Written by Scott Thiel, Edward Chatterton and Louise Crawford The Hong Kong Privacy Commissioner for Personal Data (“PCPD“) recently published an information leaflet outlining the application of the Personal Data (Privacy) Ordinance (the “PDPO“) for data users looking to engage cloud providers. The information leaflet outlines the data protection principles (“DPPs“) which apply in the … Continue Reading
Written by Joanna Sykes-Saavedra and Greg Manter In complex sourcing transactions, all sides are quick on the draw with calculators at the ready when it comes to determining formulas for charges or caps on limitations for liability. However, another point of negotiation that similarly requires a sharp pencil is the calculation of “availability” for service … Continue Reading
Written by Kit Burden In recent times, we have seen an increasing number of deals where the required services have been delivered from the cloud, i.e., from remotely hosted solutions, usually (albeit not always) offered on a “one to many” basis and on a subscription/usage based model. This is obviously a trend that has been … Continue Reading
The European Data Protection Supervisor (EDPS) launched it data protection strategy, summarizing it in three strategic objectives and 10 accompanying measures for the next five years. The EDPS stated that it is a crucial moment for data protection, a period of unprecedented change and political importance, not only in the EU but globally. 1. Data … Continue Reading
Written by Thomas M. DeButts The US Department of Commerce, Bureau of Industry and Security (BIS) recently released a redacted Advisory Opinion dated November 13, 2014 that confirms for cloud-based software vendors (or Software as a Service providers) that allowing access to export controlled software for use only in the cloud (or on servers) does … Continue Reading
By Patrick Van Eecke and Antoon Dierick Almost five months after federal parliamentary elections took place, the negotiators from the four political parties around the negotiating table (Flemish parties NVA, CD&V and Open VLD and Walloon party MR) reached a coalition agreement which contains quite a few interesting policy initiatives from a privacy and IT … Continue Reading
By Phillip Kelly and Elinor Thomas, DLA Piper (UK) On 26 June 2014, the European Commission announced that it had been presented with guidelines on the standardisation of Service Level Agreements (SLAs) for cloud computing services. The publication of the guidelines represents only the latest step in the Commission’s wider European Cloud Strategy, which was … Continue Reading
Written by Nichola Prescott, Associate, London The Financial Conduct Authority has published a document setting out a list of points for financial services firms to consider when preparing for and evaluating third-party technology banking solutions. Where a third-party provides services which are critical to a regulated firm’s business operation, it will be considered an outsource … Continue Reading
Our thoughts and prayers go out to those impacted by Hurricane Sandy and the Nor’easter. While Mother Nature has been relentless against the east coast of the United States over the past several weeks, us IT attorneys cannot help but think about the significance of those force majeure clauses and disaster recovery plans in agreements that are often glossed over during … Continue Reading
The UK Information Commissioner’s Office (“ICO“) has released guidance on the use of cloud computing (“Guidance“). This Guidance follows the long awaited opinion of the EU Article 29 Data Protection Working Party (“WP 29“) (Opinion 05/2012 on Cloud Computing (the “WP29 Opinion“)) issued in July 2012, which stresses that control and transparency are key for … Continue Reading
If we cast our collective minds back to the days “pre-Crunch”, a marked feature of many sourcing strategies adopted by larger entities was a move to embrace multi sourcing (i.e whereby a service or set of services which could conceivably have been awarded to a single supplier was instead broken up and divided between a … Continue Reading
On 1 July 2012, the EU Article 29 Data Protection Working Party (WP 29) issued its long awaited Opinion 05/2012 on Cloud Computing (Opinion). In this document the WP 29 identifies a number of key data protection compliance issues that may arise in relation to the use and provision of cloud services. This Opinion is … Continue Reading
