Do boilerplate clauses in cloud service contracts warrant your attention?
Yes, they do.
According to Thomas Shaw (pictured), attorney at law and CEO of CloudRisk Asia, some boilerplate clauses, such as the force majeure clause, should be customized based on the circumstances.
A force majeure clause is a contract provision that releases a party from its contractual obligations during unforeseeable events. For example, if a cloud service provider (CSP) operates a cloud data center in an earthquake-prone zone, then it is questionable that the force majeure clause should apply even for events like earthquake, because the CSP should have a plan in place that addresses the likelihood.
In this second part of an interview with Asia Cloud Forum's Carol Ko (read part I here), Shaw guides us through some of the important clauses in a cloud service contract, and the intricacies of data collection, retention, deletion and delivery on the part of a CSP during the lifetime of a contract.
Asia Cloud Forum: Some cloud service providers offer what they call "financially-backed SLA". Does this exclude their liability for customers' lost businesses resulting from service outages?
Thomas Shaw: Typically, any service provider (not just cloud or IT providers) is not going to expose themselves to what are called consequential damages. This includes damages that could result because my cloud service was not available so, for example I could not process e-commerce orders from my own customers. This is due to the fact that no service provider can realistically forecast what those implications might be in advance. The potential liabilities could be enormous.