License Restrictions in SaaS Agreements

Hey, all you cool kids, crazy for contracts!

It's time for the next edition of Mastering Commercial Contracts and the next article in the series on SaaS Agreements, "License Restrictions in SaaS Agreements." First, some notes and announcements.

• There are not a lot of images that convey "license restriction" so I created my own featuring an old driver's license that was issued way back in 2014. Notice it has no restrictions -- a good thing for a driver's license but not so much for a license to SaaS.
• The feedback since starting this newsletter on July 1 has been great and there are almost 1,000 subscribers. Thanks for your support!
• I am SUPER EXCITED to announce that I'm partnering with?How to Contract?to put on their first guest workshop. The course topic is "Health Tech Indemnification Provisions" and can be taken for CLE credit. It will be a virtual event on August 17 at 12 Noon ET. See below to enroll in the course!

Now, on to the next installment of Mastering SaaS Agreements.

License Restrictions in SaaS Agreements

Background and Overview

Every SaaS Agreement includes a section addressing the license granted to SaaS that will be provided and used, along with language that includes express restrictions on the license (“License Restrictions). License Restrictions may be found in the SaaS Agreement’s section with the heading, “License” or “License Grant and Restrictions,” when both the license granted, and restrictions thereon, are addressed in the same section. Or, License Restrictions may be in their own section, which is my best practice. In the last article, we discussed the License Grant section if you wish to refer back to it.

As noted in the last article, my best practice is to have separate sections for “License Grant” and for “License Restrictions.” Separating them relates to my personal philosophy on contracts. I believe contracts are best when they are designed to be easy to digest and negotiate. The fewer issues combined into a given section or clause, the easier it is to finalize that section or clause when you’re negotiating. Clarity is our North Star when drafting contracts, and you can make the restrictions clear regardless of whether you choose to have separate sections or a combined one. However, it’s still good to consider other factors, like ease of negotiation and its impact on your organization’s contracting velocity.

Before we take a deep dive into the key concepts related to License Restrictions, let’s look at some examples.

License Restriction Examples

Not Best Practice Example

I’ll begin with an example that does not follow my best practices:

X License Grant & Restrictions. Customer shall not (and shall not encourage/assist third parties to and shall use commercially reasonable efforts to prevent any third parties from doing the following): (a) disassemble, de-compile or otherwise reverse engineer the Applications or otherwise attempt to learn the source code or algorithms underlying Applications; (b) modify or create derivative works from or based on the Applications; (c) except as expressly set forth in this Agreement, provide, sell, license, distribute, lease, lend, or disclose the Applications to any third party; (d) use the Applications for timeshare, service bureau, or other unauthorized purposes; (e) bundle the Applications as part of the download/installation process, with any other software, application, code, file, data, or other materials or information for contemporaneous download/installation; or (f) exceed the scope of any license granted to Customer hereunder.

The foregoing example departs from my best practices in the following ways.

• Its header does not match the section’s content as the language only speaks to the restrictions.
• It includes an unnecessary and impractical obligation on the Customer to “use commercially reasonable efforts to prevent any third parties” from taking certain actions.
• It does not address some common restrictions that it should, like restrictions on how Applications can be used.

Best Practice Example

X.2 License Restrictions. Customer is prohibited from: (i) copying, framing, mirroring, modifying, displaying, transferring, transmitting or otherwise distributing or providing the Solutions to any third party; (ii) creating derivative works from the Solutions; (iii) reverse engineering, decompiling or otherwise attempting to create descriptions or Documentation from the object code of the Solutions; (iv) allowing use of the Solutions for any purpose not expressly permitted in the Agreement; (v) selling, reselling, distributing, transferring, sublicensing, using or exploiting the Solutions to provide application hosting or business process outsourcing or any other similar or related services to any individual or entity, or function as a service bureau or application service provider; (vi) removing proprietary rights notices, asset tags, brand labels or marks placed on the Solutions, or Third Party Solutions; (vii) attempting to circumvent or compromise the security features of the Vertafore Solutions or introducing any viruses, worms or other disabling code into the Solutions; (viii) using an automated machine or robotic process to access or use the Solutions; or (ix) using the Solutions to create a competitive product or service.

The foregoing example exhibits my best practices in the following ways.

• The License Restrictions are in a separate subsection. The fewer concepts you address in a section or subsection, the easier it is to understand the respective rights and obligations of the respective parties.
• The restrictions are comprehensive, nothing has been left out.
• The language is very clear. The scope of the restrictions is easy to understand.

Key License Restriction Concepts

The following concepts are the ones you’ll need to know and understand to draft or review comprehensive License Restrictions in a SaaS Agreement.

No distributing to third parties

SaaS is like other software in that its license should restrict licensees from distributing the software to third parties. This restriction should be a broad prohibition against copying, framing, mirroring, displaying, transferring, transmitting, or otherwise distributing the SaaS to any third party.

No creating derivative works

Derivative works will be addressed in your intellectual property (“IP”) section from a rights perspective. However, owning the rights to derivate works is different from restricting the licensee from creating any in the first place. Therefore, you should be sure to include this restriction.

No reverse engineering

Always restrict your licensees from reverse engineering your SaaS. Preventing reverse engineering restricts the licensee from recreating the IP underlying the SaaS. This prevents a customer from creating their own version of the SaaS. It also prevents them from attempting to learn proprietary aspects of your SaaS through a reverse engineering process.

No using in ways not permitted by the agreement

You must include a restriction that the SaaS cannot be used in ways that are not permitted by the agreement. This ensures you have clear grounds to terminate the license for actions that might otherwise fall into the breach category and preclude an immediate termination due to notice or cure periods.

For example, if your SaaS can store a variety of files and information, but your product is not designed to comply with privacy regulations then you should have terms that prohibit the input of personal information. This not only allows you to terminate the SaaS Agreement but also helps limit exposure to liability that may have been created by the prohibited usage as it was unlicensed usage per the terms.

No selling, reselling or sublicensing

It is critical to restrict the license so that it cannot be sold, resold, or sublicensed. These restrictions prevent the SaaS from going to unknown third parties.

If you have third parties that sell or resell your licenses – that’s great! But that’s the primary instance where the restriction on not selling, reselling, or sublicensing is not appropriate. There’s one other scenario where sublicensing may be acceptable.

Sometimes the issue of sublicensing can come up with an enterprise deal with a large company that has many affiliates. It may be ok to agree to have the SaaS sublicensable. This will be a business decision. Legal’s job will be to explain the issues and advise on how to support the business operations so that the sublicensees are known and legal terms and conditions are created in contemplation of the model for servicing the large enterprise and its sublicensed affiliates.

No circumventing security features

You must include a restriction on circumventing security features. A SaaS company wants this to ensure security and to capture revenue that can be lost when users circumvent security features. For customers of SaaS this helps to minimize risk and exposure to liabilities for security breaches and for unlicensed usage.

No using an automated or robotic process (optional)

Depending on the SaaS and how it is accessed, it may be prudent to include a restriction on using automated or robotic processes. Robotic processes that call your service if automated incorrectly can send too much traffic to your servers and cause an outage. This is the main reason to include this restriction.

If you’re unsure if this restriction is appropriate for your SaaS Agreement, then before you include it discuss the issue with internal business partners. Your technical team will understand the issue and be able to advise if it’s a relevant concern for your SaaS.

No offering a competitive product or service

Restricting the license so that it cannot extend to competitor should always be included. Even with the prohibition on reverse engineering, there can be other proprietary aspects of the SaaS that you don’t want your competitors to have access to as a customer of the SaaS.

You may be thinking, would the business ever sell to a competitor? The answer is yes. The sales team may not recognize a new market entrant with a competitive offering before making the sale. Therefore, you need this restriction in your terms to ensure you have a basis to terminate your license once it’s discovered.

Conclusion

The license, as granted and restricted, is foundational to any SaaS Agreement and so you need to be certain it’s correct. While you can address the license to the SaaS in many ways, following my best practice of isolating the terms on License Grant in one section and License Restrictions in another will put you on the path to a straightforward review or negotiation.