DATA CENTER PROVIDERS: SOME OF THE LEGAL ISSUES

, , ,
Gascon TI Technologie de l'information IT Information Technology

The Province of Québec has recently seen an increase in the presence of data center providers. This burgeoning market can be associated with Québec’s many advantages including, but not limited to, affordable and dependable energy sources and its cooler climate. In addition, Montréal’s global reputation in the field of artificial intelligence is no stranger to the attractiveness of Québec’s market.

The operation of data centers implies numerous legal considerations. This article focuses on the three following:

  1. Identification of the nature of the contract between the provider and the customer;
  2. Creation of a security interest on the assets; and
  3. Managing outages and service credits.

1. Identifying the nature of the contract between the provider and the customer

One of the first questions to consider when operating a data center is the nature of the contract to be entered into with the customer, which will define the terms and conditions under which the customer will have access to the data center space. Such access and use of space are normally governed under either a lease, a licence or an access agreement.

Essentially, the client pays rent to access and use a pre-defined space for a specific term. Typically, such a business relationship would be governed by a lease. However, under the Civil Code of Québec, a lease establishes specific legal obligations on the part of the provider and grants specific rights to the customer (including, but not limited to, the right to register the lease on title).

Therefore, it is not uncommon for providers to grant a licence or access rights under a license or access agreement, which is a legal mechanism better suited to their commercial reality. Such an agreement will provide the customer with access rights to a predefined data centre space while affording the provider with a greater flexibility on its access rights to the customer’s space.

We therefore strongly recommend that caution be exercised when drafting the contracts that will define your relationship with the customer in order to easily determine whether the parties are subject to a lease, a licence or an access agreement.

2. Creation of a Security Interest on the Assets

The provider must make sure that the agreement it enters into with the customer prevents the latter from granting to a creditor or third party a security interest over the provider’s assets or those of its other customers.

It is fairly common for customers to finance the acquisition of their equipment while offering same as security. A customer could also request to carry out its own installation work, in which case, it must be clearly informed that it may not, under any circumstances, grant any form of security on the provider’s assets (i.e., common facilities) or allow a legal hypothec to be registered by its contractors on those assets.

As a result of any such default, the customer will have the obligation of indemnifying the provider and the provider will have the right to terminate the agreement.

3. Outages and service credits

The key concern and priority of most customers when choosing a data center is the continuous access to a power source. Accordingly, the provider must implement a plan to ensure the constant supply of electricity and provide its customers with the related guarantees as an outage can cause significant disruption and damage to a customer’s activities.

Therefore, data center providers usually insert specific remedies and limitation clauses in a separate service level agreement (“SLA”). The SLA deals with the quality of the service and provides for certain guarantees regarding the level of performance, namely in the case of outages, emergency maintenance and the period of time in which the provider must resolve the problem. The SLA will usually provide for customary remedy in the form of service credits which are capped for the then current month and calculated in accordance with the outage period.

This being said, a provider may want to limit or exclude its responsibility in certain events. Service credits must represent liquidated damages as the customer’s sole remedy. Any indirect or consequential damage such as, but not limited to, data loss and economic loss must be specifically excluded.

The SLA must also exclude any planned maintenance by the provider’s team, problems outside the provider’s control, problems arising out of the client’s infrastructure (software issues, disconnection), as well as a force majeure event.

By Audrey Robitaille