IT Developers and Businesses – Who Should Bear the Risk?

The Australian Government’s ICT liability policy (the Policy) explicitly states that agencies seeking to purchase ICT goods and services should be prepared to limit the ICT supplier’s liability. To determine the limit, a risk assessment should be carried out. An ICT contract for goods and services specifies the limit and should only apply to related damage or loss. The policy does not include agreeing to indemnity-type arrangements. For example, limiting the supplier’s liability to compensate a third party. This article will set out how the policy applies to both IT developers and businesses. 

How can IT Developers and Their Clients Implement this Guidance?

Firstly, you should begin commercial negotiations and set out that you intend to follow the Australian Government’s ICT guidance. 

The IT developer then needs to obtain insurance and check the limits and exclusions including professional indemnity insurance and public liability insurance.

Next, draft a complete IT development contract with clear liability provisions incorporating the guidance as well as the developer’s scope of insurance. It is also prudent to identify and address areas of disagreement between the IT developer and the client at the outset. For example, services provided under the agreement are generally covered by a cap. This cap is anything from the amount paid for the services, to a multiple of two or three times the amount paid for the services. The developer should cap liability at the lesser amount, and the amount of their insurance.

A sophisticated client will seek to have liability exclusions apply. The developer needs to consider whether the excluded items are in the scope of the developers insurance. He or she will be directly liable for items falling outside of the scope. A savvy developer will restrict the scope to items within their control and to accept risk only where the developer is at fault. For example, for fraudulent dishonest or negligent conduct. Here, the same developer will likely seek unlimited liability for any fraudulent, dishonest, negligent, wilful or unlawful act or omission. The business will also seek unlimited liability for any breach of intellectual property rights and any damage to tangible property.

Should There Be Any Areas of Unlimited Liability?

The Policy considers the following areas may not attract liability caps:

1. Damage to tangible property. The guidance notes that computer programs, software, and data are generally not deemed to be tangible property, and therefore, the limit would typically apply to damage to software or data;
2. Personal injury;
3. Breach of intellectual property rights; or
4. Breach of obligations concerning confidentiality, privacy and security.

The policy further notes that liability limits should apply if there is a compelling reason to do so.

Do I Need a Lawyer If I Follow the Australian Government Guidance?

IT development contracts should address: 

• Intellectual property rights and ownership, 
• Acceptance testing, 
• Developer rights and obligations, 
• Client rights and obligations, 
• Termination and dispute resolution, and 
• Liability and liability caps.

Given the significance of the issues and the development contract’s size, it is both cost and time effective to engage an IT lawyer to assist you.  The IT lawyer can step you through any issues and take your instructions to best suited to your approach. He or she will then discuss these issues directly with the client’s lawyer leaving these complex negotiations in the hands of experts. It also keeps the IT developer and client from entering potentially contentious negotiations and preserving their relationship. 

Conclusion

IT developers should understand the risks involved with these agreements, which can be insured, whether their insurance addresses these and where they have potential unlimited liability. IT developers can also structure both their business and their personal affairs to help limit the overall exposure.

IT developers, where possible, need to remain on the front foot with a comprehensive agreement that they can tailor for each new client. However, with large corporate and government clients, the development will generally be presented with the client’s contract. Both parties will then need a strategy to assess and fairly apportion the risk to both parties.

LegalVision’s Information Technology lawyers have considerable experience with Information Technology law and agreements. If you have any questions, please get in touch – we would be delighted to assist you.