Independent Service Organizations (ISOs)
One issue of great concern to licensors is when the licensee seeks to maintain the software through the use of independent service organizations (ISOs). Many licensors are concerned that these independent third parties, who are often their competitors, will learn the licensors’ trade secrets or siphon off the licensors’ maintenance revenue, which is usually a significant portion of their profits. See, e.g., Hodge Business Computer Systems, Inc. v. U.S.A. Mobile Communications, Inc., 910 F.2d 367 (6th Cir. 1990). Further, any changes made by an ISO may have an unanticipated impact on any future updates or enhancements created by the licensor.
To limit third-party access to the license or its software and thus prevent the retention of ISOs by the licensee, the license should clearly state that the licensee may not grant a third party access to the software. The failure to be explicit may allow a third party to assume responsibility for maintenance of the software. See, e.g., Hogan Systems, Inc. v. CyberSource Int’l, Inc., 158 F.3d 319 (5th Cir. 1998). In the event the licensee seeks to allow an ISO or other contractor access to the licensor’s intellectual property and trade secrets, the licensor should require the licensee to indemnify the licensor for any misuse by the licensee. The issue of third-party access is complex, as the failure to allow third parties to provide maintenance support potentially raises antitrust concerns. For a more detailed discussion of these antitrust issues, see Johanson & Zollman, Computer Maintenance Raises Antitrust Issues, Nat’l L.J., May 20, 1996, at C 40. The utilization of an ISO should serve as a basis for terminating an existing warranty relating to intellectual property indemnification as the licensor cannot be responsible for the ISO’s actions. The licensor should also be relieved of any responsibility for future enhancements, updates or continuing maintenance, or bug fixes.
Licensees seeking to utilize ISOs to provide maintenance and support services should recognize the risk that the licensor of the proprietary software supported by the ISO may drag the customer into any lawsuit it brings against the ISO, potentially disrupting the customer’s business operations. Although the ISO may indemnify the customer against any such risks, in reality, the ISO cannot prevent disruptions to a customer’s business. See SAP Verdict Spawns Legal Worries in Software Maintenance Business, Wall St. J., Nov. 26, 2010 at B1.