Intro...
As you may remember, I
earlier promised to write about the practical issues surrounding IT agreements
in the digital era, and cover certain misunderstood concepts and principles in
the IT world that are, in principle, "simple" but nowadays too often
subject to lengthy negotiations. Cloud is definitely the mainstream solution today,
even in heavily regulated sectors such as banking and insurance as outlined,
e.g., in Temenos & Capgemini 2015, according to which 89% of banks globally
use at least one cloud application, while the figure was 57% in 2009.
Standard IT procurement templates won't work
According to our
recent experience, most of the standard contractual templates used by many large corporate customers
in their procurements, as well as most IT agreement models currently generally
available, fail to address the latest delivery and operational models applied
by cloud capacity providers. Even though the principles remain the same—and
yes, from a legal point of view, there are still services, licenses, hardware,
etc.—cloud capacity for example requires a different approach to these due to the various
characteristics that separate it from traditional IT deliveries. This implies
that one must also go deeper into the world of cloud and understand how cloud
brokerage and service integrators work to create a reasonable balance between
the interests of the different parties involved, and to truly gain business benefits from the new
service models (as opposed to relying on standard "one-size-fits-all" -type of ICT procurement frame agreements). In addition, there are certain new elements that need to be
added to the above legal framework, such as the above mentioned capacity, which is still a
relatively unknown concept for many lawyers even if they might otherwise be very
experienced in IT contracting.
Modern outsourcing requires less transactional elements
It is probably already
a decade since the Amazon Web Service (or AWS) started offering these services,
and still we seem to be missing the core understanding of what this is actually
all about. Essentially it is about using resources over a network which may
include just space, software (SaaS), computational power (IaaS) or hosting platforms, for
example, as a service (PaaS). Under the SaaS heading, we have plenty of
alternatives from traditional systems like HR, accounting/financials (Workday),
CRM (Salesforce), e-mail and office (Office 365) to data storage providers
(Dropbox), or photos (Flick) or social network applications (Facebook) which
are most well-known for everyone. New digital services differ from (and affect)
traditional outsourcing in many ways. Perhaps most importantly, they may remove
the need to outsource in the traditional sense completely, i.e. “Less infra,
personnel & software, less to outsource".
Digitalization requires a more subtle liability allocation
Furthermore, modern
digital services often are not offered by one vendor alone but, instead, there
is often a network of different players involved with varying roles, which
means that also liability allocation is subtler than it was in the past. In
this new environment, different deliveries, personal data and related
liabilities alike move from vendor to vendor, vendor to customer or vice versa,
unlike in traditional IT contracts of the time when it was still possible to
reduce the whole delivery model to a simple "projects and on-going
services” format. In my view, this should not be seen as an increased risk but
rather as an inherent characteristic of the new way of providing services.
Consequently, the liabilities and their allocation should also be different, as
in this example that outlines a simplified contractual network of a company
engaged into a digital marketing campaign.
Technology lawyers need to create new core competences
As I see it, if one
should use the time to really understand how this world works, it would give
strategic advantages or costs savings, depending on the strategy. In other
words, "too many cooks do not spoil the broth". Instead, they enable a
more agile IT environment for you if you select the right partners and know how
to use them! Also lawyers need to understand in detail how these different systems communicate at technical and legal level, how personal data is transferred around the environment and I must say, it is not a simple task and it is made even more difficult due to the fact that one often operates in cross-border environment of internet where compliance requirements are still many times based on local legislation. Here I promise to raise 5 top issues how contracting practices are
changing at the practical level that I wish someone would have told me before I started drafting my first cloud-era IT agreement or spider-webs like one above, and then I hope to hear your views on this issue as
well!
Regards,
Jan
No comments:
Post a Comment