|
|
|
|
|
Legal Briefing: The Millennium Time Bomb - Are You Bomb Proof?Shonaig MacPherson, McGrigor Donald, Edinburgh, Scotland.
Year 2000 Computer Suppliers' LiabilityIntroduction As the Year 2000 approaches, IT Suppliers have identified its advent as an excellent business opportunity with increased demand for consultancy and programming work, even new systems sales, to address the failure of customers' existing systems to process Year 2000 dates satisfactorily. However it may not be the bonanza Suppliers are expecting, especially if Suppliers examine matters from a legal perspective. Suppliers may find themselves in receipt of multiple claims for breach of contract or negligence. Prudent Suppliers should embark upon a risk assessment now to establish the potential scope of their liability. Who will be affected? All businesses involved in the supply or maintenance of computer systems, hardware and software including: software developers system Suppliers system integrators system/software maintainers distributors/value added resellers facilities management providers Risk Assessment In order to ascertain whether or not Suppliers may be liable to their customers for the supply or maintenance of non-compliant systems, Suppliers should undertake a risk assessment exercise now. Suppliers should review all of their current products and services to ascertain whether or not they are Year 2000 compliant. In addition Suppliers should consider whether products sold to clients in say the last 10 years are Year 2000 compliant. (The period for review of past products should be determined by reference to the normal use of the products in question : being the period during which one would not expect to undertake a major upgrading of the product from first supply). For software maintainers and facilities management services providers a similar review should be taken of all products which they are responsible for maintaining or which are used in the provision of maintenance or the facilities management services. Having identified any products or services which are not Year 2000 compliant, all Suppliers should then review the contracts under which they supplied or continue to supply those products or services to determine their contractual position with their customers particularly in respect of the extent of liability. How can Suppliers' liability arise? For software/system Suppliers, liability can arise through contract or by tort or delict. Contractual liability can arise if the contract entered into by the Supplier with the user/customer expressly includes a provision to the effect that the software/system will be Year 2000 compliant. Care should be taken in reviewing contracts to ensure that all relevant contractual documents are considered: for example, the relevant provision could be contained in a system or services specification which was appended to the contract or was included in the invitation to tender which is deemed to be incorporated into the contract. The contract may contain a warranty to the effect that the Supplier's software /equipment /system complies in full or in all material respects with the invitation to tender. System maintenance contracts or facilities management/consultancy contracts may contain service level provisions which provide that the software/system will operate to specific standards which include Year 2000 compliance or that it will operate to a level that enables the customer/user to carry on its day to day business operations without interruption and to predetermined performance criteria. In such circumstances liability for ensuring the system is Year 2000 compliant will be the responsibility of the Supplier/service provider. If there is no express provision in a contract on Year 2000 compliance, liability could still arise as the customer/user could argue that certain terms and conditions are implied into the contract as a result of the application of UK legislation. Under the Sale of Goods Acts 1979 and the Supply of Goods and Services Act 1982 (as amended) goods supplied are to be fit for purpose and of satisfactory quality. Terms to that effect are deemed to be included in all contracts unless they are expressly excluded. Where there is a contract for supply between businesses these implied terms can be excluded provided the exclusion terms are reasonable (as defined by the Unfair Contract Terms Act 1977) (see below). If there is no written contract regarding supply and the software/system has been supplied upon the basis of an invoice or purchase order which does not include express terms, then these statutory terms will be deemed to apply. Where sales are made to consumers for non-business purposes these statutory implied terms cannot be excluded. In the recent case of St Albans City and District Council -v- International Computers Limited, the English Courts held that it was also accepted in common law in England that in the absence of any express term as to quality or fitness for purpose, then there is an implied term that the computer program will be reasonably fit for (i.e. reasonable capable of) achieving its intended purpose. In relation to services contracts, such as maintenance or facilities management contracts, section 13 of the Supply of Goods and Services Act 1982 provides that the relevant service should be provided to a standard of reasonable care and skill. If there is no express exclusion of the implied terms of fitness for purpose or satisfactory quality or duty of care in a contract then a customer may argue that there was an implied term that the system would be Year 2000 compliant. In determining whether or not a term to that effect was included in the Contract the Courts would have to decide when a prudent system Supplier should, in applying best industry practice, have ensured that the system could deal with the Year 2000 dates. This date will inevitably vary depending upon the relevant application and the frequency with which users would normally be expected to upgrade their systems. It is not unusual in software/system supply or maintenance contracts for the contract to be placed upon the basis of the Supplier's standard terms of business. Invariably a Supplier's standard terms of business will contain exclusion clauses, under the terms of which the Supplier will seek to avoid responsibility for ensuring that the system is fit for purpose or of satisfactory quality. The extent to which an exclusion clause to that effect will be enforceable will depend upon the application of, in the case of sales to consumers (ie non-business sales) the Unfair Terms in Consumer Contract Regulations 1994 and in the case of sales to business, the Unfair Contract Terms Act 1977. If the software/system has been supplied to a consumer for non-business purposes, the exclusion clause will be unenforceable. If the system or service has been supplied to a business upon the basis of the Supplier's standard terms of business which contain exclusion clauses, the Supplier will only be able to rely on the exclusion clauses if the clause complies with the reasonableness requirement specified in the Unfair Contract Terms Act 1977. In determining whether or not the clause is reasonable the Courts would consider several factors including the respective bargaining powers of the parties, the price of the system, the resources of each party, the availability of insurance and any other relevant factors surrounding placement of the contract. Customers/users may also seek to argue that the Supplier owed the customer a duty of care to supply a system that would be Year 2000 compliant. To determine liability in such circumstances the Supplier would have to examine the conduct of negotiations between the parties, the nature of the relationship between them, including any previous dealings and the nature of the supply. If liability is accepted, the contract may seek to limit the extent of liability of the Supplier to, for example, repair or replacement only of the defective element of the system or refund of the price paid. Again, the ability to enforce limitations of this nature will be dependent upon application of the Unfair Contract Terms Act 1977 and the Unfair Terms in Consumer Contract Regulations 1994. Suppliers should seek advice on the extent to which such limitation clauses are enforceable. Suppliers should also consult their insurers before embarking upon any strategy to compensate aggrieved customers to ensure that the Supplier will be able to rely on its insurance protection if necessary. Extent of Damages If a Supplier is liable to the customer/user for failure of a system to be Year 2000 compliant the types of damages that a customer/user may seek to recover from the Supplier could include:- costs of an internal audit by the customer to quantify extent of problem; costs of implementation and testing of solution including costs arising from impact upon the customer's underlying business while the solution is implemented; losses arising from system corruption and losses arising from data corruption; any liability arising under the Data Protection Act 1984 where third parties bring claims against customer/user as a result of inaccurate data being maintained or used through non-compliance. Where Year 2000 non-compliance has lead to a complete system failure, the damages could be substantial, particularly in safety critical systems. For maintenance and facilities management service providers, where there is an obligation to ensure that the system is maintained to certain service levels including Year 2000 compliance, or if the Year 2000 non-compliance prevented attainment of the service levels, then the Supplier would have to bear all costs of upgrades/new code to ensure that the service level is achieved. Further there could be contractual penalties for failure to achieve service levels. Some customers may seek to argue that Year 2000 non-compliance should be treated as a "normal" upgrade and part and parcel of their annual maintenance fee. Defences It is inevitable that in any claim, liability and damages will depend on the facts surrounding the contract. Several defences may be available to Suppliers. For example, a specification for a system issued by the customer may have provided specifically that years had to be represented by only the last two digits. The nature of the software/system itself and its "normal" life expectancy may afford a defence, on the basis that as the software/system in the relevant field is evolving at a rapid rate, it was anticipated at the time of supply that the customer would replace or at least upgrade the software/system prior to Year 2000. The time for bringing a claim under the contract may have elapsed. Usually it is six years from breach under contract in England and five years in Scotland: however often contracts provide for a much shorter period of time during which any claims must be brought. What next? Suppliers who have supplied non-compliant systems should seek to mitigate their liability now. This can only be achieved after the full extent of the problem has been identified by undertaking the various steps detailed above. For sales from now to the Year 2000, contractual documents and warranties should be reviewed. Specific provisions dealing with Year 2000 issues should be included in contract documents. If there is a Year 2000 compliance problem, the Suppliers should highlight the issue to customers prior to award of contract. Maintenance and facilities management contracts which continue beyond Year 2000 should be reviewed and where systems are non- compliant a strategy for resolution should be agreed now with customers/users. Suppliers who are Value Added Resellers, Systems Integrators or Distributors should review contracts with their own Suppliers to establish whether any liability can be passed to them for claims arising out of Year 2000 with compliance. This Legal Briefing outlines some of the legal issues relating to Year 2000 non-compliance. It is not intended to be exhaustive, nor can it provide the detail necessary to give legal advice or guidance in relation to any specific problem. Legal or other appropriate advice should be sought in relation to any specific problem. If you require any assistance, please contact Shonaig MacPherson. Disclaimers Reproduced by ComLinks.com with permission of the Author & Copyright Owner |
