Tech & Sourcing @ Morgan Lewis

IT service provider performance has long been measured by service level agreements (SLAs) that set quantifiable standards for many aspects of a sourcing arrangement. These standards range from how quickly customer support is provided and an incident is resolved to application uptime and availability, and beyond.

On September 22, the Office of Communications (Ofcom)—the United Kingdom’s communications regulator—announced and released a program of work stating its intention to examine the position of the largest providers of cloud services (known as “hyperscalers”) in the United Kingdom’s £15 billion ($16.7 billion) cloud services market.

A sole and exclusive remedy clause allows parties to a contract to choose specific remedies and relief available under the terms of the agreement. Essentially, exclusive remedy provisions restrict a party's available remedies for specified claims to the remedies set out in the contract and exclude the party from seeking other types of remedies for that action. In commercial contracts, often you will see sole and exclusive remedy clauses in relation to breach of warranty, indemnification, and failure to perform.

On September 15, the EU Commission published a proposal for a Cyber Resilience Act (Proposed CRA), which builds on the 2020 EU Cybersecurity Strategy and the 2020 EU Security Union Strategy, with the aim of ensuring the cybersecurity of products with digital elements and the provision of sufficient information to consumers about the cybersecurity of the products they buy and use.

As part of our Spotlight series, we speak with Simon White, one of the most senior and experienced technology lawyers in the UK market, who has held roles including deputy counsel, Chief Privacy Officer, and GC EMEA LATAM at Cognizant, one of the largest multinational IT services companies in the world with over 300,000 personnel spanning across five continents. Prior to joining Cognizant nearly 15 years ago, Simon White was a corporate associate at Morgan Lewis.

The German Higher Regional Court of Karlsruhe (OLG Karlsruhe) recently repealed the July 13, 2022, decision of the Procurement Chamber of the German state of Baden-Württemberg that had argued that the mere risk of access to personal data stored in the European Union by US authorities would constitute a data transfer that would not comply with the EU General Data Protection Regulation (GDPR).

The UK’s Law Commission (the Commission) published a consultation paper on July 28, 2022, proposing certain reforms to private property law in relation to digital assets, which was in response to the UK government requesting the Commission to ensure that the law can accommodate digital assets as they continue to evolve and expand. The Commission acknowledged the increasingly important role digital assets play and that property rights are key for the proper characterization of novel and complex legal relationships involving digital assets.

The financial services regulations relating to outsourcing by Luxembourg-headquartered financial institutions have been significantly simplified by the introduction of the Commission de Surveillance du Secteur Financier (CSSF) outsourcing circular CSSF 22/806 (Outsourcing Circular).

The next installment of the Morgan Lewis Automotive Hour webinar series will focus on All Things EV—Regulatory and Commercial Considerations in the electric vehicle (EV) space. Our presenters will discuss the potential impact of the Inflation Reduction Act of 2022 on the EV industry, grant contracts and federal funding for EVs, and general regulatory and commercial issues affecting the EV industry.

The Department for Digital, Culture, Media & Sports (DCMS) confirmed on August 30, 2022, that it will push forward with tough new regulations and a code of practice to bolster the security and resilience of the United Kingdom’s electronic communications networks and services against current and future cyberthreats.