IBM has been receiving rave reviews in the media for simplifying its Cloud Services Agreement to a mere two pages in length. And yes, the Agreement also boasts healthy margins and a normal font. But does the Agreement's reasonable length equate to reasonable terms?

After all, from a customer's perspective, shorter doesn't necessarily mean better.

Certainly IBM's new Agreement was designed to reduce negotiation. According to the International Association for Contract & Commercial Management, which declared IBM a finalist for an award because of the Agreement's simplified approach, IBM has competitively benchmarked the terms of the new Agreement and IBM apparently feels that the terms will meet the business requirements of most enterprise clients.

Indeed, of the customers presented with IBM's new Agreement, 80 percent have reportedly signed it without negotiation. The remaining 20 percent, however, still chose to treat the new Agreement – simplified or not – as merely IBM's opening draft.

Upon review of the new agreement, it becomes clear why these why these "20 percenters" chose to negotiate.

For example, the first section of the Agreement is entitled Service Performance and Commitments, but the 208 words of the section contain little in the way of actual commitments; the Cloud Services are merely "designed" to be available 24/7, and while IBM agrees to provide notice of scheduled maintenance, there are no limits on the timing or duration of such maintenance.

Customers must also review the Service Description — in a separate document — to determine what, if any, license rights, data security obligations, service levels and renewal options will apply to the Agreement.

At times, the Agreement does provide terms that a customer will want to see — such as an indemnity against third-party patent and copyright claims — but the value of these terms is often limited. (Even in the shortest contract, the devil is still in the details.)

Customers must also be careful not to skip over short statements with potentially broad implications. For example, while IBM does not ask the customer to expressly indemnify IBM, the Agreement does contain a very short — and very vague — statement making the customer "responsible for" any "violation of law or any third party rights caused by" by the customer's content uploaded to the service or other use of the service. Could this statement require that a customer indemnify IBM for claims arising from any such violation? If so, the customer's liability for such third-party claims could be unlimited, because the Agreement's limitation-of-liability provision protects only IBM, not the customer.

Service providers are often urged to keep an agreement as "short and simple" as possible, and this is unquestionably an important goal that will help to reduce costs for both parties. At the same time, anyone reviewing such an agreement should bear in mind that it may have been "shortened and simplified" by the omission of key legal protections.

Ultimately, an informed customer wants an agreement that is short, simple and sweet.

Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Morrison & Foerster LLP. All rights reserved