In recent years, many software vendors have changed over from a traditional licensing model (where software is installed on their clients’ computer systems) to a “cloud” model in which they provide a hosted service.
However, I regularly see contracts from these “traditional-to-cloud” vendors that have clearly not changed from the days when they were licensing locally-installed software. The agreements continue to read as if customers will have the software installed on their own systems, and fail to address the fact that the software is now being provided as a hosted service.
This has a number of consequences:
1. Service levels aren’t clearly agreed
A traditional software licence will not cover issues such as availability and uptime. This can lead to disputes where there is a mismatch between the customer’s expectations of a 100%, 24 x 7 x 365 service, and what the service provider can actually deliver.
In short, the contract fails at one of its fundamental purposes: setting out what the supplier has agreed to provide and the customer has agreed to pay for.
2. Customer misuse isn’t addressed
A traditional licence will often require the customer not to reverse-engineer or decompile the software or not to install it on unauthorised hardware – actions that are literally impossible with a cloud-based service. However, it may not concern itself with the everyday use the customer makes of the software: whether the customer is breaching data protection laws or third-party intellectual property rights.
However, a hosted service provider is taking responsibility for holding customer data. That data may infringe other people’s rights. Even if it doesn’t, the provider is still exposing itself to liability for taking proper care of its customer’s data, in a way in never did previously.
The customer’s users may also engage in other misuse, using the system to transmit illegal or unethical material that can cause reputational damage or legal liability for the service provider.
If the contract fails to take account of these issues, the service provider could face significant legal exposure.
3. Liability may not be limited
Limitation of liability is a critical contract provision for most suppliers. In order for the supplier to be protected as intended, any limitation of liability provisions need to be drafted so they actually cover the type of liability that might arise, and in most cases they need to be reasonable in their scope.
The risks to the supplier under a service provision arrangement are very different from those in a software licence. The supplier will be hosting the customer’s data and will be responsible for maintaining continuity of access, in a way that is unlikely to have been the case under a software licence.
If the limitation of liability do not take all that into account, the supplier could end up facing unlimited liability should any problems arise.
4. Deals are delayed
Where a contract is inappropriate, customers are more likely to question the terms and push back for changes. The process of agreeing the contract becomes more protracted – it may even result in the service provider carrying out large amounts of work “on risk”, as the contract continues to be negotiated.
Setting out reasonable terms that reflect the reality of what is being provided are the best way to ensure that contracts can be concluded quickly, without the legal tail wagging the commercial dog.
5. It just looks bad
If you went to rent a house, and the landlord produced a contract saying that they were selling it to you, you’d object. The difference between licensing software and provided a hosted service is no less fundamental, and a contract that fails to recognise this can leave both the service provider and client exposed.
As a result, using the wrong type of contract can cause reputational damage to a service provider. Customers are left with the impression that the service provider doesn’t really understand the business that they’re operating.
Whether software is being licensed or provided as a hosted service, agreeing the contract should be neither box-ticking nor an exercise in legal pedantry.
What counts is making sure that the contract reflects reality and deals appropriately with the key risks for each party – and that the process of agreeing the contract (often at least as important as the contract itself) flushes out issues that might otherwise cause problems down the line, and doesn’t become an obstacle to concluding the deal.