Previous Page

The Great Computer Crash of 2000

Year 2000 disclosure issues

Federal and state laws generally impose a duty on the officers and directors of corporations to disclose to current and potential investors all facts that are "material" to the corporation's present and future financial health. The scope of material information is broad, and generally is regarded to be any information that a reasonable investor would consider important. Disclosure failures can lead to corporate liability and personal liability of officers and directors. Thus, you should review securities laws and common and statutory laws relating to fiduciary duties and disclosure requirements to determine whether a duty to disclose year 2000 problems is present. Where uncertainty exists, disclosure may be the best option to avoid government enforcement actions and investor suits for fraud or other violations.

Regarding public companies, the primary laws of concern are the Securities Act of 1933 and the Securities Exchange Act of 1934. These laws require the disclosure of material information in connection with the registration, offering, and sale of securities and the solicitation of proxies, and also require the reporting of financial conditions in annual 10-K, quarterly 10-Q, and other reports. This can include the reporting of not only past and current financial conditions, but information that could have an effect on future financial conditions. The Securities Exchange Commission (SEC) has stated that year 2000 problems and costs often will be material and that their existence and ramifications should be noted in MD&A (Management's Discussion and Analysis of Financial Condition and Results of Operations) sections of annual 10-K and quarterly 10-Q reports,²⁵ as well as in any other SEC forms and reports requiring such disclosures. Unfortunately, the SEC has not yet offered specific advice regarding the scope of necessary disclosures. Companies seeking more specific guidance may want to review 10-K and 10-Q reports of larger corporations, particularly those in the finance and insurance industries, to learn what other companies are doing.²⁶ Where questions arise regarding the sufficiency of proposed disclosures, it is wise to err on the side of excess detail.

Other disclosure obligations to investors may arise owing to reporting duties imposed on accountants, auditors, and other professionals, or from contractual obligations to creditors or other parties. Additionally, business entities whose activities are highly regulated by particular government agencies should determine whether these agencies have promulgated any rules or guidelines specifically relating to the year 2000 problem. As an example, pursuant to notices issued by the Federal Financial Institutions Examination Council (FFIEC),²⁷ financial institutions may be subject to closer scrutiny if disclosure sufficiency questions arise.

Insurance coverage

You should inventory and analyze your client's insurance policies to determine whether they could cover damage caused by year 2000 noncompliance, help pay for compliance efforts, or provide protection if claims arise from your client's noncompliance.²⁸ Many standard policy terms exclude from coverage most year 2000 problems: Solely financial damage may not be covered; definitions of "property" may exclude loss of computer use and data corruption from property damage (and "property damage" may extend only to damage to property apart from the software/hardware itself); year 2000 problems may not be a specified peril for which coverage applies; and so on.

Policies covering damage from "unanticipated" or "unpredictable" factors arguably may not apply since the year 2000 problem was created purposefully by software and hardware engineers to conserve expensive memory space; thus, it can be said to arise owing to an economic design choice rather than an error or accident. However, some provisions relating to property damage and damage to business records may allow recovery.²⁹

Tax issues

Careful tax treatment of year 2000 compliance costs could decrease their burden. Recent Internal Revenue Service (IRS) guidelines generally allow same-year expensing of costs rather than capitalization and amortization.³⁰ Document the steps taken to attain year 2000 compliance to support the preferred tax strategy in the event of IRS inquiries.

Export and foreign law issues

Be aware that a slew of international tax and contract issues can arise if your client looks to "offshore" consultants to solve year 2000 problems. Export problems also can arise where sensitive technology such as encryption algorithms are involved.³¹

Will you be prepared for the year 2000?

This article summarizes only the most basic year 2000 legal issues to provide a starting point for a year 2000 compliance program. Each year 2000 situation is unique and requires careful analysis for additional issues. As you help your clients work towards compliance, keep an eye on the Legislature, government agencies, and the courts to see whether new developments in the law mandate further precautionary measures.³² With reasonable diligence (or better yet, a high budget for software and hardware upgrades), you and your clients should be able to attain substantial year 2000 compliance in time to take off the weekend following Friday, Dec. 31, 1999.

Endnotes

---

¹ The question asked by all: How old is old? (That is, is my system safe?) ISO-8601, adopted by the International Standards Organization in 1988, was the first widely recognized date standard advocating the use of four-digit year data. However, this does not mean that post-1988 hardware and software is safe. Many programmers and hardware designers did not use four-digit years until the mid-1990s, and there are probably some that still do not use it. Regardless of the age of your hardware and software, you cannot assume that they are free of the year 2000 problem unless their manufacturers (or other reliable sources) have so stated.

² No. 172539, Marin County Superior Court, Calif., filed Dec. 2, 1997.

³ No. 97-3330-CK, Macomb County Circuit court, Mich., filed June 12, 1997.

⁴ Wis. Stat. § 402.313(1)(a) (which parallels U.C.C. § 2-313).

⁵ Wis. Stat. § 402.314(2)(c) (which parallels U.C.C. § 2-314(2)(c)).

⁶ Wis. Stat. § 402.315 (which parallels U.C.C. § 2-315).

⁷ Wis. Stat. § 402.316 (which parallels U.C.C. § 2-316) controls the disclaimer of implied warranties.

⁸ See Wis. Stat. § 402.719(2) (which parallels U.C.C. § 2-719); Murray v. Holiday Rambler Inc., 83 Wis. 2d 406, 430, 265 N.W.2d 513, 525 (1978).

⁹ Wis. Stat. section 402.725(1) applies a six-year statute of limitations running from the date a breach of warranty occurs. In contrast, many other states follow the four-year period applied by U.C.C. § 2-725(1). Thus, in some cases choice of law may be critical. See Office Supply Co. Inc. v. Basic/Four Corp., 538 F. Supp. 776 (E.D. Wis. 1982) (applying the Wisconsin six-year period to a computer hardware/software sales contract despite a California choice-of-law provision (California applying the four-year U.C.C period)). Also note that under both section 402.725 and U.C.C. § 2-725, the limitations period can be shortened by agreement.

¹⁰ Wis. Stat. § 402.725(2), U.C.C. § 2-725(2).

¹¹ See, e.g., ProCD Inc. v. Zeidenberg, 908 F. Supp. 640 (W.D. Wis. 1996), rev'd, 86 F.3d 1447 (7th Cir. 1996). But see Micro-Managers Inc. v. Gregory, 434 N.W.2d 97, 147 Wis. 2d 500 (Wis. Ct. App. 1988) (a contract for development and delivery of custom-programmed software was found to be primarily for services rather than goods, and thus outside the scope of the U.C.C.).

¹² See, e.g., Prof. Raymond T. Nimmer, Preface, Dec. 1, 1995, draft of U.C.C. Article 2B.

¹³ The Article 2 Drafting Committee is making new drafts of Article 2B available as they are completed, and is soliciting and posting commentary by attorneys and the information systemsindustry. As of January 1998 materials can be found on the World Wide Web at www.law.uh.edu/ucc2b.

¹⁴ Wisconsin, like most jurisdictions, has adopted the economic loss doctrine that precludes negligence and product liability tort claims in a commercial transaction where the damages are failure of the product itself and there is no personal injury or damage to other property. Sunnyslope Grading v. Miller, Bradford & Risberg Inc., 148 Wis. 2d 910, 437 N.W.2d 213 (1989); Northridge Co. v. W.R. Grace & Co., 162 Wis. 2d 918, 471 N.W.2d 179 (1991).

¹⁵ See Monique C.M. Leahy, Computer Malpractice, 32 Am. Jur. Proof of Facts 3d (1995).

¹⁶ Under 17 U.S.C. § 202, ownership of copyrights is distinct from ownership of the materials in which they are embodied. 17 U.S.C. § 204 provides that transfers in title to copyrights generally must be in writing to be valid.

¹⁷ The right to create derivative works, as defined in 17 U.S.C. § 101, is reserved to the author(s) of the underlying work per 17 U.S.C. § 106(2). Note that even before any changes to the program's functionality are made, the preliminary task of decompiling software object code to higher-level (and easier-to-repair) source code can itself create a derivative work.

¹⁸ Employers should obtain warranties from consultants that their modifications do not infringe any copyrights and patents.

¹⁹ 17 U.S.C. § 117(1). See, e.g., Aymes v. Bonelli, 47 F.3d 23 (2d Cir. 1995).

²⁰ 17 U.S.C. § 107.

²¹ 17 U.S.C. § 107(4) considers "the effect of the use upon the potential market for or value of the copyrighted work." Thus, if modifications do not "supersede" a provider's products, fair use may be more easily found.

²² The ownership of works made for hire, as defined in 17 U.S.C. § 101, is controlled by 17 U.S.C. § 201.

²³ U.S. Patent 5,600,836 to Harvey Alter (issued Feb. 4, 1997); U.S. Patent 5,630,118 to Daniel Shaughnessy (issued May 13, 1997); U.S. Patent 5,644,762 to Thomas Soeder (issued July 1, 1997); and U.S. Patent 5,668,989 to Decao Mao (issued Sept. 16, 1997).

²⁴ Wis. Stat. § 103.465.

²⁵ SEC Staff Legal Bulletin No. 5, Oct. 8, 1997. MD&A statements are covered specifically in item 303 of SEC Regulations S-K and S-B.

²⁶ Another helpful reference is Beth Duncan, Companies Take a Variety of Approaches to Disclosing Y2K Problems to Investors, 66 U.S. Law Week 2339 (1997). While the risk of preparing disclosures with respect to events that may affect future financial conditions was lifted somewhat by the Private Securities Litigation Reform Act of 1995, the Act provides a "safe harbor" only where future projections (for example, predictions of year 2000 compliance) are coupled with "meaningful cautionary statements identifying important factors that could cause results to differ materially from those in the forward-looking statement."

²⁷ The Dec. 17, 1997, FFIEC Safety and Soundness Guidelines is available on the World Wide Web at the FFIEC home page. Apart from being of interest to financial institutions and their investors, the Guidelines offer information that should assist almost every business entity.

²⁸ For in-depth background of this subject, see Christopher Vaeth, Annotation, Loss of Information Stored in Computer System or on Computer Disk Cartridge, Computer Tape, or Similar Computer Storage Media as Within Coverage of Liability Policy, 85 A.L.R. 4th 1102 (1996).

²⁹ See, for example, Centennial Ins. Co. v. Applied Health Care Sys. Inc., 710 F.2d 1288 (7th Cir. 1983) (finding that the property damage clauses of a controller manufacturer's comprehensive general liability policy covered damage from data loss of a third party who used the controllers).

³⁰ Internal Revenue Service Rev. Proc. 97-50, I.R.B. 1997-45 (Oct. 21, 1997). This scheme agrees with the generally accepted accounting principles (GAAP) for year 2000 costs recommended by the Financial Accounting Standards Board (FASB).

³¹ Certain encryption algorithms are effectively regarded to be munitions under the Arms Export Control Act and cannot be legally exported without permission of the U.S. Department of Commerce and/or Department of State.

³² As an example, on Nov. 10, 1997, Sen. Robert Bennett (R-Utah) introduced Senate Bill 1518 (the Computer Remediation and Shareholder Protection Act of 1997 or CRASH Protection Act) that would require disclosures of year 2000 problems by public companies in somewhat greater detail than SEC guidelines require.