Planning for major service disruptions and disasters, such as prolonged power failures, fires, flooding, and other extreme weather events, is an important element of strategic technology and service agreements.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
As discussed in a post from last month, annual spending worldwide on cloud services continues to rise with an expected increase up to $332 billion by the end of 2021, which is an increase from $270 billion in 2020. While the private sector is marching forward with increased reliance on hosted services, US government organizations have followed suit by increasing spending in cloud-based solutions allowing them to capitalize on the cost-savings and innovation gained by SaaS offerings.
The European Cloud User Coalition (ECUC) published a paper (the Position Paper) on May 17 recommending, among other matters, the adoption of “model clauses” for the long-term compliant use of cloud technologies.
The European Securities and Markets Authority (ESMA) on May 10 published final guidelines on outsourcing to cloud service providers (ESMA Guidelines) to help firms and competent authorities identify, address, and monitor the risks and challenges arising from cloud outsourcing arrangements. Subject to a few clarifications, the ESMA Guidelines are broadly consistent with the draft guidelines.
Annual spending worldwide on cloud services is expected to increase by 23% in 2021, according to a recent article in The Wall Street Journal, which cites a forecast by IT research and consulting firm Gartner Inc. Since the beginning of the COVID-19 pandemic, businesses have shifted to cloud-based services to support remote work, but businesses are also using the shift in attitudes toward cloud services to move more complex IT needs to the cloud. The article reasons that the push to use cloud services may also be due to the hybrid workplace model that many businesses are adopting, where workers can work both in the office and from home. This model requires that remote workers have access to critical software and infrastructure.
The UK Prudential Regulation Authority (PRA) published a policy statement (PS7/21) and a supervisory statement (SS2/21) on clarifying and modernizing regulatory expectations of outsourcing and third-party risk management on March 29. The expectations in PS7/21 and SS2/21 are relevant to banks, PRA-designated investment firms, insurers, and branches of overseas banks and insurers and apply not just to “outsourcing” but also non-outsourcing material or high-risk service arrangements. The expectations apply at a legal entity level rather than at a group level (save for expectations on intragroup arrangements).
As we noted in our Outsourcing 2021 webinar last week, a lot has happened and changed in the last 12 months since January 2020. There have been significant and unprecedented changes in the way our companies do business, the way we engage and interact with colleagues, and the way we interact with external parties, including how our companies and each of us leverage technology to market, process transactions, and otherwise communicate.
The use of aggregated data by technology service providers is quite common in today’s landscape, and something that even traditionally cautious customers have become amenable to in the right circumstances and subject to proper limitations.
An annual survey found that the coronavirus (COVID-19) pandemic has influenced decisions made by state chief information officers (CIOs) in 2020 in all areas addressed by the survey. The 2020 State CIO Survey (the Survey) released by the National Association of State Chief Information Officers, Grant Thornton Public Sector LLC and CompTIA (Sponsoring Organizations) was conducted several weeks after the start of COVID-19 and includes the responses from 47 state and territory CIOs.
Peter Watt-Morse and Ben Klaber, members of our technology, outsourcing, and commercial transactions practice, will be presenting a one-hour session on cloud computing as part of the Pennsylvania Bar Institute’s (PBI’s) virtual Cyberlaw Update 2020. The session will take place Tuesday, September 29, 2020 at 10:10 am ET.