Keywords: UK, audit rights, licensing, outsourcing

A recent English High Court Decision is a useful reminder that audit provisions are not always standard form "boiler plate" provisions which can be adopted in a uniform way across a variety of licensing or outsourcing arrangements. This is particularly relevant in scenarios where the Service Provider may acquire limited rights to use data generated during the course of the contract for its own independent purposes such as the provision of analytics services and/or where the Service Provider is engaged in providing similar services to competitors of the Customer.

The Decision

The English case, 118 Data Resource Limited v. IDS Data Services Limited (2014 EWHC3629(CH)) involved licensing of a database of business contacts by one business to another – in fact one of its competitors. The agreement contained a number of restrictions on how the Licensee could use the database. There were also other commercial protections in the agreement including limits on the amount of data that could be sold to customers of the Licensee.

The Licensor was particularly interested in ascertaining whether the Licensee had put in place licensing arrangements with its customers using the database which included agreed standard licensing terms.

The agreement contained an audit clause which provided:

"[The Licensee] undertakes and agrees with [the Licensor] that it will permit any duly authorised representative of [the Licensor] on reasonable prior notice to enter into any of its premises where any copies of [the database] are used, for the purpose of ascertaining that the provisions of the agreement are being complied with."

The Licensor made a summary judgment application to the court for specific performance of the audit provisions and tried to use those provisions to determine compliance (or lack of compliance) with the commercial protections in the agreement. The Licensee was apparently concerned that the Licensor would use the audit provision for a wide ranging review of its operations at the Licensee's premises and argued that the audit provision was deliberately limited in its effect. It gave the Licensor a right to inspect the premises where the database was kept for the purposes connected with how the database was stored but not a right to inspect those premises for the broader purpose of establishing compliance with provisions in the agreement which had nothing to do with how the database was stored (and which might reveal competitively sensitive information).

The key issue between the parties turned on what the audit clause entitled the Licensor to do when it entered the premises on which the database was stored. The Judge had to determine what was meant by the phrase "for the purposes of ascertaining that the provisions of the agreement were being complied with".

The Judge took the line that the court could imply terms which might be required to complete an agreement where there is an obvious gap – where the parties had not fully stated terms which were understood between them. An example of this type of provision would be that the right to audit must have been intended to have been limited to a reasonable number of authorised representatives of the Licensor.

In the Judge's view the phrase "for the purposes of ascertaining that the provisions of the agreement were being complied with" had to be interpreted in the context of how the database was being stored – which was referred to in the audit clause, and not for a more general investigation of materials at those premises to see how the provisions of the agreement generally were being complied with. In other words, the audit provision did not help the Licensor establish whether the Licensee was observing the general restrictions on licensing the database to its customers.

Lessons

This decision was a summary application where the party seeking to exercise the audit rights argued that the meaning of the clause was so plain that it should be given specific performance of the audit right and permitted to establish whether the general protections in the agreement were being complied with. Unfortunately from the Licensor's perspective, the clause was not sufficiently complete to give the Licensor this broader right.

In outsourcing arrangements involving data processing it is not uncommon to find the Service Provider acquiring rights to re-use some information in aggregated or anonymised form acquired through the performance of the services in order to develop or improve its own services. Customers may well wish to audit the Service Providers compliance with these types of general protections and, following the 118 case, care should be taken to ensure that the audit rights refer expressly to limitations on the Service Provider's rights as well as to general compliance with obligations relating to the Customer's data and/or regulatory requirements. It will not always be the case that an apparently broad reaching clause which permits audit for performance, financial, security and regulatory reasons will cover all the activities of the Service Provider which affect the Customer.

Where a cloud based solution is being used audit rights are difficult to negotiate. In the light of the 118 decision Customers should consider carefully whether any audit rights obtained give them comfort in relation to the Service Provider's obligations generally as well as to compliance with the Supplier's obligations in relation to provision of services directly to the Customer.

Originally published 23 March 2015

Visit us at mayerbrown.com

Mayer Brown is a global legal services provider comprising legal practices that are separate entities (the "Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP and Mayer Brown Europe – Brussels LLP, both limited liability partnerships established in Illinois USA; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales (authorized and regulated by the Solicitors Regulation Authority and registered in England and Wales number OC 303359); Mayer Brown, a SELAS established in France; Mayer Brown JSM, a Hong Kong partnership and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

© Copyright 2015. The Mayer Brown Practices. All rights reserved.

This Mayer Brown article provides information and comments on legal issues and developments of interest. The foregoing is not a comprehensive treatment of the subject matter covered and is not intended to provide legal advice. Readers should seek specific legal advice before taking any action with respect to the matters discussed herein.