MONDAY 15 JUNE 1998

MR ROBIN MOUNTFIELD, CB, MR MARK GLADWYN, SIR ALAN LANGLANDS and MR FRANK BURNS

  20.  So that means no in answer to my question?
  (Sir Alan Langlands)  I think I am saying yes, that the paper back-up could be an important safety net in general practice.

  21.  Mr Mountfield, I would just like to pin down this whole business of the cost of this whole debacle really, the whole millennium threat. I know that some people see it as a problem, whereas others do not, but we do not really know and it is difficult to pin down before the facts, but can you give us a definitive outline of what is your current best guess estimate for the total of all government departments and then possibly the two big ones which I think are the Ministry of Defence, which the Report says will take a significant slice, and the National Health Service?
  (Mr Mountfield)  Well, first of all, so far as central government is concerned, as you know, we have been monitoring this for three successive quarters and the number has risen, which is not, I think, surprising, but not perhaps as much as people would think. Now, it would be foolish, I think, to be confident that it will not continue to rise, but equally I think we can now begin to take a little comfort from the fact that these are not shot-in-the-dark estimates, but the aggregation of detailed estimates by professionals who are already part-way through the task, so I think one is beginning to firm up a little bit and one can, I think, have a little more confidence, not least, if I can give one example, in that some departments have clearly had to increase their estimates, and some of them by proportionately quite large amounts, though they are not large in absolute sums, because they have taken in an extra chunk of risk that they had not accounted for, perhaps the embedded systems risk. Others, on the contrary, have reduced costs which implies that those who are actually implementing the changes are finding that the problem is less big than they thought. You mentioned the Ministry of Defence; they have an overall figure of £200 million which is included within the £402 million for central government. That includes broadly the Civil Service activities, but also the Armed Services.

  22.  So there is £402 million for all of them and the Ministry of Defence is about £200 million?
  (Mr Mountfield)  £200 million, yes.

  23.  What about the National Health Service?
  (Mr Mountfield)  Well, Sir Alan, I think, is much more able to answer.

  24.  Well, Sir Alan, can I just ask you that specific point, the total global NHS cost?
  (Sir Alan Langlands)  £320 million.

  25.  So I need somehow to reconcile these figures because the total government figure cannot be then £402 million.
  (Mr Mountfield)  The NHS is not included in the central government figure because that is treated as a separate category.

  26.  So it is £402 million plus £320 million?
  (Mr Mountfield)  Indeed, but of course there are other areas of the wider public sector which I think we have mapped rather less well so far and that is an area that I think we will want to——

  27.  So we do not know about local government, for example?
  (Mr Mountfield)  We know something. The local government area has been estimated by the Local Government Association, on the basis of the Audit Commission's earlier work, at about £500 million, so that gives you quite a large part of the wider public sector, but there is still, for example, the area of non-departmental public bodies, the TECs, the——

  28.  Well, there are all sorts of other quangos.
  (Mr Mountfield)  There are things like London Transport, the BBC, the Post Office, British Nuclear Fuels, the Civil Aviation Authority and so on. The bits for which we have a number so far, which is central government, including the Armed Services, the NHS and local government, albeit rather generalised numbers for some of those, add up to something short of £1 billion. I think the £3 billion for the wider public sector—the Prime Minister said in his speech in March that he was not explicitly backing that number, but he said it seemed a reasonable order of magnitude. I think there is some ground for thinking that is probably the right ball park.

  29.  Right.
  (Mr Mountfield)  If I could illustrate that by saying that if our figure of £400 million is about right for the roughly 700,000 people in central government and the armed services together, that is about 13 or 14 per cent public sector employment.

  30.  That is an absolutely astronomical amount of money. Can you in any way tell me how we are going to recover some of this cash because what seems very strange to me in all of this is we are talking about spending all of this taxpayer's money to rectify a problem which is essentially something caused not by the public sector but by the people who sold us this duff and ineffective information technology equipment in the first place. How are we going to recover this?
  (Mr Mountfield)  First of all, if I could answer on the question of scale. £400 million sounds an awful lot of money but that is spread over at least two financial years, probably three, with running costs for central government and the operational costs of the armed services running at about £30 billion a year, it is a very small increment.

  31.  Sure. Let us get on to the recovery question. I am very anxious that we do not just spend this taxpayer's money when there might be a way of getting it back from the people responsible for getting us into this mess in the first place.
  (Mr Mountfield)  I think it would be wrong to imply that this is in some sense somebody's fault. A large part of what is being corrected is failure to take account of the year 2000 problem in systems, some of which were installed a quarter of a century ago when people did not expect their systems or particular software programmes would last as long as that.

  32.  A lot of it is still quite recent equipment.
  (Mr Mountfield)  Some of it is quite recent. Of course in terms of how much can be recovered, the liability and so on, it will depend very much on what warranties were given at the time.

  33.  Is anybody looking at that, seeing whether we can perhaps sue some of these companies for all the costs we are likely to incur in the public sector?
  (Mr Mountfield)  There has been some initial work but the priority must be, I think, first of all, to crack the problem itself so far as we can and make sure that things are put right.

  34.  Sure.
  (Mr Mountfield)  We are pretty clear that unless warranties were given at the time, it is pretty unlikely that we will be able to claim damages in most cases now but it will depend on what assurances were given and the circumstances of individual purchases.

  35.  If you or I bought a car and the engine was going to implode, and we knew this, in the year 2000, we would take it back to the garage that sold it to us and ask them to sort it out. What I am concerned about is why are we not doing the same sort of thing for a lot of the equipment that we do know is still within its guarantee or recently bought? For example, can you tell me are we absolutely sure that we are not still buying equipment that is not year 2000 compliant?
  (Mr Mountfield)  First of all, so far as the big purchases are concerned, anything that has been purchased for some time past has been warranted year 2000 compliant, that has been in the standard terms and conditions for big procurement for some time. For smaller parts of IT kit all departments are now following the guidance which was issued by the Central Computer and Telecommunications Agency in September 1996 which provides for year 2000 compliance as a standard requirement. Of course some of the problem is in embedded systems which are not IT systems as such which are bought for other purposes and I think judgments have to be made in particular cases about how far we can write that in. One does not write year 2000 compliance into paper-clip purchasing, for example.

  36.  Just out of interest, when was the whole problem of year 2000 compliance identified in the public arena? When did we know about it and when could we have expected IT companies to have reasonably made sure that their equipment was compliant?
  (Mr Mountfield)  I think how far one can reasonably expect that is a big question. Sir Alan was mentioning, for example, the cervical screening, which was identified in 1995. CCTA began their concern about year 2000 compliance in November 1995 and things began to move quite seriously during the course of 1996.

  37.  Have we been able to tie in in any way which particular information technology companies have the greatest compliance difficulties? Do we have any indication whether it is lap top or table top PCs we are talking about here or is it the actual software products?
  (Mr Mountfield)  I am not aware of any general conclusions of that kind. I think it is probably widely spread through both software and hardware, depending on how far back it goes. The general expectation is that quite a lot of IT kit these days does not last all that long because it is obsolescent quite quickly and, therefore, renewal patterns have been assumed in purchasing plans for quite a long time. That is part of the solution to the problem and I know the renewal programmes are very substantial in the normal course for ordinary business reasons and that wraps up part of the year 2000 problem as we go along.

  38.  I remember last week during the statement one Member referred to Windows 95, which is probably what most of us are familiar with, not necessarily being compliant. Do you know about that particular example?
  (Mr Mountfield)  I wonder if I could ask Mr Gladwyn, who is the Deputy Director of the Central IT Unit, to answer that one.
  (Mr Gladwyn)  Yes. Mr Derek Wyatt asked that question. The specific Microsoft position on Windows 95 is that it is compliant with minor issues. Minor issues relate to the placing of certain patches, which are available for free download on the Internet, which may be necessary in certain circumstances. Punctiliously Mr Wyatt is correct, the programme is not 100 per cent compliant but it can be made compliant to match whatever needs.

  39.  Where I am going here is obviously Windows 95 was the new period we were looking at when the whole thing was available. We know Bill Gates, Microsoft, multi-billion pound profit making organisation, should they not be taking some sort of responsibility for what is going on in the public sector? Are we not looking to them to help us out given that a lot of the problem that there is might well be their doing?
  (Mr Mountfield)  In terms of actual corrective action I have no doubt they are. The example that Mr Gladwyn has just given of fixing particular problems in Windows 95 is one way in which the manufacturers and suppliers are helping. The question of liability is a very big question which of course is not just a public sector one, it applies right through the economy. That is why I am advised it is quite a complex one and it is not all that easy, unless there are clear contractual commitments in terms of sale, to attach liability to suppliers.