Cloud Computing: Related IP issues – article 3 of 4

It is often misunderstood that cloud computing contracts by way of a SaaS set-up do not require any licensing arrangement because it can be seen merely as the provision of services only. However, this is inaccurate and appropriate software licences still need to be granted to the customer.

The Customer and any authorised users of the customer still have use of software albeit online use. Without a licence, this could amount to intellectual property infringement. SaaS licences tend to be limited in scope, being limited to having rights to the subscription features for the customer’s own business purposes. Normally, customers have no rights to make copies of, or modifications or enhancements to, the software and they cannot sub-license any software to third parties.

It is often the case that the cloud service provider will not always own the intellectual property rights (IPRs) in the software that is the subject of the cloud computing service. In such circumstances, it is necessary for the cloud service provider to procure the right to sub-license the third party software to its customers. All of the contractual arrangements will then be between the cloud service provider and the customer direct.

On occasion, a software licensor may require a direct licence agreement to be entered into between the customer and the third-party licensor in which the third-party licensor should be informed that the licence arrangements relate to licensing only. In these circumstances, the cloud computing contract should make it clear that the cloud service provider is responsible for the management of the third-party licences, together with the payment of any licence fees. All issues relating to the provision of the software (such as delivery, installation and configuration requirements) should be dealt with in separate agreements between the customer and the cloud service provider.

There are many issues surrounding the licensing of content too. Unbeknown perhaps to many a consumer, the terms and conditions offered by many cloud service providers include a broad licence allowing the service provider to use any content stored on its servers and often perpetually and irrevocably. Uses may be limited but rights to pass the content to third parties or use it for the purpose of promoting the cloud computing service are often reserved. This may not be appropriate for much of the information customers would be looking to store (such as personal data, third-party IPRs or confidential information contained in, or attached to, e-mails). Licences may be implied by necessity or business efficacy, however customers should take the time to work out any rights they are agreeing to provide to the service provider. It must be remembered also that the cloud service provider will seek to exclude all liability for content stored or posted on its services and will normally include a right in its standard terms to remove any data from its servers.

Under certain EU Directives, ISPs can be liable for failing to take down offensive, defamatory or IPR-infringing content and cloud computing applications often blur the line between public and private networks. Corporate customers should seek an indemnity for any loss suffered as a result of material being unnecessarily/ wrongly deleted or moved and should look to impose a requirement to be notified in advance of any such action.

A further IP consideration in SaaS Agreements involves the inclusion of IPR indemnities for the customer’s benefit if a third party makes a claim that the use of the software or other IT product, by the customer infringes the third party’s IPR. A Customer needs to rely on the cloud service provider assertion that the customer is lawfully entitled to use the software as part of the service. If they fail to procure this right for the benefit of the customer, the customer could inadvertently infringe the IPR of a third party.

Patent protection is increasingly available for computer software in the US and, to a lesser extent, in the EU. Where cloud computing arrangements are established on an international basis, the IPR indemnity needs to be sufficiently broad to protect the cloud service customers in all jurisdictions in which the software will be used.

It is becoming increasingly the case that short-term SaaS contractual arrangements can sufficiently equip a savvy user with the requisite know-how enabling the user to threaten the service provider’s grip on its IPRs. Computer programs and the preparatory design material behind them are subject to copyright protection as literary works (section 3, Copyright, Designs and Patent Act 1998). However, it is important to draw the distinction between the idea for a computer program and the expression of that idea for the purposes of determining whether copyright exists. Under common law, copyright will cover the expression of an idea, but not the idea itself. The application of this principle in relation to computer programs has been enshrined in EU law, which confirms that “ideas and principle which underlie any element of a computer program, including those which underlie its interfaces, are not protected by copyright” (Directive 91/250/EEC, Article 2(1)). This means that there is a risk that the unprotected elements of cloud products could be emulated and therefore be simulated by competing cloud service offerings (despite the fact that the terms and conditions might have sought a contractual undertaking to only access the solution for the purposes of using the service!).

Let us know if we can help you!

Author: Yvonne Morris



twitter: @CloudLegals


CloudLegal is a tech-enabled legal support consultancy which promises practical commercial and jargon-free advice. We support all company matters, commercial contracts/ Ts & Cs (including software and IT), employment & HR as well as data protection matters. We have various services including: