The convergence of social, mobile, analytics, and cloud technologies (SMAC) are complicating an already complex IT outsourcing value chain. But they're also creating new legal and compliance issues for companies reliant on third-party providers for SMAC-related services.
Jumping into SMAC deals without addressing these issues could be as costly as sitting on the sidelines and missing out on the value that these new tools and services can deliver.
"The convergence of the SMAC technologies is truly revolutionary, creating enormous opportunities for those that embrace them and serious risks for those that fail to do so -- or who overlook the legal pitfalls that SMAC technologies introduce," says Brad Peterson, a Chicago-based partner in Mayer Brown's business and technology sourcing practice. Laws written before SMAC-related capabilities existed do not address some of their unique risks.
Yet few companies are prepared to deal with the issues that are emerging along with these third-party SMAC systems and services. "Customers are not giving this enough attention today," Peterson says. "They are caught up with the excitement and possibilities and not yet considering the pitfalls. People who look at pitfalls rapidly get stuck on the privacy issues, which loom large but are in some ways the easiest because they are relatively well understood."
As companies forge new relationships with SMAC providers, it's important that they review their contracts to secure data rights; protect data with contractual, operational and legal defenses; and manage the legal risks that can come with amassing, analyzing, and acting on SMAC-generated data, says Peterson.
Following are the five biggest legal risks associated with SMAC services and how companies can address them before signing contracts with new providers.
1. Restrictions or Lack of Rights to Use Data or Insights
Companies engaging with new SMAC providers may assume that they will retain the right to use, analyze or commercialize their own data gathered in the course of doing business. But there are a number of ways in which they may forfeit that right under these contracts. Confidentiality and intellectual property provisions and other restrictions on use of data abound in signed SMAC contracts. Companies should review their SMAC outsourcing deals closely to ensure that they don't restrict their data use or analysis rights, says Peterson.
2. Data Value Leakage
Back in 2001, when AOL signed one of the first deals with Amazon to host its ecommerce site in what was yet to be called the cloud, AOL was inadvertently handing over to Amazon the keys to its data kingdom. Amazon wasn't just interested in being an outsourcing provider; it wanted to get a hold of AOL user data that could improve the performance of Amazon's recommendation engine, according From Big Data: A Revolution That Will Transform How We Live, Work, and Think by Viktor Mayer-Schonberger and Kenneth Cukier.