Refocus technology contracts. Reassess tech provider selection. Ponder possible action against trade secrets theft.
That may seem like a wonky list of New Year’s resolutions. Maybe so, but it’s also a necessary one, said attorneys at international law firm Mayer Brown. Legal tech trends in 2018 to watch for include rewriting tech contracts to account for software that learns — think artificial intelligence; privacy and security taking on new significance in tech transactions; and the effects of an ever-increasing use of big data on litigation.
Lawyers in the Chicago-based firm’s technology transactions group gave a rundown of legal tech trends in a recent teleconference. Here’s what CIOs and business chieftains should be ruminating on this year.
Data becoming a core asset
Treating data as a core asset is not just for organizations in data-driven fields like digital marketing, stock trading and pharmaceutical manufacturing; it’s also for “companies that are not centered on data,” said Mayer Brown partner Brad Peterson. Encouraged by falling prices of storage, data processing and innovations in analytics engines, companies of all stripes are using connected devices that gather reams of data.
“Companies face an expanding number of digital connections and an absolute explosion of data. As a result, value has shifted to how companies integrate, orchestrate and curate those connections and how they gather, store and exploit data to achieve their missions,” Peterson said.
Companies are using advanced analytics tools that incorporate machine learning and AI to unlock value in data, he said — and a “critical fact” for tech transactions is these tools aren’t programmed; they learn.
“It is often difficult or even impossible to limit how they use data, or to explain why they deliver the insights that they deliver,” Peterson said. “The insights that these tools produce may not be protected by intellectual property laws at all and thus must be protected in different ways than traditional outputs.”
Such tools need to be “restricted to the rights that the contracting parties have in the input data,” and transactions need to center on what insights might be arrived at, not a promise of meeting requirements.
Data protection and security dominate
It’s likely no surprise that IT security is on a list of legal tech trends for 2018, given the recent rise in cyberattacks. In fact, said Mayer Brown attorney Rebecca Eisner, cybersecurity and also privacy are the “most hotly contested area” in technology contract negotiations, including cloud agreements, outsourcing arrangements and software development licensing. Businesses will have to adjust to new privacy and cybersecurity regulation in 2018, developing “reasonable contract terms and allocations of risk,” Eisner said.
Companies already are complying with state and federal privacy and security laws, including laws in 48 states and Washington, D.C., that mandate reporting of data breaches. Changes in 2018 include state and federal privacy and security laws — for example, financial institutions will have to satisfy new requirements from regulatory agencies such as the Federal Financial Institutions Examination Council.
For U.S. companies that do business with EU citizens, and process personal data on those citizens, the recently enacted EU-U.S. Privacy Shield agreement “continues to be an effective means of EU-to-U.S. data transfer,” Eisner said. But any company with ties to European customers will be subject to a new EU data protection directive, the General Data Protection Regulation, which will take effect in May. The directive will require companies to make technical and operational changes, and violations could cost them big — up to 4% of revenue.
Companies should have started preparing for such changes in 2017 — restrictions on profiling, for example, and accommodating the European “right to be forgotten” — with 2018 being the time for making “final touches for compliance.”
Companies with business operations in China will also have to reassess compliance obligations, Eisner said. China’s new cybersecurity law, which went live in June, requires that any data collected or generated in China be stored in China unless it can be proven that cross-border transfer of data is necessary to business. Most companies qualify for a grace period, which ends Dec. 31, to comply with the law.
No matter where in the world companies do business in 2018, Eisner said, “This is a good year to re-evaluate existing technology provider selection and due diligence practices, to check to ensure that security and privacy clauses are up to date and to refine the process for ongoing monitoring of third parties.”
Demand for digital services ushers in big changes
Companies are turning to avant-garde technologies to craft wholly new types of business, said Mayer Brown attorney Mark Prinsley, who works in the firm’s London office. One area that is rapidly growing in popularity is blockchain, the distributed ledger technology that forms the basis of digital currency bitcoin. The financial services industry has embraced blockchain for areas like trade finance, “where numerous people need to access the same information,” Prinsley said, adding that, “at the moment, this processing is done by quite antiquated methods.”
But it’s not just finance that’s embracing blockchain, he said. Kodak, for example, announced it would use blockchain technology to track the use of stock photos and help photographers earn income for use of their material. Indeed, the possibilities for the technology seem “limitless,” Prinsley said, and regulators in different industries will be looking to develop international standards for deploying it.
Data interoperability — “the rights and obligations of parties to share digital data effectively between competitors,” Prinsley said — will likely gain prominence in 2018. For example, under a U.K. finance platform regulation, if a bank turns down a small-business applicant for a loan, the bank is required to pass information about the applicant to designated financial platforms, which other lenders can access.
“The aim is to increase competition and availability of finance to small businesses in the U.K.,” Prinsley said. “A takeaway for business is to consider how new digital technologies might be adopted in a way which means data can be available, probably to competitors, in a rapid and open way.”
Prepare for anti-antitrust efforts, trade secrets litigation
Antitrust agencies will show more interest in companies using big data in 2018. Prinsley cited the EU commissioner on competition, Margrethe Vestager, who is looking into whether tech companies that control — and later sell — the data consumers hand over when they search and shop online are shutting out competitors.
“It may be that we will see antitrust authorities around the world taking different views on this issue,” Prinsley said.
The digital era may have made it easier for people to steal trade secrets and turn them over to competitors, as the lawsuit that Waymo, Google’s driverless car company, filed against ride-sharing company Uber in February 2017. The suit alleges that ex-Google employees stole secret information and then launched its own autonomous auto company.
“The fact that the action was launched in the first place shows how vulnerable businesses are in an age of digitization,” Prinsley said, pointing to an EU directive that aims to standardize laws in EU countries against trade secrets theft. The directive will come into force in June and “may well be a straw in the wind for more trade secrets litigation in Europe.”