Decades in Business, Technology and Digital Law


by | Feb 9, 2024 | Firm News

In many license and services agreement negotiations the last clause to be finalized is the limitation of liability clause. There’s good reason for this because at the end of the day, after all the details regarding obligations and performance have been worked out and drafted, the actual availability of remedies will be limited to the damages and caps defined by the limitation of liability clause. As you will see, there are quite a few nuances that need to be understood when preparing and negotiating a limitation of liability clause so that if push comes to shove the parties are not surprised as to the scope of liability and remedies that are actually available.

Limitation of liability clauses deal with two very distinct types of damage limitations: (1) exclusion of indirect damages and (2) an overall cap on damages.


You cannot properly prepare or negotiate a limitation of liability clause unless you understand the definitions of the operative terms. The damages that need to be considered are direct, indirect and incidental. The definitions of these legal terms are vague and probably not clearly understood even by most legal professionals. However, without an understanding of these terms, negotiated limitation of liability provisions may produce results unintended or unexpected by the parties.

♦ Direct damages are damages that a party to an agreement would reasonably expect to arise from the breach in question, without taking into account any special circumstances of the non-breaching party. Direct damages could include all payments made by a customer to the vendor under the agreement.

♦ Indirect damages are losses incurred by the non-breaching party attributable to any special circumstances of the non-breaching party that the parties were aware of when they entered into the agreement. Note that damages which the parties are not aware of when entering into the agreement, are by definition remote, and would not be recoverable even without a limitation of liability provision. Indirect damages could include loss of profits, revenue, and losses arising from data breaches. An exclusion of indirect damages clause typically excludes a variety of types of damages such as indirect, exemplary, punitive, special, consequential and incidental damages, including loss of data, cost of replacement goods, equipment downtime or lost profits. For the record, consequential, special and indirect damages are equivalent, and exemplary and punitive damages are equivalent. Exemplary/punitive damages would only be awarded when a defendant’s actions are deemed willful, malicious, fraudulent, or grossly reckless. These damages rarely occur in a license and services agreement and therefore are discussed in this article.

♦ Incidental damages are expenses incurred by a customer in connection with a failure of performance by the vendor, or by a vendor in connection with wrongful termination or rejection by a customer of the services. Incidental damages could include cost of completing a failed project, transitioning to a different vendor, removal of installed software or hardware, and data recovery. The potential magnitude of incidental damages should not be underestimated. For ease, in the discussion below, both indirect and incidental damages will be referred to as “indirect damages.”

The Negotiation

Now that we understand the terminology, we can look at how to negotiate a limitation of liability provision. The common starting point for a vendor agreement will often be a complete exclusion of all indirect damages and a cap on all direct damages equal to x month’s fees paid by the customer. The provision will also often be one-sided and only apply to the vendor. Customer agreements on the other hand may start off with no limitation of liability provision at all. The theory being that the vendor’s actions can result in all sorts of losses to the customer and, at worse, the customer could be liable only for all fees payable under the agreement. This approach is a bit tricky and in many cases the customer hopes that the vendor simply does not notice that there is no limitation of liability provision which probably works sometimes, especially when no lawyer is involved.

As the negotiation proceeds, compromise will usually be required. Common exceptions to limitation of liability are breaches of confidentiality and data security, amounts owing under an indemnification, violation of laws, fraud, willful misconduct and gross negligence. It is critical to recognize that the exclusion of these items results in potentially unlimited liability.

Many vendors will accept unlimited liability for some or all of these items, except for data security, and for indemnifications that are beyond intellectual property infringement, fraud, willful misconduct and gross negligence. Liability for data security and data breaches, especially for hosted services, needs to be carefully considered by the parties and the scope of that issue is beyond the scope of this article. Also, when an indemnification includes broad items like any act or omission, any breach of the agreement or even any breach of warranty, then a vendor needs to consider whether unlimited liability is appropriate (often it would not be commercially justified).

Some agreements will include exclusions for indirect damages but not for the overall liability cap. This can be a trap for a customer and usually, from the customer’s perspective, the exclusions should apply equally to the indirect damages and liability cap.

Negotiating a liability cap can require some creativity. Sometimes there can be multiple caps applying to different types of liabilities. However, most often there is a single cap. The cap can be a specific dollar amount, all amounts paid under the agreement, all amounts paid under a specific statement of work, fees paid for 3, 6, 12, 24, etc. months, an amount equal to vendor insurance coverage, etc. The best result will be one that takes into account the specific risks and value of the agreement.

The loss of profit and loss of data oversight

Indirect damages are commonly viewed as being mostly composed of loss of profit and revenue, and therefore as the most high risk loss. So vendors will almost always insist on excluding these damages (subject to exceptions discussed above). A difficultly here is that due to the somewhat vague legal definition of indirect damages, there are some jurisdictions that under certain circumstances consider loss of profits and revenue to be direct damages. This is a very important point to consider and is the reason why you will often see “loss of profits and revenue” specified in the list of excluded damages. For a similar reason “lost data” is also often specified.

Exclusion of direct damages conundrum

Some agreement terms include in the string of excluded damages “direct damages.” Some courts have not viewed this exclusion favorably, sometimes viewing it as just a mistake because the drafters did not understand the terms or ignoring the term because inclusion would make the agreement illusory, void, and unenforceable. Rather than trying to exclude direct damages completely, the better approach is to put a cap on direct damages, which is discussed in more detail above.

Bottom Line:

As mentioned, limitation of liability provisions are usually the final provision to conclude during a negotiation. It is probably also the most important provision when evaluating the risks and remedies under an agreement. Clear knowledge of the transaction risks and benefits, combined with a clear understanding of the terminology and some creative thinking, will result in a mutually fair limitation of liability provision. Some deals have fallen through due to failure to agree on the details of this provision. However, with proper knowledge, creativity and flexibility, this should rarely happen.