| Previous Section | Index | Home Page |
3.54 pm
Mr. David Atkinson (Bournemouth, East): I echo the congratulations offered by my hon. Friends to the new Financial Secretary on her recent promotion. She has been very helpful to me on the issue to which I shall confine my remarks; it will come as no surprise to her that it is the subject of the Public Accounts Committee's 66th report, "Managing the Millennium Threat". It was published last July and the Treasury responded in October. Given its importance, I am sorry that the issue was not highlighted in the motion.
As the first hon. Member to raise the issue way back in 1995, I want to use this debate to warn that we are not doing enough and have not done enough to avoid problems that are now inevitable, as more and more experts are concluding. It is essential that contingency plans are in place well before the end of this year.
When I first raised the issue at Prime Minister's questions, the entire House fell about in response to the warning that I gave my right hon. Friend the Member for Huntingdon (Mr. Major) about the consequences for business and Government if it was not addressed. I do not suppose that there were many in the House then who knew what I was talking about; most probably thought that what I was suggesting was silly, sensational and apocalyptic. To be honest, that had been my view. It was only because a constituent in the computer business had raised the issue with me at a surgery that I made inquiries and became convinced that he was right to be concerned that no one was responding adequately.
Although my right hon. Friend the Member for Huntingdon did not refer to it in replying to my question, I had already learned from him that his Government were
planning and implementing measures that were to put this country ahead of most others in terms of awareness and taking action in the public sector. That is contrary to the picture painted by Ministers of this Government, who suggest that they found the cupboard bare when they came into office. The proof of that, if it were necessary, can be found in the report of the National Audit Office published on 21 May 1997, "Managing the Millennium Threat", which was clearly prepared before the general election.
I accept that some of the answers that I received to the questions that I tabled to every Department in early 1996 were complacent and short on detail. However, as the NAO report confirmed, the central information technology unit of the Office of Public Service, supported by the Central Computer and Telecommunications Agency, was ensuring that central Government were preparing our public services in good time to anticipate and avoid problems in the three years before the millennium.
In reply to my Adjournment debate in June 1996, the first detailed debate in the House on the matter, the Minister responsible for information technology, my hon. Friend the Member for Esher and Walton (Mr. Taylor), announced the establishment of TaskForce 2000, a Department of Trade and Industry-sponsored, private sector-financed public awareness campaign aimed at ensuring that British business would be millennium ready.
I apologise for harking back to the past, but, to my knowledge, no one has put the record straight in the House on the previous Government's response on the millennium bug. It is, of course, not mentioned in the 66th report. However, I stress, as I always have, that I do not believe that voluntary action by business, in response to DTI exhortation and the TaskForce 2000 campaign, will be enough to ensure our millennium readiness. That will have a knock-on effect on the provision of public services.
Such is the nature of the issue that it is not enough to ensure that the necessary action on the computer systems of Departments and public sector agencies, as well as those in the business sector, has been taken, including sufficient time to allow the testing essential to ensure millennium compliance. If the systems with which those computer systems are linked, such as those of their suppliers or receivers, are not compliant, theirs will also fail to perform after the first midnight of the new millennium. As is becoming more widely understood, it is an all-or-nothing situation. In a network of computer systems, the chain is strong as its weakest link. If one system is not compliant, all those with which it is linked are also at risk.
There will always be reluctance to disclose true millennium readiness, especially in the private sector. There are many reasons for that, including maintaining competitiveness, the risk of future legal liability and the difficulty of obtaining insurance. As the Chairman of the Public Accounts Committee said, the civil servants who assured the Committee that we will be all right on the night next new year will not be around to pick up the pieces. That is why the Pledge 2000 initiative mentioned in the Treasury response, which the Government have signed, to the 66th report will prove not to be worth the paper on which the signatures are written.
The non-legally binding abstracts issued by the urgent issues task force sub-committee of the Accounting Standards Board on disclosures on millennium
compliance relating to business, to which the Financial Secretary referred in her reply to me last year in her previous role at the Department of Trade and Industry, will prove to be totally inadequate as the only yardstick of progress in this country. Both serve only to encourage over-optimistic and complacent conclusions that do not reflect the reality.
For the reasons that I have given, I felt that there was no alternative but to legislate to introduce a statutory requirement on company directors to assess the millennium compliance of their company's computer systems and to report the outcome of that assessment in their annual report to shareholders--the owners of the company--together with the action that they were taking to safeguard the company and the shareholders' investments in it if its systems were found not to recognise the year 2000. That was the object of the private Member's Bill, the Companies (Millennium Computer Compliance) Bill, which the House allowed me to introduce under the ten-minute rule procedure in November 1996. The Bill had reached its Report stage by the time of the general election. I had amended it in Committee in response to suggestions that I received from the top 100 companies that I had approached, many of which supported my Bill.
I contend that, if the previous Government had allowed my Bill to become law before the dissolution of Parliament, this country would now be far and away ahead of all others in the millennium readiness of both its public and private sectors. Company annual reports for the years ending 1998 and 1999 would have seen to that. Even the present Government had an opportunity to support the Bill when the House allowed me to reintroduce it in June 1997 after the general election. I appreciated the fact that the Minister courteously listened to my arguments on that occasion. Instead of supporting my Bill, the Government chose to suspend TaskForce 2000 before replacing it with Action 2000 almost six months later. In hindsight, I believe that that delay of almost six months will prove to have serious consequences in terms of missed targets and escalating costs.
The concerns about the millennium bug are reflected in the Public Accounts Committee's 66th report. It concludes:
We know that many modern computer systems are vulnerable to flawed software. Even Windows 98 is not millennium compliant unless action is taken and then tested, despite the assurances of Microsoft. The PAC was therefore right to urge in its report that the Office of Public Service should
"we cannot be sure that government business will not be disrupted in the year 2000 . . . we are concerned about the readiness of the wider public sector to cope with the Year 2000 issue".
In response to the Committee's concerns that the NHS executive could not give an assurance on the safety of patients, the Treasury was right to say that it would be dishonest to guarantee that there would not be a single unforeseen mishap. The truth is that no one can guarantee that, where date-related computer systems are involved, nothing will go wrong at the end of this year. No one knows for sure how widespread the year 2000 problem is likely to be.
"Ensure that contingency plans are in place, and are tested."
It said:
"We look to the Office of Public Service to require all public bodies to have comprehensive robust business continuity plans in place by January 1999."
14 Jan 1999 : Column 496
The Treasury has responded by saying that a number of Departments and agencies have yet to begin work on dedicated year 2000 business continuity plans. I suspect that that situation applies throughout the entire public and private sectors of this country. There will be all too few contingency plans in place, and they will be too late to be effective.
We still have the time, just, to replace a reliance on a voluntary requirement to have in place contingency plans with a statutory one. That is why this morning I secured from the Public Bill Office the opportunity to introduce a new Bill under the ten-minute rule procedure to require organisations responsible for providing essential public services and critical infrastructure to draw up contingency plans in the event of their computer systems failing to deal with calendar dates after 31 December 1999; to require such plans and the names of those responsible for them to be notified to an appropriate authority; and to require the plans to be made available on demand. I shall seek the leave of the House to bring in the Computer Millennium Non-Compliance (Contingency Plans) Bill on Tuesday 2 February.
| Next Section
| Index | Home Page |