"

31 Licensee obligations

Katie Zimmerman; Erik Limpitlaw; and Rachael Samberg

Desired Result

Several common clauses address contract obligations that fall solely on the Licensee.  These are terms that address the responsibility of the library to safeguard the interests of the licensor and take steps to prevent use of the licensed content that exceeds the scope of the license.  This generally involves communicating the terms of the license to authorized users, and imposing security requirements around access methods.  The goal of the library in these clauses should be to ensure that the language accurately reflects the library’s security capabilities and reasonably allocates responsibility.

Essentials of the Law

An e-resources contract is a contract between the library and an e-resources vendor which provides a benefit (access to the e-resource) to the users of the library.  The library’s authorized users are not a party to the contract, and are not directly obligated to obey the contract terms.[1]  This means that if an authorized user does something that conflicts with the terms of the contract the licensor will only have contractual recourse against the library.[2]  Absent negligence or willful facilitation of breach, the library will only be liable for the acts of end users to the extent that it has assumed responsibility for those acts. This means that the licensor will generally include provisions in the contract that seek to obligate the licensee to control the behavior of their authorized users.  Closely controlling authorized users generally is not desirable or particularly possible for a library, however, so the library should be careful not to overstate their obligations with respect to end users.

Desired Language

License Terms Notice. Licensee will use reasonable efforts to provide Authorized Users with appropriate notice of the terms and conditions under which access to the Licensed Materials is granted under this Agreement.

Protection from Unauthorized Use. Licensee will use reasonable efforts to restrict access to the Licensed Materials to Authorized Users.

Maintaining Confidentiality of Access Passwords. Where access to the Licensed Materials is to be controlled by use of passwords, Licensee will use reasonable efforts to inform Authorized Users that they should not divulge their numbers and passwords to any third party. Licensee will also use reasonable efforts to maintain the confidentiality of any institutional passwords provided by Licensor.[3]

Tricks and Traps

Reasonable Efforts to Inform

Generally the library doesn’t have the ability (or the desire) to directly control or police user behavior.  Authorized users are using library materials at their own discretion without a librarian peering over their shoulder, which is exactly as it should be – surveillance of library use isn’t generally something that libraries support.[4]  What control the library does have is indirect – via, for example, university codes of conduct,[5] library electronic resource access policies,[6] and student and employee rules.  Language that requires the Licensee to “ensure” (without a qualification that the Licensee will use “reasonable efforts” to ensure) that authorized users follow the terms of the contract is, therefore, likely to be impossible for the library to actually comply with, and exposes the library to liability for conduct that they could never have effectively prevented.

Instead, try to negotiate for language that requires “reasonable efforts to inform” end users of the terms, and reasonable efforts to restrict access to the authorized users defined in the contract. Informing end users of the terms is, realistically, what the library is able to promise in this situation, and “reasonable efforts” provides the most flexibility in how best to meet this obligation.  Where the library has more direct control, such as with the security of passwords that will only be used by library staff, you may be more comfortable with more specific security promises.

This situation is generally familiar to licensors who regularly license to libraries and universities, but can be surprising to vendors who most frequently contract with companies, where the authorized users are all expected to be employees of the licensee.  Employers generally have much more direct control over their employees, and both represent the same legal entity,[7] making it more reasonable for the employer to “ensure” employee conduct.  There is some inherent security risk in providing access to the broad user-base of a library or university; nonetheless, the library should resist attempts to manage that risk by placing all of it on the library.

Several methods are available to libraries to satisfy their “reasonable efforts to inform” Authorized Users of the applicable license terms. Most libraries use an internal site or intranet to post terms of use for authorized users is a common practice for using reasonable means to communicate license terms. How a licensee chooses to meet this standard will be specific to that party or institution. While some will rely on general terms to cover most common terms for all eResources,[8] others may make terms of use available to users via a license database[9] or catalog record.[10]  Terms for specific resources can also be shared alongside other information about the resource, such as in an associated LibGuide.[11]

In some cases, it may make sense for the library to add a click-through or pop-up notification of the terms on, for example, an authentication page for the resource.  Many vendors also use click-through agreements of their own, which can be counterproductive if the click-through terms do not match the negotiated terms of the agreement, but can be helpful if the vendor is able and willing to customize them for the specific case.  If a vendor does impose their own click-through agreements for end users, one way to ensure the consistency of the terms of the click-through with the rights you’ve negotiated under the main agreement is to include language in the main agreement following the click-through or terms of use reference to the effect of: “To the extent there is any conflict between Licensor’s [click-through; Terms of Use] and this Agreement, this Agreement shall control and prevail.”[12]

Protecting from Unauthorized Access and Use

How the licensee provides access to Authorized Users will influence the understanding of what constitutes “reasonable” data protection. When IP authentication is the preferred method of access, an institution or licensee may have internal security protocols which act as a security gate, automatically allowing access to Authorized Users, such as researchers and library ID card holders, while at the same time restricting all others. This security method facilitates access for Authorized Users licensed materials while preventing unauthorized users from gaining access to licensed content. In instances when access is manually monitored or administered by individuals, such as library staff, (via usernames and passwords or leveraging individual access keys) there are a different set of risks for unauthorized access. Identifying and revisiting these access points with frequent workflow reviews can help reduce the potential for unauthorized use.

It is important that the security measures around access use “reasonable efforts,” because it provides flexibility and bases the standard on comparison with the actual practices of other similar institutions.  No authentication method is foolproof, and the institution should avoid over-promising on their security capabilities.  The phrase “industry standard” is another standard of care which you may see in these contexts (i.e. “Licensee will use industry standard methods to restrict access to the Licensed Materials”).  This is a less preferred option than “reasonable efforts” because of the potential for mismatch – is the correct “industry standard” equivalent to the data security at a large pharmaceutical company or another academic institution?  The library and the vendor may understand this term very differently.

The model language provided above limits the library’s obligations to reasonable efforts to control access to the material and to reasonable efforts to inform end users of the terms. A slightly stronger form of the clause can also provide that the library will “use reasonable efforts to ensure that Authorized Users comply with Authorized Uses.”  This is less than assuming full responsibility for the acts of authorized users, but is still limited to “reasonable efforts,” and may be a reasonable fall-back option for your institution.

Importance and Risk

Notifying authorized users of the terms will ultimately lead to improved compliance, responsible use of the licensed content, and increases protection from liability for both the end users and the institution. Through the act of notification, the licensee can demonstrate it took appropriate measures to fulfill its obligations of compliance, if challenged.

These clauses should be negotiated in parallel to the warranty and indemnity clauses,[13] and considered alongside them.  The liability that the institution is taking on depends on both the indemnification agreed upon in the contract and the obligations that the licensee is undertaking.  The liability that the institution is willing to take on will differ by institution, and you should negotiate these clauses with a strong understanding of both your local policies, and the interaction between the clauses.  For example, you may be able to balance the risk of a stronger direct obligations clause by also having a strong liability cap.

  1. In legal parlance, only the legal entities of the library and the licensor are in “privity of contract.” Garner, Bryan A., editor. Black’s Law Dictionary. 12th ed., 2024, s.v. “privity.” In some cases, such as author rights clauses [add crossreference to that chapter], authorized users may also be third-party beneficiaries of the contract, which gives the authorized users the legal standing to enforce the terms of the contract that are intended for their benefit.
  2. If the authorized user’s conduct also constitutes copyright infringement or some other offence then the vendor may also have remedies against the authorized user directly, but the vendor’s contractual remedies are limited to the parties to the agreement.
  3. Liblicense model license.
  4. For more on this topic, see the chapter on User Data Privacy [add cross-reference.]
  5. See, e.g. UC Berkeley’s Acceptable Use policies for IT resources, https://security.berkeley.edu/policy/acceptable-use-policies-uc-berkeley-information-technology-resources
  6. See, e.g. UC Berkeley Library’s “Conditions of Use and Licensing Restrictions for Electronic Resources,” https://www.lib.berkeley.edu/about/conditions-of-use-for-electronic-resources.
  7. In legal terms, there is an agency relationship between an employer and an employee, and the employer is already broadly liable for the acts of their employees. See, e.g., https://www.law.cornell.edu/wex/respondeat_superior.
  8. See, for example, https://www.lib.berkeley.edu/about/conditions-of-use-for-electronic-resources.
  9. See, e.g., https://cdlib.org/services/collections/licensed/resources/redacted-license-agreements/.
  10. See, for example, making license terms visible in library catalogs based on Alma and Primo, https://knowledge.exlibrisgroup.com/Alma/Product_Documentation/010Alma_Online_Help_(English)/020Acquisitions/040Configuring_Acquisitions/170Managing_License_Terms.
  11. See, for example, https://libguides.mit.edu/scifinder/term.
  12.  Note, however, that while this solution preserves the rights negotiated in the contract, the end users are still being shown terms in the click-through that may conflict with their actual rights, which is not ideal.
  13. See chapters [add crossreference to those chapters here]

License

Icon for the Creative Commons Attribution-NonCommercial 4.0 International License

E-Resource Licensing Explained Copyright © 2024 by Sandra Enimil, Rachael Samberg, Samantha Teremi, Katie Zimmerman, Erik Limpitlaw is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License, except where otherwise noted.

Share This Book