Recent Case Highlights Dangers of Consequential Damage Waivers in IT Contracts
An article in Norton Rose Fulbright’s Data Protection Report discusses a recent ruling by the 11th U.S. Circuit Court of Appeals that affirmed a decision in Silverpop Systems, Inc. v. Leading Market Technologies, Inc., finding that all damages flowing from a vendor’s data breach were barred by a standard provision in IT service contracts, disclaiming all liability for consequential damages.
Matthew Spohn and David Navetta explain that the court’s analysis could apply to almost any breach of data provided to a vendor under an IT service contract, and highlights the need to carefully scrutinize a proposed waiver of consequential damages when confidential or sensitive data is involved in the contract.
“In contracting for IT services, it is important for purchasers to thoughtfully consider the risks of harm presented by the services, and then negotiate terms that appropriately allocate those risks between the parties. This requires both parties to reconsider the standard vendor-friendly term waiving all consequential damages,” the authors write.