Ensuring Effective IT Outsourcing, Part 1

November 28, 2011

Commercial companies, governments, and the full range of organizations around the globe rely on external parties to provide information technology (IT) services for them.  Individual employees routinely turn to software and IT systems developed, hosted, and distributed by other organizations, including Westlaw, Dropbox, and Google, available either for a fee or for free.

Many mission critical IT functions are widely provided on an outsourced basis, including: Internet access, website development/hosting, e-mail, customer contact/call center management, electronic commerce transaction processing, computer system security, file-sharing/collaboration tools, and data storage/analysis.

This is the world of IT outsourcing, and it is a multi-billion dollar international business.

Users turn to outsourced IT services in an effort to reduce their operating expenses and increase their profitability.  The outsourcing model enables customers to access vital IT capabilities and expertise in an efficient and cost-effective manner, on an as-needed basis.  Governments around the world view IT outsourcing from the perspectives of both user and promoter.  Governments support IT outsourcing by acting as some of the largest consumers of IT services.  Additionally, they aggressively attempt to encourage IT service providers to locate in their jurisdictions, viewing those service providers as extremely attractive engines of employment and overall economic development.

Although outsourcing carries great potential value, that value can only be realized if a variety of critical legal issues are effectively addressed by service providers, users, and governments.

  • Service providers must ensure that their service offerings are clearly defined, effectively managed, and entirely consistent with all legal requirements imposed by all of the jurisdictions in which they operate.
  • Service users must make sure that the delegation of control and authority over their IT assets (including personal and proprietary information, intellectual property, and communications content) is consistent with the legal rights and obligations associated with those assets.
  • Governments must recognize that a wide range of laws and regulations dramatically affect the provision of outsourced IT services (including those addressing data privacy, computer use, national security, commercial transactions, and criminal conduct, including cybercrime).

Currently, one of the most visible forms of outsourced IT services is “cloud computing.” 

Service providers around the world actively market to consumers, businesses, and governments a variety of data collection, storage, and analytic services using “clouds,” networks of computers and personnel located in many different parts of the world.

The rising popularity of cloud computing offers an important illustration of the key legal issues applicable to all outsourced IT services.

  • Cloud service providers must understand and comply with the laws of all of the jurisdictions in which they collect, store or use digital content.
  • Users of cloud services must verify that dispersal of their digital assets into the cloud is consistent with all of their legal obligations associated with those assets.
  • Governments must apply laws and regulations that effectively balance protections which are needed to serve the public interest with the desire to foster IT outsourcing to promote economic growth.

To ensure effective use of IT outsourcing, service providers and customers must devote substantial attention to the service contracts governing the outsourced offerings.

In Part 2 of this series, we will cover some of the specific provisions of service contracts that should be taken into consideration.

For more information on Alliance Law Group, LLC, Jeff Matsuura, or Crag Blakeley, please visit the ALG website.  For more information on information technology law, see their book Global Information Technology Law, 2011 ed.