Paradigm shift in data privacy

It’s been more than two years since the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) went into effect, ushering in a scramble to understand the new laws and the obligations they entail for businesses around the world that sell to or collect data from customers in the E.U. and California, respectively.

Beyond the legal minimum of technical compliance, there is also the business consideration of customer relations. The CCPA may not protect individuals who are not residents of California, for example, but how will your customers in other states react if you don’t provide the same assurances with respect to their data that you provide to your customers in California? Do you have the tools you need to proactively monitor and fulfill your obligations with respect to customers’ data?

The U.S. Department of Commerce has worked with the European Commission and Swiss Administration to design Privacy Shield Frameworks intended to facilitate compliance with the GDPR’s data protection requirements for American and European businesses that need to transfer customers’ personal data from the E.U. or Switzerland to the United States. However, both the E.U.’s Court of Justice and Switzerland’s Federal Data Protection and Information Commissioner have separately ruled that the Privacy Shield Frameworks do not provide adequate protection with respect to data transfers to the U.S.

Even so, those rulings do not mean that the Privacy Shield Frameworks are simply going away. The Department of Commerce has stated that the more than 5,000 active participants in the Privacy Shield Framework are still bound by those obligations.

This means that there are multiple sets of privacy regulations for different geographies, a pair of compliance frameworks that have officially been deemed insufficient but are still obligatory for those who have signed on to them, and the possibility that other data privacy regulations or frameworks may continue to arise over time.

Do your customer-facing standardized contracts offer sufficient assurances regarding the privacy of your customers’ data? If you exchange data with business partners, have you ensured that your agreements contain satisfactory protections for customer data and transfers thereof?

Phasing out financial benchmarks

In case that’s not enough uncertainty to keep things exciting, data privacy regulations are not the only rapidly changing landscape that lawyers and contract managers presently have to navigate. LIBOR (the London Interbank Offered Rate), a longtime lending benchmark that serves as the reference point for interest rates and other financial terms in more than $200 trillion worth of contracts worldwide, is set to expire on Jan 1, 2022. In 2012, a scandal came to light that showed that the benchmark rate was too easy to manipulate, allowing bankers to report false rates in order to pad their own profits.

So what’s next? The Federal Reserve Bank of New York (the Fed) has proposed a new Secured Overnight Financing Rate (SOFR) as an alternative to LIBOR. SOFR is based on actual overnight transactions wherein financial companies borrow cash using U.S. Treasury notes as collateral, whereas LIBOR is speculative. Proponents argue that SOFR is more difficult to manipulate because it is based on real transactions, unlike LIBOR. On the other hand, some argue that SOFR is not as closely attuned to potential changes in credit markets precisely because it is based on past transactions rather than estimated future borrowing costs.

Whether or not the market adopts SOFR as a replacement, LIBOR will be phased out in a little more than a year. The U.S. Treasury Department’s Financial Stability Oversight Council warned in its 2019 annual report that "[t]he failure of market participants to adequately analyze their exposure to LIBOR and transition ahead of LIBOR’s anticipated cessation or degradation could expose market participants to significant legal, operational, and economic risks that could adversely impact U.S. financial markets.” In other words: update your contracts or else.

Are you ready to make that transition? What proportion of your contracts reference LIBOR? Do you have an efficient way to identify and update every clause in every contract that will be impacted by this shift, or similar regulatory shifts in the future?

Smart templates and AI solutions for contract compliance

Trillions of dollars worth of contracts are dependent on a standard that is set to change in just over one year, but has no definite replacement. Businesses are subject to nascent data privacy regulations that do not yet have approved compliance frameworks to follow for data transfers between regions. Given the uncertainty that these new developments entail, how can businesses track, update, and redraft all of the relevant clauses across all of their contracts at that scale? And how do the people preparing and managing contracts approach the issue going forward?

There are two parts to the answer: artificial intelligence and smart templates.

Leveraging the power of machine learning and natural language processing, an AI-powered solution can review in seconds what it would take a team of people hours to complete. Over time, that can shave days, weeks, and even months off of the time you spend manually reviewing contracts to keep track of your obligations and rights, and ensure that your contracts conform to current regulatory standards.

As for the second point: good lawyers have been leveraging smart templates to draft commercial agreements for years, even before there was technology to assist them. The idea is that the contract terms should reflect the overall agreement between the parties, not the specific circumstances in place at the time the agreement is drafted. Smart templates use standard, pre-approved clause language that is favorable to the initiating party and enables variable data such as contract date or party names to be imputed at the time of drafting.

AI powered contract management software can help you identify problematic clauses and potential compliance issues in your existing contracts so that you can update them in order to remain compliant with evolving regulatory standards. Smart templates can help you to efficiently draft standardized clauses that incorporate all of the necessary information without requiring you to revise them every time the legal landscape shifts which also improves compliance management and negates the need for manual compliance audits.

Practices for Contract Compliance

How are you adapting your current contracts to ensure compliance in a shifting regulatory landscape? Do you have the tools and workflows to meet set goals and protect your organization and your customers while you prepare the agreements that keep your business running, consistently and at scale?

AI templates and machine learning platforms are assisting forward thinking businesses like yours streamline the contract management process and achieve their goals.

Evisort offers the only AI-powered, end-to-end solution for contract drafting and management not just to law firms, but to any business looking to revolutionize their contract management process. Get in touch to see how we can help you stay on top of your contractual rights and commitments and simplify your workflow.

Request a demo of our Contract Workflow and Contract Management tools!