According to various estimates, the global software as a service (SaaS) market will reach around $ 1 trillion in 2025, almost three times more than this year. In addition to SaaS, the associated cloud technology markets are also constantly evolving. These include developer-oriented platforms that provide ready-to-use tools for development (Platform as a Service or PaaS), cloud infrastructures for owners of IT systems that provide an infrastructure (in the form of servers) for creating platforms and applications (infrastructure as a Service or IaaS) etc. More and more “cloud” solutions will come onto the market that optimize almost all business processes quickly with relative financial advantages. It goes without saying that technological innovations are well ahead of their legal regulation. The relationships between users and providers of cloud technologies are currently contractually regulated. In this article we are going to examine some specifics of entering into SaaS agreements under Ukrainian law.
What is SaaS
SaaS is a software distribution model in which software is hosted on a developer’s or vendor’s server and accessed remotely by the user over the Internet. In this case, the service is provided by a developer or a provider of its own server who has installed software and provides technical support services for the server and software.
Such a model does not require the installation of licensed software on the customer’s computer, so it does not require a significant initial investment. This cloud service can be accessed through a web browser or through an application on any device, e.g. B. Gmail for email or Zoom for video conferencing. It usually works with subscriptions (prepayment) for the respective term, which makes it possible to pay for services only when the service is actually used.
The cooperation between a SaaS provider and his customer is usually regulated by the complex contract, which includes several contacts relevant to the IT industry at the same time, in particular the license agreement and service agreement. Such an agreement is usually concluded between domestic users and foreign providers under foreign law and has the usual conditions for the IT industry. If such an agreement is concluded between residents, Ukrainian law applies and accordingly typical contractual terms under foreign law cannot work in practice.
Uptime and guarantees
SaaS agreements must have a service level, for example an operating time that corresponds to the time that the SaaS works and is available without interruptions. The warranty can vary depending on the size of the system and the provider company. In general, large vendors make no guarantees and can change the way they operate the system at their own discretion. In the meantime, providers usually guarantee an economically appropriate level of service or up to 99.99% of the system availability for large customers.
Service-level conditions in foreign law can be dealt with in laws or case law that interpret such legal terms as “commercially reasonable”. In this way, a customer can protect their rights in court, even if the SaaS agreement does not specify service levels in it.
Ukrainian legislation does not set standards for the level of service. At the same time, the service level for the SaaS agreement is important under Ukrainian law, since the operation of the system makes up the largest part of the contract fulfillment by a provider. Ukrainian law prescribes special conditions for payment processing in the event of non-performance of a service contract. The amount of the consideration can depend on whose fault caused the inability to fulfill the contract.
With SaaS agreements, the parties’ actions in relation to software can affect the level of service and therefore may affect the fulfillment of the agreement itself. Judicial practice suggests that the agreement should provide which actions should be considered the cause of the inability to fulfill the agreement due to the fault of the customer and which are dependent on the actions of the provider. Such actions may include, for example, downtime, which is the time the system has been inoperative due to the end-user’s use of incompatible software or devices, cyberattacks, malware or a lost internet connection.
Transfer of intellectual property rights
Generally, under the SaaS agreement, the provider does not transfer any intellectual property to the customer. In the meantime, the customer can assign the rights to this property to the provider. This can be content and data that can be uploaded and published while using SaaS, a user database, original visual and textual content. The provider can actually infringe the intellectual property rights of the customer or end user if the contract does not contain proper license terms. Therefore, in order to avoid such situations, the agreement should specify what exactly the provider can do with the customer’s content and a license with the right to copy, publish the customer’s content and create derivative works with the right to transfer it Provide content to third parties.
Secrecy and confidentiality clause
Confidentiality is a critical requirement for SaaS providers involved in electronic document management, accounting, corporate email, etc. Data protection violations in these areas carry the risk of high liability for the provider and losses for the customer.
A typical situation for SaaS agreements entered into under either foreign or Ukrainian law is when non-disclosure clauses do not specify which specific information or data is confidential. In addition, measures that represent disclosure and methods of recording breaches of confidentiality are often not disclosed. Contractual penalties for violating the confidentiality clause are usually set in an unreasonable amount. These are the reasons why such confidentiality clauses do not work in Ukraine and the rights granted by such clauses cannot be recognized in court. Extreme caution must be exercised with regard to contractual penalties, as in the event of a dispute it must be demonstrated that the disclosure of the confidential information by the party entails liability in the amount specified in the contract.
Continuous, uninterrupted service provision is extremely important for the customer as part of the SaaS cooperation. The customer only has access to an object code, has absolutely no access to a source code and, in addition, the SaaS provider stores all of the customer’s data. Such a framework will work properly until the vendor keeping the source code provides technical support for the system and corrects software bugs and malfunctions.
Should unforeseen circumstances arise, for example: flood, fire or cessation of activity by the provider – the software can no longer work on the customer side, which can have various consequences, from minor damage to complete business failure for the customer. Therefore, SaaS agreements should provide for an escrow mechanism in which a third party (escrow agent) provides the provider’s services for the customer if adverse circumstances arise according to the contract.
Escrow means that a third party receives regularly updated object code and source code along with the data it receives from the customer during the fulfillment of the SaaS contract. If the provider is unable to fulfill the contract, a third party provides the customer with access to the customer’s object code, source code and data. Escrow in foreign jurisdiction usually has a special regulation and is secured by various agreements. The mechanisms of trusteeship can be implemented in Ukraine through a tripartite agreement in which all parties can agree in detail their rights and obligations.
Compensation, Compensation, and Limitation of Liability
Ukrainian law does not directly provide any mechanism similar to compensation. Compensation is the replacement of damage that occurs when unforeseen, contractual circumstances occur through no fault of a contracting party. In Ukraine, there is only the option to compensate for damage caused by the breach of contract due to the fault of the party. The lack of an exemption from liability in Ukrainian law is a significant risk for providers. For example, the problem can arise when end users upload content that infringes third party copyrights or violates the law. As a result, they can suffer losses for the provider, for which the customer cannot, however, be held liable.
Interests of the parties to a SaaS contract under Ukrainian law can be weighed up otherwise, for example by stipulating the obligation of the customer to review the content of the users, granting a provider the right to block users and unilaterally discontinue the provision of services.
In addition, SaaS contracts often contain provisions on limitation of liability and waiver of claims. In the case of the latter, everything is clear in Ukraine: the waiver of claims no longer applies. The terms of limitation of liability of the parties can be enforced under Ukrainian law.
The limitation of liability for SaaS contracts usually affects providers. According to Ukrainian law, the parties can limit the amount of damages, for example through contractual consideration or reduce liability to the payment of a single contractual penalty. A limitation of liability can apply to part of the contract, while full liability can be agreed in the contact for the violation of certain rights, for example to intellectual property and confidential information.
Food for thought
In fact, the Ukrainian legislature has recognized that cloud services will become even more important. Proof of this is the bill on cloud services, which is currently being read in parliament. The draft law aims to implement state policy to prioritize cloud services (also known as “cloud first”) in public administration, education, science and other areas of life of the Ukrainian public. In addition, the draft law provides for the development and approval of a model contract for cloud services for public users. Will the rules for cloud services change after the bill is passed? Time will tell, but a well thought out and elaborated SaaS contract will remain the cornerstone for reliable cooperation between the parties.