User beware--Y2K compliance claims could be bogus

greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread

This article got my attention. BellSouth (my telco) says they're receiving incorrect compliance info from vendors...

http://www.orlandosentinel.com/news/y2k/s070199_y2k01_19.htm

-- Linkmeister (link@librarian.edu), July 06, 1999

Answers

User beware -- Y2K compliance claims could be bogus

Richard Burnett of The Sentinel Staff

Published in The Orlando Sentinel on July 1, 1999.

People may lie about age, money and sex, but one of the biggest fibs plaguing corporate America today is a lie about Y2K readiness.

Many businesses are being misled -- in some cases, 50 percent of the time -- when they try to find out if their computers are prepared for the so-called millennium bug, Y2K consultants say.

Beware, they say, when a company sticks a shiny "Y2K-compliant" sticker on your PC or otherwise promises there'll be no problem when Jan. 1 arrives.

Check it out yourself, the experts say. The claim could be bogus.

"Unfortunately, such misrepresentations by vendors can be pervasive," said Art Filip, lead Y2K consultant for IBM Global Service, based in Orlando. "Too many are lying to say for legal reasons they are Y2K compliant.

"It's causing big trouble now, and after everybody finds out the real truth, there's going to be a major shakeup in a lot of business relationships because of the economic impact."

[snip]

Government and industry have launched a multibillion-dollar effort to re-program and prepare their computers for the date change on Jan. 1.

In Florida, the chairman of a governor's Y2K task force said many businesses have complained about the growing number of false Y2K- compliance claims.

"In some cases, we've been told the Y2K lying rate is as high as 50 percent," said Tom McGurk, who is also secretary of the Department of Management Services.

BellSouth Corp., for example, told state officials that more than half of the compliance claims by its vendors turned out to be incorrect when they were independently tested, he said.

Such reports follow a state law passed last month that limits liability suits involving Y2K-related computer failures and a move on the federal level to do the same.

Shrugging off last-minute White House concerns, House lawmakers on Wednesday agreed to bring a bill limiting Y2K lawsuits to the floor today for certain passage. The Senate also could approve the legislation today.

The federal bill would give companies 90 days to fix Y2K-related problems before lawsuits could be filed. It also would set punitive damage caps for small businesses, make it harder to file class-action lawsuits and states that, in most cases, a defendant would be held liable only for the proportion of damage it causes.

Critics, including trial lawyers and consumer groups, say the state and federal laws favor big business and hurt consumers by creating extreme barriers to lawsuits. Those barriers on a state level include requiring proof of exorbitantly high monetary damages before a suit can be filed.

"It provides a whole new level of defense for these kinds of suits," said Jim Page, an Orlando lawyer focused on Y2K issues. "It sets the bar so high for what you have to prove, it can only be an invitation to lie about Y2K compliance."

But supporters of legal restrictions say they will help prevent frivolous lawsuits and save billions of dollars in unnecessary litigation. The incidence of so-called "Y2K lying" is being exaggerated, they said.

"Lying about the compliance status of your products is certainly not the way to maintain customer relationships," said Bob Cohen, vice president of the Information Technology Association of America, a Washington trade group. "It flies in the face of reason to say that many are doing that. I'm sure there are some bad actors out there, but it is not representative of the industry."

But a number of businesses in Central Florida disagree, saying they are having problems with claims.

"I've had a lot problems with some of the answers I get," said Phil Hamilton, office administrator and Y2K coordinator for Gurney & Handley, an Orlando law firm. "Sometimes they just don't check out. Now I've learned to be cynical from the start, and the easy answers are the ones I distrust the most."

Most small businesses don't have enough money to test vendors' Y2K- compliance claims, he said. But they can ask questions, do research and learn from the experience of other businesses that use the same computers, Hamilton said.

Lockheed Martin Corp., for example, has the resources to independently test all vendor claims.

"In some areas, we've had vendors say all their systems are compliant, but when we delved deeper, we found out they weren't when combined with other third-party systems," Lockheed spokeswoman Elaine Hinsdale said. "So, yes, we have had to address those issues."

----------------------------------------------------------------------



-- Linkmeister (link@librarian.edu), July 06, 1999.


Thanks Link-man. This is just ONE of my concerns with John Koskinen's attitude that certain aspects of our infrastructure will not fold "according to the information we've recieved".

a posted a thread not long ago, that was a poll of IT professionals found on Yardeni's site. The *majority* of these individuals openly admitted to taking compliance verification of their vendors and suppliers "by phone contact or letter". They simply took their word for it. As high as 50% caught in lies? Why should anyone spewing lies be concerned about it. This country places little value on the truth, just ask our President and then take another pole.

-- Will continue (farming@home.com), July 06, 1999.


Linkmeister:

I wouldn't doubt at all that some vendors are lying regarding their compliance, but (on the other hand), think that SOME of them truly tested their software and found it compliant. It's for these that some of the legislation has been passed.

The article stated:

""In some areas, we've had vendors say all their systems are compliant, but when we delved deeper, we found out they weren't when combined with other third-party systems," Lockheed spokeswoman Elaine Hinsdale said. "So, yes, we have had to address those issues." "

This paragraph brought back not-so-fond memories of my years as a systems' programmer. I could set up a system to test the product from vendor 1 and it would work fine. I could set up a system to test the product from vendor 2 and it would work fine. However, when I set up a system to combine both those systems, failures occurred.

Companies can have software from thousands of vendors. I'm not convinced that it's a vendor's responsibility to ensure that it will run compliantly when combined with any/all software from the thousands of other vendors out there. I think it's the company's responsibility, and Lockheed certainly acted responsibly on this one.

-- Anita (spoonera@msn.com), July 06, 1999.


In view of the above, I have a question for you Anita:

What does "y2k COMPLIANT" mean ?

What does "y2k READY" mean ?

What does "y2k SUPPORTABLE" mean ?

What does "y2k CAPABLE" mean ?

What about "y2k SUITABLE" ?

And "y2k FIT"?

And "y2k o.k."?

And "Y2K-OKAY" ?

And "y2k on-track"?

And "y2k COMPATIBLE" ?

And "y2k APT"????

And "y2k tolerant"?

And "y2k CONFORMING" ?? (that's a new one!!)

What does "all repairs completed" mean?

What does a Y2K sticker with a "check" sign mean?

I could go on and on, but for the sake of time let me ask a few other pertinent questions:

-Would everyone agree on the correct definitions of these terms?

-Is there any valid international definition of these terms?

-How will all of these fudged-up definitions affect internal and external import, processing, and export of data before, during and after roll-over?

-How will compatibility of interfases be affected?

Maybe our dear friend Flint could help us to clarify this most "swept-under-the-rug" aspect of y2k, right? Where is Flint anyway ? (I miss him!)

Take care

-- George (jvilches@sminter.com.ar), July 06, 1999.


George, here's another one I heard from my power co: "Y2K Certified". Don't know if that means they are certifiable or not.

The placement of the Florida Power & Light Y2K "ready" announcement was, I thought, rather ironic. I wonder if the Sentinel got a nasty telephone call from FPL public relations?

-- Margaret (janssm@aol.com), July 06, 1999.



Margaret, Florida Power & Light probably meant that they are "Y2K READY" to face disruptions! You see, legally, with no internationally accepted definitions of compliance, all of these terms mean NOTHING. I said N-O-T-H-I-N-G .

Easily, come 2000, FPL can say: "We didn't lie!" "We said we were Y2K ready", that is, 'ready' to face y2k disruptions and eager to solve them with all our best effort and goodwill, yada, yada, so Help Us God" or something fudgy to that extent.

Take care, thanks for the input

-- George (jvilches@sminter.com.ar), July 06, 1999.


Personally, George, I think you're pulling my chain here, but I'm waiting for a phone call so have some time to kill. I'll answer with what I've learned and what I believe to be true. You don't have to believe it, and I doubt that you will.

What does "y2k COMPLIANT" mean ?

Y2k compliant is the tricky one. I've addressed this previously. I'll use the most anal-retentive definition. ALL dates have been expanded to four digits, systems tested, and verified by outside auditors.

What does "y2k READY" mean ?

This is the second-most tricky. It either means that critical systems will function correctly beyond the Year-2000 (with exceptions being those that don't interfere significantly....as in the clock in your car may not work correctly, but your engine will start and your car otherwise will function normally), OR, it may mean that all dates have NOT been expanded to four digits, yet will function throughout the year 2000 and throughout several subsequent decades. This could ALSO include systems tested and verified by outside auditors. What does "y2k SUPPORTABLE" mean ? What does "y2k CAPABLE" mean ?

I'll join these two (if I may). I believe these refer to operating systems and languages. While a systems programmer, I pointed out to my employer that without the latest release of an operating system, the current system would NOT support the year 2000. However, obtaining the upgrade didn't necessarily mean that everything needed to be converted immediately. It was sortof an AC/DC situation. You could go either way. I see CAPABLE in the same vein. Certain releases of languages or operating systems at previous releases were not capable of capturing 4-digit dates. New verbs were provided in the new releases to capture the 4-digit dates, yet the old verbs were still supported. What about "y2k SUITABLE" ? And "y2k FIT"? And "y2k o.k."? And "Y2K-OKAY" ?

I've not seen the above terms used, George.

And "y2k on-track"?

I've seen this term used to describe an installation that has set a date and met preliminary milestones on time.

And "y2k COMPATIBLE" ? And "y2k APT"???? And "y2k tolerant"? And "y2k CONFORMING" ?? (that's a new one!!) What does "all repairs completed" mean?

I've not seen these either.

What does a Y2K sticker with a "check" sign mean?

The only ones I've seen with these are those stupid AMANA ads. Yes...our salt/pepper shakers are Y2k compliant. They've been treated as jokes all over the internet, George.

The rest of your questions were additional chain-jerkers, George. I really don't care if my town's street lights are Y2k compliant or whether the date has been set back to 1972. All I care about is that they work and will continue to work for decades. The same holds true for my feelings on ready or compliant. As long as systems can communicate, I really don't care if the date has been expanded to 4 digits or used windowing to expand the dates.

Regardless of methods used or terminology used, George, I DO think we'll be able to communicate internationally.

-- Anita (spoonera@msn.com), July 06, 1999.


I am responding to this thread following a request by Cary MC from TX in another thread.

Firstly, thanks to Linkmeister for another interesting and thought provoking find. My comments (just my opinion, nothing more) on the article are as follows.

The first paragraph is mostly journalistic scene-setting, so I'll skip to the first bit of nitty-gritty.

{snip} ""Unfortunately, such misrepresentations by vendors can be pervasive," said Art Filip, lead Y2K consultant for IBM Global Service, based in Orlando. "Too many are lying to say for legal reasons they are Y2K compliant. "It's causing big trouble now, and after everybody finds out the real truth, there's going to be a major shakeup in a lot of business relationships because of the economic impact."" {end snip}

This is a very odd paragraph. Firstly, I'm amazed at someone from IBM Global Service being quite as blunt (and, dare I say it, controversial), but I'm also suspicious that there could be an element of context or companion text missing here. The choice of words just doesnt seem to suit a Y2K project specialist from IBM. This sentence in particular "Too many are lying to say for legal reasons they are Y2K compliant" bothers me, both for its strange grammatical structure, leading it to be almost meaningless, and also because I cant seem to put those words into an-IBM-guy-talking-to-the- press-on-the-record's mouth. In any case, the next sentence restores us to terra firma. If firms are lying now, then they will be gone soon, because in 6 months time or so, they will be looking for some new companies to do business with. If the case is rather that the vendors are telling what they believe to be the truth, and the corporates are discovering oversights on deeper testing, then that doesnt constitute lying. It is of concern though. And its great that it is being highlighted.

Next paragraph . .

{snip} In Florida, the chairman of a governor's Y2K task force said many businesses have complained about the growing number of false Y2K- compliance claims. "In some cases, we've been told the Y2K lying rate is as high as 50 percent," said Tom McGurk, who is also secretary of the Department of Management Services. {end snip}

"In some cases . . we've been told" NOT very definitive. Im more interested in details and cases, so lets get to those, because this is simply "story development". (An important sounding person making scary sounding noises. It gets people's attention).

{snip} BellSouth Corp., for example, told state officials that more than half of the compliance claims by its vendors turned out to be incorrect when they were independently tested, he said. {end snip}

This is very interesting, and of some concern. I'd prefer to reserve comment until I have had the chance to read all the information which BellSouth gave to the state officials. Can anyone find a complete transcript online and link it ? If not, then we're analysing a sound bite. Sorry if this sounds wishy-washy.

Skip past the legalese wrangle-fest and onto the next nugget. . .

{snip} "Lying about the compliance status of your products is certainly not the way to maintain customer relationships," said Bob Cohen, vice president of the Information Technology Association of America, a Washington trade group. "It flies in the face of reason to say that many are doing that. I'm sure there are some bad actors out there, but it is not representative of the industry." {end snip}

Well I must say that this sounds not only a very sensible reading of the situation, but also one with the "ring of truth". What on earth would vendors stand to gain by lying ? A few more months in business, and then a reputation which would bar them forevermore from dealing with the corporate market ? Thats a no-brainer. Maybe, as the man says, there are a few out there doing so, but to suggest, or deduce, that its representative indicates an incredible degree of complicity and negligence, and I just dont buy it. More likely, companies are claiming compliance and later finding they have overlooked compatibility issues. Thats a valid part of the process of checking. Any compliance statement can only be as good as the current information which it is based on. If new info comes to light, one has to adjust. Which is why this is great news, because it means that the most important companies in the world are in the middle of doing just that, RIGHT NOW. So, to the last bit . .

{snip} But a number of businesses in Central Florida disagree, saying they are having problems with claims. "I've had a lot problems with some of the answers I get," said Phil Hamilton, office administrator and Y2K coordinator for Gurney & Handley, an Orlando law firm. "Sometimes they just don't check out. Now I've learned to be cynical from the start, and the easy answers are the ones I distrust the most." Most small businesses don't have enough money to test vendors' Y2K- compliance claims, he said. But they can ask questions, do research and learn from the experience of other businesses that use the same computers, Hamilton said. Lockheed Martin Corp., for example, has the resources to independently test all vendor claims. "In some areas, we've had vendors say all their systems are compliant, but when we delved deeper, we found out they weren't when combined with other third-party systems," Lockheed spokeswoman Elaine Hinsdale said. "So, yes, we have had to address those issues." {end snip}

Here lies the rub. "Be cynical from the start and distrust the easy answers." Boy oh boy, you couldnt give better advice than that to businesspeople on ANY subject. Its very likely that many many small businesses are only just about informed enough on Y2K to even ask their vendors if theyre compliant. If they take "Yes, sure, dont worry" as a good enough answer, then they sink or swim. Thats business. Any commercial organisation hoping to trade into the next millenium will have to get used to being a little sharper than that I suspect.

And in the end, it seems that the underlying information here, the peg that all this is hung on, is reasonably predictable. Vendors may think that theyre 100% compliant, but some find they arent when they start trying to integrate 3rd party systems. Uh . . is that like Microsoft debugging their product in the public arena, because there are just too many other products out there to be able to issue software thats 100% guaranteed bug-free ? Sure it is, and in the same way that that situation doesn't cause the collapse of the infrastructure, or the end of the world, neither will some isolated vendor/buyer problems either.

But the market will sort it out. Those who lied will die, because the buyers will never trust them again. There will be isolated problems, nobody denies that. But into the frame will step some newer, wilier, sharper vendors who ARE functional, and compliant, and they will snap up the market share with no hesitation.

Kind Regards

W

-- W0lv3r1n3 (W0lv3r1n3@yahoo.com), July 06, 1999.


W0lv3r1n3,

Thank you for posting your thoughts regarding Linkmeister's article. I'll just add a few of my own thoughts to yours.

"This is a very odd paragraph. Firstly, I'm amazed at someone from IBM Global Service being quite as blunt (and, dare I say it, controversial), but I'm also suspicious that there could be an element of context or companion text missing here. The choice of words just doesnt seem to suit a Y2K project specialist from IBM." This sentence in particular "Too many are lying to say for legal reasons they are Y2K compliant" bothers me, both for its strange grammatical structure, leading it to be almost meaningless, and also because I cant seem to put those words into an-IBM-guy-talking-to- the- press-on-the-record's mouth."

I agree with you to this extent, the grammatical structure of the sentence seems strange, although after re-reading it a couple of times I believe that it means, that companies would lie about their compliance in order to avoid legal liabilty. Also, this statement by Art Filip could definitely be out of context. It would be very interesting to call him and ask for clarification ,and if he was mis- quoted in this article.

"In any case, the next sentence restores us to terra firma. If firms are lying now, then they will be gone soon, because in 6 months time or so, they will be looking for some new companies to do business with. If the case is rather that the vendors are telling what they believe to be the truth, and the corporates are discovering oversights on deeper testing, then that doesnt constitute lying. It is of concern though. And its great that it is being highlighted."

You're correct in so far as that it doesn't necessarily mean they are lying or misleading on purpose, but a saying comes to mind when considering this.....that ignorance of the law is no excuse. In this case where does liabilty lay if incompetence or ignorance causes untold failures that could involve, besides economic consequences, the loss of life? Your final statement "And its great that it is being highlighted" makes me wonder how much will slip through the cracks, and which ones will be "highlighted". Guess that's the $64,000 question.

"In some cases . . we've been told" NOT very definitive. Im more interested in details and cases, so lets get to those, because this is simply "story development". (An important sounding person making scary sounding noises. It gets people's attention)."

True, but shouldn't Tom McGurk, Florida's chairman of the governor's Y2K task force, have more insider information, and be given some credence due to his position?

You said regarding the BellSouth Corp statement:

"This is very interesting, and of some concern. I'd prefer to reserve comment until I have had the chance to read all the information which BellSouth gave to the state officials. Can anyone find a complete transcript online and link it ? If not, then we're analysing a sound bite. Sorry if this sounds wishy-washy."

It does sound a little "wishy-washy", especially since we're analyzing all the other "sound-bites". (g) I'm going to go ahead and take this statement by BellSouth at face value, since the possiblity of someone being able to find the link and shed more light on it is remote. For Clarification here's the quote again:

BellSouth Corp., for example, told state officials that more than half of the compliance claims by its vendors turned out to be incorrect when they were independently tested, he said.

My take on it is this. Assuming that BellSouth's experience is typical, it seems to be an either or type of situation....Either there's rampant incompetency or lots of fibbing going on. I also loved his use of the word "incorrect", a carefully worded statement so as not to imply duplicity. Definitely a savvy corporate speaker.

You said regarding Bob Cohen, vice president of the Information Technology Association of America's thoughtful statement.

"Well I must say that this sounds not only a very sensible reading of the situation, but also one with the "ring of truth". What on earth would vendors stand to gain by lying ? A few more months in business, and then a reputation which would bar them forevermore from dealing with the corporate market ? Thats a no-brainer. Maybe, as the man says, there are a few out there doing so, but to suggest, or deduce, that its representative indicates an incredible degree of complicity and negligence, and I just dont buy it. More likely, companies are claiming compliance and later finding they have overlooked compatibility issues. Thats a valid part of the process of checking. Any compliance statement can only be as good as the current information which it is based on. If new info comes to light, one has to adjust. Which is why this is great news, because it means that the most important companies in the world are in the middle of doing just that, RIGHT NOW. So, to the last bit . .

You say you "just don't buy it". Man I hear you! It would be so much nicer if vendors etc. wouldn't lie or be negligent. Although I fear in this case, the complications that are arising from Y2k remediation, and all it entails from an unforgiving deadline, to the creation of new bugs, is just more than most hardworking, good intentioned people have ever had to deal with. They're almost in a corner, and nothing they do or don't do in some respects must be like being between a rock and a hard place. Maybe some are facing this question. Either, we stay in business for 6 more months and hope the ramifications aren't as great as some believe. Or, do we tell the truth now and face the possiblity of going out of business tomorrow.

To Phil Hamilton's statement, you responded.

"Here lies the rub. "Be cynical from the start and distrust the easy answers." Boy oh boy, you couldnt give better advice than that to businesspeople on ANY subject. Its very likely that many many small businesses are only just about informed enough on Y2K to even ask their vendors if theyre compliant. If they take "Yes, sure, dont worry" as a good enough answer, then they sink or swim. Thats business. Any commercial organisation hoping to trade into the next millenium will have to get used to being a little sharper than that I suspect.

Having been in business for myself for over 25 years, cynasism comes pretty natural for me. You say, "If they take Yes, sure, dont worry" as a good enough answer, then they sink or swim. Thats business." In this case it could be life or death, and this is exactly what a lot of our community leaders and national public figures are saying to the American public, ie, "Don't worry all is well". The majority aren't applying any cynasism to those statements what-so-ever. I hope your wrong though...about sinking or swimming.

And in the end, it seems that the underlying information here, the peg that all this is hung on, is reasonably predictable. Vendors may think that theyre 100% compliant, but some find they arent when they start trying to integrate 3rd party systems. Uh . . is that like Microsoft debugging their product in the public arena, because there are just too many other products out there to be able to issue software thats 100% guaranteed bug-free ? Sure it is, and in the same way that that situation doesn't cause the collapse of the infrastructure, or the end of the world, neither will some isolated vendor/buyer problems either.

I have to really take exception to your above statement. Microsoft is only one product...when implementing a new software program it doesn't effect everyone. Your conclusion that this will be "some isolated vendor/buyer problem" doesn't correlate in the context, that Y2k is global and not an "isolated" situation that affects only a handful of companies.

But the market will sort it out. Those who lied will die, because the buyers will never trust them again. There will be isolated problems, nobody denies that. But into the frame will step some newer, wilier, sharper vendors who ARE functional, and compliant, and they will snap up the market share with no hesitation.

The above statement is definitely true if we're talking about a BITR, but I believe we would be wise by refraining from making blanket statements regarding the outcome of Y2k.....the fat lady ain't sung yet. Assuming that the market will take care of this in some seamless fashion seems, a little optimistic to me.

Thanks for the discussion.

Regards,

Cary



-- Cary Mc from Tx (Caretha@compuserve.com), July 06, 1999.


Dear Anita,

You say that you doubt that I'll believe your answer. Well, you are wrong again, because I DO believe your answer!!

Yes sir, I believe that your expert witness testimony (above) duly confirms the horrendous confusion in the minds and the work of programmers trying to fix y2k. Same goes for their bosses and their bosses' bosses.

As far as the y2k terms you have never heard of before, Anita please let me inform you that their use is widespread throughout the world, maybe not as much in the USA, but certainly in Europe, Asia, and Latin America. Same as your semantics ramblings above, these terms mean any thing to any body. Thus, incompatibility of interfaces is guaranteed. Please see "www.y2knewswire.com" for full description of this phenomenon.

Talking about Internet jokes Anita, please be advised that just about every PC in Latin America has got these bizarre "Y2K O.Kay" stickers on them (banks, points of sale, etc.). And no Anita, we are not talking about salt and pepper here (ha, ha). We are talking about money (that green stuff, you know?). These stickers are freely sold in the streets of Sao Paulo, for example, at a cost of one dollar per dozen. As a result, people walk into banks and are completely mislead into thinking that "The computers in this bank are O.Kay, so I'll deposit some more of my money here", although remediation is far from over, let alone testing. And if you tell me you don't care about this or can't see the impact for international trade and finances and its direct link to the US economy (meaning YOU Anita), well then you must live inside a jar of mayonaisse (unopened) or a plastic wrapped peanut butter & jelly sandwich.

Anita, your last comments above also confirm that your wishfull thinking is as large as your ego.

Dear Anita, I think you need help from Flint on this one, don't you?

By the way, where IS he? You need him bad and you need him now for Crissake!!

Warm regards

-- George (jvilches@sminter.com.ar), July 06, 1999.



George:

You're becoming quite predictable in your responses. LOL. Thanks for the humor. I welcome it today. Another day I might not have wasted my time on a response to you, but (as I said), I had time to kill this morning.

-- Anita (spoonera@msn.com), July 06, 1999.


Dear Anita,

If you keep insisting in closing your eyes and ears on y2k, you're not only going to "kill this morning", you may also end up "killing yourself". I don't want that, 'cause you are stubborn but beautiful.

Warm regards again

-- George (jvilches@sminter.com.ar), July 06, 1999.


Check out this site for summaries on BellSouth's and FPL's progress (as well as other Florida utilities). According to BellSouth's summaries, they haven't made much remediation progress since January.

They report monthly to the Florida Public Service Commission. The June 1999 summaries should be posted soon.

(Sorry, I don't know how to hot link.)

http://www2.scri.net/psc/y2ksum2.html

-- (TooShy@tosay.com), July 06, 1999.


Good catch Linkmeister!

-- Diane J. Squire (sacredspaces@yahoo.com), July 06, 1999.

Moderation questions? read the FAQ