Posted on January 28, 2010 by Joseph I. Rosenbaum

Outsourcing Providers Pitching Business? Be Careful What You Wish For.

As far back as May 2005, Legal Bytes reported that Europe was becoming a major outsourcing hub for a variety of reasons (Outsourcing Statistics). Well just this week, the law started catching up.

In what is certainly a major ruling and quite possibly the beginning of emboldened plaintiff-customers seeking greater accountability from outsourcing providers, Electronic Data Systems (EDS) has lost a case initiated by British Sky Broadcasting Plc (BSkyB) back in 2004, alleging that EDS, one of the leading outsourcing providers in the world, had misled BSkyB about its capabilities and expertise. For those of you who are legal research hounds, the case is cited as HT-06-311, British Sky Broadcasting v. Electronic Data Systems, although I don’t believe it has been fully published yet. The dispute arose over a services contract that was entered into by EDS and BSkyB in 2000, well before EDS was purchased in 2008 by its current owner, Hewlett-Packard (HP), for slightly more than US$13 billion.

To give you the background, BSkyB selected EDS to develop a new customer relationship management (CRM) system for its call centers in Scotland. After almost two years and failure by EDS to deliver, by March 2002, BSkyB ended the contract and took over the project itself – the frustration and events ultimately leading to the legal proceedings filed in 2004 that alleged EDS lied about its ability to undertake and complete the project. On the other side of the case, in its own court documents, EDS alleged that BSkyB simply “did not know what it wanted,” and wanted the lowest cost possible to accomplish “it.” To highlight the disconnect further, the contract with EDS was for £48 million, but according to court documents filed in the case, with all of the delays, budget over-runs, EDS’ failure to deliver, and BSkyB taking over and completing the project itself, costs had mounted to £265 million.

Justice Ramsey, writing for the British High Court, ruled that EDS misled BSkyB in making false and fraudulent misrepresentations in pitching and marketing its capabilities to BSkyB, giving rise to a claim for damages. Further, the court concluded, to the extent these representations were fraudulent, the limitation of liability clause in the contract that would have otherwise limited EDS’ liability for damages should be set aside and does not apply. While damages have not yet been fixed, in theory, if one includes the differential in costs, lost profits and other damages that are now fair game, EDS could be liable to BSkyB for well in excess of £200 million – that’s more than US$315 million at current exchange rates.

This is a major decision not only in the UK, but also for outsourcing deals around the globe, and if the beginning of a precedential trend, it could signal a radical shift in the way outsourcing deals are bid, negotiated and consummated. There is no question that anyone involved in outsourcing knows that the customer does not always have its specifications and detailed requirements buttoned up when discussions begin. Indeed, outsourcing often presents a singularity at which time enhancements, efficiencies and improvements that might have been difficult or impossible internally, can be effected by moving the operations to a third-party provider. The provider, eager to win a lucrative bid, may over-promise or over-represent its experience and capabilities. Smart negotiators know that forcing both sides to diligently and meticulously work through the "devil in the detail," and making sure expectations, resources and capabilities are clearly set out and unambiguous, is the single most important contribution to be made in avoiding disputes, potential litigation and problems as the work and services unfold. Those of you in marketing know all too well that there is often a fine line between an actual claim and puffery. The former represents actionable representations, the latter . . . well, “you’ve tried the rest, now try the best” on every pizza box in the world.

Are you contemplating a major outsourcing initiative? Are you considering any outsourcing project, even a small one, involving critical operations – customer services, supply chain management, operations, transaction processing? Outsourcing is complicated. Need help? We wrote the book. No really, you can see for yourself: Outsourcing Agreements Line by Line: A Detailed Look at Outsourcing Agreements & How to Change Them to Fit Your Needs, written by none other than yours truly, Joseph I. Rosenbaum. Whether you check out the book or not, if you do need help, our Advertising Technology & Media law team here at Reed Smith has the help you need to make sure that, even if you are right, you can avoid the costly consequences and angst inherent in any legal proceedings between customers and providers. How can we help you? Call me, Joe Rosenbaum, or the Reed Smith attorney with whom you regularly work.

Tags: , , , , ,
Posted on October 22, 2004 by Joseph I. Rosenbaum

Outsourcing: NJ Governor Signs Executive Order

Outgoing New Jersey Governor James E. McGreevey signed Executive Order No. 129 requiring vendors seeking contracts with New Jersey State agencies to disclose any foreign countries in which the services are to be performed, and prohibits awarding such a contract unless there is no comparable domestic service, failing to use the vendor would cause economic hardship in New Jersey or would not be in the public interest for some reason. Excluded from the Executive Order are contracts with New Jersey’s public institutions of higher education, when the contract is for academic instruction, educational or research services.

Tags: , ,
Posted on July 19, 2004 by Joseph I. Rosenbaum

Privacy is Back in the News

In last month’s issue, we mentioned (in “Gnu & Gnoteworthy”) the F.D.I.C. released a report entitled “Offshore Outsourcing of Data Services by Insured Institutions and Associated Consumer Privacy Risks”. Well, privacy issues are popping up all over the place again.

California Financial Privacy Act

The California Financial Privacy Act of 2003 became effective July 1st and requires banks to give customers the right to opt out of sharing information with bank affiliates with separately regulated lines of business and requires banks to get permission from customers to share information with outside companies. After the law was enacted, the American Bankers Association, Consumer Banking Association and Financial Services Roundtable filed suit claiming the Fair Credit Reporting Act—the federal law regulating sharing of information among affiliates—preempted state law and thus the part of the statute attempting to limit sharing of information among affiliates is invalid. Not so, said the Judge—to the surprise of bankers scrambling to comply—a recent notice from the California Department of Financial Institutions indicated it would begin enforcing the law immediately!

The Judge ruled that since the FCRA only applied to the sharing of “credit reports,” the California law covering a broader range of customer information was not preempted by federal law. Will the ruling be appealed? Will other states follow suit?

California Certainly is Busy

The California Online Privacy Protection Act of 2003 went into effect July 1 with some new requirements for “commercial” website operators that collect “personally identifiable information” from California residents through a website or online service. The law requires website operators to post privacy policies on their websites and requires them to comply with them. Thus, if a website operator doesn’t comply with the Act, not only does a consumer have a potential action for failure to honor the terms of the policy, but the operator would now also be in violation of California law.

Privacy and Outsourcing

In May, the FTC published its response to a letter sent by Congressman Edward J. Markey (D–Mass.) in connection with its efforts to protect personal information of U.S. citizens when information is processed outside the United States. The FTC response deals with the Children’s Online Privacy Protection Act (not to
be confused with COPPA, which has been struck by constitutionality problems), Gramm-Leach-Bliley, the Fair Credit Reporting Act, as well as the Do-
Not-Call Registry. The report is a good summary of the non-banking regulatory framework that applies and while you can read the FTC’s responses in each category here, suffice it to say that the FTC clearly notes: “Simply because a company chooses to outsource some of its data processing to a domestic or off-shore service provider does not allow that company to escape liability for any failure to safeguard the information adequately.”

FACT Act Regulations Surface

Among other things, the Fair and Accurate Credit Transactions Act of 2003, referred to as the FACT Act, created a new provision of the Fair Credit Reporting Act providing that if an affiliated entity received information that would be characterized as a “consumer report,” the affiliate is not permitted to use the information for marketing unless the consumer has an opportunity to opt out. The FACT Act requires the FTC, banking regulatory agencies, the National Credit Union Administration and the SEC to issue rules surrounding the affiliate information-sharing provisions; and while not required to issue a joint rule, they must coordinate to avoid inconsistency in the regulations. The FTC issued its proposed rules on June 15, and on June 25 the Federal Reserve issued substantially similar proposed rules, which have also been approved by the OCC, Office of Thrift Supervision, and National Credit Union Administration. The SEC has yet to issue its proposed rules. Want to know more? Want your voice to be heard? Having problems understanding what compliance means? Call Reed Smith. Our Financial Services team, Privacy Team and a range of expertise and experience is at your disposal.

Gateway Learning Settles FTC Privacy Charges

Gateway Learning, which markets the “Hooked on Phonics” brand, settled FTC charges that it rented personal information of consumers to other companies, despite having promised not to. In the Matter of Gateway Learning Corp. (FTC File No. 042-3047), the FTC charged Gateway Learning with changing its privacy policy (an allegedly deceptive and unfair practice) after collecting the information, to allow it to share information with third parties without notifying consumers or getting their consent. The settlement prevents Gateway Learning from making misrepresentations about how it will use information it collects from consumers, from using consumer personal information collected before it made the policy changes unless the consumer consents, and restricts it from retroactively applying future privacy policy changes without first getting consumer consent. Need a privacy policy? Thinking of changing your privacy policy? Want to know how this might affect your policy? Call Reed Smith. We are happy to help. The agreement between the FTC and Gateway Learning, including the Consent Order and the original FTC complaint, can be found here.
Tags: , ,
Posted on March 23, 2004 by Joseph I. Rosenbaum

The Buzz About Sourcing: Out, Near, Offshore, Strategic, Corporate, In...

Not a day goes by that outsourcing isn’t in the news. Not just news, but NEWS. The Wall Street Journal, Information Week, The New York Times, Financial Times, CIO Magazine, American Banker. “Press 1 for Delhi, 2 for Dallas,” “Prove It’s Secure: Legislators Want CIOs and Service Providers to Show that Customer Data Sent Overseas is as Safe as it is at Home,” “Global Talk Gets Cheaper—Outsourcing Abroad Becomes Even More Attractive as Cost of Fiber-Optic Links Drop,” “Offshore Outsourcing: How to Safeguard Your Data in a Dangerous World,” “Weighing the Benefits of Offshore Outsourcing,” “Big-Bank Perspectives on Offshore Outsourcing,” “Lesson in India: Not Every Job Translates Overseas,” “Business Coalition Battles Outsourcing Backlash,” “More Work is Outsourced to U.S., Than Away From It, Data Show,” “Offshoring Can Generate Jobs in the United States”—well, you get the picture. Senator Liz Figueroa (D-Calif.) is seeking legislation prohibiting consumer medical and financial data from being sent overseas without assurances of strong privacy safeguards (remember the U.S. position on the European personal data directive?). Even Alan Greenspan has weighed in, cautioning, “These alleged cures would make matters worse rather than better.”

Both providers and customers consistently articulate several key themes. Many third-party providers can do it cheaper, faster and at higher quality - processing is their business - not yours. Third-party providers survive by keeping up with technology, training personnel and responding to changes quickly and efficiently - often a secondary priority and a headache for other companies. Further, companies are recognizing that allowing a third-party to perform functions and assist in providing services rarely requires relinquishing control or responsibility - in fact, proper management increases, and almost always in a positive way.

Like it or not, outsourcing is likely to remain a significant weapon in management’s arsenal of choices in managing business—an alternative available for consideration as requirements change. Although perhaps obvious, an outsourcing transaction should take into account the following key issues:

  • All or Some?—Assess needs, evaluate priorities, costs and requirements, and understand which functions, process or operations should be outsourced and which retained. Outsourcing is a tool, not an end in itself.
  • Control, Flexibility & Cost—A delicate balance considering the difficulty and implications—especially when entrusted to a third party, or if you are a third-party provider. Agreements must address varying objectives, priorities, customers and suppliers—hardly a trivial exercise.
  • Human Resource—Outsourcing affects employees: seniority, pensions and benefits, decisions involving termination, changes in salary, and even relocation. Immigration issues arise when moving people around—even for temporary training or other assignments.
  • Performance Standards—Defining and prioritizing standards is difficult enough internally and fixing accountability in a contract even more so.
  • Corporate Compliance, Privacy & Security—These issues require careful examination. Functions can be outsourced, but rarely can the responsibility.
  • Relationship Management—Customer and provider must develop a solid working relationship—in operation and spirit. From shifting priorities to changing performance standards—there is no substitute for a strong, effective team approach.
  • International—Global outsourcing gives rise to issues relating to currency fluctuations, differing intellectual property protections, privacy and transborder data flow, surveillance and security, governing law, dispute resolution, and interpretation and enforcement of contracts in local courts; and
  • Insourcing—Sometimes forgotten, no decisions are permanent. Leave room to re-evaluate or move functions from one service provider to another in an amicable transition process. Businesses, operations, requirements and costs change—don’t lose flexibility.

Did you know Reed Smith has significant experience in handling sourcing transactions—near, offshore, strategic and otherwise? Did you know Reed Smith may be the only law firm with attorneys here and abroad who have handled major international and multinational outsourcing transactions for financial institutions, airlines, health care providers, telecommunications and manufacturing companies, to name a few? Did you know Reed Smith lawyers are adept at looking at both the purely legal and contractual issues, as well as counseling clients for success and guiding clients through the process?

Whether understanding sensitivities of internal employee concerns, or preparing RFPs and negotiating and managing these complex contracts, Reed Smith lawyers understand and handle risks and issues new and unknown to many organizations—a host of human resource and performance issues, assignment, immigration and employment, warranty, insurance, indemnity and liability questions, growth, change control, customer service and termination issues. How to handle a migration plan? What about our people? What if I can’t get the service I need? What if my needs, my systems, my operations or my processes or my business changes?

The implications are large, the risks enormous and the complexity overwhelming—don’t skimp on retaining people with the right expertise, including lawyers. Want to know more? Want to schedule a customized in-house seminar? Contact Joe Rosenbaum in the U.S. at jrosenbaum@reedsmith.com and let us help you.

Tags: ,