The problem itself requires no introduction. Many have already tuned out, tired of hearing about it. The expected claims arising from the so-called "Millennium Bug" are, initially, bound to follow the pattern of latent product defect litigation. From silicone breast implants to Urea Formaldehyde Foam Insulation, when enough time elapses from the original high expectations to the sensational heartbreak, the mind naturally turns to allocation of blame. The computer industry has cowed the rest of us with its frontier culture. En route to the edges of the earth on the "Information Autobahn," the software mandarins of this same industry universally neglected, forgot, or kept quiet, a very simple problem with immeasurable consequences. The perception also exists that those who created the problem in the first place are cashing in now, before they face being sued next year.

Because the promises of the technology were diametrically opposed to the impending disaster, those who will incur or indemnify for enormous software repair bills, business meltdowns, or property loss, will be looking for others to bear the costs. Yet, unless they scrutinize the commercial foundation of the computer software industry, many in the insurance community and the legal profession may be in for some further surprises.

The legal "experts" in the field have to date largely been "information technology lawyers," corporate lawyers who have largely helped institutional clients dig legal moats around their clients' millennium exposures into which, no doubt, many others will be falling starting next January. Along come the copyright lawyers who have already started to point out that most of the world's end-user attempts to repair the Millennium Bug will be illegal. The litigation lawyer, on either side of the plaintiff/defence divide, is trained to see a chain of causation. However, as we shall no doubt see, the damages resulting from Millennium Bug problems will resemble traffic pile-ups where the driver responsible escapes from the scene, oblivious, or insensitive to what has happened behind him.

Check the standard end-user licence certificate that came attached to your.shrink-wrapped computer program. The act of tearing the package open triggered your acceptance of a nonexclusive software licence which sets out the legal rights and obligations between you and the manufacturer. It is the most effective contract of adhesion ever devised. The lawyers who drafted the disclaimers printed on parking lot tickets must still be shaking their heads. As with any licence, the agreement you have entered into permits you to install one copy of the program on your computer or on a network, if you have purchased a network version at a higher price.

The legal effect of the licence, contrary to what you may have expected, is that you have not, in fact, purchased the computer program per se but only the privilege of using it and of allowing it to take up increasing amounts of space on your hard drive. Ownership of the program, even in your computer, remains with the manufacturer. This standard practice is not restricted to mass-market software, but is prevalent among most independent software programming companies. This is the crucial difference between the impending Millennium Bug litigation and traditional product liability cases, because no product is actually purchased. For this reason, it is unlikely that common-law notions of the fitness of goods, the provisions of the Sale of Goods Act, or other consumer protection laws, will be of much use against a software manufacturer.

This legal nicety is of enormous importance when a party or insurer is considering a claim or subrogation action against a software manufacturer for consequential damages arising from the failure of a computer program. Probably all sophisticated software manufacturers will have included in the shrink-wrap agreement an exclusion of tort liability, and most smaller companies will have included the same in their service contracts. The Supreme Court of Canada, in Central Trust v. Rafuse (1986), 31 D.L.R.(4th) 481, [1986] 2 S.C.R. 147, at 522 D.L.R., held that obligation under tort can be excluded by contract by means of an express exclusion or limitation of liability. As a consequence, remedies available to the user of the software are usually restricted to the limited warranties drawn up by the manufacturers, usually to perform substantially in accordance with instruction manuals and to be free of defects for up to one year. These licence agreements, which prohibit unauthorized copying or distribution, also serve to protect licensors from public liability for consequential damages to other parties. Absent fraud or an express warranty that the software will be capable of processing dates beyond Dec. 31, 1999, the provisions of a well-drafted software licence can be conclusive in absolving the software manufacturer or programmer of negligence.

What will be the effect of this on the litigation strategy of insurers? Many of the cases will be cascading "commercial" disputes, triggering parties' rights under contracts, and thus carried on without recourse to insurance. A further volume of potential claims will have been averted by the rewriting of C.G.L. policy declarations on renewal, but we can count on some being caught out and facing exposure. Underwriters who have issued policies specific to the adequacy or completion of Y2K-compliance measures will, no doubt, expect to see claims filed against those policies. ("Y2K" is the popular shorthand for the year 2000.) A surprise awaits any of these Y2K-compliance insurers and others who face exposure to tort litigation within the above metaphor of the "pile-up" on the information highway. Subrogation against most prudent software manufacturers will likely not be an option. Because of the relatively esoteric nature of copyright law (even among members of the bar), count on many advising in favour of subrogation along the lines of the traditional product liability cases, where no such remedy is available. This having been said, some advice to the brave on subrogation against software manufacturers is provided later below.

To the extent that negligence is pleaded against the software manufacturer, their insurers should expect to see these companies exercising their rights under the duty-to-defend provisions of their general liability policies. These defendants, armed with these defences under their licensing agreements, will nevertheless be confronted with tactical choices of their own, also as described below.

Copyright lawyers have been quick to point out that the steps taken by companies to eliminate the Millennium Bug from their computer systems must be carried out with the prior consent of the software programmer as the owner of the copyright.

The legal reasons are rather technical. Alteration of the program is usually prohibited in licence agreements. The operation of this prohibition stands alone as a contractual obligation. Some licences, however, are drafted with reference to "applicable law," which refers to local copyright statutes. It is one of the recurrent principles of this area of law that if you modify, supplement or reverse-engineer a protected work, design or intervention, a new version is deemed to have been created which, by substantial reproduction of the original, infringes the rights of the owner. For this reason, attempts to modify software without such prior consent may constitute copyright infringement. It may also constitute infringement of the author of the program's right to preserve its physical integrity as a "literary work," of which computer programs are a subcategory. All of this appears to be so despite section 30.6 of the Copyright Act, R.S.C. 1985, chap. C-42, as am., which permits necessary modifications of the software to enable it to be used on a particular computer. Due to an unfortunate drafting error or anachronism, this statutory permission is extended only to "a person who owns a copy of the computer program that is authorized by the owner of the copyright." As discussed, most software end- users are licensees, not "owners" of a "copy." This provision has not yet been judicially interpreted, but we can trust it will be the subject of litigation in the near future.

It is unlikely that, pressed to meet Y2K-compliance targets, many have seen obtaining the consent of copyright owners as a priority. At first blush, it may be hard to imagine why such consent would be refused. Apart from the chequered customer relations history of the software industry, there is good reason for its members to adopt a stance which may appear unreasonable. Taking legal counsel, a software manufacturer might do so for the reasons similar to that of other product manufacturers who discourage repair or servicing of cars or appliances by unauthorized contractors. The act of authorizing a third-party consultant or the end-user's employees to modify software may expose the manufacturer to liability where there was none before, if the program, unmodified, were allowed simply to expire at the end of the century. The exposure stems from the fact that such consent would occur after the effective date of the software licence, and the manufacturer's consent to unsupervised activities of a third party could negate the limitations or exclusions of liability so carefully expressed in the licence. Furthermore, consent to modification may also be construed as evidence going

to the formation of the contract, and may thus increase the exposure of the software company. Such evidence of subsequent conduct might support the argument that, despite the express wording of the agreement, the reasonable expectation of the consumer was that the program would function beyond Dec. 31, 1999.

From a public-relations perspective, the business tactics of software manufacturers have ranged from stellar to dismal. Some have provided product upgrades free of charge. Others have required end-users to purchase upgrades and have refused to fix Y2K non-compliant software. Among the latter, at least two are now facing class actions in California.

Those who defend software manufacturers against law suits, either in contract or in tort, will face some difficult choices arising from the commercial context in which their product is distributed. If the defendant is confident in its contractual immunity against the claim for damages consequential to a Millennium Bug problem, it may choose to defend a further claim for the plaintiffs costs of implementing a compliance program on the basis that modifications are unlawful and not compensible. (The court will not award damages for the cost of doing something expressly prohibited by contract or by statute.) The defendant must therefore ensure that its rights under the licence agreement and the Copyright Act to prohibit modification are enforceable. Moreover, it is also arguable that a defendant who has consented to modifications has waived this defence.

The foregoing position is a hard line and not without its risks. In the provincial superior courts, where tort and contract claims will be brought, the judge would require any defendant who has hindered a plaintiffs genuine efforts to mitigate damages to have an iron-clad defence. (The Federal Court of Canada, which has concurrent jurisdiction in copyright matters, will have extremely limited jurisdiction to hear this type of action.)

On the other hand, if a software manufacturer chooses to waive its contractual and statutory rights to prohibit the Y2K compliance work and participate in the compliance program, this tactic may be seen more favourably by the courts or avert litigation altogether. However, getting involved in this way may impair the defendant's overall legal defences.

Litigation involving software manufacturers and programmers, no matter which side one is on, involves a careful analysis, not only of liability, but of damages. If catastrophic damages might ensue if the defendant does not help in the Y2K-compliance program, it may not be prudent to take a hard line on infringement. However, the cost of the remedy or prevention may be higher than the consequential damages. The defendant may be faced with a claim exclusively for the repair cost, having suffered, in retrospect, no other damages. In that instance, there may be no choice but to defend on the grounds that the repair was not compensable because of illegality. Plaintiffs are then bound to counter with an argument based on economic necessity.

Computer programmers specializing in the world-wide Millennium Bug eradication project are in short supply. There is no regulation or professional body requiring the purchase of E. & O. insurance. Despite the admonition of lawyers to companies, because of market pressures it is only the foolish or very well compensated consultant who will expressly agree to have any of the burden of achieving full compliance by Jan. 1, 2000, shifted to him or her. This means there is no way to tell whether anyone's Y2K-compliance program will have been successful until it is too late. Insurers are likely to have uncertain success in asserting subrogation claims against these consultants, who may or may not be insured. Those who do insure the consultants, however, should brace themselves for the coming storm.

The right of subrogation is usually exercised when an insured loss can be attributed to the fault of a third party, or when the public liability of the insured for another's loss can be claimed over against yet another, for contribution or indemnity. It is not only beyond the scope of this paper to catalogue the types of loss exposures facing insurers. The exercise itself may be beyond imagination. Take, for example, the Chinese government's recent order to airline executives to be in the air on the first day of the new millennium. What if one of the airplanes, leased from a multinational supplier, should collide with another because of malfunction in its navigation computer? What if the fault was not in the airplane's navigation system, but in air traffic control in a Canadian airport? Who pays the wrongful death damages to the executives' families?

Investigation of the subrogation rights against software manufacturers and computer programmers arising from loss or liability related to a Millennium Bug must start with the investigation of a specialized set of facts. Some potential Achilles' heels among software companies include:

• Care and Control

Many industrial and commercial software providers also enter into service contracts for the maintenance and upgrade of their product, as installed in the end-user's system. The terms of such service contracts may attract a separate duty beyond the original software licence and limited warranty.

Conclusion: Back to the Future for Lawyers

Lawyers expecting a litigation bonanza arising from Millennium Bug failures will probably not be disappointed. Any factor which generates friction or risk in the real world will provide work for them, and the Millennium Bug is bound to do this, whether or not anything actually happens on the Day After. We are reminded most recently by the aftermath of the real estate boom of the 1980's, and chastened, that a bull market in legal services is also often followed by professional negligence claims. Despite an obvious learning curve on the technical details, the facts are easily mastered. The law, however, will be littered with traps. The standard of care will require counsel consulted to provide advice and representation in this area to exercise some interdisciplinary skills.

Some of the millennium claims will be against lawyers themselves, starting from missed limitation periods resulting from malfunctioning tickler systems, to drafting errors on commercial agreements designed to protect against Y2K exposure. Many professionals, corporate directors, and securities dealers, face like exposure. Insurers, generally with little stomach for speculative litigation, will not appreciate being drawn into a subrogation action against a software company which is then summarily dismissed on the exclusions contained in a standard shrink-wrap agreement. It will also tax the vigilance and resources of an in-house counsel to help his or her software company to decide whether to get actively involved in end-users' Millennium Bug problems or to suffer intentionally a public-relations disaster. Remember that the times are rife with Nostradamuses everywhere, and not just on the Y2K bandwagon. It will take more than a day's work to ensure that you're not caught in a position where one of them can say, "There, I told you so!"