“Right to audit” provisions in technology services agreements can benefit both parties

“Right to audit” provisions in technology services agreements are common. You’ve seen them. A typical section will read something like this:

Vendor will keep accurate and complete records and accounts pertaining to the performance of the Services. Upon no less than seven (7) days’ written notice, and no more than once per calendar year, Customer may audit, or nominate a reputable accounting firm to audit, Vendor’s records relating to its performance under this Agreement, including amounts claimed, during the term of the Agreement and for a period of three months thereafter.

Clearly these provisions generally benefit the customer, to give it some transparency and assurance that the vendor is performing the services according to the agreement and that vendor is charging customer for the services appropriately.

But a right to audit provision can benefit the vendor (and go against the customer) as well. As a recent court decision shows (Carlson, Inc. v. IBM, 2013 WL 6007508 (D. Minn. November 13, 2013)), a customer’s comprehensive audit rights can preclude it from claiming that vendor owes it a fiduciary duty.

In the case, the customer sued its software vendor alleging, among other things, that the vendor breached its fiduciary duty. The customer argued that it had to essentially “hand over the keys” of its operations to the vendor. But the court ruled that vendor did not owe customer a fiduciary duty because the customer had several important rights to know about and control the vendor’s performance.

The master services agreement between the parties reserved for the customer the right to audit the vendor’s performance and challenge its pricing and delivery of services. Under the agreement, customer had:

  • regular and recurring access to vendor personnel;
  • access to complete records and supporting documentation underlying vendor’s services;
  • the right to conduct operational audits to examine vendor’s performance of the services;
  • the right to audit performance for comparison to standards in the service level agreement;
  • the right to financial audits to verify the accuracy and completeness of invoiced charges.

The court found that “[t]hese audit and oversight provisions [were] meaningless if [customer] was as helpless as it [claimed].”

So while vendors may find right to audit clauses to be a nuisance, they should remember that the presence of such a clause could provide an important defense in litigation over the technology agreement.

Evan Brown is a Chicago attorney helping businesses negotiate and draft technology services and development contracts. He also handles many other issues involving the internet, copyright and trademarks, and new media. Call him at (630) 362-7237 or email ebrown@internetcases.com.

Jury finds in favor of IMDb in case brought by actress over published age

Hoang v. IMDb.com, No. 11-1709, W.D.Wash. (Jury verdict April 11, 2013)

Actress Junie Hoang was upset that IMDb published her real age (she was born in 1971). She sued IMDb claiming it breached its Subscriber Agreement (particularly its privacy policy) by using information she provided to cross-reference public records, and thereby ascertaining her correct age.

The case went to trial on the breach of contract claim. The jury returned a verdict in favor of IMDb.

Though we don’t know the jury’s thinking (we only have a simple verdict form), IMDb had argued, among other things, that its investigations of plaintiff’s birthday were in response to requests she had made. In 2008, plaintiff had asked IMDb to remove a false (1978) birthdate plaintiff had submitted a few years earlier. When IMDb conducted its own research, it found plaintiff’s real birthdate in public records, and published that. The jury found this did not violate IMDB’s Subscriber Agreement.

GoDaddy outage reminds us why limitation of liability clauses are important

The legal team at GoDaddy today probably had more than one conversation about Section 13 of the company’s Universal Terms of Service. That Section contains pretty widely used language which limits how badly GoDaddy could get hurt by an epic failure of its system like the one that happened today.

We are conspicuously told that:

IN NO EVENT SHALL Go Daddy, ITS OFFICERS, DIRECTORS, EMPLOYEES, OR AGENTS BE LIABLE TO YOU OR ANY OTHER PERSON OR ENTITY FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES WHATSOEVER . . .

Language like this is critical to technology service agreements. Today’s huge blackout illustrates the extent to which GoDaddy would be on the hook if such a limitation were not in place. Thousands of sites were offline for hours, losing uncountable pageviews and ecommerce sales. Holding GoDaddy responsible for those millions of lost dollars (which would be in the categories of indirect, special and consequential damages) could put a company into bankruptcy. GoDaddy would be big enough (probably) to pick up the tab in such a situation once or twice. Smaller enterprises would likely not be as lucky.

This kid is like GoDady inasmuch as he's trying to limit his liability.

To illustrate the effect of limitation of liability clauses, I have often used the example of similar language in Microsoft’s end user license agreement for Office. Because that is there, you cannot go after Microsoft for the business you lose if Word fails on your computer and you miss the deadline for submitting that big proposal. After today we have a new, perhaps more relevant example. GoDaddy would be pretty protected if you claim that you missed out on that million dollar client because your website was down.

So if you were looking for me through my site today, let me know, so I can send a bill for what you would have paid me to GoDaddy. Then again, I guess I’ve already shown why that won’t get paid.

Photo courtesy Flickr user Mikol under this Creative Commons license.

DMCA takedown notices are not just for content

Apple using the DMCA to stop early sales of iOS 6.

The infamous Digital Millennium Copyright Act takedown process gets quite a bit of press when content owners such as movie studios and record companies use it to take infringing copies of films or music offline. The safe harbor provisions of the DMCA are at the heart of content-distribution platforms’ defenses against infringement occasioned by users of the platform. (Think Viacom v. YouTube.)

Apple reminds us, however, that the DMCA gives all copyright owners — not just those who own copyrights in content — a mechanism for getting infringing works off the internet. According to this piece on Engadget, Apple has been contacting hosting providers of sites that offer unauthorized copies of the forthcoming iOS 6 for sale.

So the DMCA, acting in the name of copyright protection, provides a remedy for software providers to keep the clamps on parties who may have access to software for their own use (in this case, iOS developers) but go outside the bounds of such use and offer the technology for sale to others.

1 2 3 4 5 6 12 13 14