bba4596108e65eafb7aea53166340f3e.ppt
- Количество слайдов: 26
IT CONTRACTS Law & Regulations Thibault VERBIEST Attorney at the Paris & Brussels Bars, Founding Partner ULYS www. ulys. net – www. droit. be Infosecurity. be 2005 Thibault. verbiest@ulys. net
OVERVIEW § Legal environment applicable to IT contracts § Outsourcing of IT contracts § Service Level Agreements (SLA)
LEGAL ENVIRONMENT APPLICABLE TO IT CONTRACTS I. Obligations of the contracting parties § Pre-contractual period § Principle : freedom to start and stop contractual negotiations § Good faith principle : obligation to give information and advice – liability § Obligations of each party : § The client : inform and participate § The provider : inform and to be informed : duty of information – duty of advice – duty of warning
§ Liability : § Extra-contractual liability : § Breaking off = offence => article 1382 of the Civil code § Point of no return § Contractual period § Principle : the good faith => articles 1134 § 3 and 1335 of the Civil code § Obligations of each party : § Qualification of the contract § Contractual vs extra-contractual obligations § Best effort vs result § The client : collaboration, taking delivery, acceptance, payment § The provider : delivery – conformity – delivery deadline, inform and garantee
II. Liabilty § Contractual vs extra-contractual liability Best effort vs result § Damage : direct vs indirect damage § Exemption / limitation of liability § Warranty & insurance § Sanctions : § Penalties : punitive – compensatory § Incentives § Credits
II. Intellectual property rights (IPR) § Overview Subject Software Legal scope Copyright Law Software Law Patent Databases Copyright Law Sui generis § IPR : § Economic value § Ensure : § Legal protection of rights you own § Legal entitlement to use others’rights
§ IPR – Software § Protected by copyright law and software law § Who is entitled to rights ? § General : contractor – developer (copyright law) § Exception : tailor-made software : user-principal can have limited access to the source code (software law) § Transmission of the copyright § Property transmission § Licensing of the right to use § The source codes § § Source code vs object code Tailor-made vs standard modules Range Reverse engineering
1. IPR – Databases 1. Protected by copyright law and databases law 2. Copyright protects the structure 3. The sui-generis right (created by the database law) protects the content => prevent extraction or re -utilisation => condition : substantial investment 4. Who is entitled to rights ? 1. Structure : the author 2. Content : the maker of the database 5. Databases and privacy : privacy law of 8/12/1992
OUTSOURCING OF IT CONTRACTS § What is outsourcing ? § The substitution of goods or services provided by suppliers for those previously provided internally § Types : § Local § Onshore § Near-shore § Offshore
§ Benefits of outsourcing § Lower costs § Flexibility § Expertise § “A good outsourcing model is one in which the desired services or goods are procured that provide the best value regardless of the location or vendor”
§ Risks of outsourcing § Finding the right vendor § Understanding the true cost of work outsourced § Establishing common outsourcing procedure & processes § Controlling and measuring what you buy (SLA) § Remaining a knowledgeable buyer (reversibility) § If work goes offshore : § § § Culture and language barriers Applicable law Privacy and IPR concerns System security issue Time zone differences
§ What to do ? § Understand what can be outsourced § Establish processes for : § Vendor vetting and selection § Vendor relationship management (change request) § Extensive management and quality control (SLA) § Don’t abrogate responsibility § Understanding of obligations for each party § Win/win scenarios (SLA => bonus/malus system) § Be aware that there will be problems (SLA) § Anticipate the end of the relations (reversibility)
SERVICE LEVEL AGREEMENTS § Service Level Agreements (SLA) are: § A SLA is a legal contract that specifies the contractuable deliverables, terms and conditions between the service provider and the end-user § The SLA is a formal, legally binding, statement of expectations and obligations between a service provider and its customer or customers
§ Use of the SLA § A SLA is used in outsourcing contracts § A SLA answers to the following questions: § Who delivers which service when? § What happens if problems arise? § What is the service and how is the service quality assessed? § How to work changes into the SLA?
§ Purposes of using a SLA § Identifies and defines customer’s needs § § § § Provides a framework for understanding Simplifies complex issues Reduces areas of conflict Encourages dialog in the event of disputes Eliminates unrealistic expectations Plays as a marketing instrument Plays as a partnership instrument Transforms a “best effort obligation” into an “obligation of result”
§ Zone of influence of SLA (e. g. ASP) Customer Zone of influence of SLA ISV ASP …. VAR BO P IAP SI
§ SLA Domains : Networking, Hosting, Application, Support Service… § Writing of an SLA § Application service providers consortium (ASPIC) and World Intellectual Property Organization (WIPO) set up best practices : § To build up good relationship between ISP and customer § To avoid conflicts
ASPIC BEST PRACTICES (I/III) Infrastructure n n n Connectivity n n n Security n n n n Data Center Server Load balancing Clustering Geographic Redundancy Network architecture Scalability Connectivity Options Authentication Access Control Integrity Confidentiality Non-repudiation Security of Hardware Security of Software
ASPIC BEST PRACTICES (II/III) Application n n n n Maintenance n n n Application management Intellectual Rights Property Databases Pricing Application Preparation Sharing of liabilities Sharing of tasks Maintenance of the Application Maintenance of the application Maintenance of the system Maintenance of the Network Reports Help-Desk
ASPIC BEST PRACTICES (III/III) Implementation n n n n Choice of application Preparation of the Platform Installation Configuration and Customisation Conversion / migration of data Reports Tests Integration Training of the customer
§ Main subjects to cover 1. Introduction and purpose 2. Service to be delivered a) b) c) d) e) f) g) h) Uptime System response time Lost data Customization Change control Billing responses Report generation Other issues 3. Performance, tracking and reporting 4. Problem management 5. Fees and expenses
6. Customer duties and responsibilities 7. Warranties and remedies 8. Security 9. IPR and confidential information 10. Legal compliance and resolution of disputes 11. Termination 12. Examination of clauses- descriptions
SERVICE LEVELS Bonus price Target level Negotiated price Minimum acceptable level Price reduction Unacceptable level Contract termination Service level
§ Major SLA failures § Negotiation problems § Specification of efforts versus specification of results § Unclear service specification § Incomplete cost management § « Dead-end » SLA documents § Exit Management
§ SLA specification : challenges § Scope and Methodology § Pre-understanding § Service level management & service process management § Knowing the actors and following a structured approach
Q & c UESTIONS OMMENTS
bba4596108e65eafb7aea53166340f3e.ppt