Contracting considerations for digital infrastructure

Customers and suppliers must navigate a complex array of legal and commercial considerations to achieve agreements that are balanced, effective, and fit for purpose.

Key issues for customers 

Customers contracting for the supply or use of digital infrastructure typically encounter the following issues.

• Joint procurement of hardware and software: Digital infrastructure often involves integrated hardware and software, often alongside construction elements like structural work or heavy equipment installation. Contracting terms must address both types of deliverables, including provisions for delivery, installation, configuration, acceptance, and ongoing software licensing and support. Contracting terms may also need to accommodate differences between the technology and construction sectors in their typical approaches to handling variations and payment provisions.
• Sequencing procurement, licensing and implementation: Digital infrastructure projects frequently include contracting for product procurement, ongoing software licensing and implementation services. Understanding the sequencing of these activities and negotiating appropriate exit points if issues arise is crucial. For example, customers may want to avoid being locked into long-term software licences if implementation services are delayed or not delivered effectively.
• Hosting software: Customers must decide whether software should be supplier-hosted or customer-hosted. Even if the vendor runs the software, there may be reasons for the customer to control the computing environment, whether it’s a public cloud account or hardware owned or leased in a data centre. The customer’s decision will be influenced by:
  
  • The need for control over hosting, security and data residency
  • Product constraints (e.g., software designed as a multi-tenant solution that can’t be deployed to a separate environment for the customer), and
  • External hosting terms and costs.

• Integration risk: Suppliers may need to integrate multiple third-party products to deliver a working solution or integrate their products with the customer’s existing equipment and operating systems. Properly allocating risk for integration issues is a key negotiation point in the contract.
• Focus on testing: Digital infrastructure contracts typically include detailed and heavily negotiated testing and acceptance regimes. This can include factory inspections and batch-by-batch hardware acceptance testing as a precondition to delivery, software acceptance testing to ensure integration with hardware and customer’s systems, and final acceptance to confirm a fully integrated system, free of defects.
• Third-party vendors and licensors: Customers need to understand the scope and method of recourse for third-party products that are defective or do not meet contract specifications. Will the supplier assume this risk in an integrated solution, allowing product warranties to be enforceable against the supplier, or will the customer need to pursue the third-party vendor?
• Counterparty risk and enforceability: Customers need confidence in their ability to bring claims against suppliers under warranties or for contract breaches. To mitigate counterparty risk, they may require on-demand bank guarantees or parent company guarantees. It’s also critical to specify an appropriate forum and jurisdiction for dispute resolution in the contract and consider the enforceability of New Zealand Court or arbitral decisions.
• Scope of supplier liability: Supplier liability is negotiated in almost all commercial arrangements. In digital infrastructure, typical exclusions are often heavily negotiated, with customers focusing on liability for business disruption caused by defective technology. Tensions can arise when digital elements make up a relatively small part of the contract value but have the potential to significantly affect the value of a broader and much more costly bundle of heavy equipment or works.
• Maintenance, support and spare parts: Customers need to understand the scope, pricing and service levels for ongoing maintenance and support, as well as the availability of spare parts for hardware. This support is often covered under a separate services contract, which may include:
  • Software updates and improvements
  • Assurance that third party components remain supported by vendors and compatible with the customer’s computing environment (including patching of security vulnerabilities)
  • Training and reporting
  • Support to diagnose defects and enforce warranties, and
  • 24/7 incident response.
• Availability and KPIs: Support services may be subject to availability and KPI regimes. Failure to achieve availability guarantees or address KPI shortfalls may result in damages being payable by the supplier or even contract termination.
• Software escrow: Depending on the software’s importance, customers may require a third-party escrow arrangement to access source code if the supplier defaults or becomes insolvent. Given that digital infrastructure can last for decades, this mitigates risks associated with relying on specialised, hard-to-replace software that might not be supported long-term.
• Security and data: Contract terms should include appropriate security measures to mitigate data breach risks. Customers should also carefully consider the supplier’s rights to use customer data, ensuring these rights are limited to use the customer is comfortable with, based on the type of data accessed during the services.