In his 2011 routine at Madison Square Garden the comedian Eddie Izzard talks about what is really contained in the iTunes terms and conditions (watch here from minute 3:18), after musing that it might contain the ability to allow Apple to rearrange your toes and re-number them, he concludes that’s "NO-ONE in the UNIVERSE has EVER read the terms and conditions".
The International Association for Contract & Commercial Management (IACCM) annually report on the most negotiated terms in contracts. It is no surprise that Limits of Liability, Indemnities, Termination and Warranties are still the main clauses to look at. However, in a contract for a product or service in which technology is involved to a significant degree the following issues are worth paying close attention to.
1. Incorporation of Terms
Is the document you are reading the whole contract? It is now "the norm" to receive, read and conclude contracts entirely in electronic form, which often include hyperlinks to other sets of terms in a valid way of achieving incorporation by reference. The ability to reduce the amount of text to read (therefore avoiding Eddie Izzard's compliant) means that you can present a set of terms that looks short (less to read) and is written in plain English thus improving your user experience and not coming across overly "legal". However, beware of the blue texted hyperlink. What lurks beyond it? The validity of incorporation by reference using hyperlinks varies between jurisdiction but it is always one to look out for.
2. Usage, Scope and Specification
Does the contract describe what it is the product or service is meant to do? It is amazing how many times you can read a lengthy document full of well-crafted clauses addressing all the relevant commercial and legal risks however you come away thinking "but what does it actually do?" Depending on the type of technology involved, the specification may have to be detailed and technical. This is fine, but do not shy away from reading it and asking the question "what does this mean?" Part of the point of having a contract is to remove ambiguity and one of the best ways of doing this is to break the language down to its (appropriately) most simplistic.
3. Term and Renewal
Another area to consider is what is the term of the contract? As with incorporating terms, this is an area where increases in the ease of presenting and entering into contracts (think about each time you download and app in the App store) has been made easier to enter into, but the contract becomes less clear about how or when it ends.
There is much discussion in product development circles around how "sticky" your product is, meaning once you use it how difficult is it to stop. Usage of auto-renewal language is a contractual method to increase a product's stickiness. If you enter into the contract with the click of a button and a flash of your card details, be aware of this. The inclusion of an auto-renewal clause means the term of the contract and the payments can run on and on and on...
4. Maintenance and Support
Technology breaks. When it does you need it fixed. So, who fixes it, when and how quickly? Depending on the specifics of the technology involved, these can be big questions. For software companies Maintenance and Support services can be a big piece of their revenue but as the customer do you need this from day one? How do you access this service? What would invalidate it? Normally it will be obligatory for the user to run all updates when they are made available. Read this stuff. It is boring but is important. As more and more technology is consumed as a service and the things that are built upon these technologies become more essential to our lives, the support offered after the initial purchase/installation/integration becomes increasingly important too.
5. Personal Data v Data Protection vs Information Security
This is a subject area that received a lot of attention following the coming into force of the General Data Protection Regulation (GDPR) in 2018. It is important to know exactly what is the subject matter that is being discussed. There is a temptation to see the word "data" and think personally identifiable data. However, (and again depending on the type of technology solution involved) there will be an important distinction between personal data and non-personal data (for example commercially sensitive information). Following on from this will be the clauses dealing with information security.
A real data clause should describe the procedures for protecting data: encryption, passwords, dual control restrictions, physical protection of servers, etc. Many data clauses also require you to cooperate with data breach responses and notifications, and possibly, outside audits of data security (with names like “SOC 2,” “SSAE-16,” and “ISO 27001”). Data clauses should address compliance with laws and privacy policies that ideally cover when and how the vendor can give data to another party in the event of a lawsuit.
Prove Eddie Izzard Wrong
If you remain indifferent to the content of the technology contracts we all are entering into on an increasingly frequent basis then at the other end of the consciousness spectrum the podcast "Ts&Zzzz" offers to send listeners to sleep by reading standard terms and conditions for some well-known companies.
For the rest of us, read the small print and prove Eddie Izzard wrong. You never know what you may find in there.
NO-ONE in the UNIVERSE has EVER read the terms and conditions