Category: Publications

Four new European regulations impacting the European digital market in 2021

+++ BONUS: THE DIGITAL SERVICES ACT PACKAGE

The regulation of the European digital market is a constant preoccupation of the European Commission. Be it for the increase of the consumer welfare, as the Commission claims, or for setting roadblocks on the path of the technology powerhouses to dominate the European digital space, as the industry claims, here are the most important European regulations that will shape the European digital market in 2021.

1. Audiovisual Services – Keeping Up with New Video Content Distribution Models

The 2018 Audio Visual Services Directive[1] is already here and brings significant changes for linear broadcasters and on-demand service providers, providing minimum harmonization standards. One of the most notable change brought about is the introduction of rules regarding video sharing platforms, which will be subject to stricter obligations to protect viewers, especially minors, from harmful content in the online world and will be required to take appropriate measures to protect individuals from incitement to violence or hatred and content constituting criminal offences (in essence, a public provocation to commit terrorist offences, child pornography and racism/xenophobia).

Despite the implementation deadline of 19 September 2020, Romania is still to present for public consultation a draft implementation law.

2. European Electronic Communication Code – Consolidation and Reform

In December 2018, the first the European Electronic Communications Code (“EECC”) was adopted[2], representing a far-reaching reform of the European framework in the field of electronic communications. The notion of electronic communications service was expanded to incorporate the evolutionary changes in the sector, leading to more and more service providers being subject to the provisions of EECC (e.g. interpersonal communications services provided over the internet, such as Whatsapp, are now included in the electronic communication services).

EECC must be transposed by the Member States until 21 December 2020. In Romania, the draft implementation law is currently under debate and, with the deadline just around the corner and a Parliament in the making, it is unlikely that the implementing law will be adopted in time.

3. Expanding Consumer Rights in the Digital Space

2019 Digital Content Directive[3] and 2019 Sale of Goods Directive[4] aim to reduce transaction costs for businesses by aligning the EU legislation and to increase the level of protection and legal certainty for consumers when buying from across the EU. These come in addition to 2019 Platform-to-Business Regulation[5] which deals with the relationship between platforms and their business users, which came into effect in July 2020.

While the Sale of Goods Directive applies to sale contracts between a consumer and a seller for goods, including goods with a digital element (e.g. smartwatches, smart TVs etc.), while the Digital Content Directive applies to contracts concluded between a consumer and a trader which supplies digital content or digital services. The definition of “digital services and digital content” covers, inter alia, social media services, software as a service and various computer applications. However, certain services, such as healthcare, financial services and open-source software, are expressly excluded. A very important aspect is that the Digital Content Directive also applies when the consumer provides its personal data as payment in return for the digital content or service. The question of contract validity, in this case, is, however, left to the national laws.

Both directives must be adopted by the Member States before July 1, 2021, and shall apply from 1 January 2022.

4. Biggest Overhaul in Copyright Laws for 20 Years

The 2019 Copyright Directive[6] is the biggest overhaul of European copyright laws since 2001 in view of increased cross-border use of digital content. The new rules provide increased protection for authors and artists while opening new possibilities for accessing and sharing copyrighted content online across the European Union.

Online content sharing service providers are greatly impacted by this Copyright Directive. In an unprecedented shift in liability for copyright infringements, content sharing platforms will be, in principle, required to obtain licenses for copyright-protected content uploaded by users, unless certain conditions set out in the Copyright Directive are met. The new rules continue to be subject to intensive debate and the practical implementation of “policing” and rights collection systems is giving the whole industry a big of headache.

The Copyright Directive must be implemented across EU by 7 June 2021.

Bonus: The Digital Services Act Package 

The Digital Services Act (“DSA”) is a legislative package published on 15 December 2020 by the European Commission, which aims to create a modern legal framework for digital services[7]. DSA represents the biggest regulatory reform effort in the sector of digital services since the 2000 E-commerce Directive in 2000 and is aimed at strengthening the Digital Single Market and ensuring that digital service providers in the European Union act responsibly to mitigate risks faced by their users and to protect their rights. It aims to tackle the issues posed by the rising power of internet platforms, especially of the so-called gatekeepers (who, for example, would be required to observe requirements intended to ensure inter-operability with competitors) and marks a return by the European Commission to ex-ante type of measures rarely seen in a couple of decades.

 

[1] The Directive (EU) 2018/1808 amending Directive 2010/13/EU on the coordination of certain provisions laid down by law, regulation or administrative action in the Member States concerning the provision of audiovisual media services (Audiovisual Media Services Directive) in view of changing market realities (“AVMSD”)

[2] Directive (EU) 2018/1972 of the European Parliament and of the Council of 11 December 2018 establishing the European Electronic Communications Code, repealing the provisions of Directive 2002/21/EC

[3] The Directive (EU) 2019/770 on certain aspects concerning contracts for the supply of digital content and digital services;

[4] Directive (EU) 2019/771 on certain aspects concerning contracts for the sale of goods;

[5] Regulation (EU) 2019/1150 of the European Parliament and of the Council of 20 June 2019 on promoting fairness and transparency for business users of online intermediation services;

[6] DIRECTIVE (EU) 2019/790 on copyright and related rights in the Digital Single Market and amending Directives 96/9/EC and 2001/29/EC

[7] https://ec.europa.eu/digital-single-market/en/digital-services-act-package

The electronic signature: long-distance (commercial) relationships

*An article by Cezara Constantinescu, Senior Associate

The state of emergency has brought a series of changes in the life of each of us. Among these, the way we communicate, the way we conclude contracts, the way we carry out our interactions with the public authorities. All these must be made, in principle, from a distance.

In this context, the electronic signature takes on particular relevance. The electronic signature is an instrument which exists and has been used for years, which however becomes particularly relevant in the current context, especially since the presidential decrees[1] not only imply, but also expressly advise towards the use of electronic means of communication. Moreover, GEO 38/2020[2], in force as of 7 April 2020, grants an increased legal value to the advanced electronic signature, allowing the use of such signature by natural/ legal persons in their relations with public authorities and institutions.

In this article, we will present the types of electronic signatures, their specific effects, as well as the issue of the electronic signature originating from a non-EU country.

I. The types of electronic signatures. The national and EU regulation.

Two main pieces of legislation on electronic signature are applicable in Romania, namely:

Law no. 455/2001 on the electronic signature (”Law 455/2001”);

Regulation (EU) No. 910/2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC („eIDAS”).

Being an EU regulation, eIDAS is mandatory and directly applicable in the national legal system. eIDAS has priority over Law 455/2001, where it grants broader rights than the latter. In any case, eIDAS is based on the principle that the legal effect of electronic signatures is defined by national law, except for the requirement according to which a qualified electronic signature should have the equivalent legal effect of a handwritten signature (para. (49) eIDAS preamble).

On a basic level, the electronic signature is defined as data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign. Three types of electronic signatures are regulated:

1. The simple electronic signature – consists of data in electronic form which is attached to or logically associated with other data in electronic form and which is used by the signatory to sign.

For example, the signature used in an e-mail, or the signature given on certain digital signature pads.

2. The extended electronic signature, named advanced electronic signature (“AES”) in eIDAS – is that electronic signature which:

is uniquely linked to the signatory;

allows the identification of the signatory;

is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and

is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

Examples: DocuSign[3], PandaDoc, etc.

3. The extended electronic signature based on a qualified certificate, named qualified electronic signature (“QES”) in eIDAS – is an advanced electronic signature that is created by a qualified electronic signature creation device, and which is based on a qualified certificate for electronic signatures;

Consequently, the main difference between an AES and a QES is that the latter is created by a qualified electronic signature creation device, and is based on a qualified certificate for electronic signatures. These additional elements of the QES generate the presumption that the identity of the signatory is the real one, the reason for which QES is the “safest” type of electronic signature, and has the highest legal value, as will be shown below.

Qualified trust service providers in Romania are listed in the Registry kept by the specialized public authority, which is currently, the Ministry of Transport, Infrastructure and Communications[4]: https://www.comunicatii.gov.ro/semnatura-electronica/ The Registry is updated by the authority as changes occur with respect to the providers.

At an EU level, the full list of trust service providers – including QES in the member states, as per eIDAS, is published at this address: https://webgate.ec.europa.eu/tl-browser.

There is an important aspect which we underline here, namely that, as per Art. 25 (3) eIDAS, a qualified electronic signature based on a qualified certificate issued in one EU member state is recognised as a qualified electronic signature in all other member states. Consequently, a QES based on a qualified certificate issued in another member state is recognized as QES in Romania and has the same legal effects as a QES issued by a local provider.

II. The legal effects of the three types of electronic signatures

Below we will present the legal effects of the three types of electronic signatures, starting with the one with the highest legal value – the qualified electronic signature (QES), and continuing with the other two types of electronic signatures – the advanced electronic signature (AES) and the simple electronic signature.

1. The qualified electronic signature (QES)

Both eIDAS and Law 455 provide that an electronic document signed with QES is assimilated, in what regards its conditions and effects, with an act under private signature. More specifically, the QES has the legal value of a handwritten signature.

At the same time, when the written form is legally requested as a condition of validity or proof of a legal act, an electronic document fulfils such condition if it is signed with a QES.

In this respect, we mention by way of example:

Legal acts for which the written form is a validity condition:

a court claim / a request for appeal;
 a company’s constitution, as per the Company Law no. 31/1990 (when the notarized form is not required);
 the individual employment contract;
 the personal guarantee;
 the mortgage on movable assets;
 the land lease agreement;
the vote expressed in a company’s shareholders’ assembly, when the voter is not physically present;
 the vote expressed in the creditors’ assembly/ committee of an insolvent company, when the voter is not physically present;
 tax declarations;
 the handwritten testament.

Legal acts for which the written form is a proof condition:

 the legal services agreement (as well as any power of attorney based on such agreement);
the transaction agreement;
the company agreement (for companies without legal personality);
the insurance contract;
 the storage contract.

These legal acts are valid or can be proven, respectively, if they are signed with a QES.

2. The advanced electronic signature (AES) and the simple electronic signature

2.1 The general situation

We have previously shown that both eIDAS and Law 45/2001 give the QES the legal value of a handwritten signature.

Nevertheless, by interpreting the relevant legal provisions, we appreciate that the documents signed with AES or simple electronic signature may also have the effects of an act under private signature, in certain situations and under certain circumstances:

 In the case of legal acts for which the written form is not legally required as a condition of validity or proof (see item II.1 above) if the parties agree to use such signature in their relationship.

We may include here: orders; invoices; certain sales agreements; distribution agreements; service agreements; consumer agreements.

 For any legal act, if the party to whom the signature is opposed recognizes the signature.

In this regard, Art. 6 of Law 455/2001 provides that the act in electronic form, to which an electronic signature has been incorporated, attached or logically associated, recognized by the party to which it is opposed, has the same effect as an authentic deed between its signatories and their representatives.

The disadvantage is that in order to be valid, such recognition must be made in the legal form requested for the validity of the act, or before the court – if it comes to litigation. This is why, in practice, the use of a QES from the beginning is preferred.

For any legal act signed with an AES, even in absence of any recognition by the party to which the signature is opposed, if the interested party manages to prove that the AES meets the four cumulative legal requirements (item I.2. above), namely that it:

is uniquely linked to the signatory;
allows the identification of the signatory;
is created using electronic signature creation data that the signatory can, with a high level of confidence, use under his sole control; and
is linked to the data signed therewith in such a way that any subsequent change in the data is detectable.

In the case of QES, it is presumed that these requirements are met, until any proof to the contrary (Art. 9 of Law 455/2001).

Illustratively, in practice, we may think of situations like: (i) a party in a contract signed with an AES denies having signed the contract, and the other party wants to prove that the signature indeed belongs to the party that denies it; (ii) when the recipient of a unilateral legal act (e.g. a unilateral promise of sale) signed with an AES wants to exercise the rights granted by such act, but its author (signatory) denies the signature; (iii) when the author of a unilateral legal act signed with an AES wants to prove such act generated legal effects.

Of course, such proof may be difficult from a technical point of view, however not impossible.

In all cases, the interested party is entitled to challenge in court a certain signature, be it a QES, an AES or a simple electronic signature. In such a situation, the court may order a technical (IT) expertise, the objectives of which will be more or less complex, depending on what exactly is challenged.

2.2 The particular situation of GEO 38/2020 – the AES has the legal value of a handwritten signature for natural and legal persons in their relation with public authorities and institutions

The recent GEO 38/2020 – in force as of 7 April 2020, grants the AES the legal value of a handwritten signature, in the relation of natural and legal persons with public authorities and institutions, providing that:

 As of 7 April 2020, public authorities and institutions have an obligation of registering documents signed with the electronic signature;

The public authorities and institutions establish the type of electronic signature applicable for the use of a particular online service by the natural or legal persons, with the observance of eIDAS. GEO 38/2020 provides that within 15 days from its entry into force, the public authorities and institutions will issue the administrative regulations necessary for the implementation of this provision[5].

The documents signed with an AES, which are sent by the utilisation of authentication mechanisms of a substantial or high level, are assimilated – as regards the conditions and effects thereof, with acts under private signature.

III. The issue of the electronic signature originating from a non-EU country

We have shown above that a qualified electronic signature based on a qualified certificate issued in one EU member state is recognised as a qualified electronic signature in all other member states (Art. 25 (3) eIDAS).

But what legal effects does an electronic signature originating from a third country have? For example, a document signed with DocuSign (USA). This is one of the questions we can face in practice.

As regards the QES, Art. 40 of Law 455/2001 provides that the qualified certificate issued by a certification services provider headquartered in a third country is recognized as having equivalent legal effects with the qualified certificate issued by a certification services provider headquartered in Romania if:

 The certification services provider headquartered in a third country had been accredited in the conditions provided by Law 455/2001; or

An accredited certification services provider headquartered in Romania warrants for that certificate; or

 The certificate or the issuing certification services provider is recognized by way of a bilateral or multilateral agreement between Romania and other countries or international organizations, based on reciprocity.

This latter hypothesis overlaps with the eIDAS provision according to which trust services provided by trust service providers established in a third country shall be recognised as legally equivalent to qualified trust services provided by qualified trust service providers established in the EU, where the trust services originating from the third country are recognised under an agreement concluded between the EU and the third country in question or an international organisation (Art. 14 eIDAS).

On the other hand, Art. 25 (1) eIDAS provides that an electronic signature will not be denied legal effect and admissibility as evidence in legal proceedings solely on the grounds that it is in an electronic form or that it does not meet the requirements for qualified electronic signatures.

We appreciate that our conclusions above (item II.2) on the legal effects of the AES and the simple electronic signature are relevant here. Accordingly, an electronic signature originating form a third country, that does not meet the requirements for being considered a QES, may have legal effects as an AES or a simple electronic signature, as follows:

 In the case of legal acts for which the written form is not legally required as a condition of validity or proof (see item II.1 above), if the parties agree to use such signature in their relationship.

 For any legal act, if the party to whom the signature is opposed recognizes the signature.

 For any legal act signed with an AES, even in absence of any recognition by the party to which the signature is opposed, if the interested party manages to prove that the AES meets the four cumulative legal requirements (item I.2. above).

Moreover, considering the provisions of GEO 38/2020, we conclude that an AES issued in a non-EU country can be used by natural/ legal persons in their relation with public authorities and institutions, having the legal value of a handwritten signature in the sense of the GEO.

Finally, we reiterate that a qualified electronic signature based on a qualified certificate issued in one EU member state is recognised as a qualified electronic signature in all other member states (Art. 25(3) eIDAS). Consequently, a QES based on a qualified certificate issued in another member state is recognized as QES in Romania and has the same legal effects as a QES issued by a local provider.

 

[1] Decree no.  195/2020 on the establishment of the state of emergency in Romania, issued by the President of Romania, in force as of 16 March 2020. Decree no. 240/2020 on the extension of the state of emergency in Romania, in force as of 15 April 2020.

[2] Government Emergency Ordinance no. 38/2020 on the use of documents in electronic form, at the level of public authorities and institutions, in force as of 7 April 2020.

[3] Except for DocuSign France, which is a QES provider according to the list of trust service providers in EU: https://webgate.ec.europa.eu/tl-browser/#/tl/FR/9

[4] Following the reorganization of the Ministry of Communications and Information Society (MCIS), on 19 February 2020. An update of the websites of the involved ministries was not done yet, therefore the Registry is still published on the (former) website of MCIS.

[5] At the date this article was written, no such administrative implementation acts had been issued.

Brief analysis of the Judgement of the Court of Justice of the European Union in Case C-567/18, Coty Germany v. Amazon Europe

*An article by Vladimir Griga, Associate

On April 2, 2020, the Court of Justice of the European Union (“the Court” or “CJEU”) ruled in Case C-567/18, concerning the reference for a preliminary ruling made by the German Federal Court of Justice (hereinafter “the referring court”) in the dispute between Coty Germany and Amazon Europe. This judgement may have significant implications for retailers, online marketplaces (which usually act as intermediaries of the latter), as well as trademark holders.

Facts

Coty Germany (hereinafter „Coty”), a German company and licensee of the European trademark “Davidoff”, made test purchases and found out that several perfumes from the “Davidoff How Water” line, which were offered for sale by third-party sellers on the Amazon-Marketplace platform (www.amazon.de), have been put on the EU market without its consent, hence infringing Coty’s trademark with respect to Davidoff. Amazon Europe (hereinafter “Amazon”) was not aware at the time the offers were published that those products violate Coty’s rights. Later on, Coty asked Amazon to disclose the details of those sellers, the latter refusing to do so. Finally, Coty sued Amazon for trademark infringement, requesting Amazon to cease the stock and dispatch of perfumes in Germany, if they are marketed without Coty’s consent.

Out of the Amazon companies that were sued, one runs the online platform, whilst the other one runs the warehouse under the “Fulfilment by Amazon” scheme. This scheme allows a third-party seller that uses the platform to delegate to Amazon the entire warehousing and delivery logistics of goods, albeit the former and not the latter remains the person that concludes the contract with the end customer (Amazon thus acting as an intermediary).

Reference for a preliminary ruling

In the dispute, the referring court requested the CJEU’s opinion with respect to the liability of an intermediary who, on behalf of a third-party, stores goods that infringe trademark rights, as long as the intermediary (the warehouse keeper) is not aware of this infringement.

The judgement of the Court

The CJEU decided to limit its judgement strictly within the scope of the question, concluding that the mere warehousing of goods, on behalf of a third-party, does not represent a trademark infringement, should that person be unaware of this infringement. In giving this solution, the Court has partially parted from the Advocate General’s opinion, the latter analysing in-depth the nuances of the issue at hand, from a double perspective.

The opinion of the Advocate General

The Advocate General considered that a distinction should be made between the intermediaries, depending on the nature of the services provided to the seller that had infringed the trademark.

» On the one hand, the Advocate General offered an answer similar to that given by the Court: if the intermediary carries out only ancillary tasks in the sales process, such as warehousing the seller’s products, then the intermediary cannot be sanctioned for trademark infringements if he/she was not aware of them, the responsibility belonging entirely to the seller. This is due to the fact that the intermediary does not have an active role nor any control in the sales process, as opposed to the seller.

» On the other hand, the Advocate General emphasised that the situation is different in the case of the so-called “integrated stores”, where the intermediary is actively involved in the sales process, offering not only simple warehousing services but a much wider range of services, such as online advertising and promotion, providing customer service, managing refunds of defective products, intermediation of payments between buyer and seller, preparation of products for delivery, including labelling, packaging and gift wrapping, and others alike. If the warehousing services, by themselves, could be regarded as accessories of the sales process, not the same can be said about the other services, which together put the online platform in a similar position to the seller, giving it more of a “co-seller” capacity, rather than it being just an intermediary of the seller.

We would like to point out that the Court did not consider the Advocate General’s analysis because the information regarding the active involvement of Amazon in the sales process emerged only in the procedures before the CJEU, the referring court failing to provide them in the context of the reference for a preliminary ruling. Nonetheless, from a procedural point of view, the Court has decided that it can only rule within the limits set by the referring court and, therefore, has omitted all that information and, consequently, the comparative analysis carried out by the Advocate General.

Conclusions and recommendations

Online marketplaces can breathe a sigh of relief for the time being, the decision, in this case, being favourable to them: the simple warehousing, on behalf of a third-party, of goods that infringe the trademark rights of another person will not lead to the liability of the online marketplaces unless they knew about that infringement. However, it is recommended that online marketplaces take into account the Advocate General’s reasons and consider the liability risk for trademark infringements, as the Court has not in any way ruled on the situation of “integrated stores”, which offer a broader range of services. At the same time, one needs to keep in mind that the intermediary’s liability in the present case concerned only trademark infringements: the Court itself warned that the intermediary’s liability may still exist on grounds of intellectual property enforcement and e-commerce, in cases where the intermediary enables another economic operator to use a trademark unlawfully, thus being liable for it.

What to look out for when contracting agile software development?

*An article by Radu Zmaranda, Associate, CIPP/E

Agile software development has become the core project management model applied by most, if not all, software developers nowadays. Often customers are unable to define their software needs from the commencement of a project, since they may vary depending on the business value, budget, profitability, its own clients’ requirements and other variables.

By oversimplifying the concept, the agile process implies a flexible iterative development of the desired software, each iteration representing a so-called “potentially shippable product” – i.e. a fully functioning standalone software module. This iterative approach to software development has been created to better adapt to the constantly changing requirements of the customers, as well as to deliver high-quality products through ongoing inspection and assessment of the software to be developed, continuous collaboration between cross-functional teams and prompt response to changes.

To put it bluntly: agile means delivering what the customer wants even if he does not know it yet.

This model is not, however, without obstacles for lawyers. One of core the values of agile software development, and probably one of the most feared by legal professionals, is: “customer collaboration over contract negotiation”, hence the paradox. The question that we are often faced within this type of engagements is: how can the parties have the flexibility of the agile model while maintaining the same level of protection as in standard waterfall development agreements?

This following article intends to give a broad overview of the most important aspects related to drafting agile software development agreements. For the sake of example, we will focus on the SCRUM methodologies, but many concepts presented herein are equally applicable to agile as a whole and are not limited to SCRUM

1. Shifting to agile: do we need a clean slate?

The short answer: YES!

Legal costs with contract drafting are never on the wish list of any developer or customer who wants to switch to the agile software development models, especially if they already have a very good standard waterfall software development agreement. Why can’t this agreement just be adapted to the new model when the subject matter is, in fact, identical: software development?

The truth is that the differences between the waterfall model and the agile model are significant, and adapting a contract which was designed specifically for the waterfall model may leave the parties exposed to various risks from a legal perspective.

2. The essentials of drafting agile software development agreements

This section shall focus only on certain specific aspects of the agile software development agreements, such as the key roles in the project, sprints procedure, acceptance, liability etc.

>> Define the key roles within the project

The Scrum Master (or agile coach)
• may be an employee of the customer, of the developer or a third party;
• the role of the Scrum Master essentially consists of support obligations for the product owner and development team (similar to a coach);
• the Scrum Master does not have any authority over the development team and the product owner, but must ensure that each of them cooperates in the most efficient manner and do not encounter any obstacles that may affect or impair the software development process.

The Development Team
• usually consists of employees of the developer (but could also include customer personnel);
• is responsible for the actual development and testing of the software;
• is responsible for estimating the effort required for the development of each item in the product backlog;

The Product Owner
• is the key representative of the Customer;
• is responsible for clearly communicating the goals and objectives of the project (i.e. the customer’s requirements) to the development team;
• is responsible for drafting and ongoing revision of the product backlog;
• is responsible for drafting and ongoing revision of the release plan;

Any agile software development agreement should identify the key roles in each project, as well as the obligations corresponding to each member of the project team. In principle, any such agreement should include the following roles and corresponding obligations:

>> Define the sprint process

During the duration of the agile agreement, the software is developed in iterations, often called “sprints”. The duration of each sprint is at the sole discretion of the parties, but it is usually between 2 and 4 weeks. A sprint usually starts with the planning of the respective iteration (aka the sprint planning meeting) and ends with the acceptance and review of the deliverables (aka sprint review meeting).

Although in practice there are discussions whether the sprint process, in itself, should be legally binding for the parties (claiming that a too rigid approach to the sprint process would be incompatible with the agile model), we deem that to a certain extent it is recommendable to make such process binding on the parties, as this would also better delineate the liability of each party in case the project does not progress as intended.

For example, planning and review meetings should be clearly defined in any agile software development agreement, whereas daily meetings could be left at the sole discretion of the development team in order to allow for better flexibility and time management during each individual sprint.

>> Create the Definition of Done

In SCRUM processes, the definition of done is the benchmark against which each deliverable from a sprint is measured, in order to determine whether it satisfies the customer’s requirements. Utmost importance must be given to the Definition of Done since it will pave the way for any future liability of the developer. The Definition of Done should be carefully drafted and negotiated at the commencement of the project, to ensure that both parties have a common understanding on what “done” actually means with regards to the delivered software. For example, the definition of done could provide that all customer’s functional/non-functional tests have been passed, that the acceptance criteria have been met for each product backlog item etc.

>> Create a liability mechanism for delay

In principle, delay is not a common concept in SCRUM projects. This is because velocity (which represents how many product backlog items can be developed by the development team during a sprint) is usually variable. If certain items could not be completed during a sprint, they are returned to the product backlog and prioritized in future sprints. In this respect, lawyers find themselves in situations in which they avoid determining a specific liability for delay and rely on the other provisions of the agreement, such as the obligations of each person involved in the project to self-organize and self-adapt in order to deliver in a timely and efficient manner.

In our view, however, this does not mean that the consequences of delay cannot be regulated in another manner. For example, in many situations the velocity of the development team can be determined with high precision. In this respect, even though fixed milestone and deadlines are usually discouraged, certain provisions guaranteeing a minimum velocity can overcome such gaps. Nonetheless, lawyers should pay very close attention to how such clauses are drafted, to ensure that even the guaranteed velocity allows the flexibility required by the agile models. Drafting too rigid provisions would lead to bottlenecks throughout the project.

>> Dispute Resolution mechanism

Finally, agile models rely heavily on the collaboration of the parties. There are many points during each engagement that disputes may arise, such as: whether the delivered iteration meets the definition of done, whether the effort estimates of the development team are reasonable and in accordance with good industry practice etc. Of course, in each agreement parties try to solve any dispute amicably, but in case they fail they must defer the dispute to the court.

Under agile models, given the incremental delivery, such an approach would create significant bottlenecks throughout the project. In this respect, a multi-tier dispute resolution mechanism is essential to any agile software development agreement. For example, any dispute which cannot be resolved between the product owner, scrum master and development team, may be referred to the middle management of each parties and ultimately to the top management of either party. Relying on an expert’s opinion is also often recommended in agile software development agreements, since many of the disputes are very technical in nature.

3. Key Takeaways

With the shift from waterfall software development models to agile development models, customers and developers alike must ensure that adequate contractual mechanisms are in place, which accurately reflects the new software development methodology. Considering the significant differences between the two models, the adaptation of classic waterfall software development agreements is not recommendable, as there will always be a risk of significant gaps in the protection granted to the parties.

Roles and procedures are the core elements of any agile software development agreement and collaboration of the parties represents the shell. Disputes should be treated as a natural part of the process and should be solved amicably through adequate mechanisms without bringing the progress to a full stop.

Agile models represent a success story and are here to stay. It remains the job of legal professionals to ensure that the agreements keep up with the rapidly changing trends in the technology sector. In the end, flexibility doesn’t mean anything without adequate safeguards.

RE: INFRA – Infrastructure, Utilities & Environment magazine, no. 5 | Winter Edition 2020 – Infrastructure beyond

*A material coordinated by Anca Albulescu, Partner

In our previous INFRA brochure, we asked ourselves what makes us better than robots. Our answer was: human interconnectivity.

The topic is vast and brings new challenges as days go by. Talking about human interconnectivity, Romania is most likely to be one of the first EU countries to implement the 5G technology. This is the fifth generation of mobile internet connectivity, which promises to grant a much faster upload and download speeds, much broader coverage and more stable connections. 5G technology is mainly about more efficient use of the radio spectrum and allowing more devices to access the same mobile internet at the same time. Just imagine a swarm of drones cooperating to carry out a search and rescue mission, which can fire warning fires and monitor traffic, all communicating wirelessly with one another and the base through 5G networks.

Moreover, we face a new concept: Infrastructure as a Service. Intriguing that only now infrastructure has started to be conceived as a service. It may be a service model that delivers computer infrastructure on an outsourced basis in the form of hardware, networking, and storage services to support business operations. Finally, we understand that it’s not only about the hardware, but also, again, about interconnectivity.

You can get a glimpse of all the above, but also read about hard facts of our day-to-day reality, such as de land book registration of construction erected without building permit and amendments of public procurement contracts… just turn the page and have a good reading!

The magazine can be downloaded in PDF format from this link.