In simple terms, a data centre is a building that contains computer servers and equipment that provides end users located elsewhere with access to large telecommunications networks and a stable electricity supply.
With the ever increasing consumption and processing of data, and the resultant need for secure and efficient storage solutions, the prevalence of such facilities will only continue to grow in the foreseeable future. According to datamap.com there are currently eight co-location data centres in the UAE.
Some typical types of transactions/arrangements associated with this burgeoning asset class that require consideration from a real estate perspective include:
- The acquisition of an existing facility or construction of a new data centre by a specialist data centre and co-location service provider (“Data Centre Service Provider”);
- The sale and leaseback of data centres by owners of such facilities in order to release capital;
- The long term leasing of a data centre by a Data Centre Service Provider from an owner or master developer that may require significant works / retrofitting to be carried out by such Data Centre Service Provider;
- The “wholesale” leasing or granting of rights of use by the Data Centre Service Provider relating to all, or substantially all, of the space in the data centre to a single end user with heavy usage requirements, such as to a large cloud provider. Such type of data centre may have been constructed on a build to suit basis to a particular end user’s specific requirements. Through such “wholesale” arrangements, organisations can access large scale networks for storage, processing and distribution of data without the corresponding capital investment otherwise required for such activities; and
- The “retail” leasing or granting of rights of use by a Data Centre Service Provider to multiple, different end users that have smaller power and space needs. Such end users typically lease or are granted exclusive rights over physically separated, often caged racks which house servers and equipment.
This article will primarily focus on the agreements entered into by a Data Centre Service Provider with an end user on either a “wholesale” or a “retail” basis (“Co-Location Agreements”).
Key considerations in locating and constructing a data centre
A large number of commercial, physical and legal factors will be considered by Data Centre Service Providers in planning and locating a data centre. However, some key essentials for operating a successful facility attractive to end users include:
- the availability of access to uninterrupted power. The power requirements for a data centre are significant given the high density of hardware contained within, and its cooling requirements. Without a constant supply of power a server simply cannot function. For this reason, there will be back up systems and generators to ensure an uninterrupted supply of electricity that is also insulated from any sudden surges in current or voltage. The “rent” paid under a Co-Location Agreement is often calculated in accordance with power usage rather than the physical area of space or number of racks used;
- keeping the data centre as a cool environment with low humidity to allow servers to function at their most optimum. Given the climatic conditions of the UAE, there are added cooling costs to consider when compared with data centres located in other parts of the world with lower year round ambient temperatures;
- having a reliable and fast telecommunications infrastructure allowing the flow of data in and out of the data centre. With trading firms for example, who have taken space in a data centre, delays or “latencies” of mere milliseconds in the transfer of information can be significantly damaging in terms of their competitive position;
- ensuring that data is available, accessible and secure at all times with comprehensive data recovery procedures in place in the event of a failure of the data centre - for example due to a power outage, an event of damage or destruction or a cyber attack; and
- as well as maintaining data security, ensuring that the data centre is physically secure by adopting a range of procedures limiting individual access to the data centre and particular servers or racks.
Key drafting issues relating to Co-Location Agreements in the UAE
(a) Are Co-Location Agreements leases or contractual rights of access?
Although it may be preferable for some end users for such Co-Location Agreements to be expressed as a lease that establishes a formal landlord and tenant relationship (for example, to take advantage of the generally tenant friendly lease laws in the UAE), in our experience it is not usual for Co-Location Agreements to take the form of a lease. Instead, they are usually structured as contractual rights of access, albeit with many characteristics commonly seen in lease agreements, such as:
- exclusivity of use by the end user and a right of “quiet enjoyment” for the duration of its term;
- limitations on the Data Centre Service Provider’s rights of access to the end user’s designated space;
- respective repair and maintenance obligations;
- rights of renewal;
- provisions relating to assignment and sub-leasing/contracting;
- a description of the services to be provided by the Data Centre Service Provider;
- provisions regarding the end user’s rights to make alterations to the designated space;
- reinstatement and termination rights upon the occurrence of events of damage or destruction;
- reinstatement obligations at the end of the term; and
- rights of first refusal regarding additional space in the data centre.
From a Data Centre Service Provider’s perspective, such contractual rights of access are preferable to a formal lease arrangement as it gives greater flexibility on the issue of landlord’s access rights. This is particularly important when hosting a number of servers for multiple tenants on a “retail basis”. It is also uncertain as to whether, if such Co-Locations Agreement were drafted as leases, whether they would be capable of registration in the Ejari and Tawtheeq short-term, online lease registration systems applicable in Dubai and Abu Dhabi. In Dubai, there are also particular licensing issues and other RERA requirements that need to be satisfied in order for an entity to legally sub-lease property which are likely to be an unattractive option for a Data Centre Service Provider (if it is itself subject to a superior lease).
Notwithstanding the above, Data Centre Service Providers should be aware that, under UAE law, there is less of a clear distinction between leases and licences (or other contractual arrangements) to occupy/use/access than in some common law jurisdictions. If tested, there is a risk that a Co-Location Agreement could be construed as a lease by the relevant judicial authorities (even if there is express wording to the contrary in the agreement that no lease or landlord and tenant relationship is created). If deemed to be a lease, this could provide the end user with a greater level of protection relating to such matters as security of tenure / rights of renewal, termination and rent control by bringing the agreement within the remit of laws governing the landlord and tenant relationship.
(b) End user’s right to make alterations and use of the premises
As end users are usually fully responsible for the maintenance of their own equipment in data centres, they will typically want wide scope to make alterations or additions within their designated space. These rights are necessary during the term of a Co-Location Agreement to ensure that relevant upgrades can be made to their technology. Therefore, it is important that an end user has the right to make those upgrades as often as required and to not be restricted by the usual provisions in commercial leases which often require a landlord’s consent to any tenant alterations.
A standard commercial lease will also place certain restrictions on the tenant’s use of its premises, such as observing weight requirements on floor plates and restricting the use and storage of dangerous goods in the premises. In a Co-Location Agreement, a Data Centre Service Provider should consider more strict requirements, particularly in “retail” data centres where multiple servers are housed for the benefit of multiple different organisations, each with a high dependence upon the uninterrupted functionality of their servers and equipment. This may include an obligation on an end user to not do anything that would interfere with another end user’s right to use and enjoy the data centre (including generating electrical interference).
(c) Server outages and maintenance
Another issue that a Data Centre Service Provider should consider is what happens if a server fails. The potential for damages in these circumstances are significant as an outage could significantly disrupt or prevent the business operations of an end user. Therefore, an end user should consider inserting appropriate remedies at the outset such as releases, indemnities or liquidated damages to minimise the risk of damages for a Data Centre Service Provider and adequately protect the end user in the case of a server outage.
A Data Centre Service Provider may want to limit their exposure in the case of server outages and instead insert a remedy for the end user in the form of “rent” credits (a credit of “rent” paid pursuant to a Co-Location Agreement) or service credits (a credit of service fees sometimes paid pursuant to a separate Service Level Agreement (“SLA”)). Any such SLA, will usually sit alongside the Co-Location Agreement for the same term. It deals with the performance quality of the data centre and usually guarantees the level of its performance.
“Rent” or service credits are often capped at the current “rent” or service fee payable by the end user for that month. A common practice is for a claim to be capped at one credit per day regardless of how many service outages occur during that day. An end user may want to negotiate this cap and insert clear criteria when defining what constitutes a server outage (if a Data Centre Service Provider is insistent upon the end user’s remedies in such circumstances being limited to such “rent” or service credits).
A Data Centre Service Provider will usually also have certain maintenance obligations in relation to the building, the common areas, cooling equipment and other key service systems. However, given the importance of servers and equipment being kept continuously operational, an end user will need to consider whether it may require (and the degree of) step-in rights in the Co-Location Agreement if a Data Centre Service Provider has not properly discharged its obligations in relation to maintenance or in the case of an emergency.
The key purpose of a Co-Location Agreement is to enable the tenant to access the power available for its IT equipment. In the early days of such agreements, “rent” under a Co-Location Agreement was calculated on the area of the premises being leased, as is usual for general commercial leases. However, in recent years, the “rent” payable under Co-Location Agreements has, more appropriately, been calculated on the supply of power to the tenant’s equipment. Commercial discussions between the parties should therefore be focussed on calculation of rent based on power supply rather than area since the premises required depends on what power is available in order to provide an end user with reliable and fast telecommunications connections.
(e) Grant of security interests
An end user should ensure that there is a provision in the Co-Location Agreement that prevents the Data Centre Service Provider from creating any security interests over an end user’s assets that are located in the data centre.
(f) Meet Me Rooms
A unique feature of some data centres is connection rooms called “Meet Me Rooms” that allow end users to connect to other telecommunications carriers or third party networks. A Data Centre Service Provider may elect to house “Meet Me Rooms” as an attractive offering for end users to enable them to access telecommunications carriers at a low cost as the connection is within the Data Centre (rather than the end user having to travel out of the Data Centre to access telecommunication points).
If a Data Centre Service Provider includes “Meet Me Rooms” as part of their service, one issue is who should retain control of the connection from the carrier side and the end user side. Usually a Data Centre Service Provider will engage a third party management company to access both connection points. However, this does raise security concerns in relation to both data security and physical security for end users where a third party has access to their equipment.
One issue when supplying “Meet Me Rooms” in data centres in the UAE is that the Telecommunications Regulatory Authority may view these cross connects as a regulated activity which only Etisalat and Du are licensed to perform.
As we expect to see data centres and Co-Location Agreements becoming more prevalent in the UAE, the above are unique considerations to be mindful of when drafting a Co-Location Agreement.