You can see what’s on the minds of Cloud Service Providers (CSPs) from the way they’re evolving their customer agreements. In recent blog posts we’ve shown how CSPs are addressing the growing risks to service availability from patent claims and in particular how Amazon Web Services (AWS) had included in their Customer Agreement an unusual IP non-assert term.
As widely reported, AWS on 28 June 2017 announced they had improved:
“the terms of the AWS Customer Agreement related to intellectual property rights. These changes include offering uncapped IP infringement protection and removing the patent non-assert clause.”
Out went the patent non-assert, in came “uncapped IP infringement protection”.
The patent non-assert looks from the press reports to have been dropped because of customer push back and certainly validates CSPs’ and their customers’ growing concerns about cloud IP issues.
Intellectual property indemnities are more important than they look. The rationale is that the customer says to the provider: ‘I want to buy your service, but you’re the only person who knows if you’ve infringed someone else’s patent or code, so please bear that risk and reimburse my legal fees and any damages I have to pay if I get an IP infringement claim’. It’s never that simple however, and contractual IP indemnities come festooned with technical legal points: do they cover any claim, or just a successful claim? Do they cover your legal fees defending the claim (which in patent cases can run into millions of dollars)? Or only the damages you have to pay if the case goes against you?
On the scale of risk sharing, AWS’ new IP infringement protection term at section 9.2(a) of the Customer Agreement is ‘IP indemnity-lite’:
“AWS will defend you … against any third-party claim alleging that the Services infringe or misappropriate that third party’s intellectual property rights, and will pay the amount of any adverse final judgment or settlement.”
AWS’ duties to defend and pay are subject to the liability cap (12 months service fees) but a new carve-out from the cap has been included for AWS’ “payment obligations under section 9.2”. This is why AWS can say they’re offering “uncapped IP infringement protection”. But a strict interpretation shows it’s just the damages part (“the amount of any adverse final judgment or settlement”) that’s uncapped and that legal fees (the “defend you” part), which aren’t expressed as a payment obligation, may well be subject to the cap – and 12 months cloud service fees won’t get you very far in defending patent litigation.
Contrast this pro-customer ‘indemnity–lite’ with the pro-AWS ‘indemnity–classic’ at section 9.1. This requires the customer:
“to indemnify and hold harmless [AWS] against any Losses arising out of … any third-party claim concerning … your … use of our Service Offerings. … You will reimburse us for reasonable attorneys’ fees …’.
This is the classic indemnity: full “indemnify and hold harmless” language, with a broad definition of covered “Losses”, full reimbursement of legal costs and no limit on the customer’s liability.
In another twist, the situation where the customer invokes the new IP infringement protection from AWS (i.e. an allegation that the Services infringe third party IP) would also, on a strict construction, fall within the indemnity that the customer gives AWS (i.e. a “third party claim concerning … your … use of our Service Offerings”). You can’t really imagine AWS counterclaiming in this way where the customer invokes the new IP infringement protection, but you can see that contract terms in this increasingly key area are still evolving.
Equally, the AWS customer agreement doesn’t call out when the 28 June changes were effective from, and there’s a technical legal argument to be made that the patent non-assert removal is retroactive on the grounds that AWS would be stopped from seeking to enforce it for the period before 28 June.
From the way the AWS terms work, it’s also at best an open question whether they protect the customer from the risk that open source software used in providing the service infringes third party patent or other rights. Open source is a critical component of the cloud and customers need to understand and review this aspect when selecting their CSP.
At a time when cloud IP protection is fast becoming an area of genuine competitive differentiation between providers, all these points raise the question whether the new AWS IP indemnity language is sufficient to offer what cloud customers large and small need when selecting their CSP. Contrast, for example, Microsoft’s more holistic approach, where its Azure IP Advantage program has taken an early lead in the market place.
Richard Kemp and Nooreen Ajmal
Kemp IT Law
August 2017