Europe: EU / UK regulatory roundup
A round up of recent regulatory developments in the EU and UK.
In the 1990s and 2000s, as everything from banking to buying books moved online, “brick and mortar” businesses were suddenly required to have an online presence and to design new business processes to accommodate the new online world. Through a practice called business process engineering (BPE), banks had to design online services and appropriate authentication procedures, retailers designed online payment processes, and businesses in many sectors implemented processes for back office activities (such as invoicing and accounts payable) and customer-facing activities (such as responding to queries and complaints).
The generation of new online businesses that flourished during this period enjoyed a natural advantage in this environment. Their business processes had been engineered from the start for the online world, whereas the established players often ran their old pre-internet processes and the new online processes in parallel. Over time, through business process reengineering (BPR), these parallel processes were redesigned so that the brick and mortar businesses could compete in the new environment.
The revolution in AI poses a similar challenge today to that posed by the internet revolution. AI will be able to drive efficiencies through further labour arbitrage and by generating and allowing customers to react to richer insights into their business processes. A new wave of BPE will create processes centred around AI, and no doubt in time, old processes will need to redesigned through BPR.
In almost every outsourcing that we have seen over the past two or three years, the transformation plan includes the deployment of automation and AI to drive efficiency. Rules-based automation has been around for some time (it is not the focus of this article), but the autonomous nature of AI and the specific requirements for training an AI solution present a new set of challenges for the outsourcing practitioner.
The answer to that apparently simple question is somewhat complex. This article addresses the question by: (1) looking at the ways in which outsourcing agreements may need to be redesigned for the deployment of AI, whether one is looking to amend an existing outsourcing agreement through change control or contracting for an entirely new outsourcing; and (2) focusing on the impact of AI on a few key provisions in outsourcing agreements:
AI will necessarily affect other provisions in the agreement (for example, the data protection provisions), with consequences in some sectors more so than in others (for example, regulated outsourcings in the financial services sector). More information on these topics can be found on our Inside Tech Law blog. This article will then consider the downstream impact of AI within an outsourcing context on the customer’s other third-party vendors, and will conclude with some observations on contracting for disruptive technologies (such as AI) more generally.
The full article was published by educational charity the Society for Computers and Law (SCL).
On July 16, 2020, the Court of Justice of the European Union (CJEU) published its decision in the landmark case Data Protection Commissioner v Facebook Ireland Ltd, Maximilian Schrems and intervening parties, Case C-311/18 (known as the Schrems II case).
On July 7, 2020, the Commission de Surveillance du Secteur Financier (CSSF) issued an FAQ document on Circular 02/77 concerning the protection of investors in case of NAV calculation errors and the correction of the consequences resulting from non-compliance with the investment rules applicable to undertakings for collective investment (the FAQ).