As companies adjusted to the “new normal” of coronavirus (COVID-19) restrictions, spending on cloud services has seen a boom. Spending by companies on cloud services exploded in the second quarter to a record $34.6 billion, up approximately 11% from the first quarter of 2020 and 30% from the same period last year, according to research firm Canalys, as reported by the Wall Street Journal.
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
Adding corporate flexibility to IT-related commercial contracts can make seemingly unrelated mergers and acquisitions (M&A) transactions a bit less complex. Although many contracting parties already consider assignment rights and restrictions in relation to certain successor scenarios, the divestiture scenario—where contractual rights are not simply transferred in whole—deserves a closer look.
The UK Financial Conduct Authority (FCA) announced on July 8 that the guidelines issued by the European Insurance and Occupational Pension Authority (EIOPA) on outsourcing to cloud service providers are not applicable to regulated activities (in this instance, insurance and reinsurance undertakings) within the UK jurisdiction.
In its statement, the FCA noted that this is due to the fact that the EIOPA guidelines will enter into force on January 1, 2021, which is after the end of the EU withdrawal transition period.
The Business Software Alliance (BSA) recently endorsed principles for building trust in the Internet of Things (IoT), highlighting the need for a risk-based approach that (1) accounts for the various components, capabilities, users, environments, life cycles, and complexities of the IoT ecosystem, and (2) engages the corresponding stakeholders. Given the near boundless opportunities—and risks—deriving from its connectivity, a connected device should not be designed and managed in isolation.
The following key themes emerged throughout the BSA policy principles:
The European Securities and Markets Authority (ESMA) published its draft guidelines on outsourcing to cloud service providers on June 3. Steven Maijoor, the chair of ESMA, indicated that the purpose of the guidelines is to “help firms understand and mitigate the risks that they are exposed to when outsourcing to cloud service providers.”
In April, we shared a LawFlash Outsourcing and Managed Services Agreements During COVID-19: Our Perspective. With the continued and unprecedented impact of the coronavirus (COVID-19) pandemic on business operations, we thought it would be timely to provide a brief update on five top-of-mind issues that we are addressing with outsourcing and managed services clients.
- Many outsourcing and managed services agreements include strict requirements on the location of personnel, including the location of certain personnel onsite at a customer site and/or the location of offshore personnel at secure delivery centers with no permitted remote working. These physical location restrictions often are coupled with requirements with respect to the type of technology that can be used when connecting to or accessing the customer’s systems or interacting with end users (such as hardened desktops only, no personal devices), security requirements and detailed connectivity and bandwidth requirements (particularly if there are end user facing activities such as call centers).
In cloud services, whether it is infrastructure as a service (IaaS), platform as a service (PaaS), or software as a service (SaaS), service availability is often a significant customer concern because the customer is relying on the vendor to provide and manage the infrastructure and related components that are necessary to provide the services. To address this concern, vendors will often provide a Service Level Agreement (SLA) containing a commitment that the service will be available for a percentage of time (e.g., 99.9%) during a certain period (e.g., week, month, or quarter). This is often referred to as an uptime or availability commitment. When reviewing and negotiating an SLA with an uptime commitment, it is important to consider the following issues.
Given the different types of cloud services and how those services are used, there is no standard uptime commitment provided by vendors. Rather, uptime commitments can range from 99.999% to 97% or even lower. It is also not uncommon for vendors to provide different uptime commitments for different parts of the service. Ultimately, a vendor’s uptime commitment will depend on a variety of factors, including the type of service, how a customer will use the service, negotiating leverage, and vendor’s business model.
The United States and the United Kingdom entered into the world’s first ever Clarifying Lawful Overseas Use of Data Act (CLOUD Act) agreement on October 3, 2019 (the Agreement). The Agreement, which will enter into force later this year after review by lawmakers in both countries, allows each country’s law enforcement agencies to demand, with proper authorization, electronic data regarding serious crime (defined in Article 1 of the Agreement as an offense punishable by a maximum term of imprisonment of at least three years) directly from technology companies based in the other country.
Please join us for our first webinar of the year where Morgan Lewis partner Barbara Melby will discuss the top trends that will impact the outsourcing market in 2020. Topics will include:
- Forecasts of where the outsourcing market is going
- Outsourcing as a way to disrupt business operations
- The impact of cloud, automation, and AI on outsourcing transactions
- A look at the “Partner Ecosystem”
- Focus on customer experience and outcomes
The webinar will take place on Wednesday, January 15, 2020, from 12:00 to 1:00 pm (Eastern Time). Register for the webinar.
Morgan Lewis partners Mike Pierides and Simon Lightman, in our technology, outsourcing, and commercial transactions practice, and Louise Skinner and Lee Harding, in our labor and employment practice, will be presenting "Ahead in the Cloud: Outsourcing and the Fourth Industrial Revolution" at the 2019 Strategic Sourcing Symposium on November 18.
They will discuss the challenges of workplace disruption arising from the insourcing or outsourcing of talent, and how businesses can ensure that their employer standards are not compromised by such outsourcing. Specific discussion topics will include the following:
- How technology developments are changing the world of work
- The multigenerational workplace
- The rise of automation
- The availability of remote working
The presentation is part of a daylong event in London that will include presentations from leading academics, business professionals, and legal practitioners in the technology industry. To register, visit the Global Sourcing Association event page.