Security Schedules, Privacy Addenda, TOMs, DPAs—whatever you call them, privacy and cybersecurity contract terms have exploded in prevalence in recent years, bringing with them new importance that can lead to difficult and complex negotiations. Arguments such as “this is standard” or “everyone agrees to this” are not quite as persuasive where privacy and cybersecurity risks (to both vendors and customers) can be substantial and the underlying regulatory framework is constantly shifting and expanding.
In this webinar, McDermott lawyers Todd S. McClelland, Saba Bajwa, Brian Long and Austin Mooney will discuss:
- The respective interests of vendors and customers on key privacy and cyber-related terms (e.g., limitations on liability, compliance with law, reps and warranties, breach notification) and provide examples of compromises that are often reached
- The legal requirements giving rise to privacy and cybersecurity contract terms, such as requirements under Europe’s GDPR and new US state laws (e.g., CCPA, CPRA, VCDPA)
- “One Size Fits All” vs. jurisdiction-specific term considerations
- Strategies for operationalizing contracts across a large number of vendors/customers
- Standard Contractual Clauses and other cross-border data transfer terms
- Other considerations for an effective Vendor Risk Management program