Editor: What can corporate legal departments expect regarding IT procurement in 2010?
Madison: With the country coming out of the recession, there should be an uptick in the procurement of information technology and software, particularly in the last three quarters of 2010. We are seeing the beginnings of this today as companies look for ways to outsource activities that can be best provided outside the company. Therefore, corporate legal departments should be prepared for a new wave of procurement in the area of IT.
When I say IT, I am using that term to refer to the trend toward the outsourcing of business functions that can be best provided by others. This might be your healthcare or check payment systems or even some of your marketing activities. Keep in mind that often people view "outsourcing" as simply sending certain business functions overseas - for example, a call center handling example customer service inquiries. That is one type of outsourcing, but increasingly you see many companies taking discrete business functions that are in the realm of information technology and outsourcing them to providers located in the United States. Right now we are seeing companies outsourcing their data center and cyber security functions to providers in the United States because it is difficult and expensive to grow that expertise in-house.
Editor: Should you use the form contracts of the vendor or the customer when outsourcing information technology?
Madison: In my opinion, if you're going to make a significant investment in outsourcing information technology - technology that may take some of your business information and move it into a third party's premises - it's always best to use your own form that reflects the needs of your business. If you are dealing with multiple vendors, using your own form will allow similar terms to apply across all your information service providers. Your form is a significant management tool for a large project or dealing with a group of long-term vendors. You can also then use that form in the process of selecting a vendor. A reflection of the vendor's ability to provide the services and products sought by your company and how well the vendor may work with your company may be in the vendor's willingness to work from your form agreement. In the end, your form agreement, properly drafted, is the best way to get what you want.
Editor: If you had to get one thing in an IT-related outsourcing contract, what would that be?
Madison: What keeps a lawyer up at night are provisions like indemnification, liability caps, assuring data privacy and protecting intellectual property. If you're the business person and responsible for implementing a very expensive information technology solution, what you need is for the product or service to work the way the provider says it's going to work. Therefore, if you're a corporate attorney, even before you get enmeshed in the fine details of the boilerplate, you need to focus on getting a contract that assures that the product will work properly and that the vendor offers ongoing maintenance and support to keep it functioning. If the product or service stops working and closes your company down, getting a support call back from a vendor 48 hours later is not sufficient.
Editor: Would your answer change if the agreement was for software?
Madison: It's the same answer, but complex licensing metrics that are often characteristic of expensive enterprise-wide software deployments provide an extra twist that corporate legal departments really need to focus on. Sometimes the licensing structure is so confusing that no one understands it. When you look at a licensing framework that is 30 pages long, that incomprehensible nightmare will follow you for the entire software deployment, or worse, three years on, your software vendor sends you an invoice that says you owe us a lot more money because you're not using the software within the licensing metrics.
Corporate counsel really have to focus on getting an appropriate licensing framework and metrics and make sure that the people who are responsible for implementation of that solution or software within your company understand clearly the boundaries of those metrics. If this doesn't happen, you may have significant trouble down the road.
Editor: How should a customer approach the license grant?
Madison: A service provider should grant you a license not only to use the software, but also to use what they consider to be their proprietary or intellectual property beyond the software. You need to communicate to the vendor exactly how you intend to use the product or software and then be sure that the license covers your company's intended use and that there aren't artificial restrictions. For example, one type of restriction that you sometimes see is a "personal" license. Assume that the license is granted to a Joe Young, a particular employee. If Joe is no longer using that software, but another employee is, you are going to find that you've overused the software and incurred additional cost or even exposure to litigation. This illustrates why paying attention to the license metric and getting one that is correct for your business can avoid tremendous cost down the road when the software vendor comes in, does an audit and says you are overusing the software.
Editor: What is the function of a software escrow?
Madison: A software escrow is where a vendor escrows its source code, including documentation regarding how the software works, with a third-party escrow agent. If a triggering event occurs, for example, the software company goes out of business or is otherwise unable or unwilling to maintain the software, the source code and documentation is then delivered to the customer. This protects a customer who makes a significant investment in software.
Access to the source code enables a customer to maintain the software as it uses it in its business. Large software deployments require constant maintenance. If you have a big software solution and you cannot acquire appropriate maintenance for it, the clock is ticking on its obsolescence. Note that the customer may require an expended license to use the software source code. Do not assume that the original license to use the software is sufficient for the source code - it probably is not.
Editor: Who should own the work product?
Madison: This is always a very touchy issue. Large corporations, because they have a lot of buying leverage, always want to own the entire work product. Information technology providers maintain that they should continue to own the intellectual property. If the work product is a report or other product based on information provided by the company, the customer should own the output and be able to use the service provider's intellectual property in the use of that output. This at least seems to be how many arguments about ownership are resolved. Obviously this issue involves uncertainties that should be addressed in the agreement between the customer and IT service provider.
Editor: What are the most contentious issues in negotiating IT procurement contracts?
Madison: The most critical is the ownership of the intellectual property involved in IT outsourcing. The mindset of the customer is that, if we pay you to do something, we should own it. That should be the case where the customer is paying the vendor to do something quite unique. You have to be careful and vigilant in this area, especially with respect to what the vendor learns from your company. For example, six months after the vendor has completed your proprietary project, you don't want to see the vendor working with one of your competitors. In other words, you do not want to transfer your proprietary information, inadvertently or otherwise, to your competitor because you used the same consultant. Vendors hate such restrictions for obvious reasons.
A related issue concerns maintaining confidentiality. Many IT vendors, particularly consulting-type vendors, base their ability to provide services on what they know about the industry, so with each job something about the company they serve rubs off on them and they gain greater insights, which enables them to better serve their customer base.
You want them to take the insights they gain in serving their customer base and apply them to providing you with a better product or service, but you don't want them walking around town with your intellectual property in their hip pocket and sharing what they learned about you with your competitors. You really have to parse out in your contract with them what is reasonable for them to walk away with and what is truly confidential and proprietary.
Editor: When should the corporate legal department get involved?
Madison: From the very beginning. I see a lot of corporations where the business people come to the corporate legal department only after they have selected the product, negotiated a price and agreed on many of the details. This means that the company loses the leverage that it would otherwise have had if the legal department had been brought in at the beginning. As I mentioned earlier, it is advantageous if the negotiation is based on the customer's form. If this is sent with the RFP at the beginning of the vendor selection process, it increases the likelihood that the customer's form will be used and reduces the likelihood that there will be a long negotiation about boilerplate. The RFP should make it clear that the vendor's response to your agreement is part of your decision-making process. If a vendor says we can't use your agreement and another vendor with similar services can that is going to be a plus for that other vendor.
Another reason to introduce your form of agreement and involve the legal department early is that it tends to cause the vendor to bring in its legal department early. You need to be sure that the vendor uses its legal resources in a prompt and efficient manner. I've seen negotiations where the business people on the other side have been very responsive, but their legal department delays the transaction because they were brought in too late.
The legal departments in companies that I've seen handle procurement really well create a framework within which their procurement business people function. For example, if the services are going to cost above a certain amount, they are required to include a standard form agreement which has already been written and vetted throughout the company as part of the RFP process. If certain issues are raised, triggers are built in that remind the business people that they should involve the legal department in discussions of those issues.
Editor: How can outside counsel help?
Madison: It depends on how deep a bench the legal department has for the type of work involved and what the focus of the company is. Kelley Drye has done IT procurement deals for some of the biggest companies in the world, and we have sat across the table from hundreds of vendors. We know their agreements, negotiating styles and the culture of their companies. Beyond that - and this is the most important thing we bring to the table - we know where compromises can be struck and how to achieve agreement. Because long experience has provided us with an understanding of where the parties should come out depending upon the circumstances, if we prepare an agreement, the negotiations tend to be faster and smoother. We have the ability to be flexible in our use of attorney time and to actually bring the contract in at the deadline, so if there are tight deadlines we can handle them.
Some legal departments, recognizing our ability to achieve the best outcomes for their companies, have delegated much of the responsibility for handling the legal side of negotiating their IT procurement contracts to us. They appreciate our ability to get the vendor on board because if the vendor is motivated there are no false steps or blind alleys. We contribute to reducing legal costs because the negotiations are concluded more rapidly. Because deadlines are met, the customer also enhances business income because the savings resulting from the outsourcing transaction are realized sooner.