Managing contracts and legal risk when developing a digital strategy

Out-Law Analysis | 01 May 2014 | 11:18 am | 3 min. read

FOCUS: As organisations develop new digital strategies in an effort to get the most from new technology and platforms, such as cloud computing, big data, mobile and social media, they face a range of legal challenges.

New technology brings with it new risks to consider and manage, such as to data security and to the interoperability of systems, and a complicated contractual landscape can also be difficult to navigate.

Harnessing new technology is becoming increasingly important for business success, so there are a number of things companies need to do to address contractual and legal challenges, and ensure a smooth digital transformation.

Digital strategy development

The development of strategy depends on a good understanding of one's business, the market, your customers, the opportunities and the challenges. The development of a digital strategy for your business is no different. Most businesses depend on technology for their very success. Technology is critical to the delivery of products and services; to communication with customers and employees and more or less supports and enhances every activity. 

These functions are under pinned by a complex range of contracts and licenses, whether with third parties or intra-company. The development of an organisation's digital strategy therefore cannot be created in a vacuum. Contracts provide a reference point for the current technology environment and potentially the platform to deliver solutions. There are many other legal angles which should be considered before finalising the strategy and proceeding to implementation.

Risks in moving from legacy to digital

Any move away from legacy systems to new digital technology carries with it a high degree of risk, particularly in a regulated environment such as financial services.

At the heart of the issue is that there is a high degree of complexity around the technology deployed in most companies and the contracts and licences which underpin these technologies. Companies want to innovate; they want to move fast and the idea of doing things in different ways using 'best of breed' technology developed by SMEs seems appealing. 

The ever present drive for efficiency and cost reduction since the financial crisis in 2008 has not necessarily created the right contractual and legal platform to allow such flexibility to exist. For example, in order to deliver cost reduction over a period of time, suppliers need security against early termination and exit and these protections for the supplier have been hard wired into contracts. In the absence of a material contractual breach, some customers are going to feel locked into technology and services which no longer fit with the new business strategies.

Without wishing to stand in the way of innovation, General Counsel (GCs) have a difficult message to deliver in explaining contractual issues and this needs to be combined with ever present notes of caution around regulatory compliance, possible data and security breaches and the need to protect the security of the supply chain. 

On the supply side, GCs will want to be seen to be supporting the new digital architecture; digital platforms and digital products and services which are being developed and supplied to existing and new customers. However, customer legacy systems and services will not necessarily fit or apply to new technologies. It is also apparent that whilst some customers do not wish to move away from their legacy systems they are looking for new 'cloud terms' which give them greater flexibility.

On both the customer and supplier side it is essential to have a high level view of the contractual environment upon which the company depends and upon which it is going to deliver or implement digital solutions.

Once the foundations are established and in place, any major digital implementation is going to involve some form of transformation programme or project.  This may involve exit and transition from existing contracts. The cost, timescales and risks here need to be carefully considered as part of the business case for implementing digital solutions.

The risks in separating responsibility for legacy and digital systems

Many companies are currently adopting a 'twin track' approach to the development of their digital strategy and its implementation. They have formed digital hubs and businesses to foster innovation and create a dynamic implementation environment. The 'old world' technology is managed by the CIO, and chief marketing officers (CMOs) are being tasked with developing the 'new world'. This presents a number of technology challenges as well as operational and legal risks. 

From a business perspective such twin tracking might look attractive in order to move forward quickly, but it may lead to increased complexity, incompatibility and operational issues where technologies do not interface appropriately. Boards need to have a clear view as to their intentions here. If twin tracking is going to be permitted, it is sensible to identify in advance where technology convergence is likely to take place and review this regularly.

Digital strategies are designed to connect businesses to their customers and employees online. This can bring enhanced data security and cyber security risks. Companies have traditionally protected themselves by using closed systems protecting corporate information and data behind a strong firewall. Online access and the enhanced use of mobile applications depend on open systems which bring additional security risks. Businesses' digital strategies need to recognise this and contain appropriate measures to ameliorate the risk.

Clive Seddon is a TMT partner at Pinsent Masons, the law firm behind Pinsent Masons is hosting a series of free Out-Law seminars on the subject of 'legacy to digital' – please click the link for details on how to register to attend