Choosing an ISP

Legal considerations and FAQ

What should my firm do to protect itself legally?

Please note the Law may have changed since the publication of article.

Ultimately, the legal protection will be based on the contract between the parties. However, before you even get to that stage, you should check out the financial stability of the ISP by company search and other available means and put in place a proper contract with the ISP containing appropriate safeguards and comfort, including the factors set out later in this article.

What should our contingency plan consist of if things go wrong?

You should check out and be satisfied with the host’s disaster recovery plan and, ideally, have your own to ensure that there is no risk of shutdown.

What are the main issues for the contract with the ISP to address?

From a legal perspective, there are many issues. Some of the most important contractual issues to check are as follows:

  1. A guarantee of a suitable available level of Bandwidth which should be “burstable” to a higher level to cover possible increases in requirements;
  2. Provision of Detailed Website Use Statistics at regular reasonably frequent intervals;
  3. Provision of any other data which the host has agreed to provide in such format and at such times as suit you;
  4. Keeping your information and that of your customers as available from the website confidential (there may be personalised sections of the site only available to particular customers on use e.g. of a particular password);
  5. A guarantee of minimum average uptime in a service level agreement or schedule (99.5% per annum is probably the lowest acceptable in most cases);
  6. A commitment to make frequent, ideally daily, data backups;
  7. An undertaking to keep your information confidential;
  8. The provision of ancillary email services such as forwarding;
  9. A commitment not to increase the hosting fee for at least the first year of the agreement and thereafter by a modest index-linked percentage;
  10. A warranty to comply with the requirements of the Data Protection Act 1998, including without limitation, taking appropriate measures to avoid unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to personal data.

© This article is copyright Simon Halberstam 2008 and should not be construed as legal advice or opinion in any specific facts or circumstances. the contents are intended for generic information purposes only. You are urged to contact a suitably qualified lawyer for specific advice.