SaaS On A EULA? Get Some New Pants!

SaaS on a EULA? Get Some New Pants!

A good contract is like a good pair of pants. When the pants fit right and look good, you wear them all the time and hardly notice them. But if they’re too tight, you won’t buy them and if they’re too loose they fall down and leave you exposed. And if they’re just wrong – like trying to pair hockey pants with a suit coat – nobody knows what to do with you.

As more and more software companies deliver SaaS instead of software CDs, why do I still see so many EULAs? They aren’t quite as bad as hockey pants with a suit, but I’d say they approach wearing hockey pants for skiing. Yes, they’re warm and in the winter sports category but they leave a lot of bare leg and have way too much unnecessary padding.

First let’s talk about the fundamental differences between licensed software and SaaS. One is a right to take a copy of some technology to your home or office, install it on your computer and use it all by yourself (or with the other users in your company). Your data stays with you. The other is a service provided by a vendor which allows you to input and review data that is processed somewhere else. No software is delivered. No copies of technology are made for the users. But your data is processed and stored outside of your computer.

So, one is a license – a right to get a copy and use IP – and the other is a service – that processes and stores information. They really are different pants even if software is involved in both.

The legal community has done a good job of drilling the importance of protecting IP into software developers. Yes, intellectual property rights are what make that wonderful technology valuable. Tie them up tight in your license agreement, use license keys and other mechanisms to control users and audit them to make sure they aren’t proliferating without paying.

But do you know the best way to protect IP? Don’t share it. Don’t let anyone see it or get a copy. In other words, use it to deliver a service: SaaS. No license is required when IP isn’t shared (There go the huge pads on the hockey pants). And granting a license for IP that isn’t delivered could result in the unintended requirement to deliver it (Those pants fall right down around the ankles).

The legal community hasn’t done a good job of advising SaaS users of the risks of losing control of their data and the means to process it themselves. SaaS customers under a EULA don’t get any assurances about how the vendor will protect their data (Those hockey pants are too short for the slopes). They don’t know what kind of backup procedures the provider has or how to get their data back in a meaningful format. Because the contract won’t address data issues at all, it doesn’t even say that the client owns its data (Get me some ski pants!).

In summary, my last pants analogy: if you’re selling SaaS with a EULA, get some new pants.

By Cindy Wolf

Cindy Wolf is a Colorado lawyer with more than 25 years experience representing large and small domestic and multinational companies. Her expertise is in helping companies enter the cloud safely, either as providers or users. She also practices in the areas of corporate law and commercial contracting, with an emphasis on international issues. She can be reached at cindy@cindywolf.com.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
The Five Rules of Security and Compliance in the Public Cloud Era

The Five Rules of Security and Compliance in the Public Cloud Era

Security and Compliance  With technology at the heart of businesses today, IT systems and data are being targeted by criminals, competitors and even foreign governments. Every day, we hear about how another retailer, bank or Internet company has been hacked and private information of customers or employees stolen. Governments and oversight organizations are responding to…

Connecting With Customers In The Cloud

Connecting With Customers In The Cloud

Customers in the Cloud Global enterprises in every industry are increasingly turning to cloud-based innovators like Salesforce, ServiceNow, WorkDay and Aria, to handle critical systems like billing, IT services, HCM and CRM. One need look no further than Salesforce’s and Amazon’s most recent earnings report, to see this indeed is not a passing fad, but…

Are Cloud Solutions Secure Enough Out-of-the-box?

Are Cloud Solutions Secure Enough Out-of-the-box?

Out-of-the-box Cloud Solutions Although people may argue that data is not safe in the Cloud because using cloud infrastructure requires trusting another party to look after mission critical data, cloud services actually are more secure than legacy systems. In fact, a recent study on the state of cloud security in the enterprise market revealed that…

The Future Of Cloud Storage And Sharing…

The Future Of Cloud Storage And Sharing…

Box.net, Amazon Cloud Drive The online (or cloud) storage business has always been a really interesting industry. When we started Box in 2005, it was a somewhat untouchable category of technology, perceived to be a commodity service with low margins and little consumer willingness to pay. All three of these factors remain today, but with…

Four Recurring Revenue Imperatives

Four Recurring Revenue Imperatives

Revenue Imperatives “Follow the money” is always a good piece of advice, but in today’s recurring revenue-driven market, “follow the customer” may be more powerful. Two recurring revenue imperatives highlight the importance of responding to, and cherishing customer interactions. Technology and competitive advantage influence the final two. If you’re part of the movement towards recurring…

Through the Looking Glass: 2017 Tech and Security Industry Predictions

Through the Looking Glass: 2017 Tech and Security Industry Predictions

2017 Tech and Security Industry Predictions As we close out 2016, which didn’t start off very well for tech IPOs, momentum and performance has increased in the second half, and I believe that will continue well into 2017. M&A activity will also increase as many of the incumbents will realize that they need to inject…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

What the Dyn DDoS Attacks Taught Us About Cloud-Only EFSS

DDoS Attacks October 21st, 2016 went into the annals of Internet history for the large scale Distributed Denial of Service (DDoS) attacks that made popular Internet properties like Twitter, SoundCloud, Spotify and Box inaccessible to many users in the US. The DDoS attack happened in three waves targeting DNS service provider Dyn, resulting in a total of about…

Do Not Rely On Passwords To Protect Your Online Information

Do Not Rely On Passwords To Protect Your Online Information

Password Challenges  Simple passwords are no longer safe to use online. John Barco, vice president of Global Product Marketing at ForgeRock, explains why it’s time the industry embraced more advanced identity-centric solutions that improve the customer experience while also providing stronger security. Since the beginning of logins, consumers have used a simple username and password to…