I get several Y2K-related queries from nontechnical folks almost daily. People genuinely confused and truly afraid because for the first time in their lives they are not sure they can trust the technologies they place great faith in, and yet, do not understand. In fact, according to one study, the U.S. public rates its overall confidence in high-tech companies more than seven time greater than its confidence in banks and churches.
Many of the industry's dirty little secrets may soon be revealed. You know the ones about the extremely high rates of canceled and late IT projects, the abysmal level of software quality practices, the persistence of Y2K problems in many of the newest software and hardware offerings from our supposedly best and brightest companies, and the bewildering ambiguity that clouds nearly every so-called "year 2000 compliance and/or disclosure" statement.
And wait 'til they find out about the concerted effort to get federal legislation that will give Y2K get-out-of-liability-free rights to all those who misled and lied to customers, did too little too late, underfunded Y2K projects, and strived to know as little as possible about Y2K in their enterprises while deluded by some idiotic fantasy about ignorance somehow being a good defense in court.
Potential fallout from Y2K problems will put our credibility to the test of fire. Let's face it. Good intentions aside, computing professionals created the Y2K problem. Notwithstanding varying degrees of complicity by engineers, auditors, accountants, users, management, and others, the simple fact is that the code is broken and the code is the responsibility of the computing profession.
The extent to which this broken code causes inconvenience and disruption will largely determine the degree to which the public's high opinion of the high-tech industry will falter. Much like when a young child gets in trouble, a parent's trust becomes somewhat qualified and certain reactions, restrictions, or punishments may apply.
Of course, there are always mitigating circumstances. Things like if the child tried to make things right before the wrong was discovered and their degree of honesty once the cat was out of the bag.
Generally speaking, the high-tech industry is not doing well on either of these as far as Y2K goes. Despite manufacturer claims to the contrary, four out of five available software products are reportedly still not really "Y2K compliant" (whatever that term means). Indeed, the FDA recently published a 12-page list of hundreds of medical device manufacturers that refuse to disclose the Y2K status of their products. Moreover, top executives in high-tech industries are not doing anything to publicly promote awareness, demonstrate management support, or indicate the seriousness of the risks associated with Y2K (with the exception of Andy Grove admonishing the federal government's Y2K efforts and Scott McNealy's somewhat self-serving comment to stockpile computers). It all reminds me of a child hiding a broken vase under the bed. Eventually, Mom's going to find it.
Legal questions aside, computing professionals have an ethical obligation to respond to the Y2K problem, not only by fixing it, but by speaking out about it. This applies in their organizations as well as in their larger communities.
The ACM Code of Ethics (www.acm.org/constitution/code.html) was adopted in October 1992. It stipulates "general moral imperatives" and "specific professional responsibilities" for computing professionals. Several provisions of the ACM code indicate we do have an ethical obligation to act on the Y2K problem in terms of fixing and disclosing it.
Consider General Moral Imperatives 1.1 and 1.2, which state "An essential aim of computing professionals is to minimize negative consequences of computing systems, including threats to health and safety" and "The computing professional has the additional obligation to report any signs of system dangers that might result in serious personal or social damage." Specific Professional Responsibility 2.5 goes on to point out that "Computer professionals are in a position of special trust and, therefore, have a special responsibility to provide objective, credible evaluations to employers, clients, users, and the public ... any signs of danger from systems must be reported to those who have opportunity and/or responsibility to resolve them."
Potential fallout from Y2K problems will put our credibility to the test. Good intentions aside, computing professionals created the Y2K problem.
The bottom line is that the lack of a timely, effective response to the Y2K problem compromises systems quality, and it may cause serious harm to stockholders, employees, customers, trading partners, the general public, or other organizational constituents.
We computing professionals still have better than eight months to salvage some of our credibility and reputations. I see four primary avenues for us:
The lies and half-truths of those who want Y2K to be a disaster, as well as those still in denial, need to be counteracted by credible candidness. High-tech professionals are in a unique position to promote this in their communities. We need to become more knowledgeable ourselves and then reach out and offer our help to community leaders and civic groups in helping them get information, reduce risks, and make contingency preparations. In trying to manage the steady stream of queries, I've developed several canned responses. Feel free to share the following one with anyone you feel might benefit from it.
Much misinformation and much disinformation on Y2K are available everywhere. The issues are complex and, thus, prone to oversimplification, understatement, and overstatement. No one has a monopoly on the truth.
Despite all the rosy predictions, remember that the irrefutable fact is that most large information system projects are late. In light of the views of those who subscribe to worst-case scenarios, remember the world is not as simple as they suggest and people are not as inflexible. Nevertheless, preparations are needed both to prevent and deal with Y2K problems and eventual difficulties. I don't know the future. Much of the information needed is specific to each community and difficult to get. Focus your information-gathering and preparation efforts on your household, your family, your neighborhood, and your community. I find www.y2k.gov a good place to keep up on the official reports of various industry and government groups, although I believe what you need most is specific information about your own community. The press clipping service at www.year2000.com/ articles/articles.html is also very helpful. Both are free of charge.
The Red Cross Y2K personal preparation guide is a good place to start as far as what kind of preparations are needed (www.redcross.org/disaster/ safety/y2k.html). Generally, such sources recommend considering preparations from 3 to 14 days. This is prudent preparedness advise at all times. FEMA (www.fema.gov/y2k/) is a good place to get free information on Y2K as well as personal preparedness (see their general-purpose personal preparation guide at www.fema.gov/pte/prep2.htm).
Work together with others in your community and follow the recommendation in the recent report of the House Subcommittee on Government Management, Information, and Technology: "Citizens should demand information on year 2000 readiness from their state and local governments, their utility companies, and other organizations upon which they are dependent" (see www.house.gov/reform/gmit/y2k/y2k_report/Isummary.htm for details).
But be diligent as there are no agreed-upon definitions of what is meant by terms like "year 2000 ready" or "Y2K compliant." If the risks to the well- being of your community are great enough, demand access to test results and independent verification. Y2K will not be painless, but we can work together to reduce the degree and duration of that pain.
Leon A. Kappelman
The ACM Code of Ethics makes it clear that computing professionals have a duty to maintain systems quality, minimize systems risks, and report signs of danger to those in their organizations and their communities who have the power and responsibility to resolve them (that is, higher levels of management).
While the specific responsibilities of computing professionals are not as clear, the code suggests that at a minimum computing professionals have the duty to communicate Y2K risks to management and other affected parties and to urge action, such as seeking the necessary resources to address this issue in a timely, effective manner. The failure of computing professionals to do this would appear to constitute professional negligence by demonstrating a lack of reasonable care in the performance of professional tasks.
Y2K may mark the long-overdue end of the public's unquestioned faith in high technology. But the reputation and credibility of computing professionals need not suffer if we do the right thing now. The choice is oursand we will all make that choice. Our ability to react in the face of immediate problems has been one of our strengths. Whether we have the capability to be proactive in the face of eventual problems remains to be seen. Time will surely tell.
©1999 ACM 0002-0782/99/0500 $5.00
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee.
The Digital Library is published by the Association for Computing Machinery. Copyright © 1999 ACM, Inc.
No entries found