This summary, and my comments to the Subcommittee, will briefly discuss three aspects of legal liability that businesses face as a result of the Year 2000 or Y2K computer problem. I will discuss business, customer and shareholder liability issues, and conclude by proposing: (i) consideration of modest statutory clarifications intended to restore the balance established in the Copyright Act between the rights of copyright owners and their licensees, and (ii) further study of federal consumer protection laws to determine whether safe harbor legislation would be appropriate to immunize financial institutions and businesses from liability for procedural violations caused by Year 2000 computer problems in the absence of actual harm to the consumer.
The potential for business liability resulting from Year 2000 computer problems is real and significant. Businesses have become extremely interdependent as a result of the trend toward outsourcing, teaming and just-in-time delivery systems. As a result, the failure or slow-down of a single link in a production and distribution chain can generate multiple levels of harm and liability. Possible scenarios are easy to imagine. For example, the failure or malfunction of an automated inventory system operated by a food product wholesaler could cause that wholesaler to under-supply its distributors, and cause those distributors to under-supply food product retailers. The retailer, in turn, may be left unable to meet its prior supply obligations. Each party in this chain of events may have a legal claim against its predecessor in the chain.
With a few exceptions, however, all of the liabilities arising as a result of these examples are from a legal standpoint conventional causes of action; and existing law is well equipped to deal with these claims. There is also no compelling reason to alter existing law to deny any of these parties' compensation for the harm they suffer. In almost all cases, the party who fails to perform without excuse would and should be liable for that breach.
Retail businesses, including the financial services industry, risk the greatest disruption from Year 2000 computer problems due to the number of potential individuals who would be affected. Lost or inaccurate account balances, incorrect interest charges and errant notices of default all could result from Year 2000 computer problems. Similarly, providers of consumer services, including utilities, telephone service and cable television, could face a multitude of small claims resulting from Year 2000 related failures. The good news is that this type of disruption is likely to be temporary and, while frustrating, not likely to cause individual consumers substantial direct damages. Even if damages are incurred, the nature of the claims (high in number, similar in nature, but small in individual dollar amount) suggest that state attorney general actions and private class actions would be effective remedies.
It is not unreasonable to expect that Year 2000 computer problems will adversely affect the share price, value or viability of some publicly traded and closely held corporations. As a result, shareholders may have claims under statutory and/or common law against the corporate directors and officers if the adverse affects were the result of the failure of those directors and officers to exercise due care in addressing this issue. From the business' standpoint, disclosure and prudent management remain the best deterrents to shareholder derivative and similar suits, and the best defense to liability in such suits. These hearings, together with the publicity the Year 2000 computer problem is receiving, will help to ensure that management will be made aware of the problem, and competent management teams will have implemented an appropriate Year 2000 Plan.
It is said that bad facts make bad law. The Year 2000 problem raises issues that have never been seen before, and may never be seen again, and legislative efforts to address these issues could yield awkward results and disruptive legal precedent. In addition, while there may be imperfections in our legal systems as they relate to class actions, shareholder derivative actions and litigation in general, we do not propose nor recommend that the Year 2000 problem be used as a vehicle to address those weaknesses. In general, our legal system allocates economic responsibility in an equitable and legitimate manner, and to the extent that it does not do so, we do not believe that this issue presents the appropriate vehicle to implement needed changes.
That said, we propose the following for consideration:
a. Copyright Act. Many companies seeking to upgrade their software and systems to remediate Year 2000 deficiencies are facing uncertainty, created anomalously by the U.S. Copyright Act. The Act prohibits unauthorized use, distribution and copying of software, including creation of derivative works, unless such action is authorized by the Act (such as a "fair use" or an authorized "adaptation") or by license. Often the remedial actions required to upgrade an outdated software product are beyond the scope of the license agreement and these actions are not clearly authorized by the Copyright Act. Compounding the problem, many of the software developers and licensors are unable or unwilling to grant expansions of the license to permit this work, at least without unfairly demanding a release from liability for Year 2000 non-compliance. Other vendors cannot be located or are non-responsive to requests for a release to perform such remediation.
This puts software users in an impossible position, and often at a stalemate with licensors and outside vendors. It could be argued that Sections 107 and/or 117 of the Copyright Act permit in-house modification of software to preserve functionality through the Year 2000. Unfortunately, there is no controlling legal precedent, and many end users and Year 2000 remediation vendors are unwilling to be the legal test case.