I came across this article published in WSJ on customers starting to press software makers assume responsibility to pick up costs for underperformance. Excerpts with edits and my comments added:
Major technology customers, due to mouting costs to fix problems caused by software flaws, are starting to press software makers to assume responsibility for the faults and pick up some of the costs. The moves are aimed at making tech companies rethink the way they write and sell software. Executives responsible for computer security at companies including General Motors Corp., AT&T Corp. and Alcoa Inc. say software vendors should begin to stand behind their products much as sellers of other products and services do. The word liability sends shudders through the software industry. Until now, most software makers have sold their products on the condition that they won't be held liable if flaws cause damage, be it from computer crashes or virus attacks that exploit the faults. The cost of repairing such flaws, or of reimbursing customers harmed by hacker attacks or viruses, could cost a vendor many millions of dollars.
Customers are challenging the traditional exemption in the hope that increased liability will force vendors to deliver more secure and reliable software. GM, for example, is attempting to get software and computer-services vendors to agree to penalty provisions in new contracts that could hold the vendors liable if they fail to meet security requirements. Customer expectations relate to an engineered automobile with high reliability rolling out of the factory. Each time a software maker issues a "patch," or fix, to repair a flaw "is in a sense a recall," says Alan Levine, head of global information security for Alcoa. Mr. Levine suggests that software makers should cover customers' costs for installing these patches, "or at least assist us in paying for it. Other customers are seeking to add liability clauses to their "service level agreements" with outsourced technology providers, which specify performance requirements such as how many times a computer system may go down. losses, we may have some kind of liability.
The push is part of a broader shift in the balance of power in the computer market, where slower spending and maturing technologies are increasingly giving buyers more power over tech vendors. Switching costs prohibit customers from acting against the vendors.
My Take: While empathizing with the customers – we have to differentiate between desktop applications, utilities , managed services. I totally agree that in respect of desktop applications and utilities – the customers are suffering – in a month I almost lose –a –day for my administrator to fix issues in my laptop – I always tell my administrator that I sort of think that I am sitting on the tip of a volcano when routine upgrades/maintenance do not happen in time. Coupled with internal security administrative measures- administrators have to spend more and more time given the fact that upgrades happen so frequently. In fairness, some measures have been taken in the industry like auto updates and remote diagnostics but we are far off from virtually managing desktops and laptops to the user’s satisfaction. In respect of managed services, it is fair to say that service level agreements need to be in place with liability lock-ins. However in respect of enterprise software rollout, the issues are different. The enterprise software is much more complex and the success of implementation is really dependent on various factors – management commitment towards implementation and change management, degree of success that has been planned for in terms of dollars, resources, quality of program management, maturity of internal processes already in place, degree of preparedness of internal organization to absorb new technologies and processes, synchronous delay management, escalation management, responsibility distribution and monitoring – all play a role in the success of a enterprise software rollouts. I have seen double digit million dollar software solution rollouts suffer on the dimensions of time/cost/quality on account of these seemingly simplistic issues. Several times customer organisations seriously underestimate the amount of energy that may be needed in rolling out solutions across the enteprise. One area where definitely the product vendors need to be held responsible is their claims on "Out-Of-The-Box" rollouts - In my experience, many of these are certainly questionable - also when a customer says either they know all or when they say they do not know anything - and therefore initiative should be driven by consultants - alarm bell rings in my mind. I agree with Jeff Nolan when he says,"It's not like buying a toaster or an electric toothbrush and plugging it into the wall".
Indemnification of the consulting company and product vendor would presuppose that the customer provides fair opportunity to roll out software in agreed upon manner that includes co-ordination of all activities in time in a qualitative manner – too often we witness that customers have a certain date in mind to roll out solutions and typically these get forced down – denying in the process opportunities to set solid things in place and too often consultants are forced to take a liberal view in terms of approvals not coming in time or the lack of it.several assumptions in respect of other systems that are in place getting busted and brain waves and flash thoughts of customer executives all infringe on the quality of the rollouts and the subsequent high cost of maintenance.