top | item 8977875

(no title)

While it's honorable to want to keep things on a handshake-and-honor level, when things go wrong, none of that matters. In my experience, clients are impressed and more comfortable with proceeding when a written agreement is in place. The only time I've had trouble negotiating an agreement is when dealing with large mega-corporations, where I'm still able to add in notable definitions and exceptions to the work that I'm performing.

> "the client can afford more expensive lawyers than I can, so regardless of the truth they would be able to wipe me out"

Just like lines of code are not a measure of quality of software, hourly rates of attorneys are not a measure of the quality or effectiveness of their legal representation. The only time that you are on equal legal footing with a large corporation is when you're both entering the relationship. If you and a client sign an agreement defining and limiting the work and your liability, a more expensive attorney isn't magically able to rip that contract up.

> "if the client has to read the detail of the contract, it's probably too late to save the relationship anyway"

I couldn't possibly disagree more. If a client isn't willing to work with me on defining the scope of the work to be done for both of our benefits, then I have no faith that they're going to work well with me at all, on anything. For a software developer, a scope of work is also just another piece of documentation: here's what I'm building, and what it does and does not do. A client should be as eager to define that as you.

Case in point: a bank recently suffered a data breach and had to spend more than $150k to comply with its notification obligations, and the bank's insurance company sued the bank's web design firm for, as they allege, failing to do proper servicing, security updates, etc[1].

Web design firms doing ongoing security, monitoring, and maintenance is totally not the norm. Usually the design firm designs the site, either has a couple developers in-house or contracted to another company to build out the front-end and do any integration with the bank's back-end, and when it launches, all is over. But here, this small midwestern design firm with a few employees is on the hook for damages and their reputation will be destroyed.

There are many details lacking in the civil complaint in terms of what their actual responsibility was, or if there even was an agreement in place. But if the design firm had a master services agreement that (a) disclaimed responsibility for doing security monitoring, updates, malware fixes, backups, contingency planning, and any costs or lost business as a result; and (b) limited liability to the amount of money the bank paid the design firm (a common business practice); and (c) indemnified the design agency against any claims by third-parties; the complaint probably would have never been filed.

None of this is legal advice, but don't risk having your reputation destroyed and being personally bankrupted simply because you're desperate for work, lazy, or unrealistically optimistic about people having good faith in all situations.

[1] Article with linked PDF civil complaint: http://www.scmagazine.com/travelers-accuses-web-firm-of-shod...

discuss

No comments yet.