SaaS Agreements – Patriot Act – Renewed Customer Concerns

Recently SaaS suppliers have seen a marked increase in EU customers raising concerns about disclosure of their data to US law enforcement authorities under the Patriot Act – an American anti-terrorism law – particularly where the SaaS supplier has a parent company in the USA or data is being hosted or processed in the USA.

Continue reading

SaaS Agreements – Data Protection – New Proposed EU Rules – Part 2

On the 25th of January 2012 the European Commission published a proposal for a new Data Protection Regulation to replace the existing EU Data Protection Directive. The proposal sets out a general data protection framework aimed at unifying the current differing data protection rules in the EU. Following on from my first article – part 1, I have summarised the remainder of the major changes this will make to EU data protection law below.

Continue reading

SaaS Agreements – Data Protection – New Proposed EU Rules – Part 1

On the 25th of January 2012 the European Commission published a proposal for a new Data Protection Regulation to replace the existing EU Data Protection Directive. The proposal sets out a general data protection framework aimed at unifying the current differing data protection rules in the EU. I have summarised the major changes this will make to EU data protection law in two articles, part 1 of which is set out below.

Continue reading

SaaS Agreements – Data Protection – Data Stored in the USA

SaaS suppliers who use data centres physically located in the USA to store or process data should be aware of a recent US Court of Appeals ruling that the Electronic Communications Privacy Act (ECPA) – an American law – protects the data of non-USA citizens when their data is stored on servers in the USA.

Continue reading

SaaS Agreements – Data Protection – Google Analytics in Germany

If your website uses Google analytics and you provide SaaS services to customers based in Germany you are now required to provide specific information to users in order to comply with recent changes to German data protection law. Google Analytics and German Data Protection Google analytics collects statistics about website

Continue reading

SaaS Agreements – E-Discovery

As a SaaS supplier you may be ordered by a court as part of a litigation process to identify and disclose physical documents and electronically stored information (e-discovery). This creates problems for SaaS suppliers on a number of levels.

Continue reading

SaaS Agreements – Data Protection – Patriot Act

Under the provisions of the US Patriot Act the personal data of SaaS customers based in the EU could be shared with US law enforcers without the customer being informed, although this conflicts with EU data protection laws. This Act applies not just to SaaS suppliers owned by a US company but any SaaS suppliers using the services of a US subsidiary for data processing or a US data centre.

Continue reading
Bodle Law