Fighting the Software Kill Switch Under California Law

By Pam Fulmer

Software audit disputes used to be uncomfortable but survivable. A publisher would audit usage, claim over-deployment, and demand a true-up. The customer could dispute the findings, involve counsel, and negotiate while the business kept running.
​
That leverage has changed. In a SaaS, cloud-hosted, subscription, or remotely administered environment, the vendor may control the customer’s practical ability to operate. If the vendor can suspend access, disable authentication, block a hosted environment, or lock down critical data, the dispute is no longer just about who is right under the contract. It is about whether the customer can keep running long enough to find out.

California law has not yet developed a mature body of published SaaS “kill switch” cases. But California does provide a set of doctrines that can matter when a vendor threatens to disable mission-critical software to collect a disputed demand: the implied covenant of good faith and fair dealing, economic duress, unconscionability, conversion and trespass to chattels in appropriate cases, the Unfair Competition Law, and emergency injunctive relief.

The key is precision. The customer’s argument should not be that a vendor can never suspend service. If the contract clearly allows suspension after defined conditions are met, California courts will generally take that language seriously. The stronger argument is that a vendor may not use a suspension right beyond its contractual scope, in bad faith, without satisfying conditions precedent, to enforce a knowingly inflated demand, or in a way that interferes with customer-owned property or data beyond what the agreement permits. And as a lawyer defending software audit disputes for years, I can tell you that many demands are knowingly and intentionally inflated to use as leverage to extract a large software purchase from the customer. Now imagine how empowered these same predatory publishers will be with the kill switch in their hands. Enterprise software customers would do well to start planning their strategies now.

Start with the Contract
The first question is what the agreement actually says. Many enterprise software agreements contain suspension provisions for nonpayment, uncured breach, security risk, license overuse, audit noncompliance, or violation of acceptable-use restrictions. Some clauses are narrow and procedural. Others are broad and vendor-friendly.

California law gives real force to express contract language. In Carma Developers (Cal.), Inc. v. Marathon Development California, Inc., 2 Cal. 4th 342 (1992), the California Supreme Court held that the implied covenant of good faith and fair dealing may not be used to prohibit conduct the agreement expressly permits. The covenant protects the bargain; it does not rewrite it. In Bevis v. Terrace View Partners, LP, 33 Cal. App. 5th 230 (2019), the Court of Appeal likewise rejected an implied-covenant theory that would have required a party to choose one contractually permitted course over another.

Those cases are important vendor-side authority. But Carma also identifies the customer’s opening: the implied covenant has particular force where one party holds discretionary power affecting the rights of the other. The strongest customer argument is not “the vendor can never suspend.” It is that the vendor cannot use a discretionary suspension mechanism as a pretextual coercion device to obtain benefits outside the bargain or to enforce a claim it knows is false or materially overstated. Think of Oracle's VMware virtualization policy arguments.

Relevant questions include whether the contract allowed suspension for this type of alleged breach; whether the vendor satisfied notice, cure, audit, escalation, and dispute-resolution requirements; whether the customer is current on undisputed amounts; and whether the vendor is threatening to suspend services, data, affiliates, or environments beyond the clause’s scope.
​
Economic Duress
California’s economic-duress doctrine can be powerful in a kill-switch dispute, but only if the customer can show more than ordinary commercial pressure. The leading case is Rich & Whillock, Inc. v. Ashton Development, Inc., 157 Cal. App. 3d 1154 (1984), where a release was unenforceable because it was obtained after a contractor refused to pay an undisputed amount, knowing the other party faced financial ruin.

The doctrine turns on a wrongful act, coercive pressure leaving no reasonable alternative, and submission to the pressure. The wrongful act need not be a crime or independent tort; asserting a claim known to be false, making a bad-faith threat to breach, or wrongfully withholding payment may qualify.

That framework can fit software suspension threats where a vendor uses a knowingly inflated audit claim, refuses to follow agreed procedures, threatens suspension for amounts not yet due, or demands unrelated purchases or broad releases as the price of continued access. But a vendor’s threat to exercise a clear contractual suspension right after a material uncured breach is not automatically wrongful merely because it creates pressure.

If payment is necessary to keep operating, the customer should pay expressly under protest, reserve all rights, identify the disputed grounds in writing, and document why no reasonable alternative existed.
​
Unconscionability
Unconscionability is possible, but often difficult in enterprise software disputes. In Sanchez v. Valencia Holding Co., 61 Cal. 4th 899 (2015), the California Supreme Court explained that unconscionability requires both procedural and substantive elements. Sonic-Calabasas A, Inc. v. Moreno, 57 Cal. 4th 1109 (2013) describes the same basic framework.

In B2B software contracts, the customer may be sophisticated, represented, and able to evaluate alternatives. The better argument targets the combined remedial architecture: unilateral vendor breach determinations, short cure periods, suspension before neutral review, a bar on consequential damages, a low liability cap, and no meaningful data-export right. The goal may be limited but important: preserve access during a good-faith dispute or prevent the vendor from invoking a liability cap for a wrongful shutdown.

Conversion, Trespass, and Data Lockout
Tort theories are strongest when the vendor interferes with property interests beyond a mere contractual right to use the vendor’s hosted service. The customer should identify exactly what property is being impaired: customer data, electronic records, backups, local installations, servers, devices, credentials, or domain assets.

In Intel Corp. v. Hamidi, 30 Cal. 4th 1342 (2003), the California Supreme Court held that unwanted emails did not establish trespass to chattels because they did not damage Intel’s computer system or impair its functioning. For kill-switch purposes, Intel underscores the need for concrete impairment: blocked access, disabled functionality, interruption of system use, or loss of access to records.

Conversion may also apply to certain digital property. In Kremen v. Cohen, 337 F.3d 1024 (9th Cir. 2007), the Ninth Circuit, applying California law, held that a domain name could support a conversion claim. The out-of-state case Clayton X-Ray Co. v. Professional Systems Corp., 812 S.W.2d 565 (Mo. Ct. App. 1991) remains useful by analogy, but California briefing should lead with California authority.

UCL and Emergency Relief
California’s Unfair Competition Law can support restitution and injunctive relief, but not ordinary damages. Korea Supply Co. v. Lockheed Martin Corp., 29 Cal. 4th 1134 (2003) makes that remedial limit clear. The “unlawful” prong is often the cleanest route, using breach of the implied covenant, duress, unconscionability, statutory violations, or wrongful property interference as predicates. The “unfair” prong requires caution in B2B disputes; under Cel-Tech Communications, Inc. v. Los Angeles Cellular Telephone Co., 20 Cal. 4th 163 (1999), unfairness in competitor cases must be tethered to a legislatively declared policy or threaten competition.

The most important remedy may be a temporary restraining order or preliminary injunction. California courts consider likelihood of success and the interim harm to each side. Butt v. State of California, 4 Cal. 4th 668 (1992). The customer should build a record showing both irreparable harm and merits: disputed demand, payment of undisputed amounts, failure to follow contract procedures, operational dependency, lack of alternatives, and threatened loss of customer-owned data.

California law gives customers a toolkit, not a silver bullet. The winning case usually turns on contract language, procedural defects, a timely good-faith dispute, wrongful pressure, and whether suspension would interfere with customer data or operations in a way damages cannot repair. That is enough to change the negotiation. A vendor facing a prepared TRO application, a duress record, possible UCL restitution, and property-based claims for overreach must evaluate the cost of flipping the switch more carefully.

This article is for general informational purposes only and does not constitute legal advice. Readers should consult counsel about the specific facts of their own situation