Tech & Sourcing @ Morgan Lewis

An annual survey found that the coronavirus (COVID-19) pandemic has influenced decisions made by state chief information officers (CIOs) in 2020 in all areas addressed by the survey. The 2020 State CIO Survey (the Survey) released by the National Association of State Chief Information Officers, Grant Thornton Public Sector LLC and CompTIA (Sponsoring Organizations) was conducted several weeks after the start of COVID-19 and includes the responses from 47 state and territory CIOs.

Peter Watt-Morse and Ben Klaber, members of our technology, outsourcing, and commercial transactions practice, will be presenting a one-hour session on cloud computing as part of the Pennsylvania Bar Institute’s (PBI’s) virtual Cyberlaw Update 2020. The session will take place Tuesday, September 29, 2020 at 10:10 am ET.

As companies adjusted to the “new normal” of coronavirus (COVID-19) restrictions, spending on cloud services has seen a boom.

Adding corporate flexibility to IT-related commercial contracts can make seemingly unrelated mergers and acquisitions (M&A) transactions a bit less complex.

The UK Financial Conduct Authority (FCA) announced on July 8 that the guidelines issued by the European Insurance and Occupational Pension Authority (EIOPA) on outsourcing to cloud service providers are not applicable to regulated activities (in this instance, insurance and reinsurance undertakings) within the UK jurisdiction.

The Business Software Alliance (BSA) recently endorsed principles for building trust in the Internet of Things (IoT), highlighting the need for a risk-based approach that (1) accounts for the various components, capabilities, users, environments, life cycles, and complexities of the IoT ecosystem, and (2) engages the corresponding stakeholders. Given the near boundless opportunities—and risks—deriving from its connectivity, a connected device should not be designed and managed in isolation.

The European Securities and Markets Authority (ESMA) published its draft guidelines on outsourcing to cloud service providers on June 3. Steven Maijoor, the chair of ESMA, indicated that the purpose of the guidelines is to “help firms understand and mitigate the risks that they are exposed to when outsourcing to cloud service providers.”

In April, we shared a LawFlash Outsourcing and Managed Services Agreements During COVID-19: Our Perspective. With the continued and unprecedented impact of the coronavirus (COVID-19) pandemic on business operations, we thought it would be timely to provide a brief update on five top-of-mind issues that we are addressing with outsourcing and managed services clients.

In cloud services, whether it is infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS), service availability is often a significant customer concern because the customer is relying on the vendor to provide and manage the infrastructure and related components that are necessary to provide the services.

The United States and the United Kingdom entered into the world’s first ever Clarifying Lawful Overseas Use of Data Act (CLOUD Act) agreement on October 3, 2019 (the Agreement). The Agreement, which will enter into force later this year after review by lawmakers in both countries, allows each country’s law enforcement agencies to demand, with proper authorization, electronic data regarding serious crime (defined in Article 1 of the Agreement as an offense punishable by a maximum term of imprisonment of at least three years) directly from technology companies based in the other country.