Most suppliers of software and other forms of technology accept that they must indemnify customers if they breach third parties’ rights by the software or hardware they supply. Typical is the following clause:
“The Supplier undertakes to defend the Customer from and against any claim or action that the use of the Software infringes the Intellectual Property Rights of a third party and indemnifies the Customer from and against any losses, damages, costs (including all legal fees) and expenses incurred by or awarded against the Customer as a result of, or in connection with, any such Claim.”
However reasonable that may appear, one must assess the quality of such indemnities and what they actually cover.
A good example arose in April this year in the Supreme Court in Burnett or Grant v International Insurance Company of Hanover Ltd [2021] UKSC 12.
Though in a completely different context the case illustrates why care must be taken by both parties to ensure the indemnity is adequate and acceptable. The insurer insured a business which provided security guards against its potential liabilities to the public. It did this by an indemnity:
“against all sums which the insured shall become legally liable to pay as compensatory damages and claimant’s costs and expenses arising out of accidental injury to any person”.
subject to an exclusion for:
“liability arising out of deliberate acts” by the insured.
In restraining a violent customer by a neck hold, a security guard accidentally asphyxiated the customer. Was the insurer liable for “compensatory damages and claimant’s costs and expenses arising out of accidental injury”? Did the exclusion for “liability arising out of deliberate acts” apply in circumstances where the death was clearly not deliberate (nor was there any intention to injure) but the neckhold was unarguably deliberate?
The Supreme Court judged that. because there was no intention to cause harm (only a deliberate intention to restrain a violent person) and because the policy would have little value if all deliberate acts could be excluded, the insurer could not escape liability.
The lesson for suppliers of technology from this tragic event is that it is open to suppliers to add exclusions to indemnities. For example, we could exclude liability if the breach has come to light as a result of the customer dealing with the software in breach of the licence or by attempting to modify the kit or the software. Alternatively, indemnities can be made conditional on how the customer deals with the claim – for example, when and how it gives notice, how it deals with the claimant and what access it gives the supplier to all relevant information and records to enable the supplier and its advisers to deal with the claim.
As ever, everything is negotiable even if some indemnities are customary.
Contact our legal experts for advice on indemnities in technology contracts.
