Happy New Year: Now, Update Your Service Agreements

4 min

Want to learn more about drafting, negotiating, and understanding intellectual property and technology contracts and have 10 minutes to spare? Grab your morning coffee or afternoon tea and dig into our Tech Contract Quick Bytes—small servings of technical contract insights expertly prepared by our seasoned attorneys.

As the new year begins, prudent service providers will review and consider updating their contract forms to ensure they align with the company's strategic goals and comply with any current or upcoming laws and regulations.

To help with this process, service providers should contemplate the following list of considerations when updating or drafting service contracts in 2025. Because it provides a helpful context for negotiating any updates to existing agreements and aids in understanding legal compliance from the provider's perspective, this information is also beneficial to existing customers of service providers.

For purposes of this article, service agreements may consist of contracts that govern a provider's rendering of consulting services, software-as-a-service access, software development services, professional implementation/integration services, or technical support services.

Data Type and Use

Service providers should consider:

  • Whether the company's services agreement adequately addresses the type of data that will be received and provided
  • Based on how the data will actually be stored, processed, used and/or distributed in connection with the services or otherwise, whether the services agreement sufficiently provides a right/permission/license to do so
  • Whether this storage, processing, use, or distribution complies with all current and upcoming laws and regulations, including those covering data privacy and consumer protection. Given the fragmented nature of privacy law in the United States, consultation with a privacy attorney is recommended.

Artificial Intelligence (AI)

The AI regulatory landscape is evolving and expanding. Accordingly, if a service provider plans to use AI in connection with their services, it is critical that the provider understands this nascent regulatory landscape. It is also important that the provider ensures its services agreement reflects and complies with regulations when required, especially regarding education, employment, financial, healthcare, housing, insurance, government, or legal services. The services agreement should also address IP ownership in such a way that it conforms to both the company's intentions and to current and evolving IP laws.

Risk Allocation

In updating their services agreement, service providers should also consider whether the regulatory landscape of their services has shifted such that the potential liability of unintentional noncompliance could result in significant fines, and civil or criminal liability. For example, this may be the case if the service provider is now offering new services that require access to and the handling of sensitive personal information. If a service provider is now facing additional laws or regulations, then the service provider may wish to:

  • Adjust its limit of liability and liability cap (e.g., to include a super cap for data breaches)
  • Include additional customer indemnification obligations (e.g., for the customer's provision of personal information)
  • Otherwise increase its service fees to account for any new regulatory liability

Confidentiality

In the event that the customer will have access to any of service provider's non-public confidential or proprietary information (e.g., trade secrets), the service provider should review its confidentiality provisions to ensure they reasonably protect the provider's confidential information.

For example, will the service provider distribute any non-public aggregated data or proprietary software to the customer, or will the customer otherwise observe or use any proprietary processes of the provider? If so, the service provider should review its confidentiality provision and ensure it contains adequate protection (e.g., review the scope of the term "Confidential Information" and non-use and disclosure obligations, confirm whether there is a "need to know" requirement, etc.).

If you or your company would like to discuss updating your contract forms, please contact A.J. Zottola or Ben Myers.

To receive more Tech Contract Quick Bytes be sure to subscribe. Click here to learn more about Venable's IP Tech Transactions services. Looking for tech contract support? Our Contract Concierge provides clients with access to a dedicated team of Venable's experienced tech, IP, and privacy attorneys to assist with contract demands, drafting, and negotiation.

Join our Tech Contract Quick Byte mailing list to receive news, analysis, and event invitations from our IP Transactions team.