Tech & Sourcing @ Morgan Lewis

As a reminder, China’s new Data Security Law (DSL), which entails more expansive and restrictive requirements on data localization, mandatory security level certification, and severe penalties for unauthorized foreign transfer of data, will come into effect on September 1, 2021. The DSL will potentially affect all business operators in China, including multinational corporations. Our privacy and cybersecurity team recently published a more detailed analysis of the DSL. If you have any specific questions, don’t hesitate to reach out to your Morgan Lewis contact for assistance.

Read the full LawFlash >>

Through legislation, Connecticut has incentivized businesses to conform to one or more industry recognized cybersecurity frameworks. As we recently discussed, cybersecurity incidents and risks are taking centerstage. Under Connecticut’s recently enacted Public Act No. 21-119, An Act Incentivizing the Adoption of Cybersecurity Standards for Business (the Act), as further described below, a business that implements a qualifying cybersecurity program is shielded from punitive damages in connection with any data breach-related tort claim that is brought in, or under the laws of, Connecticut.

With the recent onslaught of ransomware attacks, it’s time to revisit force majeure clauses (again). Earlier in the pandemic, we reviewed how COVID-19 could impact force majeure provisions. Since then, there has been a flurry of analyzing, renegotiating, and testing contractual language, as parties work through, or anticipate, pandemic-related difficulties. While contracting parties focus on striking a balance of when, and to what extent, a party’s performance will be excused due to pandemic-related circumstances, a different threat could follow a similar trajectory.

Exceptions to confidentiality obligations are largely standardized, but in some contracts a copy-and-paste approach could, at best, lead to uncertainty and, at worst, undermine key aims of the transaction.

Welcome to the third post in our Spotlight series, where we talk with a leader in a particular field or emerging area of interest to technology and sourcing lawyers and professionals.

A recent judgment by the High Court of England and Wales in the case of Jamp Pharma Corp v. Unichem Laboratories Limited has held that agreements reached as part of contract negotiations for contracts governed by English law may be impliedly “subject to contract” without the need to expressly state that the discussions and documents are “subject to contract” prior to a formal executed agreement.

Planning for major service disruptions and disasters, such as prolonged power failures, fires, flooding, and other extreme weather events, is an important element of strategic technology and service agreements.

The UK’s Financial Conduct Authority (FCA) published its 2021/22 Business Plan on July 15, setting out its future role, priorities, and how it intends to deliver them. The FCA’s website contains a summary and full copy of the business plan.

Changes to complex commercial contracts are inevitable. These contracts, such as large outsourcing agreements, typically include a master services agreement (MSA) and a high number of exhibits and attachments describing the scope, performance standards, financials, and other contractual requirements in detail. Some deals can end up containing over 50–75 documents (or more!) in total. Given their strategic importance, these agreements often require numerous amendments as the relationship evolves over time and changes need to be formally documented.

On June 4, 2021, the European Commission adopted its long-anticipated updated Standard Contractual Clauses (New SCCs) for use by organizations transferring personal data outside of the European Economic Area (EEA) to third countries that do not provide adequate protections in respect of personal data. For more information, read our June 10 LawFlash, New European Standard Contractual Clauses Adopted for International Data Transfers. In this post we look at some of the things that organizations will need to consider when updating their current standard contractual clauses (SCCs).