TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
From time to time, data controllers are confronted with the question of whether data subjects can raise claims for specific security measures against the controller under Article 32 of the EU General Data Protection Regulation (GDPR). These measures can be costly and cumbersome for the controller.
There is no “one size fits all” solution when drafting and negotiating the liability provisions relating to data protection obligations and security incidents.

In Part 1 and Part 2 of this Contract Corner, we discussed the importance of assessing and defining the types of data involved in a services agreement, and highlighted issues to consider with respect to the ownership and control of company and personal data.

In Part 1 of this Contract Corner, we discussed the importance of evaluating the types of data to be processed or accessed by a service provider at the beginning of the contracting process and key considerations to address when defining the types of data in the services contract.
Drafting and negotiating the data protection provisions in services agreements can be one of the trickier and more time-consuming aspects of the contracting process.

The seventh edition of Data Protection & Privacy, published annually by Getting the Deal Through, provides answers from practitioners around the globe regarding key questions in international privacy and data protection laws and regulations.

This week we welcome new partners to our outsourcing and commercial transactions practice, Mike Pierides and Simon Lightman.
The California Consumer Privacy Act (CCPA) was signed into law this summer, as described in our prior post and this LawFlash.
London partner Pulina Whitaker recently published a LawFlash discussing how the United Kingdom’s exit from the European Union will make the UK a “third country”