Recently, Icertis, a contract management software service provider, became the third software-as-a-service (SaaS) entity in India to attain the unicorn status. This marks its entry into a three-member exclusive club, with the earlier entrants being Freshworks, a business software solution provider, and Druva, a data protection software provider.
But what is Saas? Saleforce, the largest SaaS company in the world in terms of market capitalisation, boasting of revenues over $100 billion, explains SaaS as a way of delivering applications over the Internet — as a service. Instead of installing and maintaining software, you simply access it via the internet, freeing yourself from complex software and hardware management. This is ensured as the software provider manages all the aspects of the software on its own servers, including access, security, support and maintenance services.
Despite Icertis raising $115 million, and Druva raising $130 million earlier this year, majority of the SaaS start-ups in India remain unfunded, including the bootstrapped software products company, Zoho. However, it is only a matter of time before the SaaS industry in India experiences a boom similar to the one experienced by Indian IT companies in early 2000s. This especially seems plausible in light of the unveiling of the national policy on software products in March of this year (Software Policy), which aims to nurture 10,000 technology start-ups by 2020. The Software Policy proposes inter alia
, putting in place a single window platform for facilitation of Indian software product industry in fast-tracking legal and regulatory issues and allowing Indian software products companies to set off tax payable on the investments made (on an accrued basis) in R&D of indigenous software products.
Indian SaaS start-ups raised $2.79 billion across 520 deals between January 2014 and June 2018. With this new wave of SaaS start-ups ready to take India by storm, the importance of ensuring that the SaaS entity is shielded from any unforeseen liability by building in adequate safeguards in the business contracts, cannot be stressed enough. In this article, we attempt to highlight the key legal considerations involved for an entity in the SaaS space.
The entity can either sell the right to access/ licence to use the software directly (through their agents) or by appointing resellers to effect such sales. Due to the high administrative costs involved and the SaaS entity being predominantly engaged in ensuring the smooth running of the software and its upkeep, the reseller model is the most preferred. In the reseller model, the entity will appoint, either on an exclusive or non-exclusive basis, various resellers who would be responsible for soliciting end users, while the provision of the software and allied services will be done directly by the software developer on its own servers, to such end users. Essentially, there will be agreements at two levels – first, between the reseller and SaaS entity, under which the reseller will purchase the SaaS software, and second
, an agreement between the reseller and end user, which would govern the terms of sale of such software to local end-users in a specific territory/ jurisdiction. Additionally, the SaaS entity can require the resellers to ensure that the end users execute an end user license agreement (EULA) in a form as agreed by the SaaS entity, to govern the access and use of the software.
In order for the reseller model to be effective, the responsibilities of the parties involved must be clearly outlined – who would be responsible for the marketing and branding of the software? What would be the invoicing process? Will the reseller be allowed to bundle the software with other third-party software and services? Will the reseller bear any liability in case of issues with the software or services provided by the SaaS entity?
Moreover, the agreement must clearly define the territory for which the reseller is being appointed; the consequences of termination of the contract between the reseller and the SaaS entity; consequences of non-payment by reseller, especially in cases where the end user has already gained access to the software; and the commissions and sales incentives due to the reseller.
While fixing the price of the software, apart from being cognizant of the market conditions and demand for their product, the SaaS entity will also need to be mindful of competition law issues. If a SaaS entity, directly or indirectly, fixes the price that the resellers charge the end users for its products, the practice can be viewed as anti-competitive by regulators in various jurisdictions. Accordingly, ‘Resale Price Maintenance’ can become a sensitive issue. For instance, the EU competition regime views any and all forms of price control very strictly. Juxtaposed in the Indian context, while we do not foresee any issues arising from building soft control mechanisms (such as the inclusion of a schedule in the agreement which provides for a ‘suggested retail price’), the extent of control that the SaaS entity has over the price of its products and whether such control amounts to ‘fixing’ the price, will have to be determined on a case-by-case basis by reviewing the language provided under the agreements.
Intellectual property, confidentiality and data protection
The SaaS entity must ensure that the reseller is precluded from passing of the software as his own, especially in the event the reseller is responsible for marketing, branding and promotion of the software. The agreement should clearly outline that the ownership of all intellectual property associated with the software rests with the SaaS entity. Moreover, the reseller, acting as a data intermediary, may gain possession of sensitive data of the end user (such as user ids and passwords required for gaining access to the software). Accordingly, the confidentiality obligations to the end user must be cast upon such reseller as well. Lastly, the cross-border transfer of data will make it paramount that the SaaS entity complies with the data protection laws of not just the country where the host servers are located, but also of the countries where the data principals are based.
Sidharrth Shankar is partner and Shivam Arora is associate at J. Sagar Associates. Views are personal.