Data Processing Agreements: Coordination, Drafting, and Negotiation

Executive Editor: Justin B. Weiss, CIPP/A, CIPP/E, CIPP/US, CIPM, FIPPurchase Digital

Justin is the global head of data privacy for the Naspers Group of companies. He originated a practicum course on data processing agreements as faculty at the University of Maine School of Law’s 2018 Information Privacy Summer Institute and currently serves as the vice chairman on the board of directors of the International Association of Privacy Professionals.

Members of the Privacy Bar Section of the International Association of Privacy Professionals have come together to produce this collective work, designed to assist newer and veteran practitioners alike to better understand the particulars of drafting and negotiating data processing agreements. 

European law has long required data controllers and data processors to conclude such contracts. Now with the advent of the European Union’s  far-reaching General Data Protection Regulation, set against the backdrop of a widespread market reliance on cloud service providers that has expanded in the digital age, the requirement might be said to have “gone global.” Privacy practitioners around the world, whether they operate from jurisdictions with their own comprehensive privacy laws or not, are now expected to familiarize themselves with these instruments and understand their role in enabling international and domestic commerce, compliance, risk allocation, emergency preparedness and public trust.

Referencing sections of the IAPP’s Sample Data Processing Agreement throughout, the book takes a practice-oriented approach. It incorporates the insights of privacy pros from companies and firms across Africa, the Americas, Asia, Europe and Oceania, reflecting the internationalized nature of the IAPP’s membership and of contemporary privacy practice itself. Whether you work for a large multinational in an emerging market, are a new-to-bat practitioner assigned to a small United States startup, represent a European client negotiating with a foreign counterpart, serve as a business lead who’s been given privacy assignments, or have an academic interested in the emergence of an ever-evolving, fascinating field of practice, the commentary in this book should assist you in better understanding the contracting and third-party accountability aspects of your projects and provide you with tools for success.

All IAPP textbooks can be found in the IAPP Store.