snIP/ITs Insights on Canadian Technology and Intellectual Property Law

Author Archives / David Crane

Subscribe to posts by David Crane

Mobile App Privacy Practices: The Office of the Privacy Commissioner of Canada Issues Tips For Communicating Privacy Practices to App Users

Posted in Privacy

Communicating privacy practices to users of mobile apps can be challenging, especially given small screen sizes and the difficulty of capturing app user attention.  The Office of the Privacy Commissioner of Canada (OPC) has acknowledged these challenges and, in September 2014, published Ten Tips for Communicating Privacy Practices to Your App’s Users.

These tips were provided in connection with the findings of the second annual Global Privacy Enforcement Network (GPEN) Privacy Sweep, which the OPC participated in along with twenty-five other privacy enforcement authorities from around the world.

The GPEN Privacy Sweep assessed 1,211 apps with a focus on … Continue Reading

Service Performance Remedies In Outsourcing Agreements: Lessons To Learn From State of Indiana v. IBM

Posted in Contracting/Outsourcing, Technology License Agreement

For a customer of outsourcing services, it is crucial that the outsourcing services agreement include well-drafted, clear and specific remedies to address vendor service performance failures that will have a material impact on the customer.  A good example of what can happen when a service agreement is deficient in this area are the recent decisions in the ongoing litigation between the State of Indiana and IBM over a ten-yearperiod, $1.3 billion contract for IBM to modernize and manage the State of Indiana’s welfare system.

Less than three years into the ten-year contract, the State terminated the contract for cause citing … Continue Reading

Controls Assurance Reports in Outsourcing Transactions: Knowing What to Ask For

Posted in Contracting/Outsourcing

Outsourcing and cloud computing service engagements are fraught with financial, security and other risks, especially if dealing with an unproven service provider.  Obtaining a third party assurance report with respect to a service provider’s internal controls can provide some comfort.  However, customers are often confused about what kind of assurance report they should obtain.

CSAE 3416

Canadian Standard on Assurance Engagements 3416 (CSAE 3416), Reporting on Controls at a Service Organization, is the Canadian accounting standard for reviewing and reporting on controls at a service organization.  It is issued by the Auditing and Assurance Standards Board (AASB) and is equivalent … Continue Reading

OIPC Cloud Computing Guidelines for BC Public Bodies

Posted in Contracting/Outsourcing, Privacy, Regulatory Compliance

Recently, the Office of the Information and Privacy Commissioner for British Columbia published cloud computing guidelines for public bodies in British Columbia. The purpose of the guidelines is to provide information to public bodies about how BC’s Freedom of Information and Protection of Privacy Act (BC FIPPA) applies to cloud computing.

What is Cloud Computing?

Cloud computing is an increasingly popular on-demand service model for IT provision, often based on virtualization and distributed computing technologies. It typically involves the provision of web-based services, such as online file storage and applications, using hardware and software managed by the service provider. For

Continue Reading

Negotiating Benchmarking Clauses – Ten Tips for Customers

Posted in Contracting/Outsourcing

Having previously examined the rationale behind benchmarking, the factors that can undermine its utility and the circumstances in which benchmarking can be used effectively, here are my top ten tips to keep in mind when negotiating a benchmarking clause:

  1. Benchmarking rights are not a substitute for good due diligence on deal terms, especially pricing. Customers should do their homework to get a reasonable level of comfort that the terms and conditions of their deal will remain sufficiently market competitive over the term. It is important to remember the best way to make sure a deal stays up-to-date is to have
Continue Reading

Benchmarking Rights in an IT or Outsourcing Contract – Are They of Any Value?

Posted in Contracting/Outsourcing

There are differing opinions on the value of negotiating benchmarking rights into an IT services or outsourcing contract.  This post will look at the rationale behind benchmarking, the factors that can undermine its utility and the circumstances in which benchmarking can be used effectively. The next post will provide ten tips on negotiating benchmarking clauses.

What is Benchmarking?

A benchmarking is a process through which the competitiveness of a contractual arrangement is assessed, usually by an independent third party, by comparing the arrangement to other comparable deals in the marketplace. The results of the assessment may lead to a binding … Continue Reading

Ten Tips for Drafting Service Descriptions and Requirements

Posted in Contracting/Outsourcing

In outsourcing and other commercial services deals, clients often have difficulty preparing the service descriptions and requirements (specifications) to be included in the services agreement (often in schedules or statements of work).  This usually results in delays and increased legal costs since we, the lawyers, need to be more involved in the initial drafting process than necessary.  We end up spending a lot of time working with client subject matter experts to ensure the service descriptions and requirements are complete, accurate and work from a contractual perspective.

Here are my top 10 drafting tips to help avoid this problem:

  1. Involve
Continue Reading