Supermarket aisles have experienced a shortage of Walkers crisps in recent weeks. The reason for the notable absence of Wotsits and Quavers? An IT glitch at Walkers’ factory.
In September 2021, PepsiCo, Walkers’ parent company, announced that it had completed a £14m upgrade of its distribution centre in Leicester, marking the company’s biggest investment in the UK to date. Despite implementing state of the art technology to increase storage capacity at the warehouse and for more efficient distribution, the IT upgrade instead took far longer than expected and caused severe disruption to production.
With Walkers asking retailers to stop promotions in an attempt to avoid its products completely selling out, and with competitors reportedly experiencing increased demand for their products, the glitch has highlighted how significant the effects of an IT issue can be.
The fact that almost all businesses rely on IT software to operate makes the potential losses caused by an IT glitch, and the associated inability to run the business, all the more likely and significant.
It was reported that Walkers’ production would be unable to resume at normal levels for weeks to come, further contributing to any losses it had incurred already. In July 2019, and in similar circumstances to the Walkers glitch, ASOS introduced an automated stock retrieval system at its European warehouse to improve efficiency. However, an IT issue in the stock replenishing element of the system led to reduced stock availability, costing ASOS an estimated £25m in disruption costs and missed sales. As well as the direct loss of sales and profits, an IT issue may also lead to further consequential profit losses by highlighting the availability of competitors’ products.
If an IT glitch can be attributed to the fault of an external consultant, software supplier, or other third party provider, it may be possible to pursue a claim for damages to recover any financial losses. This was the case for BA when, in 2017, one of the company’s data centres suffered an outage. Whilst the claim eventually settled, BA did sue the operator of the data centre to recover the more than £58m loss it suffered.
In addition to recovering financial losses, the inability to fulfil contractual obligations when an IT issue arises is a cause for concern. Whilst it may be possible for a business to pursue a third party responsible for the glitch, the inability to fulfil contractual obligations may result in the business itself being sued in the meantime, whether by buyers, clients or customers.
If a business is presented with a legal claim, it is vital that it is aware of the terms of the relevant contract and, in particular, to consider whether any clause provides for a cap on liability for certain types of losses.
An IT glitch could also result in a possible breach under the UK GDPR. If an IT issue results in the personal data of customers, clients or other individuals being, for example, sent to incorrect recipients, accessed by an unauthorised third party, or otherwise being altered without permission, the breach may need be reported to the Information Commissioner’s Office (ICO). If so, the report must be made within 72 hours of the business becoming aware of the breach. Regardless of whether the breach needs to be reported to the ICO, a record of all breaches must be kept. In addition, an assessment will need to be made as to whether those whose data was breached need to be notified.
Businesses must ensure that they have a robust system in place to detect data breaches, and a formal procedure to follow if they occur. If an IT glitch leads to a data breach which is subsequently reported to, and investigated by, the ICO, a business could, in the most serious cases, be penalised with a fine. Similarly, a business could find itself being subject to legal claims. EasyJet is currently facing claims for compensation in relation to some of the nine million customers whose data was leaked as a result of a hack in May 2020.
Costs of fixing the glitch
In addition to profit losses, further costs will almost inevitably be incurred in fixing an IT glitch. A business will both want, and need, to expend on resolving an IT issue as soon as possible to be able to resume fulfilling contractual obligations, to avoid further losses and to mitigate the likelihood of legal claims being made against it. Further costs associated with "fixing" an IT glitch may extend to seeking to fulfil contractual obligations by alternative methods in the short term, or perhaps compensating affected customers or clients as a gesture of goodwill.
If a third party can be attributed to being at fault for the IT glitch, all costs incurred in fixing, or otherwise seeking to resolve the glitch, should be considered in any claim for damages.
Short term considerations
When faced with an IT glitch, the legal implications, and ways in which recoveries may be achieved through legal means, are likely to be longer term considerations for a business. In the short term, however, practical solutions to mitigate losses are crucial.
Businesses should seek to have a plan in place for navigating through an IT issue, the details of which are likely to be tailored to the industry and specific to the business itself. The outage on the Tesla app recently highlighted the need for having a plan in place to quickly deal with an IT glitch: Tesla owners found themselves unable to unlock or start their cars for hours after the app, used to connect owners to their vehicles, suffered an outage.
In the longer term, depending on the nature of the IT glitch and the financial consequences suffered, businesses would be wise to seek advice on pursuing legal claims.