Cloud services have proliferated the IT services industry in the last few years or so, and it's easy to see why. There are numerous advantages to offering and using cloud services as opposed to out of the box software solutions. For service vendors the model enables a steady income stream and a quick way to fix bugs and get improvements to customers. For providers, it's a way of diversifying existing IT services and enabling income that wasn't previously available. For service users, the model offers better tax deductibility due to the switch from CAPEX to OPEX, usually a better overall reliability, and if properly researched, it can reduce the overall IT maintenance spend.
There are many cloud structures, ranging from the simple delivery of a product using a cloud format for delivery right through to a bulk service provider delivering multiple and diverse applications through a virtualised environment (Google Apps is an example of this approach).
So where are the IP issues in connection with cloud services, you might ask? There are a bunch we've encountered recently. These are:
1. A failure to update software license agreements. Many vendors fail to update their licensing arrangements to reflect the switch from out of the box software products to provision of the same software via cloud services. This is usually overlooked because technical creatives are concentrating on achieving a better delivery of product and not considering how the change in modality might affect the licensing. In almost all cases, the licensing model needs to switch from a software product license to an end user license agreement. This usually involves considerable amendments to the older licensing arrangements.
2. A lack of awareness of how pre-existing contractual obligations might affect a transfer to cloud services. Many software licenses for users (both hardware and out of the box software) assert prohibitions on use of the software or hardware in a virtual server environment. This can mean that those previous license obligations are breached when the migration from local servers to cloud servers takes place. This concern is particularly relevant where the end user has requested the cloud provider to host software that the end user prefers to use. The consequence is that there is a risk to both the end user and the cloud provider when the transition takes place.
3. A lack of awareness of how jurisdiction can impact on user legal rights. If the cloud services are being provided from a different jurisdiction from the one in which the end user is situated, this can create some issues for enforcement. The place where a contract is performed can be a decisive factor in determining which jurisdiction applies. This usually means that courts will apply the law of the jurisdiction where the cloud provider's servers are located. It is important to consider how your rights might be enforced (together with the potential enforcement costs) before entering into a cloud services license.
Other related factors to consider are:
- the cloud provider's responsibility for managing the end user's data
- the cloud provider's duties with respect to privacy and confidentiality
- what controls to put in place to ensure that the cloud services do not compromise trade secret measures
- the risk that a cloud provider might try to avoid liability where it is simply providing software that is marketed and sold by an independent vendor. This is a particularly relevant concern with "best of breed" cloud models.
The cloud model offers plenty of advantages to vendors, providers and end users. However, as with all licensing methods, it is important to assess the implications before taking the plunge.
No comments:
Post a Comment