Information law clauses

This subtopic includes a selection of secondary commercial clauses for use in agreements related to information law. It includes:

Confidential information and trade secrets

•
Confidential information definition
•
Confidentiality clause—short form
•
Confidentiality clause—long form
•
Trade Secret definition

Data protection—general data processing/sharing

•
Personal data processing provisions—pro-controller
•
Personal data processing provisions—pro-processor
•
Personal data processing schedule—short form—pro-controller
•
Personal data processing schedule—short form—pro-processor
•
Personal data processing clause—short-form—pro-controller
•
Personal data processing clause—short-form—pro-processor
•
Personal data sharing clause—controller to controller—pro-receiving party
•
Personal data sharing schedule—controller

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Information Law News

Google announces no new Chrome cookie controls as CMA reviews Privacy Sandbox commitments

Google has announced it will maintain its current approach to third-party cookie controls in Chrome and will not implement a new standalone prompt, marking a shift from its previous Privacy Sandbox plans. The Competition and Markets Authority (CMA) is now reviewing the implications of this announcement for Google's existing commitments made under the 2022 Privacy Sandbox agreement. The decision comes as Google cites evolving privacy technology adoption, emerging AI opportunities, and regulatory changes since the Privacy Sandbox initiative launched in 2019. Google stated it will continue developing privacy-enhancing technologies and plans to launch IP Protection in Q3 2025.

The 11th Edition of the King’s Bench Guide has been published

Notable updates to the 10th Edition (published April 2024) include:

Main challenges of EU AI Act-GDPR interplay identified by Member States

MLex: Potentially conflicting legal requirements, national governance approaches to ensure regulatory consistency, as well as clear legal advice to minimise the compliance burden, are the main issues seen by EU Member States in the interplay between the EU AI Act and the EU’s General Data Protection Regulation, Regulation (EU) 2016/679 (EU GDPR). European governments have pointed out that the two laws' diverging regulatory approaches might lead to conflicting outcomes, which should be avoided with systematic cooperation between the responsible authorities.

ACER publishes guidelines to share cybersecurity information in electricity sector

Agency for the Co-operation of Energy Regulators (ACER) has published new guidelines aimed at enhancing the protection of cybersecurity information exchanged under the EU-wide network code on sector-specific rules for cybersecurity aspects of cross-border electricity flows (NCCS). The guidelines emphasise the need to maintain the confidentiality of sensitive information on cyberattacks, threats, risk assessments, and cybersecurity expenditures while ensuring that such information is shared securely amongst entities and with the relevant authorities. It recommends the use of the Traffic Light Protocol (TLP) for exchanging information and offer methods for anonymising and aggregating data, particularly when no legally binding national classification schemes are in place.

View Information Law by content type :

News