Cloud Agreements: Ensuring a Sunny Forecast July 28, 2011

Similar documents
Cloud Agreements: Do s, Don ts, and Cautions

Markley Cloud Services Hosting Agreement

GENERAL TERMS AND CONDITIONS FOR SAP CLOUD SERVICES ( GTC )

GENERAL TERMS. 1.1 Hardware refers to the computer equipment, including components, options and spare parts.

ENOM, INC. REGISTRATION AGREEMENT

INDEPENDENT CONTRACTOR AGREEMENT

These TERMS AND CONDICTIONS (this Agreement ) are agreed to between InfluencersAtWork,

WEB SITE DEVELOPMENT AGREEMENT. This WEB SITE DEVELOPMENT AGREEMENT ("Agreement") is an agreement between 3WDirect

This Agreement was last updated on November 21, It is effective between You and Us as of the date of You accepting this Agreement.

NPSA GENERAL PROVISIONS

BEST BUY FOR BUSINESS GEEK SQUAD OFFICE SUPPORT PLAN TERMS OF SERVICE 1. ACKNOWLEDGMENT AND ACCEPTANCE OF TERMS OF SERVICE

Negotiating EHR Acquisition Contracts

Managed IT Services Terms & Conditions. I. Overview. Definitions

Statement of Work. for. Online Event Registration Product Deployment for Salesforce Implementation. for. Open Web Application Security Project (OWASP)

ORACLE MASTER PARTNER AGREEMENT TERMS AND CONDITIONS FOR ELOQUA

AGENT AGREEMENT. I. Agent s Obligations

MASTER SERVICES AGREEMENT

SERVICES AGREEMENT. In consideration of the rights and obligations herein set forth, the parties do hereby agree as follows:

COMPUTER SERVICES AGREEMENT

PROFESSIONAL/CONSULTING SERVICES AGREEMENT

Web Site Development Agreement

END USER LICENSE AGREEMENT ( EULA )

Terms of Service. Permitted uses You may use the Services for your own internal business purposes only in accordance with these Terms.

CONSULTING SERVICES AGREEMENT

INDEPENDENT VIRTUAL ASSISTANT AGREEMENT (Company)

SERVICE TERMS AND CONDITIONS

ORACLE LINUX AND ORACLE VM SERVICES AGREEMENT

INTEL SOFTWARE LICENSE AGREEMENT (OEM / IHV / ISV Distribution & Single User)

Axosoft Software as a Service Agreement

SAMPLE SERVICES CONTRACT

Application Programming Interface (API) Application (app) - The API app is the connector between epages and the developers service.

End User License Agreement Easygenerator

SaaS Terms & Conditions

THIS MASTER SUBSCRIPTION AGREEMENT AND THE ORDER FORM (DEFINED BELOW) GOVERN THE USAGE OF THE GSHIFT SUITE OF TOOLS.

AGREEMENT FOR INVESTMENT CONSULTING SERVICES AND MARIN COUNTY EMPLOYEES RETIREMENT ASSOCIATION

BUSINESS ASSOCIATE AGREEMENT

Cloud Hosting Terms and Conditions

Amazon Trust Services Certificate Subscriber Agreement

BROKER AGREEMENT. NOW THEREFORE, in consideration of promises, covenants and agreements hereinafter contain, the parties agree as follows:

STANDING CLOUD, INC. ( SC ) TERMS OF SERVICE

Columbia University Service Provider Agreement

Consulting Terms. 1. Consulting Services

Website Hosting Agreement

Paychex Accounting Online Terms of Use

Leads may be resubmitted within 4 months of the leads license renewal date.

SMARSH WEBSITE & HOSTING REPRESENTATIVE TERMS & CONDITIONS

ELKHART COUNTY BOARD OF REALTORS AND MULTIPLE LISTING SERVICE OF ELKHART COUNTY INC. VIRTUAL OFFICE WEBSITE (VOW) LICENSE AGREEMENT

Website Development Agreement

HIPAA BUSINESS ASSOCIATE AGREEMENT

Domain and Web Hosting Agreement

.US Locality Domain Name Registration Terms and Conditions

AON HEWITT DEFINED CONTRIBUTION NEXUS PARTICIPATION AGREEMENT

Dr-DASh! Master Subscription Agreement Terms of Service v3.0

BNSync User License Agreement

You have retained us and we hereby agree to serve as your advertising agency in accordance with and subject to the following terms and conditions:

ii. sold, licensed, transferred or assigned to no other party for a period of thirty (30) days;

GEEK SQUAD OFFICE SUPPORT PLAN TERMS OF SERVICE 1. ACKNOWLEDGMENT AND ACCEPTANCE OF TERMS OF SERVICE

INVESTMENT ADVISORY AGREEMENT. Horizon Investments, LLC Lifetime Income Strategy

MASTER SERVICES AGREEMENT

SOLICITATION AGREEMENT

Entee Global Services General Terms and Conditions

Sample Business Associate Agreement (4. Other Bus. Assoc., Version )

Checklist for a Watertight Cloud Computing Contract

FREELANCE PHOTOGRAPHY AGREEMENT

Sedona Technologies Hosting Agreement

Technology Agreement Basics and Common Pitfalls

CAP CONSULTING SERVICES AGREEMENT

Risk Management of Outsourced Technology Services. November 28, 2000

Health Plan Select, Inc. Business Associate Privacy Addendum To The Service Agreement

SAAS SERVICES ORDER FORM

FOREXer Advisory ADVISORY AGREEMENT. Last update of this DisclosureDocument is Aug 1 st, 2013.

BUSINESS ASSOCIATE AGREEMENT

PROFESSIONAL SERVICES AGREEMENT BETWEEN UNIVERSITY OF NORTH TEXAS SYSTEM AND DESIGN PROFESSIONAL (MORE THAN $100, IN COMPENSATION)

TERMS AND CONDITIONS OF SERVICE

DATA USE AGREEMENT RECITALS

VIRTUAL OFFICE WEBSITE LICENSE AGREEMENT

SOFTWARE LICENSE AGREEMENT (Web Version October 18, 2002)

SYMPHONY LEARNING LICENSE AND REMOTE HOSTED SERVICES AGREEMENT

ALPHA TEST LICENSE AGREEMENT

Disclaimer: Template Business Associate Agreement (45 C.F.R )

.US Locality Domain Name Registration

Trademark, Domain Name and Social Media Assignment and Transfer Agreement

MRMLS LISTING INFORMATION LICENSE AGREEMENT

COLOCATION AGREEMENT. 1. Term and Payment for Services

Harnessing The Cloud: Managing Risks and Governance in a Cloud Environment Russell G. Weiss November 9, 2011

MASTER SERVICES AGREEMENT - DIGITAL ADVERTISING SERVICES

ADDENDUM TO THE BLACKBERRY SOLUTION LICENSE AGREEMENT FOR BLACKBERRY BUSINESS CLOUD SERVICES FOR MICROSOFT OFFICE 365 ( the ADDENDUM )

BROCADE COMMUNICATIONS SYSTEMS, INC. END USER SOFTWARE LICENSE AGREEMENT FOR BROCADE IP ANALYTICS PACK FOR VMWARE VREALIZE OPERATIONS

PURCHASE ORDER TERMS AND CONDITIONS

Online Study Affiliate Marketing Agreement

Schedule 15 CSA Web Hosting Agreement

Mobile Web Services End User License Agreement.

SOFTWARE LICENSE AGREEMENT

Software as a Service (SaaS) Agreement

Corporation Service Company Domain Services Standard Terms and Conditions

MCC TERMS AND CONITIONS

CITY OF SHERWOOD Independent Contractor Agreement (for Personal Services or for Public Works under $25,000)

Technical Help Desk Terms of Service

THE UNIVERSITY OF UTAH INDEPENDENT CONTRACTOR SERVICES AGREEMENT INSTRUCTIONS

EXHIBIT C BUSINESS ASSOCIATE AGREEMENT

Transcription:

Cloud Agreements: Ensuring a Sunny Forecast July 28, 2011 February 11, 2014 Presented by: Robert Bethea, AOL Tom Knox, Morrison & Foerster Todd Tabor, HP Software 2014 Morrison & Foerster LLP All Rights Reserved mofo.com

Robert Bethea Robert Bethea Assistant General Counsel, Platforms and Technology AOL Dulles, Virginia (703) 265-6191 robert.bethea@teamaol.com Robert Bethea is Assistant General Counsel at AOL Inc. where he serves as the legal advisor for AOL s Chief Technology Officer and Technology Organization. Having been at AOL for over eight years, Mr. Bethea has consulted on a wide variety of issues and agreements relating to the Internet and AOL s operations and products, including privacy, web site terms of service, cloud agreements, regulatory issues, intellectual property, security, open source, mobile applications, hosting, colocation, and network service agreements, hardware acquisitions, data center, and technology and software licensing (both inbound and outbound). Confidential / 2014 Morrison & Foerster LLP 2

Tom Knox Tom Knox Partner Morrison & Foerster LLP Northern Virginia Office (703) 760-7317 tknox@mofo.com Tom Knox is a partner in the firm's Corporate and Technology Transactions Groups. He also serves as the Global Co-Chair of the firm s Emerging Growth and Venture Capital Group. Tom s technology practice includes the structuring, negotiation and implementation of intellectual property license, acquisition and disposition agreements; cloud, electronic commerce and e- business deals; terms of service, clickwrap agreements and privacy policies; onshore, offshore and near-shore development, service and management contracts; OEM, reseller, dealer and other distribution arrangements; and joint venture and strategic alliance deals. Confidential / 2014 Morrison & Foerster LLP 3

Todd Tabor Todd Tabor Sr. Counsel Hewlett-Packard Company Herndon, Virginia (571) 730-4925 todd.tabor@hp.com Todd Tabor is currently General Counsel of HP s Enterprise Security Products division within HP and also acts as HP Software s Security and Privacy counsel. During Mr. Tabor s 14 years at HP, he has supported the Software, Cloud, and Open Source team, Enterprise Services (outsourcing), Printing and Personal Systems, and Enterprise Servers and Storage. Confidential / 2014 Morrison & Foerster LLP 4

Disclaimer The information provided in this presentation reflects the personal views of the participants and does not reflect the opinions or positions of Hewlett-Packard, AOL, Morrison & Foerster, or any of Morrison & Foerster s clients. None of these companies or the persons acting on their behalf may be held responsible for the use which may be made of the information contained in this presentation. Because of the generality of this presentation, the information provided herein may not be applicable in all situations and should not be used or acted upon without obtaining specific legal advice based on a particular situation. The contract language provided in this presentation is provided for illustrative purposes only and may not be appropriate for use in an actual contract. Confidential / 2014 Morrison & Foerster LLP 5

Introduction Confidential / 2014 Morrison & Foerster LLP 6

The State of Cloud Growing number of major players in the current strata of Cloud Services. Cloud computing is still new, meaning both providers and users are still trying to get their footing and best advantage in this evolving type of relationship. What s negotiable in a cloud computing contract? What isn t? Confidential / 2014 Morrison & Foerster LLP 7

Risks to Customers What can go wrong for customers? Nirvanix Enterprise-grade cloud storage company founded in 2007, $70M venture funding, headed towards IPO Pioneer of cloud storage-as-a-service model Powered IBM s Smartcloud Storage service Filed for chapter 11 bankruptcy in September, 2013 Significant because when a public cloud vendor closes, customers lose all access to their data What caused heightened panic was the small window (<1 month) Nirvanix gave customers to find replacement vendors and move their data petabytes of data Why Nirvanix failed is still a matter of opinion, but three theories have emerged: 1. A capex-centric model drained the coffers (could never match economies of scale of rivals) 2. No significant Intellectual Property (and the IP they did have couldn t scale effectively) 3. Limited appeal in storage-only services (particularly for large companies, who were Nirvanix s targets) Confidential / 2014 Morrison & Foerster LLP 8

Risks to Customers Lessons Learned Due Diligence determine financial health of vendor, its use of subcontractors/third-parties, its physical locations, and the governing law and venue of its contracts. Backups to the extent possible, back up data given to cloud provider not just at the beginning of the relationship but regularly during the service term. Could require backup as part of the service offering; or could effectuate backup through systems architecture (e.g. send a copy to local backup as new date is written to the cloud. Data Ownership service contracts should stipulate that the customer owns all data and information provided by or obtained from it. Provider has no legal or equitable interest in (or claim to) such data and information. Transition Assistance on Termination should be clearly specified in vendor agreement. Specifying termination costs and data transfer guidelines upfront in the contract makes this process far less painful. Confidential / 2014 Morrison & Foerster LLP 9

Risks to Vendors What can go wrong for vendors? Previous model for IT vendors looked something like this: Customers required a product, sales would create a solution Customer would sign and commit, pay upfront, lump sum license fees, and vendor would deliver It was unlikely that customer would suddenly drop the technology and move somewhere else Risk was mitigated throughout entire chain contracts were negotiated on a per customer basis, maximizing the possibility of a profitable deal. Customer paid in advance. Contract commitment was made at the beginning, so the customer assumed the risk that the solution might not be used. With cloud computing, customers can buy computing resources on demand, with no advance notice, no commitment, no upfront payment and immediate delivery. The financial risk to customers is negligible, while the financial risk to vendors is significant. Confidential / 2014 Morrison & Foerster LLP 10

Mock Contract Negotiation Vendor vs. Customer Confidential / 2014 Morrison & Foerster LLP 11

Service Levels Customer Vendor will host and maintain the Service 24 hours per day, 7 days per week, and 365 days per year. Vendor will keep the Service fully functional and available to its intended users (including, without limitation, Company and its end users) 99.99[9]% of the time with the exception of scheduled maintenance pre-approved by Company (the Uptime ). If Vendor does not satisfy the Uptime level provided above, Vendor shall credit Company the amounts set forth below: (i) if Uptime is 99.90% to 99.989% (inclusive), Vendor shall credit Company s account ten percent (10%) of the Fees paid to Vendor for the month during which the Uptime was at such level; (ii) if Uptime falls (A) below 99.99[9]% for any three (3) months of any twelve (12) month rolling period, or (B) below 98.00% for any two (2) consecutive months, Vendor shall be considered in material breach of this Agreement, and Company may exercise its termination rights in light of such material breach. Confidential / 2014 Morrison & Foerster LLP 12

Service Levels Vendor Vendor shall use commercially reasonable efforts to provide the Service in accordance with the service level agreement that Vendor offers with respect to the Service and posts on the Vendor website, as it may be updated by Vendor from time to time. Confidential / 2014 Morrison & Foerster LLP 13

Data Security Customer Vendor shall handle Company Data in accordance with this Agreement, including without limitation the Data Processing Exhibit. During the Term, Vendor shall maintain a formal security program materially in accordance with industry standards that is designed to: (i) ensure the security and integrity of Company Data; (ii) protect against threats or hazards to the security or integrity of Company Data; and (iii) prevent unauthorized access to Company Data. Such security program will conform to the Vendor Security Exhibit, and will be no less materially protective than the security measures described in Vendor s most recently completed SSAE 16 Type II Service Organization Control 1 (SOC1) and Service Organization Control 2 (SOC2) audit reports or industry-standard successor reports. The most recently completed, as of the Effective Date, SOC1 and SOC2 audit reports are referred to as the Current Audit Reports. During the Term, Vendor will maintain a current certification with the U.S. Department of Commerce under the U.S.-European Union and U.S.-Switzerland Safe Harbor Frameworks and will handle Company Data in accordance with the relevant Safe Harbor principles. Confidential / 2014 Morrison & Foerster LLP 14

Data Security Vendor Without limiting Vendor s damages disclaimers set forth in Section [xx] or Company s obligations under this Agreement, Vendor will implement reasonable and appropriate measures designed to help Company secure Company-provided content against accidental or unlawful loss, access or disclosure. Confidential / 2014 Morrison & Foerster LLP 15

Data Handling - Location Customer Vendor may process and store Company Data only in the United States at locations approved in writing by Company. Vendor shall provide Company with prior written notice of any proposed changes to the locations where Company Data is processed or stored, and such changes shall be subject to Company s prior written approval. Vendor Vendor shall provide the Service from facilities and environments managed or utilized by Vendor to provide the Service to its customers ( Service Centers ). Service Centers may be changed, or additional locations may be added, by Vendor s delivery of reasonable notice to Company. Confidential / 2014 Morrison & Foerster LLP 16

Data Handling Business Continuity Customer At all times during the term of this Agreement, Vendor will maintain a disaster recovery and business continuity plan for the Service and its operations generally, as specified in the Disaster Recovery Plan attached hereto as Exhibit [xx] (the Disaster Recovery Plan ). The Disaster Recovery Plan shall be tested and reviewed by Vendor on at least a semi-annual basis and Vendor shall remedy the cause of any failures revealed by such tests promptly in light of the severity of the failure. The Disaster Recovery Plan may not be modified by Vendor without the prior written consent of Company. In the event Vendor moves Company s production environment of the Service from a production data center to a disaster recovery data center, Vendor will promptly (and in all cases within 24 hours) inform Company of such move. As part of Company s annual disaster recovery exercise, Vendor will provide Company with reasonable support to confirm that Company and Vendor are able to establish appropriate connectivity to Company s disaster recovery center. Confidential / 2014 Morrison & Foerster LLP 17

Termination Rights/Consequences Provider will not terminate or suspend the Services for any reason without Customer s prior written approval. Customer In the event of termination or expiration, Provider agrees to provide transition assistance for at least [90] calendar days. Provider will have the right to purchase, at net book value, all hardware and software used in the performance of the services to Customer upon termination or expiration. Provider reserves the right to terminate your account and access to the Services at any time and without notice. Vendor Confidential / 2014 Morrison & Foerster LLP 18

Termination Rights/Consequences Customer Company may cancel this Agreement, any individual Service Order, or any individual component of a Service Order for any reason, including convenience, by written notice to Vendor. Similarly, Company may also decrease or increase the number of Authorized Users under a Service Order at its discretion. In the event of such cancellation, Company s obligation to compensate Vendor is reduced to the portion of the Fees corresponding to the Service properly furnished prior to cancellation. Vendor Except as specifically set forth to the contrary under Section [xx] (Termination for Cause), all payment obligations under any and all Order Forms are non-cancelable and all payments made are non-refundable. The license rights for the number of Authorized Users set forth on any respective Order Form cannot be decreased during the Term. Confidential / 2014 Morrison & Foerster LLP 19

Vendor Indemnification Obligations Customer Vendor shall indemnify for claims (a) arising out of or related to a breach of the representations, warranties and covenants set forth in this Agreement, (b) arising out of or related to the Service, (c) alleging that the use of the Service, Documentation, related services or any other documentation or materials provided by Vendor under this Agreement infringes, misappropriates or violates any intellectual property right of a third party, or (d) arising out of, in connection with or relating to any bodily injury (including death) or damage or destruction to any real or tangible property to the extent resulting from any acts or omissions of Vendor or Vendor personnel. Confidential / 2014 Morrison & Foerster LLP 20

Vendor Indemnification Obligations Vendor Vendor shall defend any claims provided, however, that Company: (a) promptly gives written notice of the claim to Vendor; (b) gives Vendor sole control of the defense and settlement of the claim; and (c) provides to Vendor, at Vendor's cost, all reasonable assistance. Vendor shall not be required to indemnify Company in the event of: (i) modification of the Service by Company or its employees in conflict with Company s obligations or as a result of any prohibited activity as set forth herein; (ii) use of the Service in a manner inconsistent with the documentation; (iii) use of the Service in combination with any other product or service not provided by Vendor; or (iv) use of the Service in a manner not otherwise contemplated by this Agreement. Confidential / 2014 Morrison & Foerster LLP 21

Company Indemnification Obligations Vendor Company will indemnify (a) Company s or any End Users use of the Service (including any activities under Company s account and use by Company s employees and personnel); (b) breach of this Agreement or violation of applicable law by Company or any End User; (c) Companyprovided content or the combination of Company-provided content with other applications, content or processes, including any claim involving alleged infringement or misappropriation of third-party rights by Companyprovided content or by the use, development, design, production, advertising or marketing of Company-provided content; or (d) a dispute between Company and any End User. If Vendor or its affiliates are obligated to respond to a third party subpoena or other compulsory legal order or process described above, Company will also reimburse Vendor and its affiliates for reasonable attorneys fees, as well as Vendor s and its affiliates employees and contractors time and materials spent responding to the third party subpoena or other compulsory legal order or process at Vendor s and its affiliates then-current hourly rates. Confidential / 2014 Morrison & Foerster LLP 22

Questions and Discussion Confidential / 2014 Morrison & Foerster LLP 23

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information