[Congressional Record Volume 142, Number 129 (Wednesday, September 18, 1996)]
[Senate]
[Pages S10871-S10873]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
``COUNTDOWN TO A MELTDOWN''
Mr. MOYNIHAN. Mr. President, this past Sunday, September 15,
1996, the Outlook section of the Washington Post contained an excellent
article, ``Countdown to a Meltdown,'' by Lanny J. Davis, an attorney
with the firm of Patton Boggs, L.L.P. The article concerns the Y2K
problem, as the computer literate refer to it. What happens to the
internal clocks and software of the Nation's--indeed, the world's--
government, business, and personal computers at 12:01 a.m. on January
1, 2000, when they need date code space for four digits, rather than
two? Will the computers crash? Will they assume the year is 1900? Mr.
Davis quotes one industry expert as calling the Y2K defect ``the most
devastating virus ever to infect the world's business and information
technology systems.'' Estimates of the cost of fixing this defect range
as high as $75 billion--if we act expeditiously. The longer we delay,
the more costly the solution.
On July 31, I wrote to the President concerning this problem. I
offered the following suggestion:
A presidential aide should be appointed to take
responsibility for assuring that all Federal agencies
including the military be Y2K date compliant by January 1,
1999 and that all commercial and industrial firms doing
business with the Federal government also be compliant by
that date. I am advised that the Pentagon is further ahead on
the curve here than any of the Federal agencies. You may wish
to turn to the military to take command of dealing with the
problem.
A general--given the national security implications--to take charge,
to determine what the Federal government must do to respond to this
looming menace, and how it ought to go about doing it. I put a copy of
this letter, along with the summary of a Congressional Research Service
(CRS) report I requested on the subject, in the September 5
Congressional Record.
I will introduce legislation shortly to establish a commission to
investigate the problem and suggest remedies. There is not much time
left to resolve it. The consequences of procrastination, as the
attached article indicates, are grave indeed.
I ask that the article, ``Countdown to a Meltdown,'' appear in the
Record at this point.
The article follows:
[[Page S10872]]
[The Washington Post, Sept. 15, 1996]
Countdown to a Meltdown
Before the Year 2000, We Have to Spend Billions to Fix a Very Strange
Glitch
(By Lanny J. Davis)
In the classic '50s science fiction film ``The Day the
Earth Stood Still,'' an alien lands his flying saucer in
front of the Washington Monument and demands that the
earthlings destroy their nuclear weapons. When they doubt his
powers, the alien gives them a demonstration. At noon on a
designated day, he eliminates all sources of energy on the
planet, from electricity to water power to gasoline. Cars
stop. Trains stop. Telephones stop. The lights go out.
At 12:01 a.m., Jan. 1, year 2000--or the ``Y2K,'' as
computer aficionados refer to it--the world won't exactly
``stand still.'' But it could come close unless the world's
major governments and businesses start to fix their computer
systems right away.
The general public knows Y2K (for Year Two Kilo--the Greek
prefix kilo meaning 1,000) as the ``Year 200 Problem.''
Although it's finally beginning to get some attention, there
is still little sense of urgency because it is seen as three
years away. But the fact is that for some institutions,
including parts of the federal government, it will very soon
be too late. We could end up with a real catastrophe that
could affect many people's lives around the globe in annoying
and profound ways.
The reason is simple: Virtually all computers used by
business and government won't know what to do when their
internal clocks try to switch from 1999 to 2000. They'll go
haywire. (Most newer personal computers for home use will be
unaffected.)
The problem is that computers (and the software inside that
tells them what to do) are programmed with only the last two
digits in the year being variable, i.e., 19XX. But when the
clock moves to 12:01 a.m. on Jan 1, 2000, the computer's
program will need code space for four digits. One of two
things will happen: The computer will cease functioning
(``crash''); or more likely, it will change the last two
digits from ``99'' to ``00,'' thus causing the computer's
internal calendar to register as if the current date is Jan.
1, 1900.
There is a solution, but it is time consuming and costly.
Current estimates for business and government range from
$50 billion to $75 billion--and will only increase as 2000
draws closer. Unfortunately, the alternative is unthinkable.
One industry expert has called the Y2K defect ``the most
devastating virus ever to infect the world's business and
information technology systems.'' If the problem isn't fixed,
here are just some of the things that will happen:
Vital military and defense systems will shut down.
Taxpayers will receive notices from the IRS saying that
they owe millions of dollars in back taxes.
Banks will shut off credit and send foreclosure notices to
millions.
Social Security, Medicare and other government benefit
programs based on age will not function, as the computer
determines, for instance, that retirees are minus 35 years
old, instead of 65 (take the year 1900 and subtract their
birth year of 1935). Millions of workers will not receive
their pension checks.
Thousands of airplanes all over the world will be grounded
when records show that maintenance has not been done for 100
years.
For the same reason, prison records will show criminals
overdue for release.
The economic and political ramifications of this issue are
immense. Kevin Shick, research director of the Gartner Group,
a consulting firm that developed early expertise on this
issue, told the House Information and Technology subcommittee
in April that it is highly probable that 90 percent of all
computer program applications in the world are dependent on
the correct date being recorded.
The questions are: How'd we get into this mess? Who's to
blame? What do we do about it? Who's going to pay to fix it?
A major sub-industry has arisen in the last few years to
correct the problems. There are many small software houses
and consulting companies that have developed ``software
for the calendrically challenged'' and other ``tools'' to
address the problem. And such giants as Oracle, Computer
Associates, IBM and Arthur Anderson have shown interest in
assisting companies to solve the Y2K problems, often at
costs in the tens of millions of dollars or more.
Experts differ on the extent of corporate America's state
of readiness for the Y2K: The computer magazine Datamation
estimated that, as of last year, more than two-thirds of the
companies that use mainframe computers at least has a team in
place to consider how to deal with the problem. However the
Gartner Group's Schick says that only 17 percent of the
companies have sought the necessary outside help.
Governments are waking up, but slowly. At a recent Y2K
conference in Austin, an industry expert warned that fewer
than 25 percent of state government systems will be ready.
One of the first public officials to take notice of the
problem, Sen. Daniel Patrick Moynihan (D-N.Y.), is just now
planning to ask President Clinton to appoint a blue ribbon
commission to study and make recommendations on this issue.
They're going to need to work fast. Recently, the Securities
and Exchange Commission announced that it may promulgate
rules requiring public companies to detail their readiness
for the Y2K.
One reason for the urgency is that this is not a simple
problem to fix. There are three options: replace all old
software, which would likely be prohibitively expensive;
modify the software's two-digit year code to a four-digit
code, with instructions that 2000 follows 1999, which would
require the location and correction of every ``time field''
in millions of lines of code in every software and hardware
system; or program the computer so that, when faced with two
double-zero dates, it chooses the more logical of them.
For example, a computer can be told that a 1996 driver's
license with a five-year term has expired in the year
2001, even though the internal clock reads 1901. This last
solution seems on its face the simplest, and cheapest.
Unfortunately, it doesn't do the job in most instances.
For example, if the issue is knowing the person's age, the
computer has no way of knowing whether someone born in the
year 2002 is 2 years old or 102 years old.
Finding a solution that identifies and corrects all Y2K
defects may well prove impossible. Certain programs were
deliberately written in obscure programming languages. In the
Pentagon, for example, many of the codes were uniquely
written by one or two individuals using top-secret technology
and cannot be addressed by off-the-shelf software.
Even for the best technicians, the nightmare is finding all
the Y2K defects in a computer system. For instance, the dates
themselves have been expressed in a variety of ways by
programmers--December 12, 1945, 12 December 1945, 12-12-45,
etc. All conceivable methods of expressing those date fields
must be located and corrections made. If only a few have been
missed, it can cause a ripple effect through a computer
network, leading to a crash.
The solution is time and money.
But why should those who bought computer products be left
with the tab for cleaning this mess up? Wasn't it obvious
when software was being written that at some point the year
2000 would come? Why didn't programmers anticipate the
problem and deal with it?
As one leading Y2K commentator, Warren Reid, notes: ``The
Year 2000 problem was caused by shortsightedness and human
error.'' One thing is certain--there is plenty of blame to go
around.
Programmers and software houses say the main reason was
cost. George Munoz, chief financial officer of the Treasury
Department, testified recently that in the early 1980s, when
most of these systems were being developed, memory was
expensive and the cost of adding another two digits to every
date field would have been considerable. Thus, he and other
industry experts explain, programmers decided to save the
money and make the fix when 2000 got closer.
For this reason, many in the industry suggest that
responsibility for the Y2K problem is not assignable. As
Munoz testified in April: ``Did this problem arise because of
someone's negligence? To this, we emphatically respond: No.''
But if that is the ``no fault'' explanation, why weren't
the purchasers and licensees of these software programs and
computer systems at least informed about the coming problem?
Why weren't they allowed to decide for themselves whether
they wanted to pay then or pay later? And what about hardware
and software sold in the recent years, when memory is much
less of a problem (with today's PCs having more storage space
and processing capacity than many mainframes 30 years ago)?
These questions may get answered in court as businesses go
looking to recover their costs from the vendors who sold them
these products, though no major Y2K lawsuits have yet been
filed.
On the other hand, vendors (and their attorneys) are likely
to remind any customers pressing these theories that they
should have known that when the year 2000 tolled, the problem
would arise. For the most part, the buyers of these big
systems are sophisticated information managers.
Ultimately, the verdict is likely to be that everyone
shares a piece of the blame--both vendors who failed to
inform and buyers who chose to ignore, figuring someone else
would fix it. Perhaps it's human nature: Governments, and
people, are more likely to respond to a crisis than
anticipate it.
Though costs are hard to estimate, they can be
approximated, based on the amount of computer code within a
particular company or government agency. Coopers & Lybrand
has found that on average one of every 50 lines of code
contains a date reference. Each individual application may
contain thousands of lines of code. All software must be
searched line by line; for every million lines of code, nine
to 16 staff years will be needed to correct the problem.
It costs about $1-$2 per line of code, most industry
analysts say. The Information Technology Association of
America, representing the software and information services
industry, estimates the total U.S. cost in the range of
$50 billion to $75 billion. The Social Security
Administration says it will take between $30 million and
$60 million to fix its programs, the Defense Department
over $1 billion. For the state of Maryland, current
estimates for the fix exceed $25 million. Recent hearings
by the House Information Technology Subcommittee found
that when state and local government costs are taken into
account, as well as the various indirect costs of lost
productivity and diversion of personnel and resources, the
public
[[Page S10873]]
sector costs of the Y2K crisis reaches tens of billions of
dollars in the United States alone.
Private sector costs are likely to be as high. The Gartner
Group estimates that a mid-sized company with 8,000 computer
programs will spend between $3.6 million and $4.2 million to
repair ``date challenged'' software.
Who's left paying the bill? Surprise: first and foremost,
the taxpayer. Then, either in the courts or by negotiation,
the rest of the pain of solving the problem is likely to be
shared by vendors, users and consumers. And the longer a
company or an agency waits, the more it will cost. At the
start of 1999, the cost will be three times that of starting
today, because the supply of trained programmers able to fix
the problem will not keep up with demand.
Once the alien in the movie made the Earth stand still, he
convened the leaders of the world to a meeting in front of
his space ship. The Earth's leaders told him they now
believed in his powers and promised to destroy all the
planet's nuclear weapons forthwith. But as soon as the alien
left, they went back to their old habits of building more.
The real-life inhabitants of a planet that is so dependent
on computers might take a lesson from that. Having let the
technology experts put one past us this time, we shouldn't
let them do it again.
____________________