Authorized Users Definitions

Katie Zimmerman; Rachael Samberg

4 Authorized Users Definitions

Katie Zimmerman and Rachael Samberg

Desired Result

This clause covers who gets access to the licensed content through your contract. You want it to cover everyone who should reasonably have access to library resources via your institution, and usually it should be the same set of people who have access to the physical resources at the library. This will almost always include students, faculty, staff, and visiting researchers. It may also include “walk-in users”—library patrons who are not affiliated with the institution, but are physically present on campus. You may also need to think about peripheral campus units and affiliated programs: Will the faculty and students in those programs expect that they’ll have access? What assumptions may the publisher be making about their inclusion?

You want to avoid both excluding anyone who should get access, and excluding anyone who will have access based on the access method.

The “should” is to meet your users’ needs and the goals of the library, so that you are actually providing access to the resource.
The “will” is a liability concern: frequently the library doesn’t have much control over who has access to the institutional network, and, depending on the way access to e-resources is managed, you need to make sure that anyone who will be getting access is covered by the license.

A frequent, but sometimes overlooked, concern is ensuring that there is an “Authorized Users” clause at all. Some vendors (generally vendors who are accustomed to dealing with industry more than academia) may refuse to distinguish between the party “You” (the university) and “Authorized Users” (the faculty, staff, and students). This lack of a distinction between the university and its users can mean that the remaining terms of the license agreement impose liability on the university for the acts of all users—which most universities cannot agree to. This can be a challenging but important point of discussion in the negotiation process.

Essentials of the Law

The authorized user definition defines who is authorized under this contract to access the product. Anyone covered by the user definition is granted permission to use the product through this contract. If you knowingly or negligently allow anyone who is not covered by the user definition to have access to the product, that would be a breach of the contract.

Desired Language

The following is a good model Authorized User clause:

Authorized Users. The Licensor and Licensee define “Authorized Users” as the following:

a. The Licensee’s full-time and part-time students, regardless of their physical location;

b. The Licensee’s full-time and part-time employees (including faculty, staff^[1], affiliated researchers, and independent contractors), regardless of their physical location;

c. Other valid ID holders; and

d. Patrons not affiliated with Licensee, who are physically present at Licensee’s site(s) (“Walk-ins”).^[2]

The key elements to include are all categories of individuals who will have or need access to the product: usually faculty, staff, and students, and anyone who will automatically receive access through the access method for the resource. Users should not be defined by their geographic location—a student at home over break should still be able to access library resources, for example.

“Walk-in users” covers patrons who are not affiliated with the institution, but are physically present on-site. The importance of walk-in users is likely to vary by institution—for example, state-funded institutions may be expected or required to provide access to the public or to taxpayers within the state.

Tricks and Traps

Scope of users

Including a catch-all for “other valid ID holders” in your authorized user definition is helpful for covering others who may have access to the institutional network that you haven’t previously considered, as well as allowing for changes to network access policy without having to revisit the license.^[3]

Some licenses and some model language have separate definitions for “Authorized Users” and “Walk-in Users,” rather than including Walk-ins as a subcategory of Authorized Users. That is a fine approach, and is potentially useful if you need to clearly delineate what Authorized Users can do differently from what Walk-in Users can do. If, however, your intention is that Walk-in Users have the same access and use rights as other Authorized Users, then it can lead to oversights—if the contract later specifies that “Authorized Users may do x,” you would need to remember to amend that to “Authorized Users and Walk-in Users may do x,” in each instance.

Crossover between academic and non-academic affiliations may also present definitional challenges for authorized user clauses, and challenge vendor expectations. Vendors often want to restrict authorized users narrowly, partially because they may also license the product to corporate and industry sites, and they don’t want those customers circumventing the (more expensive) commercial use licenses by making use of the generous use rights at the neighboring university. Generally you want these difficulties to be handled via authorized use clauses, not user clauses. In other words, the campus license only covers academic, educational, and non-commercial uses; if a student also has an internship at a local company, they can still access library e-resources for school purposes, but should rely on the employer’s licenses for anything internship-related.

Finally, there may be circumstances where the authorized user definition prevents access for a user group with a continued need for licensed content but whose members no longer hold a valid ID or fit into one of the standard defined user groups. Postgraduates are an example of a group whose use may extend beyond the expiration of their ID, especially if they are part of the process of peer-review and replication. Due to the natural length and requisite industry standards of this process, a once-authorized user may lose access to licensed eResources which may be needed closer to the date of publication. This may not be an issue for all licensed eResources, but should be considered in light of the needs of your institution. For example, when identifying the needs of a high-output publishing institution, a library might add additional language to the traditional authorized user definition to allow for future graduates involved in the peer-review process access to content for this specific purpose: “Authorized Users who graduate or otherwise leave Licensee are permitted to retain and use Licensed Content to complete research projects started at Licensee.”

Geographic locations

Disparate geographic sites can also sometimes pose issues in authorized user definitions. It made sense in the historical world of print materials that a geographically far-flung satellite campus or site might have separate physical library collections, but it may make more sense for e-resource access to include both sites in one contract. If the students and faculty at that site are considered students and faculty of the central institution, then they are included in the model language above, but that may not match the vendor’s actual expectations.^[4]

Where ambiguities are likely to arise, it may be helpful to include language specifying that specific sites are included in the user definition. You may also see language specifying that access is for “one contiguous campus” or similar, which would prohibit access by users based at the geographically disparate site. You would then need to negotiate adjusting that language to include the remote sites, or omit the “contiguous” requirement. Negotiating this clause can have financial ramifications, since many vendors will attempt to charge extra for additional sites, based on their site definition. Mutual clarity on this clause can help avoid conflicts over access in the future.^[5]

Business & Data Resources

Some business or data vendors object to the inclusion of an “Authorized Users” clause—for they intend the “You” party (the university) to be coextensive with all of the users at the university. This has liability implications because it could, under subsequent liability clauses, render the university liable for the acts of faculty, staff, and students—which are actually beyond the university’s control. Some vendors insist on university liability for the acts of the users because universities have “deeper pockets” in the event of a potential breach and lawsuit. But it is typically important to stand firm on the insistence of a separate “Authorized Users” clause, and a distinction between the university and the acts of the users.

One way to do this is by negotiating for the “Authorized Users” clause, and then separately also including a provision for any Authorized Users to (through a click-through, for example) accept the terms and personal liability for using the resource. This would maintain for the vendor a source of recovery for breach and damages without imposing that potential payout on the institution. We discuss the click-through option further in the section on Licensee Performance Obligations

Importance and Risk

Authorized User definitions are central to the license, and therefore very important to get right. Fortunately, they are usually straightforward and most vendors who are familiar with the academic market will usually be on the same page as the library around this term. Nevertheless, unauthorized access to a product through your library is generally one of the main things vendors are concerned about preventing, as it can constitute a serious breach of contract.

Another important consideration for this clause is how closely it is tied to the access method for the resource, and how little control the library usually has over who will be “authorized” in practice. Whether a given person can log in to the institutional network is usually determined outside of the library—in the registrar’s office or human resources, for example—and for many access methods, network access will determine e-resource access as well. If the library literally cannot prevent a certain group from gaining access ^[6] and the contract says that you will, then you would be in breach from day one, which makes this a necessary clause to negotiate. One reasonable solution to this issue might be to employ the phrase “for the avoidance of doubt” and acknowledge in writing that a particular group will become part of the anticipated and licensed group of users, if the inclusion of that group is in doubt or likely to be a source of conflict in the future.

For example, a library recently leveraged this technique to include a small office directly in to the license: “…and for the avoidance of doubt, employees at Licensee’s technology transfer office and employees at the Licensee’s Environmental Health and Safety Office shall qualify as Authorized Users of Licensee.” Overall, this reduced the licensee’s risk through an expanded definition while not imposing any new costs or obligations to the licensor. A vendor may find this agreeable when reminded that it often includes language elsewhere in an agreement acknowledging that pricing has been determined on a set of factors (such as size of user base) and that it’s the licensee’s responsibility to disclose any significant changes which may require the renewed negotiations.

One additional area of risk is where a vendor is simultaneously negotiating similar terms of use with other libraries or entities within your own institution. Once qualifying vendor agreements are identified, an analysis can be performed on the value of developing and maintaining consistent terms of use to all users. For example, a central library acquisitions department recently worked with the graduate school of medicine to align subscriptions and bring everything under one governing agreement. Addendums and orders (with title lists) were kept separate for each joining entity and in most cases the vendor was able to keep separate billing. Overall, the library was able to reduce negotiating time, employ an enterprise approach to its vendor relationship strategy, and allow a fresh look at usage across a larger and more valuable user base.^[7]

Finally, there is increased financial risk for the university if you cannot secure an “Authorized Users” clause, and there is no resulting distinction between users and the university in terms of liability for breach (that is, the university becomes liable for the acts of all users).

Be sure to preserve library staff uses so that you can administer and service the materials or database! ↵
“Liblicense Model License Agreement with Commentary,” Center for Research Libraries, November 2014, 4, https://liblicense.crl.edu/licensing-information/model-license/ ↵
For example, one institution expanded network access to retired faculty as an additional retirement benefit, without consulting the library. Retired faculty could therefore continue to access licensed e-resources using their valid network IDs. Without the inclusion of “other valid ID holders” in the license definition, access by those individuals (who are no longer “employees”) would likely be a breach of the license. ↵
For example, Louisiana State University (LSU) got into a contract dispute with Elsevier over duplicative subscriptions. The Veterinary Medicine Library and the main library had overlapping subscriptions to Elsevier content, and, when the duplication was discovered, the veterinary library dropped their subscription. The central LSU contract covered an authorized user definition of “the full-time and part-time students, faculty, staff and researchers of the Subscriber and individuals who are independent contractors or are employed by independent contractors of the Subscriber affiliated with the Subscriber's locations listed on Schedule 2 (the 'Sites').” Schedule 2 defined the Sites as including certain IP address ranges and a total number of users, both of which included the veterinary school. LSU argued that the veterinary school was clearly covered under the contract, and filed suit to enforce the contract terms. The parties eventually resolved the dispute with an out-of-court settlement. See Compl., Board of Supervisors of Louisiana State University and Agricultural and Mechanical College v. Elsevier B.V., No. 655,759 (19th JDC, Parish of East Baton Rouge, LA, Feb. 27, 2017); Carl Straumsheim, “LSU Sues Elsevier,” Inside Higher Ed, May 2, 2017, https://www.insidehighered.com/news/2017/05/03/louisiana-state-takes-disagreement-elsevier-court. ↵
For example, you may have a teaching hospital that shares an IP network with the main campus and which cannot be separated from the larger campus users. One university resolved this through discussion with the vendor which made it clear that access could not be separated, usage was low, and a case was made to show there was little or no future subscription value in licensing directly with the teaching hospital. To avoid this issue in the future, the university began including “hospital users and staff” in their Authorized User definition. This also had the added benefit of clearly answering questions about whether the hospital could use the content (which conscientious hospital staff would sometimes question, even with having access). ↵
And sometimes business vendors do want to prevent campus groups like development offices, tech transfer offices, and other more "investment-oriented" branches of campus users from gaining access. ↵
For an example that did not go so well, see footnote 3, above. ↵

License

Icon for the Creative Commons Attribution-NonCommercial 4.0 International License

E-Resource Licensing Explained Copyright © 2024 by Sandra Enimil, Rachael Samberg, Samantha Teremi, Katie Zimmerman, Erik Limpitlaw is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where otherwise noted.