On June 27, 2018, in Appeal of CiyaSoft Corporation, the Armed Services Board of Contract Appeals held that the Government can be bound by terms of a commercial software license agreement that the contracting officer (CO) has neither negotiated nor seen. CiyaSoft Corporation (CiyaSoft) submitted a claim asserting that the Army had breached its contract to purchase computer software by using more copies of the software than were permitted by the contract. The Army denied the claim, in part, because the contract contained no terms specifying how the government would secure and protect the software. Instead, CiyaSoft had included license terms limiting the software’s use (i) inside the box containing the CDs with the software, (ii) on a piece of paper inside the software’s shrinkwrap, and (iii) in clickwrap that was displayed during the software’s installation process. On appeal, the Board found that although the contract included no license terms and the CO never saw or discussed with CiyaSoft the license terms that accompanied the software delivery, the CO had a duty to inquire about what use rights applied to the software and the failure to do so imputed knowledge of the licensing terms on the Army. Pointing to the longstanding policy embodied in the FAR that that the government should accept commercial computer license terms that are customarily provided to other purchasers, the Board held that “the government can be bound by the terms of a commercial software license it has neither negotiated nor seen prior to the receipt of the software, so long as the terms are consistent with those customarily provided by the vendor to other purchasers and do not otherwise violate federal law.”
Can U.S. law enforcement reach data stored oversees by using a warrant under the Stored Communications Act, 18 U.S.C. § 2701, et seq.? Until the Supreme Court decides the issue, which may happen next term, the answer is: it depends where the government applied for the warrant.
Over the last few years, U.S.-based technology companies have been increasingly resisting warrants under the Stored Communications Act for data those companies store oversees. These warrants, they claim, represent an extraterritorial application of the law, which Congress has never permitted.
Traditionally, if the government has probable cause to believe that a person’s email account contains evidence of a crime, and a federal magistrate judge agrees, a warrant would issue directing the email service provider to turn over those emails to the government. But data is increasingly stored in the “cloud.” And, as it turns out, the “cloud” consists of server farms located all over the world. Companies like Microsoft, Google, Amazon, Facebook, and Apple now host large quantities of data abroad, raising complicated jurisdictional questions.