Dennis Garcia, an assistant attorney general of Microsoft Corp., offers a collection of best practices that all lawyers can embrace to help earn trust during the contract lifecycle.

“In our rapidly changing and highly competitive legal and business environments, earning trust is more important than ever—especially during contract negotiations as that may be the first opportunity for parties to work with each other,” Garcia writes for Bloomberg Law.

He discusses several practices under the headings: actively learn about the other party, be empathetic, provide thoughtful rationales on contract issues, meet face-to-face, embrace smart risk-taking, don’t over-lawyer, little things mean a lot, small and empowered negotiating teams, always keep your cool, and post-contract signing.

Read the article.

When a U.S. company decides to hire an employee in another country, the question of whether to send the applicant an offer letter inevitably arises, writes Samina Weil in the Fisher Phillips Cross Border Employer Blog.

“Sending an offer letter prior to the final contract is normal practice in the US. But this is not the case in other jurisdictions, and for good reason,” she explains.

She describes how some U.S. employment practices differ from those in foreign jurisdictions and how to approach the problems those differences can cause.

“Do not be tempted to send an offer letter (or seek legal advice before doing so), but have a contract drawn up for the position for which you are hiring and personalize it to the individual you want to hire,” she warns.

Read the article.

J. Brandon Sieg of Vandeventer Black LLP addresses the question of what is meant when a contract requires an architect or engineer to “defend, indemnify, and hold harmless” the project owner for specific (or not so specific) types of claims that might arise in the future.

Regarding duty to defend, he explains that: “If you agree to similar language in your design contract, then you are agreeing to hire the project owner’s lawyer to defend a lawsuit filed against the project owner.”

He also covers responsibilities that go with indemnification and “hold harmless.”

Read the article.

Regulatory compliance is an area of fundamental concern – not only for strategic investors – but also for financial institutions contracting for services from financial technology providers, warns Adam Chernichaw, a partner in the New York office of White & Case.

“Where a financial institution classifies a product or service being procured as an ‘outsourcing,’ its vendor risk management (VRM) function will carefully scrutinise the proposed relationship,” Chernichaw writes. “The VRM function will usually take the position that regulators will look at the service provider as an extension of the institution. Accordingly, the institution is required to impose contractual obligations on the provider so that the provider acts as the institution itself would act when it comes to compliance.”

In his article he emphasizes the importance of parties to align on the contractual VRM requirements that will be sought by the financial institution, and whether the fintech provider can meet those obligations.

Read the article.

Forum selection clauses that are not adhesive will be interpreted independently of the court’s determination of the enforceability and validity of the contract as a whole, according to a post in Baker Sterchi Cowden & Rice’s Employment Law Blog.

Robert Chandler discussed the case of Reed v. The Reilly Company, LLC, in which the plaintiff, terminated by the Reilly Co., brought claims in Missouri. Reilly moved to dismiss, based on a contract provision stating that disputes must be brought in Kansas.

“Parties drafting forum selection clauses should exercise care to avoid contracts that are adhesive – i.e. agreements reached without a realistic opportunity for bargaining – and to choose forums which will be considered “neutral” and not overly advantageous to the party drafting the agreement,” Chandler explains.

Read the article.

A recent Indiana Court of Appeals decision illustrates the importance of having an overall risk allocation strategy in contracts where appropriate, and paying close attention to the language used to express that strategy, writes Christian Jones of Barnes & Thornburg.

In the post on the firm BT Policyholder Protection Blog, Jones writes that this is particularly when multiple contracts and parties are involved.

“This case illustrates the difficulty of coordinating risk allocation language across multiple contracts. [The insurer] might have attempted to pursue subrogation claims under any circumstances, but it seems possible that litigation might have been avoided if all of the contracts at issue had contained their own express waiver of subrogation clauses” Jones explains.

Read the article.

When entering into licenses for commercially available, off-the-shelf software products, it is common to use the “vendor’s paper” for contracting, according to a post on Morgan, Lewis & Bockius LLP’s Tech & Sourcing blog.

“Using the vendor’s paper does not mean that the contract shouldn’t be reviewed and negotiated to ensure that key issues are addressed,” point out Barbara Murphy and Eric J. Pennesi.

In part 1 of the article, they discuss license types, use within the enterprise and by third parties, divestitures and acquisitions, nonproduction use, the right to relocate or change users, use outside the United States, the obligation to support, rights to successor products, payments and escalators for renewal terms.

A link on the article takes the reader to part 2 of the discussion.

Read the article.

Determine, SIG and Protiviti have posted an on-demand webinar discussing best practices for initiating third-party risk efforts by improving the integration of supplier onboarding and contract management.

Organizations of all sizes and industries are wrestling with how to improve third-party risk management efforts, Determine says on its website. The challenge often comes from a disconnect between processes that are spread out among a wide number of stakeholders; supplier due diligence, ensuring contract compliance, monitoring, renewing or even terminating supplier relationships.

By aligning processes and technology for quick adoption, you’ll have the ability to easily connect the dots between suppliers and contracts and procurement processes, the presenters say.

Topics include:

• Looking at issues around transition from onboarding to contract award
• Addressing the challenges of defining a “contract owner”
• Improving supplier and contract visibility in an environment of constant change
• Preventing the onboarding of suppliers with expired certifications, or the renewal of contracts with non-performing suppliers

Watch the on-demand webinar.

Solution providers shouldn’t let long, tedious contracts get in the way of closing deals, advised lawyer Mark D. Grossman when he spoke at the Ingram Micro One conference.

His advise was aimed at users of SLAs, or service level agreements, for cloud-based processes.

CRN reports that Grossman said solution providers should design a “cookie-cutter” contract – one that can be used with multiple clients with little modification – to make the sales process much shorter.

Reporter Joseph F. Kovar writes that Grossman said the key to that is to keep as much of the contract as ambiguous as possible. “None of this is unethical or immoral,” he said. “Everything is agreed to … I want to help you close deals. Don’t get bogged down in legal terms.”

Read the article.

A federal court in Colorado recently upheld a franchisor’s non-competition provision despite that state’s strong public policy against non-competes, reports Alexander S. Radus on Fox Rothschild’s Franchise Law Update.

“The franchisor prevailed due to its thoughtful contract drafting and ability to effectively communicate the unique nature of franchising to the court,” Radus writes.

In the article, he describes the case and concludes that the decision illustrates why franchisors should ensure that their franchisees’ owners and key employees, especially those with access to confidential materials and training, sign non-competes in their individual capacities.

Read the article.

Although an assignment and delegation provision is often placed in the “miscellaneous” or “general” sections of commercial contracts, it should not be thought of as standard “boilerplate” language that never changes, according to the Tech & Sourcing blog at Morgan Lewis.

Authors Peter M. Watt-Morse and Christopher C. Archer provide an overview of some of the key issues that should be considered when drafting an assignment provision for commercial and technology agreements.

Some of the specific topics include “yes or no to assignment,” “assignment of entire contract vs. individual rights and obligation,” “notice and consent,” and “impermissible transfers.”

Read the article.

Courts will generally enforce a non-compete agreement negotiated as part of a business sale as long as it is reasonable in geographic scope and duration, writes Michael P. Connolly in the Murtha Cullina Family Business Perspectives blog.

“What is reasonable will depend on factors such as the type of business being purchased, the pre-sale geographic reach of the business, and the consideration paid for the restriction on the seller’s future competition,” he explains. “Parties to a non-compete should therefore carefully consider these factors when drafting the agreement. The parties also should carefully define what type of ‘competitive’ conduct will be restricted.”

Connolly discusses the case of E.T. Products, LLC v. D.E. Miller Holdings, Inc., in which the United States Court of Appeals for the Seventh Circuit recently addressed the enforceability of non-compete agreements that had been negotiated in connection with a sale of a business.

Read the article.

Contract drafters sometimes confuse governing law clauses and jurisdiction clauses, according to a post on the website of Wilk Auslander.

Karen A. Monroe and Olga Larionova explain those clauses are related but are not the same. There is a greater likelihood of confusion or overlap in the context of international contracts, versus domestic contracts.

Their article presents a sample governing law clause, as well as a sample juristiction/forum selection clause for dispute resolution by courts and not by arbitration.

Read the article.

Non-disclosure agreements are part of an arsenal of legal tools that employers have at their disposal to protect their reputation and their bottom line — but those tools often come at the expense of wronged employees, writes Michelle Chen in an article for The Nation.

She also discusses the use of forced arbitration that requires employees to channel their workplace disputes through an extralegal negotiation process, rather than through the courts.

She adds:

According to the National Women’s Law Center (NWLC), both forced arbitration and NDAs have in many workplaces become a standard tactic to preempt workers from taking legal action or disclosing sexual-harassment and -assault charges. These agreements force workers to sign away their rights in exchange for a job, by making them agree to settle future disputes outside the courts through an opaque negotiation process controlled by management and lawyers—effectively sentencing women to silence before they ever step into a courtroom.

Read the article.

Firm fixed-price contracts seem like a simple concept in practice — agreements that do not allow for the modification of the contract price after award without an express agreement between the parties. But in reality, there is very little case law guiding the practical approach to these types of contracts, writes Marion T. Hack of Pepper Hamilton.

In her article on the firm’s website, she examines the definition of fixed-price contracts and cases in which the audit provision in the contract has been unsuccessfully used to assert claims for reimbursement and False Claims Act liability.

Read the article.

A non-compete provision is different than most other contractual terms, because simply having mutual consent and consideration will not automatically render it enforceable for reasons of public policy, points out an article in The In-House Advisor by Shep Davidson of Burns & Levinson.

“While some businesses try to make an end-run around this law by requiring an employee to forfeit some benefit or pay liquidated damages if he/she competes against his/her company, any such requirement will be viewed through the same public policy lens used to scrutinize a formal non-compete provision,” he writes.

Davidson warns that, while a liquidated damages provision is not a silver bullet, if properly drafted, such a clause can be a significant deterrent to an employee who might otherwise decide to test the bounds of a non-compete.

Read the article.

Elie Mystal, writing for Above the Law, discusses some top factors to remember when dealing with a sexual predator who has signed you to a non-disclosure agreement.

Among those factors are: the need for the predator to show actual injury, the information disclosed has to be secret and confidential, courts will consider public policy, and courts will consider unequal bargaining power.

“If you’ve signed a non-disclosure agreement, it’s a risk to violate it. You might get sued, you might be forced to pay back some money,” she warns. “Or you might set liberating case law that allows more of these claims to come forward.”

Read the article.

By Eric Begun
King & Fisher Law Group, PLLC

In its 10-Q filing for the quarter ended September 30, 2017, Merck & Co., Inc. stated the following:

On June 27, 2017, the Company experienced a network cyber-attack that led to a disruption of its worldwide operations, including manufacturing, research and sales operations. … [T]he Company was unable to fulfill orders for certain other products in certain markets, which had an unfavorable effect on sales for the third quarter and first nine months of 2017 of approximately $135 million. … In addition, the Company recorded manufacturing-related expenses, … as well as expenses related to remediation efforts … , which aggregated $175 million for the third quarter and first nine months of 2017.

Worth noting, this $310 million amount likely does not include all legal fees, forensic costs, and all other costs, expenses, and losses related to the cyber-attack. Nor does it appear to include other costs, expenses, and losses that may be indirectly revealed elsewhere in Merck’s business or operations. The attack in question is the NotPetya ransomware attack, which impacted countless companies worldwide on June 27 of this year.

Lost Business Resulting from Ransomware
Merck’s announcement is remarkable for several reasons, especially for those who negotiate technology contracts and agreements with data privacy and security implications. First, it’s noteworthy in its relatively clear quantification of lost business resulting from the ransomware attack. That is, often it is difficult to quantify lost business, lost sales, and consequential damages when negotiating liability provisions related to data security and information security in technology agreements and other commercial contracts. This is not to say that Merck’s recitation of these amounts is a new rule-of-thumb or benchmark, but it may start a conversation.

Quantifiable Losses
Second, the loss numbers reported by Merck are not small ones. It is common to discount publicly announced forecasts of ransomware impacts that are viewed as extreme – $75 billion per year, according to one recently cited resource. But the concreteness of Merck’s number and the specificity of the ransomware attack merits attention.

Ransomware is Fact-Specific
Third, the Merck announcement implicitly underscores the criticality of the precise facts surrounding the NotPetya ransomware attack and the unique business and situation of Merck. Not all ransomware or malware attacks can cause the same sort or amount of losses reported by Merck, nor does the same ransomware or other malware give rise to the same quality or quantity of losses for every corporate victim. When negotiating data privacy and data security provisions in commercial technology contracts and similar agreements, it is important for all sides to consider the specific circumstances and risks related to the transaction and parties in question.

Ransomware Impacts Are Not Necessarily Per-Record
And, fourth, the Merck report sheds light on the financial repercussions of ransomware, as opposed to other malware and hacking activities. That is, there are a number of industry and other reports and surveys that speak to the financial and other impacts of data breaches and security breaches on a per-record basis (for example, cost per record, records per breach, etc.). The 2017 Ponemon Institute Cost of a Data Breach Study, Verizon’s 2017 Data Breach Investigations Report, and Gemalto’s Breach Level Index Findings for the First Half of 2017 are just a few. However, in many cases the particular per-record numbers reported do not provide a clear picture of the financial effects of ransomware, which often is not the kind or scope of cyber-attack that can be assessed on a per-record basis.

Merck’s 10-Q for the third quarter of 2017 is definitely not a quick-fix answer to the question of how much a ransomware attack would or could financially impact a company. However, for attorneys, contract professionals, and others who draft and negotiate technology agreements and contracts and, specifically, information and data security and privacy provisions, the Merck quarterly report is potentially meaningful.

Conga has published an eBook designed to help readers get clearer visibility across contracts  through automating and integrating the contract lifecycle.

“Use-it-or-lose-it budgets are a fact of life, but they don’t have to derail your organization,” the company says on its website. “Your remaining dollars will go farther when everyone in your organization works smarter, more efficiently, and more diligently. Lightning-fast automation, policy enforcement, and true oversight will help you get the most out of end-of-quarter initiatives without taking on unnecessary risk.”

Download “The Path to Year-End Efficiency” to:

• Do more with your year-end dollars
• Learn how to accelerate sales processes
• Understand the importance of getting contract management right
• Stop the bottlenecks associated with year-end
• Boost purchasing efficiency and oversight

Download the guide.

In an article in the Pillsbury Policyholder Pulse blog, Kimberly Buffington and Cara Adams discuss the question: Will insurance policies become the laboratory to test the thesis behind smart contracts?

“Whether there is room for smart contracts in the insurance context remains to be seen. Generally, the ‘if this occurs, then that’ nature of insurance policies lends itself to the conditional nature of smart contracts,” they write.

There are drawbacks, they explain, writing that it would be unrealistic to expect smart contracts to eliminate ambiguities and resulting disputes any more than such disputes are currently eliminated by traditionally written contracts.

Read the article.