Mitigating Risk in Shrink-Wrap and Click-Wrap Agreements – Part II

A few weeks ago, I wrote about the various methods used by businesses in addressing shrink-wrap, Web-wrap, and click-wrap agreements. As discussed, there are essentially three methods of addressing the risk of shrink-wrap agreements: blind acceptance, knowing acceptance, and mitigation. In my last post, we talked about the blind acceptance (aka “ostrich”) approach. This week, we move on to the knowing acceptance approach.

Knowing acceptance refers to the process of quickly reviewing the applicable license agreement for a proposed purchase of a shrink-wrap product and assessing whether it presents any unique risks (i.e., something beyond the typical terms identified above). Unless a unique risk is identified or the purchase would present conditions beyond the common elements identified above, the transaction is approved. If unusual or unique risks are present (e.g., the aggregate value of the transaction is substantial, the contract presents risks to the purchaser’s intellectual property or data, etc.), the risks would be clearly identified in a memorandum for review and, if the cost-benefit of the engagement warrants, potential approval by senior management. This is the most prevalent means employed by sophisticated organizations in addressing risk in transactions of this kind.

Next time, we will finish up with the most sophisticated approach: mitigation.

Copyright © 2011 IDG Communications, Inc.

7 hot cybersecurity trends (and 2 going cold)