society's ills, there is a major role to be played by attorneys in helping our clients avoid Y2K problems and in guiding clients through the legal quagmire that will inevitably result if the predictions made by the expert analysts cited herein are even remotely close to accurate.
1. CAPERS JONES, THE YEAR 2000 SOFTWARE PROBLEM: QUANTIFYING THE COSTS AND ASSESSING THE CONSEQUENCES 123 (1998).
2. Dennis G. Grabow, Are We Ready for the Greatest Wealth Transfer Event of the Twentieth Century?, THE YEAR 2000 COMPUTER CRISIS: THE LITIGATION SUMMIT (conference materials) (Fulcrom Information Services, Inc., New York, N.Y.) (1998). 3. Id.
4. See Miguel Llanos, Year 2000 Bug Could Bite Hospitals Hard: Senate Hearing Suggests Health Sector is in Trouble (visited Feb. 25, 1999)
7. See Thomas Hoffman, Year 2000: Hospitals Diagnose Themselves in Critical Condition (visited Feb. 13, 1999)
9. Allison Rea, Does Your Computer Need Millennium Coverage?, Bus. WK., March 10, 1997, at 98 (quoting Steven L. Hock, managing partner for operations at the San Francisco law firm Thelen, Marrin, Johnson & Bridges).
10. Ann Coffou, Year 2000 Risks: What are the Consequences of Technology Failure? (visited Feb. 13, 1999)
11. Grabow, supra note 2.
12. See Gartner Group, "Year ?r00 Problem" Gains National Attention (visited Feb. 13, 1999)
15. See Subcommittee on Government Management, Information, and Technology, Horn Releases Y2K Grades: Government's Overall Grade a Dismal "F" (News Release June 2, 1998), available at
17. See id. 18. Id.
19. See EDWARD YOURDON & JENNIFER YOURDON, TIME BOMB 2000: WHAT THE YEAR 2000 COMPUTER CRISIS MEANS TO You 284 (1998).
20. See Jay Goiter and Paloma Hawry, Circles of Risk (visited Feb. 13, 1999) < http://www.year2000.com/archives/circlesrisk.html > .
21. See Y2K Timeline: Chronicle of the Slow Collision (visited Apr. 1, 1999)
svi Y OD 19, at 34.
0 ac t` 00: 0: ed
25. See Jay Goiter and Paloma Hawry, Circles of Risk (visited Feb. 13, 1999) < http://www.year2000.com/archives/circlesrisk.html > . 26. See JoNES, supra note 1, at 123.
27. See text accompanying footnote 13.
28. Sen. Robert Bennett (R-Utah), Chairman, Senate Special Committee on the Year 2000 (visited Apr. 1,1999)
id:0 tWr0:<: `i f: f:. * : W:eg* :: f G 3: -) fJati?:rSe S\sE:::
34. See Jay Goiter and Paloma Hawry, Circles of Risk (visited Feb. 13, 1999) < http://www.year2000.com/archive/NFcirclesrisk.html > (explaining the mechanics and additional complications created by the "uncommon leap year" occurring every 400 years).
35. See, e.g., Year 2000 Computer Issues Hearing Before the Subcomm. on Technology of the House Comm. on Science,104th Cong. 22, 25 (1996) (testimony of Barry Ingram, computer executive), available at
36. See JONES, supra note 1, at 116-18.
37. See Gartner Group, "Year 2000 Problem" Gains National Attention (visited Feb. 13, 1999)
38. See JoNEs, supra note 1. Capers Jones identifies other Year 2000 cost elements that all fall below litigation, such as post-2000 recovery costs (325 %); software date field expansion (250%); Year 2000 regression testing (35%); Year 2000 insurance (25 %); and Year 2000 awareness briefings (2%). Id.
39. Theabove list of potential causes of action is taken from Jeff Jinnett, Legal Issues Concerning the Year 2000 Computer Problem, 506 PLI/PAT 103 (Feb. 1998).
40. See, e.g., Advent Sys. Ltd. v. Unisys Corp., 925 F.2d 670, 676 (3d Cir. 1991) (holding that software is considered a good under the definition set out in the U.C.C.); W.R. Weaver Co. v. Burroughs Corp., 580 S.W.2d 76, 80 (Tex. Civ. App.-El Paso 1979, writ ref'd n.r.e.) (holding that the Texas Business and Commerce Code is applicable); U.C.C. 2-105(1), (2) (1995) (defining "goods" as moveable at the time of identification to the contract for sale, with certain exceptions).
41. See U.C.C. 2-606.
42. Id. 1-204 (noting that a reasonable time for taking an action "depends on the nature, purpose, and circumstances of such action").
43. See id. 2-607 (allowing for breach action by buyer after he has accepted the goods, provided he meets the burden of establishing the breach). 44. TEX. Bus. & COM. CODE ANN. 2.313 (a)(1) (Vernon 1994). 45. See id. 2.316 (b)-(d) (explaining how implied warranties of merchantability may be excluded).
46. See Sweco, Inc. v. Continental Sulfur & Chem., 808 S.W.2d 112, 117-18 (Tex. App.-El Paso 1991, writ denied) (stating that the standard for the common law measure of damages is the difference between the value of the property as warranted and the market value of the property as delivered). 47. See U.C.C. 2-314, 2-315.
48. Id. Sec 2-314(2).
49. See id. Sec 2-315.
50. See id. Sec 2-316.
52. See U.C.C. 2-718 (allowing liquidated damages); id. 2-710, 2-715 (allowing exclusions of incidental and consequential damages). 53. See id. 2-318.
54. See TEx. BUS. & COM. CODE ANN. 17.50 (Vernon 1987) (outlining the causes of action available to consumers who are victims of deceptive trade practices); see also, id. 17.46 (setting forth the laundry list of prohibited deceptive practices).
55. See id. 17.45(4). 56. See id.
57. Cf La Sara Grain Co. v. First Nat'l Bank, 673 S.W.2d 558, 565 (Tex. 1984) (holding an implied promise to be an implied term of the contract rather than a warranty for purposes of bringing DTPA action).
58. See Singleton v. LaCouer, 712 S.W.2d 757, 760 (Tex. App.-Houston [14th Dist.] 1986, writ ref d n.r.e.) (noting that the statute itself does not create any warranty).
59. See Ellmer v. Delaware Mini-Computer Sys. Inc., 665 S.W.2d 158, 16061 (Tex. App.-Dallas 1983, no writ) (citing G-W-L, Inc. v. Robichaux, 643 S.W.2d 392 (Tex. 1982), to give effect to a disclaimer of warranty in a DTPA suit). But see Cate v. Dover Corp., 790 S.W.2d 559, 561 (Tex. 1990) (disapproving of the holding in Ellmer to the extent it imposed a subjective standard in reviewing the conspicuousness of the warranty disclaimer).
60. See Innovative Office Sys. v. Johnson, 906 S.W.2d 940, 949 (Tex. App.-Tyler 1995, writ granted, w.r.m.), judgment set aside by settlement agr., 911 S.W.2d 387 (Tex. 1995) (denying merchant's claims that consumer waived any implied warranties, based upon the fact that a consumer may waive neither the implied warranty of good and workmanlike services nor protection under the DTPA).
61. TEX. BUS. & COM. CODE ANN. 17.45(5) (Vernon Supp. 1997). 62. See Aetna Cas. & Sur. Co. v. Garza, 906 S.W.2d 543, 553 (Tex. App.-San Antonio 1995, writ dism'd by agr.) (noting that under the DTPA, unconscionable conduct is defined as "an act or practice which . . . takes advantage of the lack of knowledge, ability, experience, or capacity of a person to a grossly unfair degree"); see also Sun Power, Inc. v. Adams, 751 S.W.2d 689, 695 (Tex. App.-Fort Worth 1988, no writ) (finding unconscionability under the DTPA when there was a gross disparity between the value paid and received in the sale of a cash register).
63. See TEX. BUS. & COM. CODE ANN. 17.50(b)(1) (allowing mental anguish damages and three times economic damages when the defendant knowingly or intentionally committed a deceptive trade practices act). 64. See id. 17.50(d).
65. A Year 2000 service provider is an entity, other than the vendor of the software or hardware, who is offering to remediate Year 2000 problems.
66. See Leonard T. Nuara, et al., Year 2000: Problem or Opportunity?, 506 PLI/PAT 23, 44 (Feb. 1998) (noting various permutations of the vendor/licensee relationship under copyright and trade secret agreements).
67. See Jeff Jinnett, Legal Issues Concerning the. Year 2000 "Millennium Bug" (visited Feb. 12, 1999)
68. 17 U.S.C.A. 177 (1992); linnett, supra note 67 (noting that purchasers of a copy of software may have more expansive rights under the Copyright Act than do licensees).
69. Id. (emphasis removed).
70. See id.
71. See id.
72. See TEX. Civ. PRAC. & REM. CODE ANN. 41.003 (Vernon 1997) (setting out minimum standards for recovery of exemplary damages). 73. See Jinnett, supra note 39.
74. See, e.g., Shell Pipeline Corp. v. Coastal States Trading, Inc., 788 S.W.2d 837, 845 (Tex. App.-Houston [lst Dist.] 1990, writ denied) (affirming the trial court's finding that a failure in the defendant's computerized trading systems was a proximate cause of damage).
75. See, e.g., Lewis v. Timko, Inc., 697 F.2d 1252, 1256 (5th Cir. 1983) (holding in the context of a maritime personal injury case that when plaintiff asserted strict liability, the doctrine of comparative negligence did not apply).
76. See Transport Corp. of Am., Inc. v. IBM, 30 F.3d 953, 956 (8th Cir. 1994) (applying the economic loss doctrine to bar recovery when plaintiff's only loss was the failure of his disk drive).
77. See Jeff Jinnett, Legal Issues Concerning the Year 2000 Computer Problem: An Awareness Article for the Private Sector (visited Feb. 12, 1999)
78. See Part III.C. supra for a discussion of DTPA. 79. See Federal Land Bank v. Sloane, 825 S.W.2d 439, 442 (Tex. 1991). 80. See discussion infra Part IV.A. 81. See MODEL BUS. CORP. ACT 8.30(a) (Supp. 1997). 82. See Vito Peraino, Corporate Director's Liability and the Year 2000 Problem, DIRECTOR'S MONTHLY, Oct. 1996.
83. See Michael R. Cashman, Directors and Officers May Be Exposed to Personal Liability for Year 2000 Failures, Year 2000 Computer Liability White Paper (1998), available at
84. See Treadway Companies, Inc. v. Care Corp., 638 F.2d 357, 382 (2d Cir. 1980) (holding that under the business judgment rule, directors are called to account for their actions only when they are shown to have engaged in self-dealing or fraud, or to have acted in bad faith). 85. See Cashman, supra note 83. 86. See id.
87. See MODEL Bus. CORP. ACT 8.30(a) (Supp. 1997). 88. See id. (implying that directors and officers owe a duty of loyalty to shareholders).
89. See Cashman, supra note 83. 90. Id.
91. See id.
92. For the Texas formulation of the business judgment rule, see McCollum v. Dollar, 213 S.W. 259, 261 (Tex. Comm'n App. 1919). 93. See, e.g., DEL. GEN. CORP. LAW 141(e). 94. See In re Caremark Int'l, Inc. Derivative Litig., 698 A.2d 959, 967-68 (Del. Ch. 1996) ("[W]hether a judge or jury considering the matter after the fact believes a decision substantively wrong . . . provides no grounds for director liability, so long as the court determines that the process employed was either rational or employed in a good faith effort to advance corporate `interests."').
95. See Maxey v. Citizens Nat'l Bank of Lubbock, 507 S.W.2d 722, 726 (Tex. 1974) ("[A]n officer or director may not be held liable in damages for inducing the corporation to violate a contractual obligation, provided that the officer or director acts in good faith and believes that what he does is for the best interest of the corporation.").
96. See E. BRODSKY AND M. ADAMSKI, LAW OF CORPORATE OFFICERS AND DIRECTORS: RIGHTS, DUTIES AND LIABILITIES 2:07, at 2-29 (1997) (describing holdings of the Delaware Supreme Court, which predicate director liability under the business judgment rule on findings of gross negligence). 97. See Cashman, supra note 83.
98. See, e.g., TEX. Bus. CORP. ACT ANN. art. 2.42(B) (Vernon 1980). 99. See BRODSKY, supra note 96, 2:05, at 2-16 through 2-24 (1997) (defining generally the various state statutes mandating or allowing for limits on directorial liability), 19:03, at 19-4 through 19-17 (1997) (describing Delaware statutes that grant mandatory or permissive indemnification to directors, from their corporations, for adverse judgments, fees, or fines).
100. See Chasman, supra note 83.
101. See id.
102. SEC Staff Legal Bulletin No. 5, 6 Fed. Sec. L. Rep. (CCH) 1 60,005, at 50, 115-16 (revised Jan. 12, 1998).
103. AICPA, Current Accounting and Auditing Guidance (Oct. 31, 1997). 104. Id.
105. See Cashman, supra note 83. The Securities Act of 1933 may be found at 15 U.S.C. 77a-77z-3 (1994), and the Securities Exchange Act of 1934 may be found at 15 U.S.C. 78a-78mm (1994).
106. See id.
107. See Jeff Jinnett, Corporate Legal Issues, in YEAR 2000 BEST PRACTICES FOR Y2K MILLENNIUM COMPUTING (Dick Lefkon ed., 1998) (concluding that most reporting companies are likely to have reporting requirements under the SEC's release).
108. TSC Indus., Inc. v. Northway, Inc., 426 U.S. 438, 449 (1976). 109. See Cashman, supra note 83. 110. See Jinnett, supra note 107. 111. See id.
112. See id. A section 11 action is a private action brought to enforce the 1933 Act disclosure obligations. See Vito Peraino, Defenses to Year 2000 Liability, THE YEAR 2000 COMPUTER CRISIS: THE LITIGATION SUMMIT (conference materials) (Fulcrom Information Services, Inc., New York, N.Y.) (1998).
113. See Jinnett, supra note 107.
117. See id.
118. See Cashman, sura note 83.
119. See id.
120. See id.
121. See id.
122. See, e.g., TEX. R. Cv. P. 42(a) and FED. R. CIV. PROC. 23(a) (providing the minimal requirements for certification as a class action).
123. See, e.g., Microsoft Corp. v. Manning, 914 S.W.2d 602, 611 (Tex. App.-Texarkana 1995, no writ) (explaining that parties seeking consequential damages for data loss still can opt out and pursue their own claims because the trial court specifically excluded those claims from the class action).
124. See Deborah A. Pitts, Beyond Compute: Don't Expect Year 2000 Losses to be Covered Under CGL Policies, Los ANGELES DAILY JouRNAL, Dec. 23, 1997, at 6.
125. See id. CRASH stands for Computer Remediation and Shareholder Protection Act.
126. See id.
127. See James A. Pabarue and Randy J. Maniloff, Insurers Can Expect A Swarm of Millennium Bugs, NAT'L L.J., June 29, 1998, at 8. 128. See id.
129. See Dave Lenckus, Spotlight Report: D&O Coverage Reviewed For Risk of Y2K Claims, Bus. INS., May 25, 1998.
130. Michael Scott, Assessing Exposures and Recovery Opportunities Through a Legal Audit, YEAR 2000 COMPUTER LIABILITY CONFERENCE (conference materials) (Creative Expos and Conferences, Walpole, Mass., and Technology Transfer Institute, Santa Monica, Cal.) (1998). 131. See id.
132. See Llanos, supra note 4 (noting that a recent survey of an Rx2000 working group found that 94% of one working group saw "significant potential" for unnecessary deaths).
133. See Lenckus, supra note 129.
134. See Scott, supra note 130, at 7 (providing, for example, that "if the CIO is not considered an officer and not covered under the D&O policy, then he/she is almost certainly covered under the normal company employee policy, and is usually not subject to suit by third parties").
135. See Kirk Pasich, Insurance Coverage for the Year 2000 Problem, at 17, and Deborah Pitts, Year 200 Liability and Insurance: Is Your Insurer on the Hook?, at 3, THE YEAR 2000 COMPUTER CRISIS: THE LITIGATION SUMMIT, supra note 130 (explaining that coverage is determined by the period in which a claim is presented rather than when the wrongful act was committed).
136. See id.(noting that under current law, many courts may find such written notice to be sufficient to satisfy a policy's requirements).
137. Lenckus, supra note 129.
138. See Scott, supra note 130, at 2 for this list.
139. See id. at 2-3.
140. See id. at 1.
141. Nuara, supra note 66, at 49-62. 142. U.C.C. 2-313(1)(a) (1995). 143. See id. 2-314, 2-315.
144. See id. 2-314. 145. See id. 2-315. 146. See id. 2-316(2). 147. See U.C.C. 2-316(3)(a).
148. See id. 2-718. 149. See id.
150. See Scott, supra note 130.
151. See id.
152. See id. at 23.
153. See Nuara, supra note 66, at 42 (observing that trade secrets may be communicated to a third party that has pledged secrecy, thus maintaining the confidential relationship).
154. See Jinnett, supra note 67.
155. See Scott, supra note 130, at 24. 156. See, e.g., TEX. ADMIN. CODE 201.13(e) (Vernon 1998) (Texas Warranty for Commercial Supply Items). 157. See Scott, supra note 130. 158. Id. at 26-27.
19. See Scott, supra note 130, at 28.
160. See supra Part I.
161. See Florida Power & Light Co. v. Westinghouse Elec. Co., 826 F.2d 239, 256 (4th Cir. 1987) (setting forth the view that the recognition of an event as "highly uncertain" renders the defense of impossibility of performance unavailable).
162. See John D. Stewart, Jr., The Year 2000 Problem Provides Unique Opportunities, Benefits, Exposures and Liabilities for the IT Community (visited Feb. 13, 1999)
163. See U.C.C. 2-725(1) (1995).
164. See TEX. Bus. & COM. CODE ANN. 2.725(b) (Vernon 1994) (noting that the "cause of action accrues when the breach occurs, regardless of the aggrieved party's lack of knowledge of the breach"); see also Pako Corp. v. Thomas, 855 S.W.2d 215, 219 (Tex. App.-Tyler 1993, no writ).
165. See TEX. Bus. & COM. CODE ANN. 2.725(b) (defining the four-year statute of limitations for a breach claim as not beginning until the time the future performance occurs).
166. See TEx. Bus. & COM. CODE ANN. 17.565 (Vernon 1987) (tolling the statute of limitations on DTPA claims until the consumer discovers or should have discovered the occurrence of the deceptive act). 167. See id.
168. See Williams v. Khalaf, 802 S.W.2d 651, 658 (Tex. 1990) (holding that due to 1979 legislative amendments, the statute of limitations for fraud actions in Texas is four years).
169. See Miller v. Dickinson, 677 S.W.2d 253, 258 (Tex. App.-Fort Worth 1984, writ ref d n.r.e.) (holding that for a cause of action alleged in fraud, the statute of limitations begins to run from the time the fraud is discovered).
170. See TEX. CIV. PRAC. & REM. CODE ANN. 16.003 (Vernon 1987 & Supp. 1998); see also Milestone Properties Inc. v. Federated Metals Corp., 867 S.W.2d 113, 119 (Tex. App.-Austin 1993, no writ) (holding that because negligent misrepresentation does not require knowledge, unlike a fraud action, the claim is subject to a two year statute of limitations).
171. See Computer Assocs. Int'l, Inc. v. Altai, 918 S.W.2d 453, 456 (Tex. 1996) (stating that the courts will apply the discovery rule in cases in which the nature of the injury is inherently undiscoverable and the evidence of the injury is objectively verifiable).
172. See TEX. CIV. PRAC. & REM. CODE ANN. 16.003 (Vernon Supp. 1994). 173. See, e.g., DEL. CODE ANN. tit. 8, 141(e) (1999) (allowing a member of the board of directors to rely in good faith on records of the corporation and information presented by another person, so long as she reasonably believes the matter to be within such other person's professional or expert competence).
174. In re Caremark Int'l, Inc. Derivative Litig., 698 A.2d 959, 967 (Del. Ch. 1996) (stating that the test is not whether the court views the corporate decision to be substantively wrong, but rather whether the court determines that the process employed was either rational or made in good faith effort to advance corporate interests).
175. See Maxey v. Citizens Nat'l Bank of Lubbock, 507 S.W.2d 722, 726 (Tex. 1974) (holding that a director may not be held liable, provided that he acted in good faith and believed that what he did was for the best interest of the corporation).
176. See BRODSKY, supra note 96, 2:07, at 2-29 (describing the holdings of the Delaware Supreme Court, which predicate director liability under the Business Judgment Rule on findings of gross negligence).
177. See Jinnett, supra note 107 (discussing potentional SEC causes of action and the standard of care that may apply to directors of company that failed to disclose its Year 2000 problem). 178. See U.C.C. 2-316 (1995). 179. Id.
180. See id. 2-318.
181. See Peraino, supra note 112 (describing how companies have saved more in memory costs by not addressing Y2K than what they will spend on Y2K litigation).
182. See NEV. REV. STAT. 41.0321 (1998); see also Jinnett, supra note 107; Jeff Jinnett, Year 2000 State & Federal Legislative Proposals and Lawsuits (visited July 29, 1998)
183. See Collins v. Wayne Corp., 621 F.2d 777, 786 (Sth Cir. 1980) (stating that puffing does not create liability).
184. See Trenholm v. Ratliff, 646 S.W.2d 927, 930 (Tex. 1983) (describing the components of actionable misrepresentation); Autohaus, Inc. v. Aguilar, 794 S.W. 2d 459, 464 (Tex. App.-Dallas 1990, writ denied) (finding the nature of the statements to be determinative in assessing misrepresentation).
185. Steven H. Goldberg, Managing "Year 2000" Business and Legal Risks for Hospitals and Health Care Systems (visited Feb. 12, 1999)
190. Senator Robert Bennet (R-Utah), Paul Revere Not Chicken Little: Who's Sounding the Call for the Year 2000? (visited Feb. 13, 1999)
191. See Bruce T. Smyth, The Financial Transactions Morass: Liabilities of Banks and Other Financial Institutions, THE YEAR 2000 COMPUTER CRISIS: THE LITIGATION SUMMIT, supra note 130.
192. See id.
193. See id.
194. See id.; see also New York v. Allied-Signal, Inc., 987 F. Supp 137, 143 (N.D.N.Y. 1997) (concluding that a force majeure provision does not apply to excuse the defendant's noncompliance with the deadline).
195. See Smyth, supra note 191; see also Ford Motor Credit Co. v. Swarens, 447 S.W.2d 53, 57 (Ky. Ct. App. 1969) (stating that trust in a computer is no defense when the error could have been avoided).
196. See Smyth, supra note 191; see also Port City State Bank v. American Nat'l Bank, 486 F.2d 196, 200 (lOth Cir. 1973) (discussing the defendant bank's planned response to a computer malfunction); Staff Svcs. Assocs., Inc. v. Midlantic Nat'l Bank, 504 A.2d 148, 152 (N.J. Super. Ct. App. Div. 1985) (imposing liability on the party that chose the system). 197. 15 U.S.C. 1693. 198. See Smyth, supra note 191.
199. See id.; see also 15 U.S.C. 1693g(a) (limiting a consumer's liability for unauthorized electronic fund transfers).
200. See Smyth, supra note 191; see also Feinman v. Bank of Del., 728 F. Supp. 1105, 1114 (D. Del. 1990), aff'd without opinion, 909 F.2d 1475 (3d Cir. 1990) (citing 15 U.S.C. 1693h(a)(2) for the proposition that a financial institution may be liable for failing to sufficiently credit a customer's account in accordance with the terms and conditions of the account). 201. See Smyth, supra note 191.
202. See id.
203. 15 U.S.C. Sec 1693m.
204. See Smyth, supra note 191.
205. See id.
206. See id.
207. See U.C.C. 4A-406(c) (1995); Smyth, supra note 191. 208. See Smyth, supra note 192.
209. See id.
210. See id.
211. See U.C.C. Sec 4A-205(a); Smyth, supra note 192.
212. Smyth, supra note 192. 213. See id.
214. Jo Anne Bourquard, National Conference of State Legislatures, Countdown to 2000 (visited Feb. 26, 1999)
216. See Global Technology Business, National Emergency (visited Feb. 12, 1999)
217. See id.
218. See id.
219. See id.
220. Keith Koppler, Y2K Czar Says Feds Will Meet Deadline (visited Feb. 12, 1999)
221. Senator Robert Bennet, U.S. Government is Flying Blind, Roll Call Policy Briefing (visited Feb. 12, 1999)
225. See generally Appendix B for a list of each state's progress on remediating the Y2K problem and their respective budgeted resources.
226. See Information Technology Association of American, Year 2000 State & Federal Legislative Proposals and Lawsuits (visited July 29, 1998) < http://www.itaa.org/y2klaw.htm > .
227. Subcommittee Chairman Stephen Horn (R-CA) of the Subcommittee on Government Management, Information, and Technology, prepared the Year 2000 Progress Table in Appendix A, which illustrates each federal government department's Y2K progress. The Subcommittee issued the report on November 23, 1998, basing it on agency data through November 13, 1998. See
228. This chart is excerpted from the National Conference of State Legislature's web site at
Howard L. Nations* Mark L. Duke"
Gary R. Black, Jr.***
* Law Offices of Howard L. Nations, Houston, Texas. Florida State University, B.A.; Vanderbilt University, J.D. Mr. Nations is the co-chairman of the State Bar of Texas Committee on Y2K. He is Board Certified by the Texas Board of Legal Specialization as both a personal injury trial lawyer and a civil trial lawyer.
** University of Texas-El Paso, B.A. with honors; South Texas College of Law, J.D., summa cum laude.
*** Texas Tech University, B.A. with honors; South Texas College of Law, J.D.…