VMware 2014 Annual Report Download - page 28

Download and view the complete annual report

Please find page 28 of the 2014 VMware annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

Table of Contents
address privacy concerns, even if unfounded, or comply with applicable privacy or data protection laws, regulations and standards, could result
in additional cost and liability to us, damage our reputation, reduce sales and harm our business.
Additionally, our virtualization technology is used by cloud computing vendors, and we have expanded our involvement in the delivery and
provision of cloud computing through business alliances with various providers of cloud computing services and software and expect to continue
to do so in the future. The application of U.S. and international data privacy laws to cloud computing vendors is uncertain, and our existing
contractual provisions may prove to be inadequate to protect us from claims for data loss or regulatory noncompliance made against cloud
computing providers who we may partner with. Accordingly, the failure to comply with data protection laws and regulations by our customers
and business partners who provide cloud computing services could have a material adverse effect on our business.
Since some of our products and services are web-based, our customers store their data on our servers and our vendors’ servers. This data
may include personal data. It may also include protected health information (“PHI”) that may be subject to federal, state and international health
care privacy, data privacy or security laws, including the Health Insurance Portability and Accountability Act (“HIPAA”). HIPAA has been
amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) with the result of increased civil
penalties. As a result of HIPAA and the HITECH Act, business associates who have access to PHI provided by covered entities and other
business associates are now directly subject to HIPAA. When our customers place PHI into our web-based services, including vCloud Air or our
services hosted on our vCloud Air, we may be required to comply with HIPAA’s data security requirements and may be liable for sanctions and
penalties for failure to do so. Any systems failure or compromise of our security that results in the release of our customers’ data could (i)
subject us to substantial damage claims from our customers, (ii) expose us to costly regulatory remediation, and (iii) harm our reputation and
brand. We may also need to expend significant resources to protect against security breaches.
If we fail to comply with our customer contracts or government contracting regulations, our business could be adversely affected.
Our contracts with our customers may include unique and specialized performance requirements. In particular, our contracts with federal,
state, local and non-U.S. governmental customers and our arrangements with distributors and resellers who may sell directly to governmental
customers are subject to various procurement regulations, contract provisions and other requirements relating to their formation, administration
and performance. Any failure by us to comply with provisions in our customer contracts or any violation of government contracting regulations
could result in the imposition of various civil and criminal penalties, which may include termination of contracts, forfeiture of profits, suspension
of payments and, in the case of our government contracts, fines and suspension from future government contracting. Further, any negative
publicity related to our customer contracts or any proceedings surrounding them, regardless of its accuracy, may damage our business and affect
our ability to compete for new contracts. In the ordinary course of business, we also receive inquiries from and have ongoing discussions with
government entities regarding the compliance of our contracting and sales practices with laws and regulations. We continue to cooperate with the
U.S. General Services Administration and the Department of Justice in their inquiries regarding our government sales practices between 2006
and 2013. During the second quarter of 2014 , we recognized a liability of approximately $11 million in connection with this matter as the loss
was determined to be both probable and reasonably estimable. While no formal legal proceedings have been commenced, final resolution of the
matter could result in liability materially different from the accrued amount, and there can be no assurance that actions will not be commenced in
the future. If our customer contracts are terminated, if we are suspended from government work or fines or other government sanctions are
imposed, or if our ability to compete for new contracts is adversely affected, our business, operating results or financial condition could be
adversely affected.
If we are unable to protect our intellectual property rights, our competitive position could be harmed or we could be required to incur
significant expenses to enforce our rights.
We depend on our ability to protect our proprietary technology. We rely on trade secret, patent, copyright and trademark laws and
confidentiality agreements with employees and third parties, all of which offer only limited protection. As such, despite our efforts, the steps we
have taken to protect our proprietary rights may not be adequate to preclude misappropriation of our proprietary information or infringement of
our intellectual property rights, and our ability to police such misappropriation or infringement is uncertain, particularly in countries outside of
the United States. Further, with respect to patent rights, we do not know whether any of our pending patent applications will result in the
issuance of patents or whether the examination process will require us to narrow our claims. To the extent that additional patents are issued from
our patent applications, which are not certain, they may be contested, circumvented or invalidated in the future. Moreover, the rights granted
under any issued patents may not provide us with proprietary protection or competitive advantages, and, as with any technology, competitors
may be able to develop similar or superior technologies to our own now or in the future. In addition, we rely on confidentiality or license
agreements with third parties in connection with their use of our products and technology. There is no guarantee that such parties will abide by
the terms of such agreements or that we will be able to adequately enforce our rights, in part because we rely on “click-wrap” and “shrink-wrap”
licenses in some instances.
26