Link: Clio Privacy Policy. I saw an announcement of the Clio beta SaaS case management service at Robert Ambrogi's blog, and signed up for the beta, just for fun. I have been skeptical of SaaS for law firm mission critical data crunching for some time; my primary worries being over the security and retrievability of the data. What if the company goes out of business? Do I have a local copy of the data, in usable form? What security protocols are in place? You know, basic questions. Larry Port of RocketMatter and I have had a running dialogue about the risks and benefits of putting case management and time and billing information on a remote, hosted computer service. Then I took a look at the Terms of Service for Clio. Just a few of the gems on the hit parade:
"1. You expressly understand and agree that Themis Software shall not be
liable for any direct, indirect, incidental, special, consequential or
exemplary damages, including but not limited to, damages for loss of
profits, goodwill, use, data or other intangible losses (even if Themis
Software has been advised of the possibility of such damages),
resulting from your use of the API or third-party products that access
data via the API. 2. Abuse or excessively frequent requests to Clio via the API may result
in the temporary or permanent suspension of your account's access to
the API. Themis Software, in its sole discretion, will determine abuse
or excessive usage of the API. Themis Software will make a reasonable
attempt via email to warn the account owner prior to suspension. 3. Themis Software reserves the right at any time to modify or
discontinue, temporarily or permanently, your access to the API (or any
part thereof) with or without notice."
There is more, but you get the idea. So, Themis, you want total control of my law practice, and you can terminate me at any time, without liability. I SO want to send my money to you.
Rick
Point taken ... but how is that different from any other player out there? For that matter, if I were the lawyer for Themis I would tell them to do just what they have done here - cover their backside. You don't approve?
M. Hedayat
Posted by: mazy hedayat | June 28, 2008 at 03:02 PM
It is a very serious issue. I do not think it is reasonable either to discount it by saying everybody else does it, or they are just needing to cover their backsides. Covering backsides means that you do not wish to deal with such a serious matter, you do not take the matter seriously, and/or your concern is not with the matter or issue as it is not getting sued for serious problem that is apparent. Now, such disclaimers and agreements are fine to propose. I would just suggest that nobody needs to use the services of companies that fail to address these issue knowing they are likely arise at some point, and only think of protecting their backside when the inevitable happens. Good technology worth using is technology and systems that figure out how to address these issues and concerns as opposed to disclaiming around them.
Posted by: Chuck Newton | June 28, 2008 at 04:48 PM
First of all, thanks for your interest in Clio. I think there are a few misconceptions about the intent behind the Terms of Service for our beta service, and I'd like to try to clear them up.
The section of our Terms of Service you take issue with refer specifically to the Application Programming Interface (API) for Clio, not the actual web interface for Clio. We are developing a REST API for Clio that will allow advanced users to access Clio directly from their own programs and/or scripts, and the section of the Terms of Service you refer to in your blog posting are constrained to the API access. The API is an experimental service, and the Terms of Service reflect that by indicating that the API may be discontinued at some point in the future. The remainder of our Terms of Service reflect the fact that Clio is currently in beta, and are not necessarily the same Terms we will launch with when we release our product to paying customers. Our beta users know that the service may change dramatically while they use it, may be down for maintenance occasionally, or may be subject to occasional bugs or other issues - these are the kinds of issues beta periods are meant for. The Terms of Service intend to reflect the typical risks associated with using a beta service.
As a software-as-a-service provider, we understand the importance of our client's data. We treat our client's data as if it were our own, and use every resource available to us to secure and protect that data. In fact, our goal is to do a better job of securing and backing up our users' data than they, on average, would be able to do themselves.
As part of Clio's commitment to maintaining our users' data integrity, we continuously back up our client's data to an encrypted, secure, and offsite location. To protect the data from prying eyes, we secure all connections to Clio using bank-grade, 256-bit SSL encryption. We operate Clio's servers out of a secure, enterprise-class data center. We also subscribe to services that continually scan the site for security vulnerabilities.
Your question regarding local data availability is a good one. Clio will provide a mechanism to download your data in raw form (e.g. CSV files), allowing you to store your own backups in addition to those Clio continuously performs. We will also ensure we deliver your data to you in the unlikely event Clio should cease operations.
Our Terms of Service, like Clio itself, reflect our Beta status. We're listening, and are keen to hear what you and the legal community would like to see in a Terms of Service for our commercial release when we launch it.
Posted by: Jack Newton | June 29, 2008 at 11:51 PM