IT-Agreements and Covid-19 under Swedish Law
Related Articles in
Latest Firm's Press
The corona virus and the covid-19 outbreak have had a major impact on people and companies. To limit spread of the virus, restrictions of various degree have been imposed by public authorities and sometimes taken on a voluntary basis by private organizations. Numerous countries have closed their borders, people are advised to avoid face-to-face meetings and many shops and offices are closed. Consequently, many businesses suffer, which in turn may affect their ability to perform contractual obligations.
There are many questions about the corona virus’ impact on contractual relationships. In this article, we touch upon some legal questions relevant to IT and outsourcing agreements and offer some strategic advice as to how suppliers and customers can prepare for situations that may arise due to the corona virus.
Identify potential business risks
Firstly, it is a good idea to take up inventory of resources used in your operations in terms of partnerships, key resources (including key personnel) as well as suppliers of goods and services. Secondly, you should consider how these resources may be affected by the current situation. You should especially consider the following situations:
Review existing agreements
When the relevant business risks have been identified, any agreements covering these services should be reviewed to assess how the risks can be mitigated with the help of the agreements. We suggest that the assessment takes its starting point in the below types of provisions.
Force majeure clauses
A force majeure event is generally defined as an unforeseeable and extraordinary event beyond a party’s control, which prevents the party from performing its obligations. In Sweden, force majeure is not a concept regulated by statutory law. However, an analogous reasoning can be made based on the principle in section 27 of the Swedish Sales of Goods Act (Sw. “Köplagen”) which sets out that the seller may be excused for non-performance in case of unforeseeable events beyond the seller’s control that the seller could not reasonably be expected to have taken into account at the time of the conclusion of the agreement and the consequences of which the seller could not reasonably have avoided or overcome. A similar provision exists in article of 79 of the United Nations Convention on Contracts for the International Sales of Goods. The principle in the context of sales of goods is thus that of relief exemption of liability. It is also possible to agree that in case of force majeure, a party shall not have to perform its obligations under the agreement, something which would thus be a more extensive consequence of the force majeure event.
In Sweden, the wording of the agreement is the starting point for any assessment of whether a force majeure event is at hand. Force majeure clauses can either be of a general character or contain examples of the type of events that should constitute a force majeure event. In our experience, force majeure clauses rarely include events such as epidemics, pandemics or other dangerous illnesses. It is therefore of extra importance to review whether the clause is general or if it contains an exemplification of situations that should constitute force majeure events. In the latter case, the clause might be interpreted very restrictively, or even as an exhaustive list of possible force majeure events. There is no simple answer as to whether the corona virus qualifies as a force majeure event. The pandemic itself may very well be considered as an event beyond the parties’ control. However, it may be difficult to establish whether a party’s inability to perform its obligations under the agreement was caused by the pandemic or by other competing circumstances. When making the assessment whether a force majeure event is at hand, the following circumstances should be taken into consideration:
The effects of invoking a force majeure provision depend on the wording of the force majeure clause. Common effects include that a party is fully or partially relieved from liability or given the possibility to delay delivery of goods or services. There may also be provisions that allow a party to terminate the agreement in part or in full if the force majeure event lasts for a longer period of time. Both parties should therefore consider that the other party may be entitled to early termination of the agreement in case a force majeure clause is invoked. A force majeure clause may also give the parties the right to renegotiate parts of the agreement under certain circumstances if the parties cannot cooperate to reach a solution. It should be noted that the grounds for non-liability are usually only temporary, and as soon as the force majeure event is over, so too is the grounds for non-liability.
It is possible, but not for certain, that the corona virus, and especially decisions made by public authorities in relation to containing the corona virus, could constitute force majeure events. It is therefore important to be proactive and review agreements entered into in order to prepare for potential situations that may arise. This is true regardless of whether you are on the customer or supplier side of the agreement.
In addition to force majeure clauses, there could be other clauses in the agreement of importance. A party’s liability could for example be conditional under the liability clause. Negligence is sometimes a prerequisite for liability in IT-agreements. The corona virus and its consequences may in such cases lead to the conclusion that damages have not been caused by a party’s negligence.
Identify subcontractor risks
You should also consider what effects the corona virus may have on your supply chain – especially in case the supplier uses subcontractors. In case of force majeure, a subcontractor’s ability to perform its contractual obligations could be affected, which in turn may affect the supplier’s ability to perform its obligations. Subcontractor provisions in IT- and outsourcing agreements should therefore be reviewed to ensure inter alia that the customer has satisfactory monitoring rights, to check the supplier’s liability for subcontractors’ failure to perform and whether the customer is entitled to request a change of subcontractors. It is also important to check if there are any notification requirements in the agreement and whether any changes should be documented and executed in accordance with the agreement’s change management process.
In some cases, such as when the Customer is under the Swedish Financial Supervisory Authority’s (Sw. “Finansinspektionen”) supervision and is obliged to apply the EBA guidelines on outsourcing, it is a regulatory requirement that the customer approves a change of subcontractors. If so, the supplier must request the customer’s approval before changing subcontractors. If the customer refuses to approve the change, it could be difficult for it to hold the supplier responsible for inability to perform its obligations under the agreement. Even where such regulatory requirements do not exist, it is not uncommon that a subcontractor change is subject to customer approval.
Customer flexibility in the agreement
In case of force majeure, a customer may want to decrease or increase the volume of goods or services to be provided or otherwise change the scope of the delivery. If so, the customer must observe the process for such changes in the agreement – provided that such options are available at all under the agreement. The agreement may for example contain notification requirements, pricing provisions or a right for the supplier to refuse these types of changes. Further, whether it is possible to terminate the agreement due to changed circumstances should be assessed. The parties should review what termination provisions apply, and especially whether termination for convenience is an option. The analysis should include a cost-analysis of such termination. What would be the effective date of the termination should also be considered. It is advisable to consider what happens if the agreement is terminated – does the agreement contain a clear exit management obligation and how should transfer of data and similar information be managed?
Review continuity plans
Some IT- and outsourcing agreements may require a supplier to implement and comply with so called business continuity plans and/or disaster recovery plans (“BC/DR plans”). Such plans should address how goods and services will be provided to the customer in case the supplier’s experiences difficulties in performing its contractual obligations. BC/DR plans may include different types of service levels and measures the supplier must take. Such measures may include an obligation for the supplier to find alternative delivery sources and routs for delivery of goods, maintain back-up sites for delivery of IT services, or for the supplier to be able to move production from one site to another. We have noticed that BC/DR plans sometimes contain alternative sites for production in the same country. The problems associated with a country’s “lock-down” would then not resolved through the continuity plan and other alternatives must be considered and agreed upon.
Continuity plans may also include so called Recovery Time Objectives (RTO) which regulate the time in which measures must be implemented in case a service is impacted by a force majeure event. In addition, the BC/DR plans should regulate in what situations such plans are triggered. Should a notice to the other party be required or should the plans be triggered automatically in the event of force majeure? As discussed above in relation to force majeure, it is important to review whether BC/DR plans can be triggered by an epidemic or pandemic. It is also important to consider the relationship between the supplier’s obligation to implement BC/DR plans and any exemption from liability due to force majeure.
Further, consideration must be taken as to whether the special situation could trigger the disclosure of source code deposited under any escrow agreement entered into (i.e. a deposit agreement for software source code). It is not unusual for the customer to have the right to access the source code in the event of non-delivery, but such right is dependent on what is set out in the agreement.
Evaluate the possibilities of self-help and step-in rights
IT agreements, and especially service agreements, may include so called step-in rights. These rights make it possible for the customer, or a third party chosen by the customer, to “step-in” and use their own resources to perform the supplier’s obligations under the agreement – such as the delivery of services – if the supplier itself is unable to perform them. Any step-in clauses in the agreement must be reviewed to determine whether the impact of the corona virus on the supplier’s ability to perform its contractual obligations gives the customer the right to step in and take over the performance of the supplier’s obligations. Further, consideration must be taken to the consequences such a process may have – especially as to the matters of responsibility for breach of contract and liability to pay for additional costs that may arise. If these aspects are not regulated in the agreement, our recommendation is to try to find alternative ways to address the supplier’s temporary performance inability. Further, the step-out process should be reviewed and established so that both parties are aware of what should happen when the temporary situation is over.
The corona virus has already had and is expected to continue to have a major impact on companies and people. Currently, there is a great deal of uncertainty in the market and it is important to try to identify the best courses of action. It is vital to understand the potential impact of the corona virus on your rights and obligations in various types of IT agreements – in relation to agreements already entered into as well as those currently being negotiated. In order to manage this difficult situation, we recommend that you start by identifying potential business risks and thereafter review relevant agreements – starting in the provisions discussed above.
Below, we have summarized some of the questions you should consider as a customer respectively supplier in the form of a checklist.
Practical tips for customers
Practical tips for suppliers
Related Articles in
- Data Protection Authorities Set Out Expectations in Open Letter to VTC Companies
- Major Disruption to US Data Transfers as EU-US Privacy Shield Declared Invalid by CJEU
- Sorry, Wrong Number: The Ninth Circuit and TCPA Liability
- Regulation on Specific Conditions of Safety and Health Applicable for Remote Work or Telework
Latest Firm's Press
WSG Member: Please login to add your comment.