The European Union’s General Data Protection Regulation (GDPR) requires companies to monitor and comply with some of the strictest privacy laws in effect. Now, the European Commission is refocusing efforts and oversight on ongoing investigations under the GDPR. Going forward, companies may want to focus even more intently on their compliance as the EU steps up investigatory procedures.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
As we reach the end of the year 2022, we have once again compiled all the links to our Contract Corner blog posts, a regular feature of Tech & Sourcing @ Morgan Lewis. In these posts, members of our global technology, outsourcing, and commercial transactions practice highlight particular contract provisions, review the issues, and propose negotiating and drafting tips.
The UK Financial Conduct Authority (FCA) and Prudential Regulation Authority (PRA) on December 20, 2022, announced fines totaling £48.65 million ($59 million) on TSB Bank plc (TSB) for operational resiliency failures, after an IT upgrade led to customers being unable to access core banking services.
The European Union (EU) Commission released its Draft Adequacy Decision for the EU-US Data Privacy Framework on December 13, which, in conjunction with President Biden’s executive order issued on October 7, will further facilitate trans-Atlantic data flows. The Draft Adequacy Decision mirrors the executive order, which established safeguards relating to the handling of personal information in the course of signals intelligence activities. If and when adopted, the adequacy decision will impact contractual requirements and processes by restoring data flows through a new Trans-Atlantic Data Privacy Framework.
On November 18, days before the FIFA World Cup Qatar 2022 was due to start, Anheuser-Busch InBev (the owner of Budweiser, a World Cup sponsor since 1985) was dealt an unexpected yellow card: FIFA issued a statement that appeared to renege on certain terms of their $75 million (£63 million) commercial sponsorship agreement.
The US Department of Commerce’s Bureau of Industry and Security released an interim final rule (IFR) on October 7 imposing new export controls on certain advanced computing and semiconductor manufacturing destined for the People’s Republic of China (PRC).
The financial services regulations relating to outsourcing by Luxembourg-headquartered financial institutions have been significantly simplified by the introduction of the Commission de Surveillance du Secteur Financier (CSSF) outsourcing circular CSSF 22/806 (Outsourcing Circular).
With the COVID-19 pandemic, many industries experienced a major shift in how the personnel of key suppliers worked, with “nonessential” personnel in large part working remotely. When this shift to remote work first happened (rather abruptly for many companies), security was a critical consideration, but one that was handled in many instances outside the supplier contract, with both parties focusing on keeping business operations going with must-have data and security safeguards in place.
As part of our Spotlight series, we spoke with Mike Pierides, the deputy leader of our technology, outsourcing, and commercial transactions team and a co-leader of our digital solutions industry team, on outsourcing in the financial services (FS) sector.
The COVID-19 pandemic introduced unprecedented challenges, requiring companies to adapt quickly to the way their personnel work, changes in their business offerings, and how they interact with their customers and suppliers. With some time to adjust to the “new normal” of the pandemic (and hopefully soon, the post-pandemic), many companies are looking ahead—with a potential economic downturn being top of mind.