TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS

The US–China trade deal signed on January 15 aims to strengthen intellectual property protection for US intellectual property holders.

The deal increases the scope of actors liable for trade secret misappropriation to include all natural persons, groups of persons, and legal persons. The deal also enumerates additional acts constituting trade secret misappropriation, such as electronic intrusions and a breach or inducement of a breach of duty not to disclose information that is secret or intended to be kept secret. To further strengthen the protection of trade secrets, the deal provides that “China shall prohibit the unauthorized disclosure of undisclosed information, trade secrets, or confidential business information by government personnel or third party experts or advisors in any criminal, civil, administrative, or regulatory proceedings conducted at either the central or sub-central levels of government in which such information is submitted.”

The terms “reseller” and “distributor” are often used interchangeably to describe entities that purchase goods or services from a manufacturer and then distribute or resell such goods or services to retailers and consumers. However, there are some key differences between a distributor and a reseller and important issues to consider in agreements with resellers and distributors.

In a recent Wall Street Journal article, cybersecurity journalist Catherine Stupp drew attention to the massive surge in internet-connected devices expected to be in use by the end of 2020. This increase in the Internet of Things, which refers to internet-connected devices ranging from televisions and automobiles to fitness tools and medical devices, presents several challenges to the world of cybersecurity.

The article not only urges manufacturers of internet-connected devices to apply cybersecurity techniques to increase security, but also asks large companies buying devices to incentivize good security practices by only purchasing devices with proper safeguards. The California Consumer Privacy Act, which took effect January 1, 2020, takes a step in the right direction by no longer allowing manufacturers to sell internet-connected devices with weak default passwords. Stay tuned for future developments as cybersecurity races to keep pace with the growth of connected devices.

The United States and the United Kingdom entered into the world’s first ever Clarifying Lawful Overseas Use of Data Act (CLOUD Act) agreement on October 3, 2019 (the Agreement). The Agreement, which will enter into force later this year after review by lawmakers in both countries, allows each country’s law enforcement agencies to demand, with proper authorization, electronic data regarding serious crime (defined in Article 1 of the Agreement as an offense punishable by a maximum term of imprisonment of at least three years) directly from technology companies based in the other country.

You signed a long-term deal. It would be embarrassing if, in a few years after signing, the pricing is significantly higher or your service levels are significantly lower than market. Benchmarking provisions are intended to provide a mechanism for ensuring that your pricing and/or service levels are within market (taking into consideration the unique factors applicable to your deal). Set out below are some of the key components of a meaningful benchmarking provision.

Open Banking is an initiative mandated by the UK’s Competition and Markets Authority (CMA) in 2017. It is intended to facilitate better competition in the banking sector by mandating protocols that facilitate the secure sharing of customer-related data of the nine largest banks in the United Kingdom (CMA9) with third-party providers (TPPs).

Open Banking is developed and delivered in the United Kingdom by the Open Banking Implementation Entity (OBIE). The OBIE was established by the CMA and is funded by the CMA9. The CMA’s UK Retail Banking Market Investigation Order 2017 (Order), which applies only to the CMA9, requires the CMA9 to provide their customers with the ability to access and share their account data on an ongoing basis with TPPs through the use of specified application programme interfaces (APIs). This compliments the reforms under the EU’s Second Payment Directive (as transposed in the United Kingdom primarily by the Payment Services Regulations 2017), which requires all payment account providers to permit open access to payment accounts for authorized TPPs, but which does not specify the means of access or prescribe the scope of access in any detail.

In this contract corner, we consider the concepts of “good faith” in commercial contracts under English law.

The General Position Under English Law

The notion of good faith is a complex and evolving concept under English law, and it has important implications for those drafting commercial contracts. In contrast to many other civil (e.g., France and Germany) and common (e.g., United States and Australia) law jurisdictions, there is no general doctrine of good faith either in negotiating or in performing a contract. Instead, parties are free to pursue their own self-interests, so long as they do not act in breach of contract. However, the notion of good faith can still impact commercial contracts in three main ways:

We have all heard the horror stories: system implementation deals costing 300% more than the original budget, go-live dates for development projects being way past the scheduled dates, and deliverables that do not meet the customer’s expectations. These are the stories that keep us lawyers up at night. So what can we do in the contract to incent timely, on-budget performance by the vendor? First, there is no substitute for a detailed and well-thought-out requirements document, which provides the roadmap that shapes the design, build, and deployment. Then, while there is no magic bullet, there are numerous contractual mechanisms to be considered that are designed to provide guideposts and checkpoints to enable success.

Set out below are 10 contractual mechanisms for providing meaningful performance commitments and consequences if the commitments are not met. Maybe you will not need to invoke these mechanisms, but having firm rules may help drive good behavior (you know the old adage, “good fences make good neighbors”). As is always the case, the appropriate mechanisms to be used are deal specific, and not all deals or relationships require the full spectrum of contractual commitments set out below (but some do!).

As our loyal Tech & Sourcing readers know, we have been doing our best to keep you informed about the requirements of the California Consumer Privacy Act (CCPA) and what you can do to prepare as its January 1, 2020, effective date draws near. Continuing that vein, we invite you to an upcoming webinar wherein Morgan Lewis partners Reese Hirsch, Mark Krotoski, and Carla Oakley and associate Kristin Hadgis will provide an overview of the latest amendments to the CCPA, the state of the law and related regulations, and practical perspectives on CCPA compliance.

The Morgan Lewis team will discuss the following topics:

  • The new one-year exemption for employee data*
  • The new one-year exemption for B2B communications*
  • Other new amendments, including those related to the use of toll-free numbers and verifiable consumer requests*
  • Failed amendments and other issues to watch
  • Status of California attorney general regulations and a possible new ballot initiative
  • Other state laws influenced by the CCPA
  • Preparing for the January 1 effective date and 2020 enforcement date

We hope you will join us for the one-hour webinar on Tuesday, October 22 at 1:00 pm ET.

Register for the webinar now >

For a primer in advance of the webinar, catch up on our previous posts on the CCPA and recently proposed amendments, and check out the Morgan Lewis CCPA Resource Center for more.

*Indicates an amendment to the CCPA that has passed the California Legislature but, as of this writing, has not yet been signed into law by Governor Gavin Newsom.

Companies that use app-based technology platforms to connect consumers directly with service providers have faced an important question of whether the individuals providing the services are contractors or employees. California recently passed legislation that requires companies to treat contract workers that perform core company functions as employees.