HC Deb 06 June 1996 vol 278 cc813-20

Motion made, and Question proposed, That this House do now adjourn.—[Dr. Liam Fox.]

10 pm

Mr. David Atkinson (Bournemouth, East)

This is my second attempt to raise a matter that should concern everyone who has or uses a computer. Thus it is one that will concern most businesses and all Government Departments, not just in this country but throughout the world. It is the effect that the change of date at the turn of the century, from 1999 to 2000, will have on computers. Quite simply, if they are not prepared, they will fail.

Articles in computer magazines and, more recently, in the national press have sensationally described the situation in terms such as "Millennium Meltdown", "Catastrophic Computer Crash" and "Doomsday 2000", and I have been prompted to pursue the matter in the House. I asked a question of my right hon. Friend the Prime Minister last December; I have sent a series of written questions to every Government Department—most recently, to my hon. Friend the Minister for Science and Technology; and I have corresponded with my right hon. Friend the Prime Minister. It appears that I am the only hon. Member to pursue the matter thus far, and the publicity that I have provoked has produced expressions of relief that, at last, someone is doing something.

I am pleased to have the opportunity tonight to enlarge on the problems, and I am sure that I am not the only one to look forward to the Minister's reply. I fully confess to being computer illiterate, a fact which may become even clearer during my speech, although I value the immense advantages that computers provide, and over the years I have been blessed with staff who have been fully educated to take advantage of them.

Computerisation of our parliamentary offices has enabled us, as Members of Parliament, to increase our throughput a hundredfold and has improved our ability to communicate with and respond to our constituents efficiently and effectively. No doubt those improvements will be as nothing compared to the promised revolution to come, when we are linked up to the Internet and the World Wide Web.

A constituent came to see me at my surgery last autumn to share his concern that neither business nor Government appeared to be aware of, let alone ready for, the century date change. Even I was able to grasp the potential seriousness of the problem, and my initial inquiries confirmed that my constituent's fears were far from groundless.

All but the most recent computers have been programmed to recognise a shorthand standard date format—dd/mm/yy—with two figures for the day, the month and the year. For example, my hon. Friend the Minister's date of birth would be given as 18/04/45.

Because memory is or was very expensive, programmers economised by cutting out the first two digits of the year—19—to save money and memory. Thus two-digit year dates exist on millions of data files used as input to millions of applications. Therein lies the problem. Those computers will recognise the double zero digits of 2000 as 1900. As a result, all calculations, logic and date-driven processes will fail to function properly at midnight on 1 January 2000. If my hon. Friend's computer does not recognise the century date change, it will show his age to be not 55, but minus 45 in the year 2000. I would not want that prospect for my hon. Friend.

All of us with personal computers can apply a simple test to see whether they will fail at the end of the century. We can set the date to 31 December 1999 and set the time at 23.58. We can switch off the computer and, after a few minutes, switch it back on to check the date. It should say 1 January 2000, but my computer said 4 January 1980. Some 95 per cent. of all personal computers fail that test.

The vast majority of our information systems are based on the original, faulty standard date format, which will cost billions of pounds to reprogramme. One estimate of the cost is put at £400 billion worldwide and £20 billion for this country alone; the cost to the United States Government will be $30 billion. Those costs are rising daily, as the shortage of skills available to undertake the necessary reprogramming and recoding is realised.

There can be no doubt that, unless organisations are prepared and have taken the necessary action, they will face catastrophic consequences, including a disastrous loss of trade and revenue—it is no exaggeration to say that some of them may go out of business very early in the new century. Many of them will have experienced a minuscule taste of what is to come on 29 February this year, as some computers did not recognise the extra leap year date. A piece of medical equipment in a hospital failed to work on that day.

I shall give a few everyday examples to help to explain the wide-ranging consequences of what might happen. The competitive position of many exporting companies will be severely threatened unless they have anticipated the problem in time. Any timetable for a 1999 single European currency will require new computer systems to be in place. Supermarket computers will fail to replenish stocks and will throw out existing stocks, calculating that everything will have gone mouldy on the shelves after more than 99 years. The time locks of buildings will be unable to recognise the correct date, so staff will be locked out and vaults will be open. Trains will not run because their control systems will be unable to say what else is on the track that day. Flights will be cancelled as computers in airport maintenance will have grounded all aircraft because they are 99 years overdue for overhaul.

The turn of the century will have similar consequences for the computers of Government Departments and agencies unless they have been properly prepared—the most obvious being the automatic payment of benefits systems and the pay-as-you-earn system that generates millions of tax returns.

Such a computer failure would affect our system of court orders, the child support maintenance system and car licence expiry dates. Traffic lights and school bells will operate their weekday schedules. Libraries will send out notices of fines for some seriously overdue books, and any programme that prints a date on a cheque or invoice will stop working properly.

The potential for disaster lies most in the financial sector. The interdependency of computers and the complex computer systems used in all financial transactions will create huge problems for City institutions. Even if their own systems have been reprogrammed and are working correctly, other firms with which they are dealing may not have had the same foresight.

A firm may be awaiting the processing of a derivatives contract in Singapore which, if not correctly processed, may undermine that firm's short-term liquidity. The huge sums that are transferred every day in settlement of bond, equity, trade or foreign exchange flows bring the danger of a systemic breakdown of the banking settlements system, which could lead to temporary liquidity crises, and perhaps bank failures.

London, as we know, is the centre of the global financial services industry, so it is vital that the UK takes a lead on this issue. Most major financial institutions will, I hope, have their systems in order on time, but interrelation of the industry means that all firms will have to be made aware of the seriousness of the problem. What assurances or policy proposals has my hon. Friend received from the Bank of England, the London stock exchange, city regulators and the European central bank to prepare the markets for 2000?

Last month, I tabled written questions to every Government Department to find out how they are responding to the problem. I was encouraged to learn that most Departments seem to be aware of it, but not all are treating it with the seriousness that it deserves. Many of the replies I received showed undue complacency.

I hope that their confidence is justified and that, with the advice of the Central Computer and Telecommunications Agency—CCTA—and computer suppliers, they will be prepared for the century date change. However, because public sector systems are in general larger and older than those in the private sector, I should like to know my hon. Friend's understanding of the percentage and the number of Government computers that will need to be reprogrammed or replaced, and his estimate of the cost involved.

As my hon. Friend knows, I also tabled a question on his Department's recent survey of the problem in this country and the action that it will take to alert and help businesses to respond to it. In his reply, he said that the survey revealed a high level of awareness amongst IT directors of organisations."—[Official Report, 8 May 1996; Vol. 277, c. 152.] How does that square with newspaper reports that only 8 per cent. of businesses have conducted an audit to assess the extent of the risk, and that more than 90 per cent. are failing to deal with it?

A recent survey of IT directors of major UK firms undertaken by the magazine Computer Weekly shows that most large firms are aware of the problem, but most are still undecided what to do about it. I look forward to learning from my hon. Friend precisely how the Government are alerting business to the problem and precisely what help and advice will be available, especially to small businesses, which I imagine will find responding to the problem much more difficult than larger corporations.

As one of the essential messages seems to be that the chain is only as strong as its weakest link, and most computers are dependent on others, it is not enough to adjust one's own computer and rely on others to do the same. Inevitably, there will be those who will not respond.

Is the problem not serious enough to contemplate, as the Singapore Government are doing, the introduction of statutory guidelines for businesses to follow? Perhaps we should consider following the example of the United States, which recently held congressional hearings on the problem. I urge my hon. Friend to read the testimony from that hearing, as it makes very interesting reading as well as being alarming.

Fortunately for us, it appears that, because ours is a more sophisticated information technology market, European companies are in a worse position than ours in planning for 2000, so I put it to my hon. Friend: is this not an opportunity for British skills to be exported abroad and to establish a crash course for those prepared to offer those skills?

It would appear that much has happened since I drew the Prime Minister's attention to the problem in the House last December; that the Government are taking appropriate action regarding the computer systems for which they are responsible, and are now alerting others of the need to do the same. I welcome that.

The century date change should be treated as the most devastating virus ever to affect our information technology system. The message from the debate must be clear. This is urgent. The majority of computer systems will fail if action is not taken, and the majority of companies are not aware of the problems they face. There are fewer than 850 working days left in which to take action. If action is not taken, companies will face enormous difficulties. This is one of the greatest challenges facing business management today. I look forward to my hon. Friend's response to a crisis that will face our national daily life in less than four years' time.

10.15 pm
The Minister for Science and Technology (Mr. Ian Taylor)

I am extremely grateful to my hon. Friend the Member for Bournemouth, East (Mr. Atkinson) for raising this important issue on the Floor of the House, for pursuing it through questions, and for discussing it with me. I openly admit that he has informed my views on the subject. As Minister for Science and Technology, I have had the opportunity to discuss this with many people in the industry. This is a timely and necessary debate. It is surprising that a relatively simple issue can have such serious implications. I welcome what my hon. Friend has said this evening.

I join my hon. Friend in raising the alarm this evening, and I shall put it into context. Information technology is crucial to industry and to our competitiveness as a nation. The cost to the United Kingdom of not fully exploiting information and communications technology would be infinitely higher than the cost of putting this problem right.

I do not wish to understate the problem. On 8 May, in a written answer to my hon. Friend, I said: The longer it is left, the higher the likely cost of remedial work. I am urging all chief executives to discover now for themselves the extent of the problem in their companies."—[Official Report, 8 May 1996; Vol. 277, c. 152.] My hon. Friend referred to awareness. Our survey with the Central Computer and Telecommunications Agency showed that the awareness of the problem was higher than 90 per cent., but that action plans had not been put into place. That is the key point, and it is why I am so concerned about the issue.

My hon. Friend made some telling points about how the system could go wrong if the double digit at the end of the year throws up a double zero in the year 2000. For example, pensioners and others could lose their pensions and entitlements—or certainly not be paid them; centenarians could appear on primary school intake lists; all military and aeronautical equipment could be simultaneously scheduled for maintenance; thousands of legal actions could be struck out; student loan repayments could be scheduled as overdue; and 100 years of interest could be added to credit card balances. These things will not be particularly welcome.

Data could be sorted in the incorrect order. For example, the years 2000 and 2001 could be sorted ahead of 1997 and 1998, which could affect hospital waiting lists. In addition, housing allocation priorities could be wrongly assigned. There will be supply chain difficulties. For example, organisations with which a company exchanges data must have tackled the problem or errors will propagate through interconnected systems. If data are not shared, a company could survive the loss of a key supplier while it sorts out its IT system with difficulty.

In other words, it is vital that companies in supply chains take a mutual interest in attempting to eradicate the problem, to avoid a contagious disease. How long would companies survive if their customers could not pay their bills because their information system is not working?

Non-conventional information technology systems could also fail: process control; access systems, such as swipe cards which would appear to be outside the period of validity; air-conditioning systems that are pre-programmed; weapons systems—programmes using two-digit dates embedded in out-of-production chips will have a particular problem; and safety-critical installations in nuclear power plants and in air traffic control.

I have raised these points not to create a panic—I remind everyone that we are currently in 1996, so we have a while to go before the year 2000—but to alert people to the fact that action taken now is absolutely vital, because there will not be the opportunity to take action properly as the year 2000 approaches. I believe that some problems may emerge before the year 2000, which is why I am urging that audits are carried out into systems in various companies.

The resources will be needed to fix the problem. For example, for some of the older systems the COBOL-trained staff could become scarce and perhaps prohibitively expensive. Organisations may find that they no longer have the people or skills used at the time that their systems were built. The criticality of the problem is its scale: the billions of lines of code to search, the fact that the deadline is immovable—we know that it will occur after midnight in the year 1999—and the complexity and interdependency of the systems involved.

The suppliers of non-compliant software will need to be checked to discover whether they are prepared to fix the systems that they have installed or will walk away from the problem. We need to know much more about that issue or understand it much better.

Obviously, we need to be very careful in some aspects, such as the use of databases and spreadsheets that may have corrupt information in them, and which may not necessarily be understood by the people in companies who now work on them, because they will have been devised at an earlier period.

The predictions of industry experts as to what the problem is likely to entail vary hugely. Some say that 50 per cent. of information technology budgets will be spent on this problem, and therefore that money probably would not be spent on more constructive developments in information technology. There are estimates that, if the current rate of progress is maintained, at least half of companies will not achieve compliance by the year 2000, which will be an appalling tragedy for those companies, and, because they are interconnected, many others which have tried to be compliant. Obviously, some companies will go out of business if they have not tackled the problem, or not ensured that their suppliers have tackled it.

The cost is almost impossible to quantify, and I am very wary of putting a figure on it. My hon. Friend did put a figure on it which is a good deal higher than the figure given by Kleinwort Benson as quoted in the Independent this morning, which said that British computer users might have to spend £5 billion in the next few years on finding remedies to the problem. I shall not validate that figure; I merely pass it on as having appeared in the morning paper.

As a point of comparison, the Computing Services and Software Association members' revenues in 1994 were more than £7 billion. Those figures are increasing very sharply, and of course they are only a small part of the problem. We must consider not only software but mainframe hardware, which may need minor modification.

We need to examine operating systems, especially IBM, MVS and UNIX, ICL, VME, Digital VMS, DOS, Windows and so on, and we need to examine the application software. We need especially to consider companies who have installed bespoke or in-house applications, which could present the biggest problem if the people who installed it do not now work for the company or are unable to remember the keys and codes that were put into the system.

Let me say a few words about action. Within Government, the CCTA has written to all Government Departments, alerting them and requesting details of the remedial action being undertaken; and all new information technology procurements in Government and let through the CCTA must be millennium-compliant. Our systems in the Department of Trade and Industry are being reviewed. We have appointed consultants to plan a programme of work to make necessary changes to all systems to make them compliant by the year 2000; they will also work with our suppliers.

We have set up a departmental management group. In at least one of our systems in the DTI, we have a four-digit year, which is therefore not sensitive, but of course there are many other systems, and I repeat that our suppliers may have systems that are not compliant, so we have a considerable issue to resolve.

As to the private sector, I urge chief executives not to leave the matter to their information technology managers. I do not question the excellence or the expertise of those managers, but it is a management problem that must be dealt with at the top.

Chief executives of all companies of every size should conduct a demonstration of their computer system. They should set the computer clock at just before midnight and see what happens when it changes for 2000. They will then find out whether they have a problem. If they have no problems—which I would find surprising—they must ensure that their suppliers and others who access their computing software do not have any. The situation must be managed, and the sooner the better.

The Government cannot do it for them. It is no use companies coming to us in 1999 and saying, "The Government have not fixed it." The Government did not install the computer software. Failure to deal with the problem could lead to commercial collapse—I put it bluntly because I want to get the message across. We cannot move the deadline, so time management in the interim is crucial.

In order to signal to business the seriousness with which the Government view the problem, I have written to the Deputy Governor of the Bank of England, the Confederation of British Industry, the Institute of Directors, the National Computing Centre, the Federation of the Electronics Industry, the Computing Services and Software Association, the Federation of British Electrotechnical and Allied Manufacturers Associations, the British Computer Society and the Worshipful Company of Information Technologists, in order to meet and discuss the impact of the problem and try to find a way forward.

The Computing Services and Software Association—the lead trade association for the information sector—is working with the DTI to form a task force of users, suppliers and consultants, and the first meeting will be held before the end of the month. I stress that users must be part of the process. There is no point in only the software suppliers looking at the problem; users must be involved in the task force as well.

The DTI will publicise the growing body of help and information through its own World Wide Web site, and through business links and Government offices. The CSSA operates a World Wide Web site and business inquiry service which can put inquirers in touch with firms specialising in solutions to the problem. Guidelines on tackling the problem are due to be published next week. The CCTA and PA Consulting will be involved in that exercise.

Databases of millennium-compliant software are being compiled and updated, and conferences, seminars and workshops will be held. We shall contact interest and user groups. I am urging the trade associations, including those I have mentioned, to alert their members to the problem. The President of the Board of Trade and I launched the information society initiative in February. It is designed to encourage companies in this country to use computers, the Internet and electronic data interchange. We are not now discouraging them from doing so. It is not a question of not using information technology: it is a question of using it safely and of taking steps to ensure that new programmes are millennium-compliant so that the problem will not continually affect the system.

We shall provide advice through the information society initiative, while encouraging companies to use information technology. That item will be on the agenda for discussion at the multimedia industry advisory group, which will meet in the next week or so.

Trading and financial networks extend beyond our shores. We shall raise the matter with the European Commission, and we are considering what international organisation is best able to tackle the problem—whether it is the Organisation for Economic Co-operation and Development or the World Trade Organisation. There will be bilateral talks, including talks with the American Government, in view of their important role and that of the industry in that country.

Advances in technology are occurring so quickly that the problem may be resolved between now and 2000. New creative software packages may be designed that attack the problem at source. I am not overly optimistic, as many old systems must be dealt with. Nevertheless, I do not deny that there is a commercial incentive for someone to come forward with software that deals with the virus. We should be optimistic in that regard, bearing in mind the fact that computer power doubles every 14 months for the same price, the use of the Internet doubles every nine months and that we are seeing an explosion in information technology around the world.

It is inconceivable that anyone who is involved in the industry—be it as a supplier, hardware manufacturer, software creator or as a user—would wish to see the problem occur in 2000 and destroy so much creative effort and excellent information technology work. I am grateful to my hon. Friend for raising the issue. I take it very seriously, and I urge everyone else so to do.

Question put and agreed to.

Adjourned accordingly at twenty-nine minutes past Ten o'clock.