This website uses cookies to store information on your computer. Some of these cookies are used for visitor analysis, others are essential to making our site function properly and improve the user experience. By using this site, you consent to the placement of these cookies. Click Accept to consent and dismiss this message or Deny to leave this website. Read our Privacy Statement for more.
Print Page | Contact Us | Report Abuse | Sign In | Register
News & Press: Miscellaneous

Tech & IT Contracts — How to Future-proof for Sustainability, AI & Cybersecurity

15 October 2025   (0 Comments)

Technology contracts have long centred on price, service levels and performance. Yet in 2025, they’re starting to be shaped by a new set of pressures from regulators, investors and customers, who are beginning to expect that digital services aren’t only effective but sustainable, ethical and secure.

This shift reflects the convergence of three major forces:

  1. Expanding environmental, social and governance (ESG) obligations.
  2. Evolving cybersecurity and data governance requirements.
  3. Rising reputational and contractual risks across the digital supply chain.

With regulatory scrutiny intensifying and sustainability becoming a strategic priority, tech businesses might wish to explore how their commercial frameworks could evolve through smarter, values-driven contracting — as Paddy Fearnon explores.

Tech’s environmental footprint

From energy-intensive data centres to hardware sourcing and software lifecycles, the tech sector has a significant environmental impact — and ESG scrutiny is rising fast.

Procurement teams are starting to ask:

  • Where’s our data hosted and how green is the infrastructure?
  • Are our technology partners tracking and reducing emissions?
  • Can our digital solutions support sustainability targets?

In light of this, some ESG-focused provisions are beginning to appear in IT contracts, such as:

  • Carbon and energy reporting obligations.
  • Green SLAs (such as commitments to code efficiency or reduced compute waste).
  • Sustainability-linked KPIs.
  • Ethical hardware sourcing and circular economy clauses.

While not yet standard, these clauses may be worth exploring, particularly for tech businesses aiming to supply corporates, public bodies or ESG-conscious investors.

Data ethics, AI & cyber resilience

Technology contracts are also under increased scrutiny over data handling, AI use and supply chain cyber risks.

Key drivers include:

  • The Data (Use and Access) Act 2025, which is reforming UK data protection and automated decision-making (ADM) rules.
  • The forthcoming Cyber Security and Resilience Bill, which is set to impose duties on digital service providers and their suppliers.
  • Growing pressure to regulate AI systems, especially around bias, transparency and environmental impact.

This evolving landscape may prompt business to reflect on whether their terms may benefit from updates, such as:

  • AI accountability clauses, including use of training data, ‘explainability’ and liability.
  • Cyber-resilience obligations across all levels of the supply chain.
  • Incident response timelines and data breach response procedures.
  • ADM restrictions and human review rights (where algorithms impact individuals).

These provisions aren’t yet widespread but may be worth exploring as part of a broader risk management strategy.

Contractual best practice — aligning risk & responsibility

To help manage these overlapping risks, it may be helpful to explore how active ESG and risk management tools could be incorporated into tech contracts. Key contractual considerations might include...

Read the full article in The Compliance Digest!

« Back to Index

 

Connect