Privacy and Cybersecurity: A Big Deal for Big Deals

Privacy. Security. Risk. 2016

Eric Bukstein, CIPP/US, Director, Lead Data/Privacy Counsel, PwC; Tricia Cross, Senior Counsel, Privacy, Twenty-First Century Fox; Scott Loughlin, Partner, Hogan Lovells

Data is valuable and, at the same time, risky. On one hand, organizations want to share data, as data may be necessary to perform a vendor service or key to promoting innovation value in a strategic partnership. On the other hand, organizations want to protect data, as they may want to prohibit further uses or impose security obligations to avoid a data breach. To make things more difficult, data providers and recipients often have different views of and risk tolerances for data. Organizations and their vendors and partners are left to resolve this tension on a case-by-case basis and often look to their contracts to do the heavy lifting. Here, we will explore how organizations enter data negotiations and get deals done. We’ll offer case studies to highlight how privacy and cybersecurity issues are negotiated. Particular focus will be given to resolving common sticking points: data breaches, security, indemnification and limitation of liability.

What you’ll take away:

  • An understanding of the privacy and security issues that often arise in data sharing relationships and how those issues are addressed by contract
  • Strategies for negotiating data contracts, allocating data risks and overcoming frequent stick points
  • An understanding of specific terms and conditions that need to be included in data-related contracts under applicable laws