Force Majeure (less secularly known as “Act of God”) clauses are standard contract language and should be included in your data center checklist. Having your data center wiped out by a meteor strike means you’re not getting service credits and there’s not much you can do about it (there are concessions that can soothe that pain, but that’s a separate topic). However, although the laundry list of what is and isn’t force majeure is almost standard, a frequent trick play is layering in some non-standard exclusions that take away data center risk that the vendor should bear. As with other failures to measure non-performance, an overabundance of exclusions can mean the risk of losses anywhere from $2K in service credits to accepting a 7-figure early exit penalty when you’d much rather terminate for cause… and for free.
As juicy as they sometimes are, we can’t quote the data center contracts we negotiate, but here’s a relatively standard force majeure clause from a public source documenting a relationship between Fusion Telecom and Terremark that we weren’t party to in any way:
Neither Party shall be liable for default if nonperformance is caused by an occurrence beyond Party’s reasonable control (whether, in whole or in part) including, without limitation, fire, flood, acts of God or the public enemy, epidemics, quarantine restrictions, strikes, unusually severe weather, and delays of common carriers or other circumstances or conditions that render it hazardous for a Party’s personnel to travel to or enter onto the affected site; strikes, lockouts and other labor disturbances; acts or omissions of governmental authorities, other telecommunications operators (not due to the fault of the claiming party under this provision) administrators or other competent authorities; military operations; riots and industry wide government codes, ordinances, laws, rules, regulations or restrictions that render performance under this Agreement impossible.
Context-free, this is actually a decent provision.
Knowledge of both of these providers makes it somewhat interesting. For example Terremark built its business on having a bunker in Miami specifically designed to withstand “unusually severe weather” and if your data center is in a hurricane-prone area, you might want to think about carving that particular act of God out of the contract. On the other hand, Fusion is a carrier, and, as every other mid-size network, relies heavily on upstream providers rather than its own fiber. If these providers ever drop service to Fusion either accidentally or in a peering dispute, the clients are out of luck. But these are comparatively minor nitpicks.
For a more egregious abuse of the force majeure leniency, we can turn to an example from Yale. It’s a perfectly generic sentence that would give me all kinds of uneasiness if left in a data center hosting contract
Liability doesn’t apply for reasons including, without limitation, failure of suppliers, subcontractors, and carriers, or party to substantially meet its performance obligations.
So, say you just signed a major data center contract / lease with a real estate company and you’re trying to hit a committed install deadline. But turns out the “supplier” of the UPS equipment was unable to expedite. Oops, too bad, we’re not responsible for the blown deadline. And if the operating company (a “subcontractor”) turns out to be unable to operate the equipment properly and you experience outages, well, they’re a subcontractor, so that’s an exclusion. And then if you bought some network access via your landlord, you’re locked out of carrier screw-ups as well. The items on your data center checklist are growing.
All of the above examples are more errors of ignorance than intentional wrongdoing — some terms may be ok in a generic contract but underestimate the responsibility an IT service provider bears for managing upstream resources such as power and network. We have, however, also seen an addition that considers the connection of every single piece of equipment not explicitly approved by the supplier in writing to serve as an exclusion for all future SLAs on the entirety of the infrastructure. In other words, plug in a new server, and you have zero SLA leverage. That’s something that’s much more likely to be an intentional trick play designed to get separation between the supplier and its liability for failures, and is something your data center checklist should cover.