With increased outsourcing to the cloud or other third party external service providers and an increasingly complex supply chain for businesses, modern strategies for leveraging data can bring significant business efficiencies, competitive edge and growth opportunities, but also a range of risks that need to be understood and mitigated.

This has been mapped by a rise in the increased relevance of data protection and associated regulation. In the words of the Information Commissioner, the EU General Data Protection Regulation (the “GDPR”) represents an “evolution” rather than a “revolution” in data protection regulation. Whilst existing data protection obligations have certainly been “tightened up” a notch, fundamentally, the current underlying data protection principles remain largely unchanged.

The new EU data protection framework does, however, introduce some key changes that are giving rise to closer scrutiny of the supply chain protections in place between controllers and processors and, in turn, we are seeing a shift in the approach adopted by both parties in negotiating and implementing data processing arrangements.

Miriam Everett
Miriam Everett
Head of Data Protection and Privacy, London
+44 20 7466 2378
Nick Pantlin
Nick Pantlin
Partner, Head of TMT, Sourcing and Data, London
+44 20 7466 2570
Claire Wiseman
Claire Wiseman
Senior Associate and Professional Support Lawyer, TMT, Sourcing and Data, London
+44 20 7466 2267
Marcus Turle
Marcus Turle
Consultant, TMT, Sourcing and Data, London
+44 20 7466 2886