Winter 1999
Vol. 17, No. 1

Contents:

Marsha Woodbury
Y2K: The Broad View

What does it mean for a computer professional to be socially responsible about Y2K? Not, I submit, a simple question. On the one hand, Y2K is a real problem with potentially life- and safety-threatening consequences for a considerable number of people. Thus, social responsibility by computer professionals requires them to publicize the dangers and, for those in appropriate professional positions, to do everything possible to alleviate the dangers. But on the other hand, fomenting unnecessary fear, even hysteria, about Y2K is, has been and will be socially irresponsible. Finding the line between these is not trivial.

I am told that recently a televangelist in the U. S. claimed that the Y2K problem is the work of Satan and that the great calamity which would result from it is among those actually mentioned in the Book of Revelation. We may--and probably should--laugh at such idiocy. But are we sure that the genesis (no pun intended) of such predictions is not perhaps the result of excessive hand-wringing about Y2K? Then there are those, including, sadly, some computer professionals, who are already storing food or making plans to retreat to cabins in the woods because of the awfulness that will occur on 1 January 2000. Whatever may occur on that day--and, I repeat, there could be some very serious effects, indeed--does any sane person really believe in such an apocalyptic vision of what may happen?

I don't pose as a technical expert on Y2K or, for that matter, on much of anything else. Although at one time my knowledge of computer systems might have merited the expert label, those times are long past. Still, it is hard not to wonder whether the doomsayers have got it right or are even in the vicinity of being right, given the flimsy evidence to support their predictions of trouble or the cost of averting that trouble. Perhaps it is true that, for example, Citibank is planning to spend $600 million on avoiding Y2K problems but, even if this estimate proves anywhere near correct, it is surely true that some (much?) of these funds will be used for normal software maintenance and upgrades.

In the health, transportation (particularly airline), and utility sectors of the world economy, we should all hope that successful efforts will be made to make systems Y2K compliant since failure might well put lives at risk. A similar stricture is in order for production facilities where sudden shutdown could endanger life. And, although the risks seem to be somewhere between minimal and nonexistent (except, perhaps, in Russia), steps should and surely are (see F.A.S. Public Interest Report, Journal of the Federation of American Scientists, July/August 1998) being taken to ensure that nuclear weapons systems are Y2K compliant. Beyond these areas, however, the risks are almost entirely financial and, while these risks should not be taken lightly, most are probably better approached by benign neglect than by major expenditures before the fact. Indeed, a socially responsible position on Y2K suggests the following triage: work flat out on making life- and health-critical systems Y2K compliant, make appropriate effort when major financial interests are involved, but otherwise, see what happens on 1 January 2000 while making preparations for anything that might go wrong.

The last category surely involves the vast majority of all situations. Moreover, very few such systems will prove to be Y2K noncompliant on 1 January 2000. Almost no one believes any more, for example, that credit cards with expiration dates in 2000 will cause trouble. And even when problems do occur--with bank accounts, for example--they will be short-lived and relatively benign. Some people have suggested that "bank accounts could be wiped out" (The Times, London, 6 November 1998) but, given standard system backups, to say nothing of personal records, such an eventuality was never in the cards.

I seem to have detected a lessening in recent months of what can only be called the Y2K hysteria. As Anthony Finkelstein has written, "The vast majority of these stories [about forthcoming Y2K disasters] are irresponsible scaremongering" (London Daily Telegraph, 1 April 1998). Examples of such scaremongering are predictions that those made "cold, hungry and unemployed" (Stuart Umpleby, Internet distribution, 7 July 1998) in other countries by Y2K will view Americans as scapegoats, since Y2K may make Americans relatively even wealthier than they are. Senator Robert Bennett (Republican, of Utah) has even suggested that one result of Y2K will be the largest wealth transfer in history "from noncompliant firms and countries to compliant firms and countries" (Stuart A. Umpleby, op cit). Or how about: "Y2K is probably the biggest problem our nation has faced in 100 years" (J. Wise, email to Harlan Smith, 19 July 1998)?

Indeed, it seems to be true as I write that real empirical evidence about serious potential Y2K problems is still (almost?) totally lacking. What have been the costs of Y2K fixes already made? What Y2K problems have been found which, if not corrected, would have caused serious threats to life, health, or wallets on 1 January 2000? Perhaps it is the absence of such data that has resulted in reduced anxiety; if good data on costs and problems are not available, perhaps the problem is less serious than thought only several months ago.

Since incompetence is a kind of social irresponsibility, CPSR members should be particularly concerned about how Y2K reflects on computer software professionals and, it must be said, on those who taught them. It may be that little blame can be attached to the Cobol programmer who wrote a non-Y2K-compliant program in 1966. But any program written later than, say, the mid-1980s that was not Y2K compliant was written by an incompetent programmer. And buying any such program was a sign of incompetent management. Is the software industry as incompetent as the furor about Y2K would imply?

Of particular note here are embedded systems, partly because there are so many millions of embedded chips and partly because so many of them are in online systems whose failure would generally be more serious than in business information systems. Very few, if any, of the chips in embedded systems were programmed so long ago that it would have been forgivable to ignore Y2K. On the other hand, probably very few such systems are Y2K noncompliant because "most [chips in such systems] do not have a clock function" and, of those that do, many "only measure time intervals between events without reference to days, weeks, months or years" (Alastair McIntosh on Silicon Investor Website, 3 May 1998). This is another Y2K issue for which it would be nice to have some data rather than just claims on both sides.

Y2K presents many challenges to CPSR. In addition to those mentioned heretofore, there is the need to educate the public generally, since many of the more hysterical reactions to Y2K stem from the fact that, despite the ubiquity of computers, "people do not understand software" (Anthony Finkelstein, The Engineer, 1998). As Marsha Woodbury noted in the fall 1997 issue of this newsletter, "Leadership is needed to raise public awareness of the year 2000 problem without causing panic." That is surely as true now as it was over a year ago.

Tony Ralston is Professor Emeritus of Computer Science and Mathematics at SUNY at Buffalo and an Academic Visitor in the Department of Computing, Imperial College, London, U.K. Dr. Ralston is also a long-time member of the CPSR Advisory Board. He can be contacted by email at ar9@doc.ic.ac.uk.

CPSR Home Page

You can send comments or questions to newsletter@cpsr.org.
Last modified: Sunday, 14 March 1999.