http://www.newsbytes.com/pubNews/132656.html
29 Jun 1999, 9:53 AM CST
By Robert MacMillan, Newsbytes.
WASHINGTON, DC, U.S.A.,
Although Senate Commerce Committee Chairman John
McCain, R-Ariz., stressed to members and staff alike on the
Year 2000 conference committee that he wants a deal on
Year 2000 liability legislation as of several hours ago,
Congress members and staff continue to bicker over
particulars at an undisclosed location.
McCain at last Thursday's initial conference committee
meeting said he wanted the deal by the time they were
scheduled to convene on Tuesday, but the notice from
McCain's staff that greeted reporters Tuesday morning was:
"Meeting postponed. Negotiations continue."
McCain staffers were unavailable for comment, but an aide
to conferee Sen. Christopher Dodd, D-Conn., told
Newsbytes that at least several issues continued to bedevil
the conference process.
Despite meetings between congressional staff members and
White House officials on Friday, Monday and today, no
agreement has been reached on developing a Year 2000
litigation bill that President Clinton would sign.
"We think we've given just about all we can," said a House
staffer. "Going any further is not really much of an option."
The staffer said that discussions are not stalled, adding,
however, that "Talking is the easy part; negotiating is the
hard part."
Two separate meetings were held on Friday, including at
least one with White House Chief of Staff John Podesta,
who, on June 24, contacted the sponsors of the Senate bill,
saying the White House wants to work out a deal.
Whether a veto from President Clinton still is the only option
left for Year 2000 legislation remains uncertain, but since all
sides at least agree that they want to pass some sort of
liability limitation bill, the negotiations go on.
At issue are varying ways of frustrating a large number of
Year 2000-related lawsuits, including whether to impose
punitive damage caps, allow joint and several liability, and
exactly what kind of lawsuits that would be restricted.
The conference committee session ostensibly is a
compromise process between the House and Senate
versions of the bill. In this case, however, the argument more
resembles an attempt by backers of the bill to get a piece of
legislation approved that the White House will support.
The problem for House staffers and members who approved
the House bill is that the Senate version, which they can live
with, is already weaker than they would prefer - and this still
does not appease President Clinton.
"They've been working with us, and we've been doing a lot of
listening to each other. I can't say exactly how much
agreeing we're doing and how much disagreeing we're
doing," the House staffer said. "I can say that we are
concerned because, as the House conferees, we took a
huge step last week by pretty much letting all the work we
did in the house go, and taking the Senate version. We're
open to talking, but we're not making any promises about
how much further we will go."
McCain, at the initial conference committee meeting on
Thursday, lambasted the White House for refusing to work
with him, Dodd and Sen. Ron Wyden, D-Ore., who fashioned
a compromise version of S. 96 that passed the Senate
62-37. He characterized the White House as obdurate and
uncommunicative, saying that they need to work together in
short order to come up with a bill the president could pass.
Rep. Robert Goodlatte, R-Va., also criticized the White
House at the conference committee meeting, for not
contacting the sponsors of H.R. 775, a Year 2000 litigation
liability bill that is somewhat stronger in protecting high-tech
companies from lawsuits than is S. 96.
White House officials have said Clinton will veto either of the
Year 2000 bills in their current form because they do not
provide enough recourse for individuals and small
businesses to sue companies for Year 2000-related
damages, but had made little attempt to work out a
compromise with the backers of S. 96 and H.R. 775.
Instead, they threw in their lot with a Democratic alternative
that was rejected in the Senate.
Reported by Newsbytes.com, http://www.newsbytes.com .
09:53 CST
Reposted 10:49 CST
(19990629/WIRES ONLINE, LEGAL,
BUSINESS/YK2LIT/PHOTO)
Copyright (c) Post-Newsweek Business Information, Inc. All
rights reserved.
-- regular (zzz@z.z), June 29, 1999
Although I'm not a 'friend of Bill', I believe he is on the right
track in this case. I've copied the statement Leon Kappleman gave
before the House in April for those of you haven't read it (it's in
Adobe format which is why I place it here since many are Adobe
challenged)...
http://www.year
2000.unt.edu/kappelma/HR_775.htm
Prepared Statement for the Committee on the Judiciary House of
Representatives, Congress of the United States Hearing
Scheduled for April 13, 1999, 10:00 AM EST Hearing concerning H.R. 775
the �Year 2000 Readiness and Responsibility
Act.�
Prepared by Leon A. Kappelman, Ph.D. � Associate Professor, Business
Computer Information Systems � Associate Director,
Center for Quality & Productivity College of Business Administration,
University of North Texas Voice: 940-565-4698 Fax:
940-369-7623 Email: kapp@unt.edu Website:
http://www.coba.unt.edu/bcis/faculty/kappelma � Co-chair, Society for
Information Management (SIM) Year 2000 Working Group � Senior Advisor
for Issues Advocacy, Society for Information
Management � Steering Committee, YES Corps, International Y2K
Cooperation Center
Thank you for this opportunity to testify before the esteemed
membership of the Judiciary Committee concerning H.R. 775, the
�Year 2000 Readiness and Responsibility Act.� I am here today to offer
you the perspective of someone who has been
involved with information technology (I/T) since the mid 1960s and who
has been helping government and industry solve their
Y2K problems since early 1995. I have conducted several Y2K-related
research projects, including a study that since 1996
has tracked the Y2K progress and practices of a sample of enterprises
representing more than one-tenth of U.S. GDP (Gross
Domestic Product); worked first hand with scores Y2K program directors
from the public and private sectors; written several
books, monographs, and dozens of articles; and made countless
presentations all over the world. Since its inception in 1996, I
have co-chaired the Society for Information Management's (SIM) Year
2000 Working Group, with members from major I/T
consumer, I/T vendor, federal agency, state government, academic,
religious, and legal organizations. Moreover, I am currently
involved in the actual solving of Y2K problems at the corporate, city,
state, and national levels through my participation in a
Y2K community preparedness project with the 84 cities in Los Angeles
County, a project that is also sharing its best practices
with cities all over the world; my participation in the monthly
conference call of state Y2K coordinators; as a participant in the
Information Technology Association of America�s (ITAA) monthly Y2K
Task Group meetings as well as their legal/legislative
task group meetings; and as one of the founding members of the
3-person steering committee of the UN and World Bank
sponsored YES (Y2K Expert Service) Volunteer Corps of the
International Y2K Cooperation Center.
Unintended Consequences of H.R. 775
Although there are positive roles that legislation can play,
legislation can not provide a simple solution or a quick fix to this
complex set of interrelated problems we call �Y2K.� I am here today
because I am convinced that some of the provisions in this
�Year 2000 Readiness and House Judiciary Committee Responsibility Act�
currently under your consideration will have
dreadful unintended consequences. These unintended consequences will
result in more Y2K damages to your constituents and
to our national economy because there are provisions in this bill that
will greatly reduce the incentives to responsibly address
Y2K, and will thereby promote less Y2K readiness and less Y2K
responsibility. Possibly even worse because of the long-term
and far-reaching unintentional effects, these anti-readiness and
anti-responsibility provisions will fundamentally damage the future
development of the reliable information-based society that the United
States is pioneering.
Civil society is based on trust and accountability, and the purpose of
law is to ensure it. The purpose of H.R. 775 seems largely
to grant accountability exemptions for those special interests who
created and sustained the Y2K problem for the sake of their
own short-term profitability. Eighty-one percent (81%) of commercial
packaged software is NOT Y2K compliant according to
a Gartner Group study released last month (March 1999)! Is there any
good public policy reason to reward such behavior on
the part of software manufacturers?
Nothing Special about Y2K or I/T Products to Merit Special Laws
A primary objective of H.R. 775 appears to be to take I/T and related
high-technology products out of the realm of established
legal precedents that have so far governed our society's ability to
adapt to new technologies such as steam engines, railroads,
automobiles, airplanes, electric power, pharmaceuticals, and so on. It
is my understanding that in each of these cases, warranties
and liabilities were enforced, exemptions were not granted before
damages were incurred, and insurance coverage was sought
as a way of transferring the risks.
There is nothing special about I/T products, or Y2K for that matter,
that in any way suggests that they deserve special treatment
under the law. The "software is an art form" theory is just an excuse
for poor quality workmanship and shoddy goods. Software
is no more an art form than good architecture, or good medicine, or
good scientific research are art forms � They all have their
creative side, but they're also rigorously disciplined endeavors. So
too is good software development.
If this were any other product you would be considering recalls and
lemon laws � But I/T IS just another product. Please,
don't be fooled in to believing otherwise. I am reminded of a quote
attributed to Thomas Paine, patriot, political philosopher of
the American Revolution, and author of Common Sense, �A long habit of
not thinking a thing wrong gives it a superficial
appearance of being right.� If software is an art form, then we have
bet our future economic well being, perhaps our very
survival, on this art form � Certainly we are not that foolish or
frivolous.
H.R. 775 offers to I/T and related high-tech products a wide-ranging
set of exemptions and legal "dispensations" from full
economic accountability for damages they caused to others. Since the
consequences of what could be damages arising from
Y2K-related faulty dates could continue for decades, H.R. 775 offers
relief from the usual accountability we have so far held
for those who develop, deliver, and use technological innovations.
It is as if legislators would have passed a bill in 1914 placing
wide-ranging limitations on the accountability for unspecified
damages, a priori, that may someday be caused by automobile
manufacturers and by automobile drivers. Would you have
supported such a bill? I think not.
Cause, Effect, and Human Nature
Crafting laws is not my expertise. I do, however, know a bit about
human motivation, have studied it in organizations, have
developed instruments to measure it and some of the things that
contribute to it, and have published several refereed journal
articles about it. My concerns regarding H.R. 775 are largely related
to provisions that will seriously reduce the incentives that
enterprises have to reduce Y2K risks, get Y2K work done, and be
prepared for Y2K contingencies.
I do not believe that the U.S. Congress would seriously consider
legislation that would tie the hands of the FDIC (Federal
Deposit Insurance Corporation) or the SEC (Security and Exchange
Commission) in keeping the pressure to reduce Y2K risks
on the enterprises they regulate. It seems that the plaintiff's bar
and the threat of litigation essentially provides that same external
motivation to do the right thing, especially in less-regulated
industries. Certainly Congress does not want to tie the hands of these
pseudo-regulators by reducing the potential penalties on those who
fail to do the right thing about reducing and managing Y2K
risks?
It's just basic human motivation, granted a negative incentive, but it
works � Look how good the banks regulated by the FDIC
are doing with reducing their Y2K risks; and how poorly the largely
unregulated chemical processing industry is doing, or small
businesses. And negative motivations (i.e., deterrents) are why we
have laws against robbery, murder, assault, and things like
that too.
Ask yourself why U.S. banks are in such good shape (e.g., less that 5%
on the FDIC's unsatisfactory list, based on clearly
define and published criteria, verified by external FDIC audits) when
compared with U.S. electric utilities (e.g., 28% did not
even have plans as of the January 11, 1999 North Electric Reliability
Council/Department of Energy report, based on
self-reported answers to vaguely worded question) or small businesses
(e.g., 40% plan to do nothing according to a National
Federation of Independent Business/Gallup study)? A big part of the
answer is the pressure of external regulation, and the threat
of externally imposed pain by the FDIC versus nothing whatsoever (in
most every case) by state utility regulators.
To risk reducing the present motivations to do the right thing about
imminent Y2K risks, that we all agree are real although we
may disagree as to their degree, in the name of preventing or
controlling or reducing some possible future litigation that may or
may not be frivolous and that may or may not ever even happen,
especially if people do the right thing, seems callously reckless.
If Congress were advised that the flow of illegal drugs into the U.S.
was going to increase ten fold next year, would you pass a
bill reducing the penalties on drug dealing? Of course not, it�s
ridiculous to consider such nonsense. Would you consider
protective legislation if any legal industry came to Congress and
pleaded for relief from future damages caused by their defective
products? No, because that is equally ridiculous. Why then would you
consider reducing the penalties on hurting U.S. citizens
and businesses with defective I/T products? Is it any less ridiculous?
I think not.
And consider the long-term unintended dire consequences that would
come from legislatively protecting the poor quality
practices of most software developers. In physics we have the law of
cause and effect, action and reaction. Remove the law of
gravity and things float away. In the economics of this information
age, if you remove the gravity of the consequences for
manufacturing shoddy I/T goods, then quality will further deteriorate
and you will get more shoddy I/T goods. It really wasn�t
any different in the industrial age, and that is why we did not exempt
industries or technologies from accountability for their
actions. Why would we choose to do so now? Can we can build a sound
economic future on a poor quality art form? Certainly
we are not that foolish or frivolous either.
Anti-Readiness & Anti-Responsibility Provisions
Among the provisions that seem to run the greatest risk of unintended
negative consequences by inadvertently creating
disincentives to get Y2K work done are the following three:
(1) Eliminating or reducing officers and directors liability in Y2K
cases: For too many Y2K projects it's just been too hard
getting the attention of these executives and the resources they
control allocated to Y2K work. The threat of litigation is a threat
to their productive time (in depositions, court, and so on). There's
is no good public policy reason to take the pressure off
executives to do the right thing, in fact the SEC and FDIC and
stepping up their pressures. Remove the gravity of the
consequences if you fail to properly act in dealing with Y2K and
spending for Y2K work will float away. Do your really want to
promote, even reward, negligent behavior with these perpetrator
protection provisions of H.R. 775?
(2) Creating a cooling-off period: At first it sounded like a
wonderful idea, but what it will do is artificially extend the
deadline
for vendors and others to get their Y2K work done while customers
(i.e., your neighbors, constituents, and voters) sit there in
financial meltdown, hopelessly helpless, and going out of business.
Seems the only thing it cools off is the pressure on vendors to
get their Y2K repairs done in time while those who were depending on
them to be done on time will be left to suffer.
Picture this unintended consequence of H.R. 775: A small business
person in your community, one of your supporters, buys a
software product tomorrow and is told that it is �year 2000 compliant�
by the manufacturer. On January 1, 2000 the software
locks up, corrupts their data, and refuses to work. Your constituent
cannot do business and yet, thanks to H.R. 775, cannot
take any legal action either to remedy their plight. They can not
afford to hold out, their business fails, jobs are lost, and the
software vendor gets to keep selling shoddy products and providing
erroneous information about them. Is this really the
outcome you want � Protecting the guilty at the expense of the
innocent? This is likely to be the outcome we will get with H.R.
775's cooling-off periods.
(3) Anything else that would reduce the penalties on harming others,
like limits on punitive damages. Is there any good public
policy reason to make murder or robbery or fraud legal if one commits
such crimes with a computer? Of course not, but that is
exactly what you are being asked to do in supporting these kinds of
provisions in H.R. 775. Further, if enacted, such provisions
would punish consumers and business owners of all sizes by making them
financially responsible for the Y2K repairs caused by
the poor programming and poor planning of those they depended upon in
I/T and other high-tech companies. Moreover, these
liability limits would unintentionally serve as "disincentives" to
corporate America to fix their Y2K problems; now. After all,
what's worse, the specter of a lawsuit with a $250,000 cap and other
favorable legislated litigation biases, or developing a
multimillion dollar fix for a systemic Y2K problem?
And perhaps the potentially most devastating unintended consequence to
the long-term economic well being of the our country,
and the information economy, is the provision that excludes damages to
data entirely, since �actual damages� in H.R. 775
appear to include only injury to �tangible property� and data are
often not considered tangible property. Think of it, the
destruction or corruption of data, a principal asset of the
information age economy, second only in importance to people and
their knowledge (which is sometimes embodied in software products), is
protected if you do it with non-Y2K- ready I/T
products. Destroy data with a match or a scissors and you�re headed
for jail, but do it with software and you�re off free and
clear. Is that the intended consequence of this legislation? Of course
not, but that will be the unintended outcome if such
provisions become law.
Conclusions The sad reality of the year 2000 problem is that this is
the first time our information-based society is confronted
with paying a demonstrable bill for the shoddy practices of
information systems management and software development that
have been with us for more than four decades. The fortuitous
opportunity of the Y2K problem is that it provides us the
motivation to change these enormously wasteful and unsustainable
practices. In fact we are starting to see some positive trends
in this regard already, and there are provisions in H.R. 775 that
threaten to destroy the incentives for such improvements, and
thereby unintentionally threaten the productivity, quality, and
sustainability of U.S. economic well being.
U.S. economic well being, as well as national security, rely on a
dependable and fully accountable information infrastructure.
Congress is being asked via H.R. 775 and similar bills to place
elaborate limitations on the recourse any injured parties would
have in the case of I/T created economic damages. The passage of H.R.
775 will have the unintended consequence of injuring
technology progress by giving a special and unique set of exemptions
from accountability that no prior technologies have ever
received.
There are possible positive roles for Y2K legislation, like
encouraging alternative dispute resolution, achieving more fairness in
proportionate liability, or somehow extending statutes of limitations
so that the current focus can be on mitigation instead of
litigation. Even corporate welfare provisions of questionable
desirability like Y2K tax incentives can have positive
motivational outcomes, assuming one can ensure that the dollars are
spent on actually mitigating Y2K risks.
But H.R. 775 is a bill with provisions that will have some very
detrimental and damaging unintended consequences. Dire
consequences that will hurt many American consumers, small business
owners, and investors. Even worse, are the dreadful
unintended consequences that could compromise the ability of the U.S.
to succeed in this age of information.
If these anti-Y2K-responsibility and anti-Y2K-readiness provisions
prevail, when history books are written our descendants
will look at this as the time when the U.S. decided to yield our
technological and economic progress to special interests seeking
absolution from accountability for the consequences of their actions.
If you happen to be a reader of Toynbee's history, you will
recall that he singles out the institutionalization of special
interest exemptions from taxes, legal obligations, and accountability
for
crimes as one of the contributors to the break down of once
adventurous and vigorous civilizations.
Software and other I/T products should be treated like any other
products. Please, do not legalize hurting others or committing
crimes with high technology in the name of trying to help with Y2K
problems or in the hopes of furthering general tort reforms.
Y2K places far too much at risk already and we have neither time nor
resources to waste on such diversions.
If I can answer any of your questions or provide you with any
additional information, I am at your service.
-- Shelia (Shelia@active-stream.com), June 29, 1999.