Navigating exemption clauses in technology contracts

For vendors and service providers, well-crafted exemption clauses help to mitigate exposure to claims arising from performance failures and other incidents which constitute breaches.  For purchasers, these provisions must be carefully scrutinised to ensure sufficient recourse remains in the event of a dispute. Given the significant power of exemption clauses in terms of liabilities, it is important to know common disputes relating to these provisions and practical tips to avoid them.

What are exclusion and limitation clauses? 

Exemption clauses include exclusion clauses and limitation clauses. 

An exclusion clause will seek to exclude liability for certain types of loss or causes of action altogether, whereas a limitation clause will seek to limit liability in other ways, such as by limiting the total amount of damages payable or by specifying a time limit for the exercise of the right to rescind or claim damages.

Common examples include:

• exclusions of warranties and conditions otherwise implied into the contract, such as implied term of the quality or fitness of certain goods;
• exclusions of specific types of loss, such as loss of profits and loss of data;
• exclusions of specific remedies, such as excluding the right to set-off;
• financial caps on liability; and
• time bars limiting the period within which the claims must be brought.

Common disputes relating to exemption clauses

Exemption clauses are frequently subject to disputes on the following aspects:

Has the clause been incorporated into the contract?

A common challenge is whether the exemption clause is part of the contract. A party seeking to rely on an exemption clause must clearly show that it was incorporated as a contractual term, typically by reference, by conduct or because of previous dealings. This usually involves taking reasonable steps to bring it to the notice of the other party. To minimise the risk of challenges:

• ensure that the exemption clause is clearly given or shown to the other party at the time the contract is formed;
• use explicit acceptance mechanisms, such as requiring users to acknowledge and agree to the terms before accessing or installing a platform or service; and
• take reasonable steps to highlight the exemption clause by using the language the other party reads, and bolding and capitalising the words.

Are the words clear and unambiguous?

Unclear exemption clauses often lead to disputes over their interpretation, and any ambiguity will be construed against the party who introduced and seeks to rely on it. To prevent disputes:

• define key and technical terms explicitly – for example ‘system failure’, ‘unauthorised access’ and “malware infection” – so that a clear meaning can be ascertained;
• ensure that exemption clauses identify the relevant obligations that are to be affected and the types of losses that might result from a breach. It is important to identify exactly which losses the parties intend to limit or exclude and under what circumstances; and
  
•  be clear whether the clause applies just to contractual liability or also extends to any connected non-contractual claims, for example negligence claims.

Is the clause affected by legislation? 

Even if an exemption clause is validly incorporated in the contract and clearly drafted, statutory and regulatory controls can still affect its enforceability. In Hong Kong, an exclusion clause may be unenforceable under the Control of Exemption Clauses Ordinance (Cap. 71) (CECO) if, for example:

• the liabilities related to death or personal injury resulting from negligence under section 7(1) of the CECO;
• one of the contracting parties deals as the consumer or on the other’s written standard terms of business, and the exemption clause under section 8 of the CECO renders a contractual performance substantially different from what was reasonably expected; or
• the exemption clause is made to indemnify another person under section 9 of the CECO and does not satisfy the test of reasonableness.

Factors the court may consider include:

• he strength of the parties’ bargaining positions relative to each other; 
• whether the customer knew or ought reasonably to have known of the existence and extent of the term having regard to factors such as any custom of the trade and any previous course of dealing between the parties; and 
• whether the goods were manufactured, processed, or adapted to the special order of the customer.

Enforcing exemption clauses often involves complex contractual interpretation and the balancing of the interests of contracting parties.

Given the growing complexity of digital services, cybersecurity risks and IT regulations, there is no one-size-fits-all standard clause to best protect businesses against risks.

Companies should avoid drafting exemption clauses in a vacuum, and instead always consider the whole contract and the surrounding factual context to ensure that each exemption clause is carefully drafted to ensure enforceability and fairness.