Silverpop Systems provides digital marketing services through a
cloud-based tool called 'Engage'. Leading Market
Technologies, Inc. ("LMT") engaged Silverpop through a
service agreement and during the course of that agreement LMT
uploaded digital advertising content and recipient e-mail addresses
to the Engage system. A trove of nearly half a million e-mail
addresses, provided by LMT, was stored on the Engage online system.
In November 2010, Silverpop's system was hacked, putting
LMT's email list at risk. Silverpop notified LMT of the data
breach. After LMT refused to pay for further service,
Silverpop suspended the agreement.
Litigation commenced in 2012, with LMT claiming damages for
breach of contract and negligence based on Silverpop's failure
to keep the email list secure. Should the service provider be
liable? Silverpop argued that it was engaged to provide access to
its online system, not specifically to keep data secure. Thus there
was no breach of its obligations under the agreement. And anyway,
if LMT suffered any damages, they were indirect or consequential
and consequential such damages were excluded under the terms of the
agreement. LMT countered that, in fact, the agreement quite clearly
contained a confidentiality clause, and that the damages suffered
by LMT were direct damages, not indirect consequential damages.
"Here, the parties' agreement was not one for
the safeguarding of the LMT List. Rather, the parties contracted
for the providing of e-mail marketing services. While it was
necessary for LMT to provide a list of intended recipients
(represented as e-mail addresses on the LMT List) to ensure that
the service Silverpop provided (targeted e-mail marketing) was
carried out, the safe storage of the list was not the purpose of
the agreement between the parties." (Emphasis added)
The court was careful to review both the limit of liability
clause (which provided an overall cap on liability to 12 months
fees), and the exclusion clause (which barred recovery for indirect
or consequential damages). The overall limit of liability had an
exception: the cap did not apply to a
breach of the confidentiality obligation. However, this exception
did not impact the scope of the limit on indirect or consequential
damages. Since the court decided that the claimed breach did
not result from a failure of performance,
and the consequential damages clause applied to LMT's alleged
loss. As a result, LMT's claims were dismissed.
Lessons for business?
Those limitation of liability and exclusion clauses are often
considered "boilerplate". But they really do make a
difference in the event of a claim. Ensure you have experienced
counsel providing advice when negotiating these
clauses, from either the customer or service provider
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).