Indeed, a recent survey suggested that, in financial terms, thevalue of each Mb of data could be as high as $1, raising the potential forcatastrophic levels of loss in the event of significant data corruption ordeletion. Kit Burden considers theimplications of this and the provision which can be made in contracts to takeaccount of it.
The treatment of losses relating to data in IT and commercialcontracts requires particular attention, and most specifically in respect of thequestion of whether data in itself constitutes a form of ‘property’ (asproperty related losses are often not made subject to limitation of liabilityprovisions, or are made subject to higher limits than those applying to otherforms of loss), and specifically whether it can be viewed as a form of‘tangible property’ so as to fall within the scope of any relevantprovisions in commercial contacts relating to heads of claimable loss.
This article accordingly considers how data has been treated inboth the US and the UK, before considering the consequences that such treatmentmay have upon the drafting of appropriate contract terms.
US Case Law
US case law, while not binding upon English courts, provides auseful insight into the elements which are to be taken into account indetermining whether data can be considered to be tangible property.
In the context of insurance disputes, there is some relevantcase law which has involved property damage within the context of CommercialGeneral Liability clauses, where definitions of property damage have includedthe concept of physical injury to, or destruction of, tangible property or lossof use of tangible property. The question to be answered by the courts in thiscontext is whether ‘tangible property’ would include data. Case law in thisarea has shown that the courts are likely to consider two main issues:
whether the definition of property damage is in any way ambiguous, thereby leaving scope for the possibility that the clause be construed against the party seeking to enforce it and, consequently, for the possibility that data might be considered to be ‘tangible’
whether data loss can be considered to be so closely connected to damaged tangible property that it becomes part of that property.
Traditionally, ‘tangible property’ has been described ashaving a physical substance which is apparent to the senses. In StPaul’s Fire & Marine Insurance Co v National Computer System (1992)the Court decided that information itself, in the context of a misappropriationof documentary information, was nottangible. However, the reasoning behind the decision implied that if thedocuments containing the information in question had been lost, the loss of theinformation could be considered a loss of tangible property which would havebeen covered by the insurance policy in question. This clearly opened the wayfor the notion that information, when lost, could be considered tangibleproperty where the information is sufficiently integrated with the tangiblemedium which has been lost along with it.
This was the line followed by the subsequent case of RetailSystems Inc v CNA Ins Co where it was decided that data contained on a tapewas of permanent value and was ‘integrated completely with the property of thetape’. In this case, both the tape and the information on it were lost and itwas held that they constituted tangible property such that the value of the lostdata could be claimed. However, adistinction was made between, on the one hand, the tape alone and, on the otherhand, the information and the tape as a combined entity. The court suggestedthat, if the information alone had been lost, it might not have been considered“tangible property”. The court also emphasised that the loss of the physicaltape was an important factor in the decision which would seem to indicate thatthe issue of data being regarded as a form of property will depend, to a greatextent, on the specific circumstances of each case.
Next came the case of AmericanGuarantee & Liability Ins Co v Ingram Micro Inc (2000), which appearedto push the boundaries still further. In that case, a power outage resulted insubstantial data loss for which the insured sought recovery from its insurers.Its policy only covered “direct physical loss”. However, the court said:
“At a time whencomputer technology dominates our professional as well as our personal lives,the Court must side with Ingram’s broader definition of ‘physical damage’.The Court finds that ‘physical damage’ is not restricted to the physicaldestruction or harm of computer circuitry, but includes loss of access, loss ofuse and loss of functionality”.
Accordingly, Ingram Micro was able to recover damages for itsdata losses even though the hardware remained essentially untouched.
UK Case Law
Although the breadth of cases dealing with this issue is limitedin the UK, there are two decisions which suggest that the English courts arefollowing a similar approach to that of their US equivalents.
R v Whiteley (1991)
In this case, a hacker gained unauthorised access to a computernetwork, managed to attain the status of a systems manager and was accused ofcausing damage under the Criminal Damage Act 1971. Under s1 of the Act, it isprovided that “… (a) person who without lawful excuse … damages anyproperty … shall be guilty of an offence”. Property is defined under s10 ofthe Act as being of “… a tangible nature …”.
The accused was convicted on the basis of the prosecution’sargument that he had caused criminal damage to disks by way of altering thestate of the magnetic particles on them when deleting and adding files. Theprosecution argued that the disks and the magnetic particles containing theinformation were effectively a single entity capable of being damaged by thedefendant’s actions.
The principal ground of defence was that it was necessary tomake a distinction between the physical disk, as a medium capable of storinginformation, and the intangible information contained on the disk.
The court held that the Act required that it be proved thattangible property had been damaged, but not necessarily that the damage itselfshould be tangible. The court concluded that the magnetic particles on the metaldisks formed part of the disks and, if those particles were altered in such away as to cause an impairment of the value or usefulness of the disks to theowner, there would be damage within the meaning of the Act. The fact that thealterations were perceptible only once the disks were operated by the computerdid not make those alterations any less real.
To illustrate the above point, the court distinguished betweentwo situations. First, where there has been mere “tinkering”with an otherwise empty disk, no damage would be established. However, whereinterference with the disk has resulted in impairment to the value of the diskto the owner (ie by deletion of or alteration to the recorded data), then thenecessary damage would be established.
This decision gives a clear indication, within its specificcontext, that the courts are prepared to accept that data can, when combinedwith a medium, be considered tangible property. Indeed, it might be argued thatthis decision goes further than US case law in that it reached its conclusion inrelation to a medium which had been altered, as opposed to a medium which hadbeen lost.
St Albans City andDistrict Council v International Computers Ltd (1996)
This well known case concerned a local authority suffering aloss of community charge receipts due to allegedly faulty computer software.While the overall decision was based on other issues, Sir Iain Glidewell(sitting in the Court of Appeal) elaborated upon the more general question ofwhether software could be considered to be goods. In doing so he sought todefine clearly the meaning of the word ‘software’. To do this, he referredto a description of a computer system contained in the judgment by Scott Baker Jin the High Court decision on the same case. The substantive part of thatdescription was as follows:
“The heart of thecomputer is the central processing unit which performs the actual processing.All these items are tangible physical objects. By itself hardware can donothing. The really important part of the system is the software. Programs arethe instructions or commands that tell the hardware what to do. The program isitself an algorithm or formula. It is of necessity contained in a physicalmedium. A program in machine readable form must be contained on a machinereadable medium, such as paper cards, magnetic cards, magnetic tapes, disks,drums or magnetic bubbles.”
He went on to make the following distinction:
“During the course ofthe hearing, the word ‘software’ was used to include both the (tangible)disk onto which the … program had been encoded and the (intangible) programitself. In order to answer the question [as to whether software constitutesgoods], however, it is necessary to distinguish between the program and the diskcarrying the program.”
He then considered the definition of ‘goods’ under s61 ofthe Sale of Goods Act 1979 and under s18 of the Supply of Goods and Services Act1982 which provide that goods include ‘all personal chattels other than thingsin action and money’. He concluded, without ambiguity, that a disk fell withinthis definition, while a computer program did not.
The above gives every indication that data, by itself, is notconsidered to be tangible. However, on a different issue, later in the samejudgment, Glidewell J referred to an Australian decision (TobyConstructions Products Pty Ltd v Computa Bar (Sales) Pty Ltd (1983)) whereit was held that the sale of a whole computer system, including hardware andsoftware, was a sale of goods under that particular province’s legislation,which is similar to the English legislation on the matter. Glidewell J agreedwith the outcome of the decision.
The significance of that part of the decision lies in the factthat, although Glidewell J makes it clear that data by itself cannot beconsidered to be a form of tangible property, when associated to its relevanttangible medium it becomes integrated with it, thereby ‘becoming’ tangibleunder those particular circumstances.
Implications forContract Drafting
Whilst the cases referred to above give an indication as to howthe courts may view the issue of loss or damage to data (particularly incircumstances where they are straining to find a means of reaching what theyperceive to be a ‘just’ decision), they as yet fall short of providing thedegree of clarity required, bearing in mind the implications for a clientorganisation of loss of data.
Accordingly, it is essential that any contract for the provisionof goods or services which could give rise to any loss or damage to data dealswith such issues, directly, and without ambiguity. Issues to address willinclude:
(a) whether damages or loss resulting from loss of data will be claimable –in this regard, contract draftsmen would do well to avoid confusing this issuewith any question as to whether such loss is to be treated as being direct orindirect (see Pegler v Wang (2000)) and instead simply state as a distinct issuewhether damages associated with loss of or any need to reconstitute data will beclaimable in the event of a breach of contract by the other party
(b)if such losses are to be claimable, should they be subject to a separate,property or data specific cap on liability or made part of the generallimitation in respect of all other losses?
(c) whether the client should, as a precondition to being able to make aclaim for loss of data, have instituted reasonable (or, alternatively,specifically defined) data back-up procedures in order to reduce its exposure todata-related losses.
Conclusion
One suspects that the debate as to the status of data as a formof property has still some way to run. However, it is perhaps unhelpful to focuson whether data can be considered to be ‘tangible’ or not; instead, weshould consider means of ensuring that the commercial value of data in today’scommercial environment is given due recognition and protected accordingly.
Kit Burden is a Partnerat Barlow Lyde & Gilbert.