Government executives have earned their aversions based on our professional experience. For me, I’m wary of any passage to a new year that involves the transition from a “9” to a “0” in its last digit. Happily, I plan to have a more relaxing turning into 2020 than I did in 1999 when the new year’s transition found me in the bunker of the BC’s Provincial Emergency Preparedness headquarters with a fluorescent vest, clipboards and satellite phones at hand. Whether Y2K was the world’s greatest fraud or a true global emergency, I had landed in the middle of it – in charge of BC’s province-wide preparation and response to the Year 2000 computer “bug.”
Twenty years later, I reflect on Y2K’s legacy, what we learned and what we have forgotten in this one-of-a-kind public sector project – a project with an immoveable deadline.
What was Y2K? A refresher
As I look back to the turn of the last century, I am astonished at how much we were in “early days” regarding the impact of information technology (IT) in our lives and work. The first industrial-strength email systems rolled out over rickety dial-up connections had been with us for only a decade. The now-ubiquitous Google was launched as a startup a few years before the century clock turned. And yet, the seeds of our dependency on unstable and immature technologies were already sown, and nowhere was this more evident than in Y2K.
So, what was Y2K, and why did it cause such a fuss? The root problem was a flaw imbedded in the operating systems of computers relating to the formatting of calendar dates. The rationale behind the flaw was well-intentioned. To save computer memory (a very scarce commodity in the pre-Cloud 1990s), IT programs represented four-digit years with only the final two digits, making the year 2000 indistinguishable from 1900. This meant that the calendar rollover from “99” to “00” could cause systems failure as operating systems faced “this-does-not-compute” date instructions. Importantly, the bug was imbedded in operating systems not amenable to the type of software updates that now course through our computers and cell phones at all hours.
Two decades after we successfully swatted the Y2K bug, I still hear that Y2K was the greatest scam technology ever perpetrated on an unwitting world. Now, as then, I don’t intend to engage in this argument other than to challenge its proponents to name a single organization confident enough to do nothing about Y2K. Quick … name one.
Managing the Y2K “Fix”
When I was appointed BC’s Chief Information Officer in 1998, I had nowhere near the techie qualifications that I would have thought necessary to support the job. Rather, I was told that my knowledge of the processes and business of government would be key. I was counted on to understand the impact of technology on government’s business enough to explain it to similarly tech-illiterate ministers and senior decision-makers.
I quickly realized that Y2K represented a unique public sector project – one possessed of a truly immovable deadline. No court-ordered or cabinet-set deadlines could be extended – and extended again. Rather, we were literally up against the clock with a deadline that could not be reset. I also determined that, at least from a technology perspective, everyone was facing the same problem. If you had computer systems involved in your business, you needed a Y2K remediation plan. With no proprietary rights in play, this opened the possibility of widely sharing Y2K “best practices” across public and private sectors in Canada and around the world.
Project management practice frames projects with three core components – people, processes and technologies – supported by a capacity to communicate and manage change inherent in the project. In the grand scheme of things, the technology component of the Y2K project was the least complicated. It was certainly broad-reaching and involved time-consuming heavy lifting by many people. But the technology fix was, for the most part, a repetitive process of remediation applied system-by-system. The project’s process component involved some choices of creating new management procedures and deploying established ones. Add to this the fixed deadline and Y2K, in the opinion of BC’s Auditor General, represented “a project that [has] challenged the ingenuity and resources of the BC government and launched the most widespread coordinated strategic effort in recent history.”[i] No small undertaking.
Our most important Y2K success factor was the clear setting of managerial accountabilities across the government. As CIO, I was responsible for establishing Y2K compliant remediation processes and standards as well as cross-government coordination of the Y2K fix. This role was later extended to serving as the province’s public spokesperson on Y2K in a sometimes wild, verging on apocalyptic, atmosphere. Cabinet ministers, normally very protective of their public communications role, suddenly seemed allergic to the microphone. They were content to leave this one to me, backed by a full appreciation of the consequences of any failure. I was clearly placed out on a limb where I often heard the dull throb of sawing behind me. Deputy ministers were made accountable for Y2K solutions in their ministries – mandates later extended to the areas of the broader public sector that their ministers presided over, such as health authorities or universities. In addition to my coordinating role, my department was also responsible for government’s core IT infrastructure, so I had to preside over a massive Y2K effort at home.
To manage the Y2K coordination exercise, we established a team of two dozen government program, technology and communications professionals, which we called Action 2000.
Working with technology managers across government, the Action 2000 team established the Y2K remediation standards for deployment across government. As systems were assessed, Y2K fixes developed and were then applied, tested and verified. In a parallel effort, government’s established but oft-ignored business continuity planning process was revved up, and each ministry was required to develop and test an “all-hazard” business continuity plan that would enable it to continue to deliver mission-critical services in the event that Y2K brought down its systems. For example, how would government’s central Corporate Accounting System manage billions of dollars in government’s payments and receivables with manual cheque cutting, cashing and accounting processes? The process was considered complete when deputy ministers signed off on both the Y2K remediation and business continuity plans for their ministries.
Deputy ministers were asked by the deputy to the Premier to identify programs and applications in their ministries that were mission-critical to government: where failure could threaten lives, cause economic hardship for British Columbians, cause serious damage to the environment or expose the province to significant loss or liability. Perhaps smelling additional funding that could be used to buy new IT gear, deputy ministers brought forward a large number of programs all offered with great bravado to underline the importance of their ministries in government. These programs were then ranked through the mission-critical criteria. Deputy ministers were then informed that the top-ranked programs would be used not to dole out new funding but, rather, as the focus of real-time progress reports on the state of Y2K readiness of key systems on the government’s public Y2K website. In the interest of transparency to support public confidence, deputy minister accountability would be in full exposure. Suddenly, the tide of bravado receded and there ensued a small scramble to pull systems off the mission-critical list.
In retrospect, the biggest accountability gap in Y2K related to the computer systems companies that brought us Y2K in the first place! As governments now prosecute drug and tobacco companies for not coming clean on known health impacts of their products, IT companies should have seen the flaw in their systems and been held accountable for their fixes. Instead, Y2K was an extraordinary “buyer beware” moment for us all – one that foreshadowed the elusive sense of responsibility that social media technology companies will accept for their products and services.
While some new processes were established to manage this extraordinary project, important decisions were made to deploy existing processes and test-drive them against a time-set emergency. The central communications machinery of government was used to develop and distribute public and business communications materials, such as the catchy but acronymically laden RU Y2K OK, BC? Y2K readiness checklist and workbook series.
Most importantly, however, was the decision to deploy the full scope of the Provincial Emergency Preparedness program to manage the province-wide response in the event of a disaster. Y2K test-drove the province’s emergency planning processes like never before and resulted in important learnings and process changes that made BC better prepared to manage a major natural disaster like an earthquake.
Other processes – new and old – presented challenges. The Office of the Auditor General, operating under its established mandate, conducted its own priority survey of the province’s Y2K readiness across core government, key crown corporations (such as BC Hydro), health authorities (of which there were then 52), municipalities, and the K-to-12 and post-secondary education systems. The close professional cooperation of the Action 2000 staff with the Auditor General’s team built a “we-are-all-in-this-together” operating model while preserving the independence of the Auditor General to evaluate our readiness. As I regularly reported on progress to Cabinet and deputy ministers, I was also a frequent guest of the Parliamentary Public Accounts Committee of the legislature to explain what I was up to. These meetings often raised the media profile of Y2K – and not always in a positive way. For example, a month before the Y2K turnover, media reported that BC was spending less per capita than any other province on its Y2K program. This occasioned some fancy fun-with-numbers calculations backed by some very real questions as to whether we were spending enough, and if not, why not.
One process that could have produced more benefit was inter-jurisdictional coordination. Federal and provincial ministers tasked the embryonic federal-provincial-territorial Public Sector CIO Council (formed in 1997) with cross-Canada coordination of the Y2K effort. However, as a young organization, it lacked the maturity to be more than an information exchange network. Given that everyone was tackling the same technical problem, it could have been much more. For example, it might have developed common public communications materials or created a shared Y2K fix “factory” where professional resources could be funded and shared across borders.
The Y2K Moment
On December 31, 1999, “Y2K Day” was ushered in with equal amounts of confidence and holding of breath. The worldwide web, while in its early days, was global and operational. British Columbia had the benefit of being one of the last places to reach the Year 2000. New Zealand was one of the first – 19 hours ahead of BC. The first thing I did when I awoke in the wee hours of that morning was to check New Zealand’s Y2K website, which, happily, was live – indicating at least some success. More importantly, we knew that BC Hydro had much of the same type of IT in its operations as its New Zealand counterparts and the successful transition of that country’s hydro system bode very well for the day ahead in BC. By 7:00 a.m., I was on the first of several province-wide radio shows that day and was able to report on both New Zealand and Australia’s apparently successful transitions. Building public confidence continued to be a key theme throughout the day, which meant participating in some radio phone-in shows that veered towards apocalyptic visions of falling elevators, interrupted water supplies, etc. As the day rolled into late afternoon, I was able to report on the success of one of the more effective Y2K executive accountability tests. To demonstrate their confidence in their Y2K fix, British Airways commanded its executives to be aboard a flight during the transition. By late afternoon Pacific time, none of them had fallen from the sky. That’s accountability!
Our Action 2000 team began to assemble in the bunker of the Provincial Emergency Preparedness (PEP) centre in Victoria. I spent most of the early evening following the lead of PEP staff as they kicked the provincial response into gear and talking to local media representatives who visited the site. At 11:00 p.m. Pacific, a large swath of the eastern part of the province crossed over midnight Mountain Time and we were able to receive a thorough and positive report from PEP staff in the region. As we closed in on midnight, I chose not to look at the clock but rather at a huge, lit-up Christmas tree in a car dealer’s lot that I could see out my window. As the clock turned to 2000, I don’t recall many “Happy New Year” cheers. Instead, we were all fixed on that Christmas tree which, happily, stayed lit.
Before leaving PEP headquarters, I decided to check the Y2K hotline that the federal government had established as part of the inter-jurisdictional information exchange on Y2K transitions around the world and across Canada. However, by the time I checked in – just over three hours after Central Canada’s transition to 2000 – all that was on the phone line was a pre-recorded national weather report.
Upping Our Game
I have many memories of the first post-Y2K days, but a few are particularly endearing. At work, the throbbing buzz of sawing behind me on the limb stopped, and I received a round of applause from Cabinet for our Y2K efforts. Reflecting on Winston Churchill’s admonition, “Never let a good crisis go to waste,” I leaned on Cabinet’s recognition of our Y2K success to secure an invitation to present what became BC’s first e-government plan. I thought that now that we had “earned our stripes” in managing IT in a disaster scenario, so we were qualified to demonstrate what more we could do with IT to improve the business of government. However, before I could bring this invitation to fruition, I received an invitation of my own. The very same Parliamentary Public Accounts committee that had challenged us on underspending on Y2K a few weeks before wanted me back to explain why we had spent so much of taxpayers’ hard-earned money on something that didn’t happen. Meanwhile, out in the real world, I observed a very special Y2K moment at the local Canadian Tire store where I encountered what seemed to be a longer than usual post-Christmas return line up. Several customers were lugging bulky machines to the service desk. Y2K had passed, and they were returning residential power generators that they had purchased for the “emergency.”
Two decades have given us a lot of time to reflect on the Y2K experience. What were the key success factors in the campaign? Is Y2K’s legacy alive and well in building an improved response capability for emergencies?
For me, the key success factor lay in setting clear and high-level lines of accountability for the system-by-system remediation that was conducted across the public sector. There was no room for ambiguity here, so the roles and consequences of failure were clearly established. Our decision to use established processes and mechanisms such as the provincial emergency preparedness system and the business continuity planning processes not only avoided re-inventing the wheel but test-drove those processes against a real-time emergency. Our province-wide approach to coordination and communications was effectively powered by extensive information sharing and transparent public reporting on the Y2K fix process. There was no room for grandstanding or selfishness here; we were all in this fight together. More could have been done for sure, like more efficient and scaled-up sharing of Y2K projects among jurisdictions in Canada. But enough was done to get us all over the goal line.
On the verge of 2020, I find myself wondering whether Y2K’s legacy has left us better equipped to manage the potentially more devastating technology threats that we face today. Paradoxically, as our dependency on IT continues to rapidly evolve, we are confronted by an increasingly unstable and ungoverned global internet system. Moreover, the case for more effective regulation of internet-based technologies to protect its users faces strong opposition from both proprietary technology interests and anarchistic ‘open-sourcers’ who seem to want anything but.
As we approach 2020, the potential scale of this paradox appears to far outstrip Y2K’s potential impact. Cyber security, social media-led privacy invasions, amateur and state-sponsored hacking, artificial intelligence systems, the ubiquitous “internet of things” – all were barely concepts in the late 1990s but now materially affect everyday life. The potential of IT flaws and sporadic hacks to bring down the operations and services of a government has gone well beyond Y2K’s bothersome but well-intentioned effort to address memory storage. I hope the key components of the Y2K arsenal, such as IT systems accountability, business continuity planning, communications and provincial emergency preparedness, will all be regularly reviewed and refreshed in diligent organizations and not be consigned to binders of ‘shelfware.’ However, without the time-ticking deadline of Y2K’s calendar rollover, one wonders if we could quickly marshal these forces, especially against more random and unexpected foes. Perhaps our collective reflection on the Y2K experience will prompt a review of our IT diligence and response plans to see if they are up to the test should we need them again. As with Y2K, there is a strong role for public accountability mechanisms – such as Auditors General oversight and the vesting of responsibility for technology with executives – to pick up the challenge and reactivate readiness.
[i] Office of the Auditor General of BC, “Report on the Preparedness of the Government of British Columbia in Dealing with the Year 2000 Problem,” October 1999
Stuart Culbertson is a former Deputy Minister in the government of British Columbia and led BC’s Y2K response program as the Province’s Chief Information Officer from 1998 to 2001.