IT contracts and cyber risks: negotiating the liability cap is good, checking the provider's insurance is better. - Nouveau Monde Avocats - Avocats en droit du numérique et de l'innovation.

IT contracts and cyber risks: negotiating the liability cap is good, checking the provider’s insurance is better.

In IT integration or development contracts, the client generally focuses on coverage for risks related to serious IT incidents, such as data theft or blockage, or prolonged service interruptions.

In these contracts, the liability cap clause intended to cover these serious risks is most often the subject of negotiation. The customer wants to cover the risks, which can be considerable, as best as possible. For example, if the payment system of a chain of stores is blocked for several days, the very survival of the company will be at stake. The service provider, on the other hand, wants to limit its liability in relation to the invoiced cost of the services. This is where cyber insurance comes in, which in principle covers the amount of the risk in case of a disaster. But for the past two years, the increase in claims, particularly with hacking that gives rise to ransom demands, has led insurance companies to increase premiums considerably and to reduce the maximum amounts covered. Providers are therefore caught in the crossfire: clients who negotiate high liability limits, and insurers who lower the insured limits.

The provider may therefore have to sign a liability cap that is not well covered by his insurance. For the client, this ceiling becomes virtual as soon as it is not covered by the insurance or by the provider’s own financial capacity.

Our advice: when negotiating your IT contract, it is therefore essential to check the coherence between the liability limit, the insured amount and the overall financial capacity of your service provider. We can assist you in these negotiations.