Who: 118 Data Resource Limited (“118″) and IDS Data Services Limited (“IDS”)
When: 5 November 2014
Law stated as at: 8 December 2014
118 and IDS are rival companies who provide contact details of businesses in the UK to their customers. As part of this, both companies are involved in the sale and licensing of these contact details to third parties.
In 2009, 118 licensed its database of such details to IDS for a fee. At first glance, it might seem surprising that 118 was prepared to share its database with a rival, however this is relatively commonplace within the industry and 118 ensured that the licence contained restrictions on IDS’ ability to sublicense the data (including a limit on the amount of data records that could be sublicensed to any one customer and the specific referencing of certain other rivals to whom IDS was prohibited from granting a sublicence, such as Thomson Directories).
In order to ensure that it could monitor IDS’ compliance with the agreement, 118 included in the contract a standard audit right which was drafted as follows:
“[IDS] undertakes and agrees with 118 that it will…permit any duly authorised representative of  on reasonable prior notice to enter into any of its premises where any copies of [the Database] are used, for the purpose of ascertaining that the provisions of this Agreement are being complied with.”
In late 2013, it became clear to 118 that IDS had breached the agreement by sublicensing part of the database to Thomson Directories. 118 was also concerned that IDS had exceeded the maximum amount of records that it was permitted to sublicense under the agreement (although 118 was not able to prove this in court). As such, 118 sought to enforce the audit clause in the agreement and when IDS did not allow entry, 118 applied for summary judgment for specific performance to compel IDS to let a 118 representative inspect the premises and IDS’ use of the database.
Breaking down the audit right
The High Court judge broke down the various elements of the contractual audit right in deciding whether to enforce it. Firstly, he considered who should be granted access. The audit provision stated that “any duly authorised representative” may enter to ascertain that the agreement was being complied with. Although he noted the risk to IDS that a 118 employee might learn something of commercial advantage during inspection, the judge nevertheless held that there was nothing in the express wording of the relevant provision that would require 118 to send an independent third party.
However, having established this, the main issue facing the judge was determining the purpose for which entry should be granted. The audit clause allowed entry “for the purpose of ascertaining that the provisions of this Agreement are being complied with”.IDS claimed that this was a reference to the provisions relating only to IDS’ storage or use of the database whereas 118 argued that this referred to all provisions of the agreement, including the terms on which IDS sublicensed the data.
The judge looks to the wider contractual rights
To provide context on 118’s other contractual rights relating to IDS’ sublicensing of parts of the database, the judge referred to another clause in the agreement which permitted 118 to vet standard terms of IDS’s licences, but not to see commercially sensitive information such as sublicensee names or the prices at which such sublicences were granted. With this in mind, the judge decided that the audit right was not intended to give additional rights to see commercially sensitive information over and above what was already provided for in the agreement.
Limiting the search
Finally, the judge considered what 118 might be entitled to do in the event that access to IDS’ business premises was granted. He noted that there must be a restriction to ensure that 118 can only search for material relating to IDS’ use of the database and not any other commercially sensitive information. However, he concluded that there was no mechanism for this in the agreement and that it was not the court’s job to redraft the agreement in this respect. Further, the judge noted that the contract was silent on what 118 would be entitled to do if they discovered a breach. There was no express right to remove the data and so any decision by the High Court would involve substantially rewriting this part of the agreement.
Given this uncertainty and the judge’s hesitation to infer more rights for 118 than the contract expressly granted, the judge concluded that 118 was not entitled to specific performance of the audit provision by summary judgment.
Why this matters:
In some ways, this judgment will come as a surprise to those parties who have inserted a similar policing clause into an agreement on the expectation that it will be enforceable should a suspected breach by the counterparty occur.
The refusal of the court to award specific performance highlights that the court will not extend audit rights to cover the inspection of information or documents to which the contract specifically restricts a party’s access. Additionally, if the contract is silent on a party’s rights during or following an audit, the court is likely to be hesitant to interpret the contract in such a way that the auditing party is granted further rights, particularly if these rights relate to commercially sensitive information.
As such, database holders (and other businesses involved more generally in data processing and sharing arrangements) should ensure that they draft audit provisions in such a way that they clearly set out the specifics of the inspection rights. Contracts should be unambiguous on what rights the auditing party has, the purposes for which the auditing party can enter a premises to inspect, which data the auditing party is allowed to inspect and what the auditing party is entitled to do in the event that a breach is discovered. If an audit provision is clear on all of these points, there is a much greater chance that it will be enforceable if a dispute occurs.