Twilio (TWLO) Risk Factors

We and our customers are subject to numerous domestic (for example, the California Consumer Privacy Act ("CCPA")) and foreign (for example, the General Data Protection Regulation ("GDPR") in the European Union ("EU")) privacy, data protection and data security laws and regulations that restrict the collection, use, disclosure and processing of personal information, including financial and health data. These laws and regulations are expanding globally, evolving, and being tested in courts, may result in increasing regulatory and public scrutiny of our practices relating to personal information and may increase our exposure to regulatory enforcement action, sanctions and litigation. The breadth and depth of changes in data protection obligations has required significant time and resources, including a review of our technology and systems currently in use against the requirements of GDPR. The CCPA (as amended by the California Privacy Rights Act of 2020) imposes obligations on businesses to which it applies. These obligations include, but are not limited to, providing specific disclosures in privacy notices and affording California residents (both consumers and employees) certain rights related to their personal information. The CCPA allows for statutory fines for noncompliance. Similar laws have been enacted in 18 other states with 7 laws currently in effect and the remainder becoming effective later in 2024, 2025 and 2026. Numerous other states, and the U.S. federal government, also have proposed general privacy legislation recently. Additionally, other states have proposed, and in certain cases enacted, other laws and regulations addressing privacy and data security, such as Washington's My Health, My Data Act, which includes a private right of action. If we become subject to new privacy, data protection and data security laws, the risk of enforcement action against us could increase because we may become subject to additional obligations, and the number of individuals or entities that can initiate actions against us may increase, including individuals, via a private right of action, and state actors. Outside the United States, an increasing number of laws, regulations, and industry standards apply to privacy, data protection and data security. For example, the GDPR, the United Kingdom's General Data Protection Regulation and Data Protection Act 2018 ("UK GDPR") and the new Swiss Federal Act on Data Protection, impose strict requirements for processing the personal information of individuals protected by the legislation, whether their data is processed within or outside the European Economic Area ("EEA"), the United Kingdom ("UK") and Switzerland, respectively (such jurisdictions, collectively, "Europe"). For example, the GDPR imposes significant requirements regarding the processing of individuals' personal information, including in relation to transparency, lawfulness of processing, individuals' privacy rights, compliant contracting, data minimization, data breach notification, data re-usage, data retention, security of processing and international data transfers. Under the GDPR and UK GDPR, government regulators may impose temporary or definitive bans on data processing or data transfers, require a company to delete data, as well as impose significant fines, potentially ranging up to 20 million Euros under the GDPR, 17.5 million GBP under the UK GDPR, or 4% of a company's worldwide revenue, whichever is higher. Further, individuals may initiate compensation claims or litigation related to our processing of their personal information. Other privacy laws in Europe impose strict requirements around marketing communications and the deployment of cookies on users' devices. As another example, Brazil's General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, or "LGPD") (Law No. 13,709/2018) may apply to our operations. The LGPD broadly regulates processing of personal information of individuals in Brazil and imposes compliance obligations and penalties comparable to those of the GDPR. Additionally, we expect an increase in the regulation of the use of AI and ML in products and services. For example, in Europe, the Artificial Intelligence Act ("AI Act"), once in force, will impose onerous obligations related to the development, placing on the market and use of AI-related systems. We may have to change our business practices to comply with obligations under these or other new and evolving regimes. Further, the interpretation and application of new domestic and foreign laws and regulations in many cases is uncertain, and our legal and regulatory obligations in such jurisdictions are subject to frequent and unexpected changes, including the potential for various regulatory or other governmental bodies to enact new or additional laws or regulations, to issue rulings that invalidate prior laws or regulations, or to increase penalties significantly. For example, the EU's Digital Services Act, Digital Markets Act and Data Act entered into force in 2024. Similarly, with our registration as an interconnected VoIP provider for certain products with the Federal Communications Commission ("FCC"), we also must comply with privacy laws associated with customer proprietary network information rules in the United States. If we fail or are perceived to have failed to maintain compliance with these requirements, we could be subject to regulatory audits or inquiries, civil and criminal penalties, fines and breach of contract claims, as well as reputational damage, which could impact the willingness of customers to do business with us. In addition to our legal obligations, our contractual obligations relating to privacy, data protection and data security have become increasingly stringent due to changes in laws and regulations and the expansion of our offerings. Certain privacy, data protection and data security laws, such as the GDPR and the CCPA, require our customers to impose specific contractual restrictions on their service providers. In addition, we support customer workloads that involve the processing of protected health information and are required to sign business associate agreements with customers that subject us to requirements under the federal Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act of 2009, as well as state laws that govern health information. Our actual or perceived failure to comply with laws, regulations, contractual commitments, or other actual or asserted obligations, including certain industry standards, regarding privacy, data protection and data security could lead to costly legal action, adverse publicity, significant liability, inability to process data, and decreased demand for our services, which could adversely affect our business, results of operations and financial condition. As a cumulative example of these risks, because our primary data processing facilities are in the United States, we have experienced hesitancy, reluctance, or refusal by European or multinational customers to continue to use our services due to the potential risks posed as a result of the Court of Justice's July 2020 ruling in the "Schrems II" case, as well as related guidance from regulators and enforcement action against Meta by the Irish Data Protection Commission. For example, absent appropriate safeguards or other circumstances, the GDPR and laws in Switzerland and the UK generally restrict the transfer of personal information to countries outside of the EEA, Switzerland and the UK such as the United States. On July 10, 2023, the European Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework. Based on this decision, personal information can flow from the EU to U.S. companies participating in the EU-U.S. Data Privacy Framework without having to put in place additional data protection safeguards. We are certified under the EU-U.S. Data Privacy Framework, the UK Extension to the EU-U.S. Data Privacy Framework, and the Swiss-U.S. Data Privacy Framework. If we cannot maintain a valid mechanism for cross-border data transfers, we and our customers may face increased exposure to regulatory actions, substantial fines, and injunctions against processing or transferring personal information from Europe or elsewhere. The inability to transfer personal information to the United States could significantly and negatively impact our business operations; limit our ability to collaborate with parties that are subject to data privacy and security laws; or require us to increase our personal information processing capabilities in Europe and/or elsewhere at significant expense. In addition, outside of Europe, other jurisdictions have proposed and enacted laws relating to cross-border data transfer or requiring personal information, or certain subcategories of personal information, to be stored in the jurisdiction of origin. If we are unable to increase our data processing capabilities and storage in Europe and other countries to limit or eliminate the need for data transfers out of Europe and other applicable countries quickly enough, and valid solutions for personal information transfers to the United States or other countries are not available or are difficult to implement in the interim, we will likely face continuing reluctance from European and multinational customers to use our services and increased exposure to regulatory actions, substantial fines and injunctions against processing or transferring personal information across borders. Evolving laws, regulations, and other actual and asserted obligations relating to privacy, data protection, and data security, as well as any new or evolving obligations relating to the use of AI and ML technologies, could reduce demand for our platform, increase our costs, impair our ability to grow our business, or restrict our ability to store and process data or, in some cases, impact our ability to offer our service in some locations and may subject us to liability. Further, in view of new or modified federal, state or foreign laws and regulations, industry standards, contractual obligations and other actual and asserted obligations, or any changes in their interpretation, we may find it necessary or desirable to fundamentally change our business activities and practices or to expend significant resources to modify our practices and platform and otherwise adapt to these changes. We may be unable to make such changes and modifications in a commercially reasonable manner or at all, and our ability to develop new products and features could be limited.

As of December 31, 2023, we had U.S. federal, state and foreign net operating loss carryforwards ("NOLs"), of $3.4 billion, $2.6 billion and $1.0 billion, respectively. Utilization of these NOL carryforwards depends on our future taxable income, and there is risk that a portion of our existing NOLs could expire unused, and that even if we achieve profitability, the use of our unexpired NOLs would be subject to limitations, which could materially and adversely affect our operating results. U.S. federal NOLs generated in taxable years beginning before January 1, 2018, may be carried forward only 20 years to offset future taxable income, if any. Under current law, U.S. federal NOLs generated in taxable years beginning after December 31, 2017, can be carried forward indefinitely, but the deductibility of such U.S. federal NOLs in taxable years beginning after December 31, 2020, is limited to 80% of taxable income. It is uncertain if and to what extent various states will conform to federal law. Under Sections 382 and 383 of the Internal Revenue Code of 1986, as amended (the "Code"), and corresponding provisions of state law, a corporation that undergoes an "ownership change" (generally defined as a greater than 50-percentage-point cumulative change (by value) in the equity ownership of certain stockholders over a rolling three-year period) is subject to limitations on its ability to utilize its pre-change NOLs and other pre-change tax attributes to offset post-change taxable income and taxes. Our existing NOLs and other tax attributes may be subject to limitations arising from previous ownership changes, and if we undergo an ownership change in the future, our ability to utilize NOLs could be further limited by Section 382 of the Code. Future changes in our stock ownership, some of which may be outside of our control, could result in an ownership change under Section 382 of the Code. In addition, at the state level, there may be periods during which the use of NOL carryforwards is suspended or otherwise limited, which could accelerate or permanently increase state taxes owed.

The markets for our products continue to evolve, which makes our business and future prospects difficult to evaluate. If current and prospective customers do not recognize the need for and benefits of our products and platform, they may decide to adopt alternative products and services to satisfy some portion of their business needs. In order to grow our business and extend our market position, we intend to focus on educating developers and enterprises about the benefits of our products and platform, expanding and improving the functionality of our products and bringing new technologies to market to increase market acceptance and use of our platform. Our growth will depend, in part, on our ability to expand the markets that our products address. Our ability to do so depends upon a number of factors, including the cost, performance and perceived value associated with such products and platform. The markets for our products and platform could fail to grow significantly, or at all, or there could be a reduction in demand for our products as a result of any number of factors, including a lack of customer acceptance, technological challenges, competing products and services, decreases in spending by current and prospective customers, weakening macroeconomic conditions, and other causes. If these markets do not experience significant growth or demand for our products decreases, then our business, results of operations and financial condition could be adversely affected.

For certain of our products, we primarily charge our customers based on their usage of such products. One of the challenges of this usage-based pricing model is the variability of the fees that we pay to network service providers over whose networks we transmit communications. Such network fees can vary daily or weekly and are affected by volume and other factors that may be outside of our control, and which are difficult to predict. This can result in us incurring increased costs that we may be unable or unwilling to pass through to our customers, which could adversely impact our business, results of operations and financial condition. If we elect to pass through increased fees to our customers, it could adversely affect our relationship with our customers and our customers may look for lower cost alternatives. We adjust the pricing models for our products from time to time and expect that we will continue to do so. Many of our usage-based customers enter into contracts with negotiated pricing, and our subscription customers are also subject to negotiated pricing. As competitors introduce new products or services that compete with ours or reduce their prices, we may be unable to attract new customers or retain existing customers based on our historical pricing. If we are required or choose to reduce our prices, it could adversely affect our business, results of operations and financial condition.

We believe that maintaining and enhancing the "Twilio" brand identity and increasing market awareness of our company and products, particularly among developers and enterprises, is critical to achieving widespread acceptance of our platform, to strengthening our relationships with our existing customers and to our ability to attract new customers. The successful promotion of our brand will depend largely on our continued marketing efforts, our ability to continue to offer high-quality products, and our ability to successfully differentiate our products and platform from competing products and services. Our brand promotion and thought leadership activities may not be successful or yield increased revenue. In addition, independent industry analysts often provide reviews of our products and competing products and services, which may significantly influence the perception of our products in the marketplace. If these reviews are negative or not as strong as reviews of our competitors' products and services, then our brand may be harmed. The promotion of our brand also requires us to make substantial expenditures, and we anticipate that these expenditures will increase as our markets become more competitive and as we expand into new markets. To the extent that these activities increase revenue, this revenue still may not be enough to offset the increased expenses we incur.

Our success depends, in part, on our ability to protect our brand and the proprietary methods and technologies that we develop under patent and other intellectual property laws. We rely on a combination of patents, copyrights, trademarks, service marks, trade secret laws and other intellectual property laws, contractual provisions, and internal processes, procedures, and controls in an effort to establish, maintain, enforce, and protect our intellectual property and proprietary rights. However, the steps we take to protect our intellectual property may be inadequate. While we have been issued patents in the United States and other countries and have additional patent applications pending, we may be unable to obtain patent protection for the technology covered in our patent applications. In addition, any patents issued to us in the future may not provide us with competitive advantages or may be successfully challenged by third parties. Further, the laws of some countries do not protect intellectual property or proprietary rights to the same extent as the laws of the United States, and mechanisms for enforcement of such rights in some foreign countries may be inadequate. To the extent we expand our international activities, our exposure to unauthorized copying and use of our products and proprietary information may increase. Accordingly, despite our efforts, we may be unable to prevent third parties from infringing upon or misappropriating our technology and intellectual property. We also rely, in part, on contractual confidentiality obligations we impose on our business partners, employees, consultants, advisors, customers and others in our efforts to protect our proprietary technology, processes and methods. These obligations may not effectively prevent unauthorized disclosure or use of our confidential information, and it may be possible for unauthorized parties to copy or access our software or other proprietary technology or information, or to develop similar products independently without us having an adequate remedy for unauthorized use or disclosure of our confidential information. In addition, others may independently discover our trade secrets and proprietary information, and in these cases, we may not be able to assert any trade secret rights against those parties. We may be required to spend significant resources to monitor, enforce, maintain, and protect our intellectual property and proprietary rights. Litigation brought to protect and enforce our intellectual property or proprietary rights could be costly, time-consuming and distracting to management, result in a diversion of significant resources, or the narrowing or invalidation of portions of our intellectual property. Our efforts to enforce our intellectual property or proprietary rights may be met with defenses, counterclaims and countersuits attacking the validity and enforceability of such rights. Our failure to meaningfully protect our intellectual property and proprietary rights, could have an adverse effect on our business, results of operations and financial condition. We have been sued and may, in the future, be sued by third parties for alleged infringement of their intellectual or other proprietary rights, which could adversely affect our business, results of operations and financial condition. There is considerable patent and other intellectual property development activity in our industry. We may also introduce or acquire new products or technologies, including in areas where we historically have not participated, which could increase our exposure to intellectual property infringement claims brought by third parties. Our future success depends, in part, on not infringing the intellectual property or proprietary rights of others and we may be unaware of such rights that may cover some or all of our technology or intellectual property. We have from time to time been subject to claims that our products or platform and underlying technology are infringing upon third-party intellectual property or proprietary rights. We may be subject to such claims in the future and we may be found to be infringing upon such rights. Any claims or litigation could cause us to incur significant expenses (including settlement payments and costs associated with litigation) and, if successfully asserted against us, could require that we pay substantial damages or ongoing royalty payments, prevent us from offering our products, or require that we comply with other unfavorable terms. Additionally, our agreements with customers and other third parties typically include indemnification or other provisions under which we agree to indemnify or are otherwise liable to them for losses suffered or incurred by them as a result of claims of intellectual property infringement. Although we typically limit our liability with respect to such obligations through such agreements, we may still incur substantial liability related to our indemnification obligations. Regardless of the merits or ultimate outcome of any claims of infringement, misappropriation, or violation of intellectual or other proprietary rights that have been or may be brought against us or that we may bring against others, these types of claims, disputes, and lawsuits are time-consuming and expensive to resolve, divert management's time and attention, and could harm our reputation. Litigation is inherently unpredictable and we cannot predict the timing, nature, controversy or outcome of disputes brought against us or assure you that the results of any of these actions will not have an adverse effect on our business, results of operations or financial condition.

The actual or perceived improper sending of text messages or voice calls may subject us to potential risks, including liabilities or claims relating to consumer protection laws and regulatory enforcement, including fines. For example, the Telephone Consumer Protection Act of 1991 ("TCPA") restricts telemarketing and the use of automatic SMS text messages without explicit customer consent. TCPA violations can result in significant financial penalties, as businesses can incur penalties or criminal fines imposed by the FCC or be fined up to $1,500 per violation through private litigation or state attorneys general or other state actor enforcement. Class action suits are the most common method for private enforcement. This has resulted in civil claims against our company and requests for information through third-party subpoenas. The scope and interpretation of the laws that are or may be applicable to the delivery of text messages or voice calls are continuously evolving and developing. If we do not comply with these laws or regulations or if we become liable under these laws or regulations due to the failure of our customers to comply with these laws, we could face direct liability. Moreover, certain customers may use our platform to transmit unwanted, offensive or illegal messages, calls, spam, phishing scams, and website links to harmful applications, reproduce and distribute copyrighted material or the trademarks of others without permission, and report inaccurate or fraudulent data or information. These issues also arise with respect to a portion of those users who use our platform on a free trial basis or upon initial use. These actions are in violation of our policies, in particular, our Acceptable Use Policy. For example, on January 25, 2023, we received a cease-and-desist letter from the FCC alleging that we were transmitting illegal robocall traffic that originated from an independent software vendor customer and their end user customer. In response, we suspended the customers' accounts and sent the FCC a follow-up letter on February 10, 2023 detailing our fraud mitigation practices and various planned improvements to reduce future risks. There has been no further communication from the agency on this matter. Failure to respond appropriately to the FCC's allegations could allow domestic carriers to begin blocking all voice traffic transmitting from our network. However, our efforts to defeat spamming attacks, illegal robocalls and other fraudulent activity will not prevent all such attacks and activity. Such use of our platform could damage our reputation and we could face claims for damages, regulatory enforcement, copyright or trademark infringement, defamation, negligence, or fraud. Furthermore, enacting more stringent controls on our customers' use of our platform to combat such violations of our Acceptable Use Policy could increase friction for our legitimate customers and decrease their use of our platform. Our customers' and other users' promotion of their products and services through our platform might not comply with federal, state, and foreign laws or of contractual requirements imposed by carriers, such as the CTIA Shortcode Agreement, The Campaign Registry, and associated policies. We rely on contractual representations made to us by our customers that their use of our platform will comply with our policies and applicable law, including, without limitation, our email and messaging policies. Although we retain the right to verify that customers and other users are abiding by certain contractual terms, our Acceptable Use Policy and our email and messaging policies and, in certain circumstances, to review their email, messages and distribution lists, our customers and other users are ultimately responsible for compliance with our policies, and we do not systematically audit our customers or other users to confirm compliance with our policies. We cannot predict whether our role in facilitating our customers' or other users' activities will result in violations of carrier policies which could result in fines, administrative delays, or service interruptions. We also cannot predict whether our role in facilitating our customers' or other users' activities would expose us to liability under applicable state or federal law, or whether that possibility could become more likely if changes to current laws regulating content moderation, such as Section 230 of the Communications Decency Act, are enacted. If we are found liable for our customers' or other users' activities, we could be required to pay fines or penalties, redesign business methods or otherwise expend resources to remedy any damages caused by such actions and to avoid future liability. Additionally, our products may be subject to fraudulent usage, including but not limited to revenue share fraud, domestic traffic pumping, subscription fraud, premium text message scams and other fraudulent schemes. Although our customers are required to set passwords or personal identification numbers to protect their accounts, third parties have in the past been, and may in the future be, able to access and use their accounts through fraudulent means. Furthermore, spammers attempt to use our products to send targeted and untargeted spam messages. We cannot be certain that our efforts to defeat spamming attacks will be successful in eliminating all spam messages from being sent using our platform. In addition, a cybersecurity breach of our customers' systems could result in exposure of their authentication credentials, unauthorized access to their accounts or fraudulent calls on their accounts, any of which could adversely affect our business, results of operations and financial condition.

In the nine months ended September 30, 2024 and the years ended December 31, 2023 and 2022, we derived 35%, 34% and 34% of our revenue from customer accounts located outside the United States, respectively. The future success of our business will depend, in part, on our ability to strategically maintain and expand our customer base worldwide. Operating in international markets requires significant resources and management attention and subjects us to regulatory, economic and political risks in addition to those we face in the United States. In addition, we face risks in doing business internationally that could adversely affect our business, including: - the difficulty of managing and staffing international operations and the increased operations, travel, infrastructure and legal compliance costs associated with servicing international customers and operating numerous international locations;- our ability to effectively price our products in competitive international markets;- new and different sources of competition or other changes to our current competitive landscape;- potentially greater difficulty collecting accounts receivable and longer payment cycles;- higher or more variable network service provider fees outside of the United States;- the need to adapt and localize our products and support for specific countries;- understanding, reconciling, and implementing technical controls to address, different technical standards, data privacy and telecommunications regulations, and registration and certification requirements outside the United States, which could prevent customers from deploying our products or limit their usage;- our ability to comply with laws, regulations and industry standards relating to data privacy, data protection, data localization and data security, as well as sustainability and other ESG matters, enacted in countries and other regions in which we operate or do business, and the associated costs and management attention required to support such compliance;- difficulties in understanding and complying with local laws, regulations and customs in non-U.S. jurisdictions;- compliance with export controls and economic sanctions regulations administered by U.S. and foreign governmental entities in jurisdictions in which we operate, including the Department of Commerce's Bureau of Industry and Security and the Treasury Department's Office of Foreign Assets Control;- compliance with various anti-bribery and anti-corruption laws such as the U.S. Foreign Corrupt Practices Act, as amended ("FCPA") and United Kingdom Bribery Act of 2010;- changes in international trade policies, tariffs and other non-tariff barriers, such as quotas and local content rules;- more limited protection for intellectual property rights in some countries;- adverse tax consequences;- fluctuations in currency exchange rates, which could increase the price of our products outside of the United States, increase the expenses of our international operations and expose us to foreign currency exchange rate risk;- fluctuations in inflation and interest rates;- currency control regulations, which might restrict or prohibit our conversion of other currencies into U.S. dollars;- restrictions on the transfer of funds;- deterioration of political relations between the United States and other countries;- the impact of natural disasters and public health epidemics or pandemics such as COVID-19 on employees, contingent workers, partners, travel and the global economy and the ability to operate freely and effectively in a region that may be fully or partially on lockdown; and - political or social unrest, economic instability, conflict or war in a specific country or region in which we, our customers, partners or service providers operate, which could have an adverse impact on our operations in the region or otherwise have a material impact on regional or global economies, any or all of which could adversely affect our business. Also, due to costs from our international operations and network service provider fees outside of the United States, which generally are higher than domestic rates, our gross margin for messages terminating internationally is typically lower than our gross margin for messages terminating domestically. As a result, our Communications gross margin has been, and may continue to be, adversely impacted by our international operations. Our failure to manage any of these risks successfully could harm our international operations, and adversely affect our business, results of operations and financial condition.

We currently interconnect with fixed and mobile network service providers around the world to enable our customers to use our products over their networks. Although we are in the process of acquiring authorization in many countries for direct access to phone numbers and for the provision of voice and messaging services on the networks of fixed and mobile network service providers, we expect that we will continue to rely on network service providers for these services. Where we do not have direct access to phone numbers, our reliance on network service providers has reduced our operating flexibility, ability to make timely service changes and control quality of service. In addition, the fees that we are charged by network service providers may change daily or weekly and we can be subject to the imposition of additional fees, penalties, or other administrative or technical requirements, and even service interruption, due to regulatory, competitive, or other industry related changes over which we have little to no control. We typically do not change our customers' pricing as rapidly and, as a result, such fee increases could adversely affect our business and results of operations. For example, in recent years, multiple major U.S. mobile carriers have introduced A2P SMS service offerings that added a new fee for A2P SMS messages delivered to their respective subscribers, and, from time to time, other U.S. mobile carriers have added similar fees. While we have historically responded to these types of fee increases through a combination of further negotiating efforts with our network service providers, absorbing the increased costs or passing the fees through to customers, there is no guarantee that we will continue to be able to respond in these ways in the future without a material negative impact to our business. Passing these fees through to our customers typically has the effect of increasing our Communications revenue and cost of revenue, but typically does not impact the gross profit dollars received for sending these messages and, as a result, has a negative impact on our gross margins. Additionally, our ability to respond to any new fees may be constrained if all network service providers in a particular market impose equivalent fee structures, if the magnitude of the fees is disproportionately large when compared to the underlying prices paid by our customers, or if the market conditions limit our ability to increase the price we charge our customers. Furthermore, many of these network service providers do not have long-term committed contracts with us and may interrupt services or terminate their agreements with us without notice. If a significant portion of our network service providers stop providing us with access to their infrastructure, fail to provide these services to us on a cost-effective basis, cease operations, or otherwise terminate these services, the delay caused by qualifying and switching to other network service providers could be time consuming and costly and could adversely affect our business, results of operations and financial condition. Further, if problems occur with our network service providers, such problems have in the past caused, and may in the future cause, errors, service outages, security incidents, or poor-quality communications on our products, and we could encounter difficulty identifying the source of the problem. The occurrence of errors, service outages, security incidents, or poor-quality communications on our products, whether caused by our platform or a network service provider, may result in the loss of our existing customers or the delay of adoption of our products by potential customers and may adversely affect our business, results of operations and financial condition. Further, we sometimes access network services through intermediaries who have direct access to network service providers. Although we are in the process of securing direct connections with network service providers in many countries, we expect that we will continue to rely on intermediaries for these services for some period of time. These intermediaries sometimes have offerings that directly compete with our products and may stop providing services to us on a cost-effective basis. If a significant portion of these intermediaries stop providing services or stop providing services on a cost-effective basis, our business could be adversely affected. We also interconnect with internet service providers around the world to enable the use of our email products by our customers, and we expect to continue to rely on internet service providers for network connectivity going forward. Our reliance on internet service providers reduces our control over quality of service and exposes us to potential service outages and rate fluctuations. The occurrence of poor-quality of service or service outages on our products may result in the loss of our existing customers or the delay of adoption of our products by potential customers and may adversely affect our business, results of operations and financial condition. Similarly, if a significant portion of our internet service providers stop providing us with access to their network infrastructure, fail to provide access on a cost-effective basis, cease operations, or otherwise terminate access, the delay caused by qualifying and switching to other internet service providers could be time consuming and costly and could adversely affect our business, results of operations, and financial condition.