Digitalization is transforming the relationship between businesses, individuals and governments. Digital transformation requires businesses to be on guard against regulatory penalties and reputation risk — and to do so at the rapid pace that digital enables.
What EY can do for you
Digitalization is transforming legal and contractual relationships between businesses, individuals and governments. As more data is being collected, stored and exchanged electronically, not only do new monetization opportunities arise, but so do new risks and responsibilities, including data privacy and cybersecurity.
Digital transformation requires general counsel to be on guard against possible regulatory penalties and reputation risk — and to do so at the rapid pace that digital enables.
The EY Digital Law team can help identifying digital risk areas and meet the legal challenges in following areas:
Data & Cyber Law
The digital economy is data-driven. Violations of regulations may result in reputational damage and huge fines in areas like cloud computing, the Internet of Things, social media and big data analytics.
Compliant privacy practices are a key element of corporate governance and accountability. The concern about negative publicity is a key driver for organizations’ efforts to facilitate data protection compliance.
EY network of legal and IT security professionals, covering more than 80 jurisdictions, gives us the opportunity to cover data protection and cybersecurity issues around the world, including the following:
- Compliant “big data” projects
- Compliance with the new EU General Data Protection Regulation
- Privacy impact assessments
- Compliance in social media use
- Cybersecurity breach management
- Data security policies and implementation
- Privacy by design in digital product development
- Cloud computing compliance
- Data protection in mobile apps
- Frameworks for international data transfers
Digital Intellectual Property (IP) Law
Intangible assets, such as intellectual property, data, brands and technology, are of increasing strategic importance to businesses. To reach their full potential, businesses must appreciate how regulation varies across operating environments. International IP and technology-related issues include:
- New IP rights stemming from digital transformations
- IP as a core asset of digital business models
- Due diligence into IP-backed asset financing and security interests over IP assets
- Protecting trade secrets and know-how
- IP challenges in 3D printing
- Tax aspects in the allocation of IP rights
- Licensing, joint venture and collaboration documentation
- IP-backed asset financing and security interests over IP assets, including royalty monetization agreements
- IP due diligence and verification
Digital Regulatory Law
Taxi, hotel and financial services regulations are illustrative examples where new digital and sharing economy business models collide with regulations. Digitalization often makes human work superfluous, and triggers specific employment law topics.
EY Digital Law team can help clients identify risk areas and plan to meet the challenges of transformative change, encompassing the legal aspects of regulation in terms of the digital transformation both generally and specific to your sector in the following areas:
- Financial services
- Employment regulation
- Retention and localization duties
- Pharma and healthcare
In practice, digital’s ability to transcend borders is part of its appeal. However, laws are grounded in a world that is defined with borders, and within them, ever-changing laws concerning data privacy, trade, transactions, IP, crypto currencies and more.
An organization’s digital platform is a bridge to its customers and, with it, an organization must confirm that it is not only compliant with e-commerce laws and regulations but also is protecting its interests as it contracts via its digital platform. EY’s integrated law and tax services are particularly critical as the tax and legal aspects of an online business are so entwined, and can help clients:
- Address consumer protection and competition laws as e-commerce capabilities develop and evolve
- Build the legal framework of an e-commerce business by drafting legal agreements for use online
- Protect digital intellectual property appropriately
- Facilitate compliance with global data privacy requirements for a digital business
- Advise on the contractual basis for contracting online, including preparation of user terms and conditions and use of digital signatures
- Assist with the contractual agreements required to get the client’s digital premises off the ground – including software licenses, website design agreements and R&D agreements.
How EY Data Permissions Navigator can help manage data privacy risk
Markets and consumers continue to be excited by the latest information-driven innovations. But the rate at which data is now routinely collected and processed has led to a significant increase in social and regulatory scrutiny.
EY Data Permissions Navigator (EY DPN) is a cloud-based, intelligent data privacy risk management platform designed to help organizations make the right data use decisions quickly and unlock the value of the data. EY DPN automatically analyzes fact patterns together with internal standards, data ethics and global laws and regulations to take the pain out of privacy risk management for functions across the business, including law, compliance, IT, product engineering and operations. EY DPN helps organizations:
- Use data with more confidence, for more purposes, in a way that builds customer trust
- Manage the risk of regulatory, legal and ethical violations to deliver sustainable revenues from your data
- Increase accountability and transparency into data use and risk decisions
- Automate complex legal processes to speed up value realization and reduce process inefficiencies
Three steps to navigate data permissions using EY DPN
EY Data Permissions Navigator is available on a per user basis with standard implementation fees. The platform provides an intuitive interface with well-defined processes and guidance at each step in the journey.
Step 1: user submits fact pattern on the proposed use of data
- Pre-defined risk assessment forms are available for different types of assessments including privacy impact, data use, third country law, data transfer impact and record of processing
- Existing compliance data from control solutions can be imported into EY DPN automatically via an API
Step 2: platform conducts data use assessment
- Advanced reasoning engine analyzes the submitted fact pattern against relevant laws and regulations, ethical principles and organizational risk appetite
- Incorporates a data ethics framework
Step 3: receive detailed analysis and trends
- Delivers ‘stop/go/consult’ guidance on data use along with analysis of relevant privacy and ethical risks within seconds
- Interactive dashboards allow users to monitor trends across use cases and investigate risk outliers
- Audit trail increases accountability
Our latest thinking
Like what you’ve seen? Get in touch to learn more.