Contractors’ Questions: Should I resist the indemnity?
Contractor’s Question: I am an IT contractor for Company ‘X.’ They asked me to sign data protection policy. But one of the paragraphs worries me. "All contractors, consultants, partners or other servants or agents of Company X must:
- Allow data protection audits by Company X of data held on its behalf (if requested)
- Indemnify Company X any prosecutions, claims, proceedings, actions or payments of compensation or damages, without limitation."
I suspect that Company X could therefore ask me for compensation related to damages or problems not caused by me. Am I right to be concerned?
Expert’s Answer: Firstly, Company ‘X’ is within its rights to require that you abide by the Data Protection Act 1998 to the extent that they relate to your obligations to Company X.
However the provided paragraph, as it stands and it being isolated from the contract (I therefore cannot see any other limitations to this clause if any exist) is rather worrying.
As a result, I would suggest that you revert back to them and firstly resist the indemnity.
The indemnity as it stands will mean that Company X can make a claim against you without having to prove loss/ damage. Without an indemnity being in place, if there is a breach by you, Company X would simply have to sue you for breach of contract.
Secondly, consider that you can attempt to limit your exposure under this clause to the amount you are insured for. Of course the overall limitation will be limited to those losses that occur as a result of any negligence on your part.
The expert was Ben Evans, a solicitor on the e-commerce team of Southampton-based legal advisory Lawdit.
Editor's Note: Further Reading - Why IT contractors must check indemnity tenses