The new delivery model for information processing, Cloud Computing is offering an attractive value proposition:
- Dynamic (on-demand) provisioning of IT resources
- Low cost because of the use of economy of scale and multi-tenancy sharing of resources
- Shorter time to market in deploying resources
- Different cost structure; the shift from CAPEX to OPEX
But although this value proposition is very promising negotiating cloud contacts can be challenging. Especially when the customer want to make the standard contract more suitable for their requirements.
Recently Stanford Technology Law Review has published a paper on negotiating cloud contracts. Partly based on interviews with customers and providers of cloud computing services the article gives an overview of the evolving contract terms for these kind of services. One of the conclusions of the report is that the terms that generated the most negotiation were provider liability, service level agreements, data protection and security, termination rights, unilateral amendments to service features, and intellectual property rights.
With the increasing consumerazation as well as commoditization of IT services and resources, cloud computing fits quite nicely to the needs of individual consumers or small and medium sized enterprises. But the standard contract terms shows some friction with the needs of large enterprises and government organizations and/or special market segments (for example financial institutions). According to the writers of this paper different cloud computing services with different pricing and sets of terms, from consumer-orientated to enterprise-oriented, with specific terms for certain market sectors or functionality are needed to gain new customers.
Based on a forthcoming book about Sourcing (see The Sourcing Initiative) I would like to add some comments on the article.
Wrapped in a number of contractual and legal issues the article, implicitly, touch four basic or fundamental issues when one want to start using cloud computing services from external providers.
First of all there is the very nature of Cloud Computing itself a service offering based on the idea of economy of scale, mass production and commodity services based on commodity resources. Each standard service offering (SaaS, PaaS, IaaS) has a well defined interface. The consequence of this is that the consumer can’t manage or control the underlying components of the service that is provided. The service, by its nature, offers the service as-is. Therefore, customization is by definition not possible. Because with customization you push aside the principals of the underlying business model. Service differentiation by the provider is only possible when the customer base is large enough to maintain the underlying principles of cloud computing. Not every provider or customer understands the principals and consequences of this new business model very well which leads to all kind of difficulties in the negotiation process.
The second issue is the issue of the split incentives also known as the principal-agent problem. As for cloud computing we can translate it to the question if a cloud service provider really act on behalf and in the interest of the customer. This is a well known economical issue that arise under conditions of incomplete and asymmetric information between customer (principal) and provider (agent). Various mechanisms to improve contract design, as described by Paul Milgrom , may be used to try to align the interests of the agent.
The third issue is property ownership which can be murky business with non private cloud computing. Property rights has five basic elements (referred to as a bundle of rights):
- The right of possession.
- The right of control.
- The right of exclusion (access rights).
- The right of enjoyment (earn income of it).
- The right of disposition (buying or selling).
The consequence of these different aspects of property is that different parties are able to hold partitions of rights to particular elements of a resource. Therefore when a cloud computing sourcing deal is taking place the partitions of property rights should be grouped into appropriate bundles and assigned so that appropriate economic incentives are created for the owners of each bundle of property rights. If not, there is the risk of discussions about obligations and liabilities.
The fourth issue is lock-in, where the customer organization must make a strategic risk evaluation on the following lock-in categories before engaging in a cloud computing negotiation.
As described by Gregor Petri we can distinguish four types of lock-in:
- Horizontal lock-in; restricted ability to replace with comparable service/product.
- Vertical lock-in; solution restricts choice in other levels of the value chain.
- Inclined lock-in; less then optimal solution is chosen because of one-stop shopping policy.
- Generational lock-in; solution replacement with next-generation technology is prohibitively expensive and/or technical, contractual impossible.
The Cloud Computing market is young and still evolving so the overview of legal issues that is given in the Stanford paper as well as the four issues stated above can help you to gain knowledge to appreciate what is at stake when negotiating cloud computing contracts.
 Milgrom, P., & John Roberts, J., 1992, ‘Economics, Organization and Management’, ISBN 0132246503, Prentice Hall
 Petri, G., 2011, ‘Vendor lock-in and cloud computing’, http://www.itsmportal.com/columns/vendor-lock-and-cloud-computing