Brabners | Paddy Fearnon

United Kingdom

Technology contracts have long centred on price, service levels and performance. Yet in 2025, they’re starting to be shaped by a new set of pressures from regulators, investors and customers, who are beginning to expect that digital services aren’t only effective but sustainable, ethical and secure.

This shift reflects the convergence of three major forces:

  1. Expanding environmental, social and governance (ESG) obligations.
  2. Evolving cybersecurity and data governance requirements.
  3. Rising reputational and contractual risks across the digital supply chain.

With regulatory scrutiny intensifying and sustainability becoming a strategic priority, tech businesses might wish to explore how their commercial frameworks could evolve through smarter, values-driven contracting — as Paddy Fearnon explores.

Tech’s environmental footprint

From energy-intensive data centres to hardware sourcing and software lifecycles, the tech sector has a significant environmental impact — and ESG scrutiny is rising fast.

Procurement teams are starting to ask:

  • Where’s our data hosted and how green is the infrastructure?
  • Are our technology partners tracking and reducing emissions?
  • Can our digital solutions support sustainability targets?

In light of this, some ESG-focused provisions are beginning to appear in IT contracts, such as:

  • Carbon and energy reporting obligations.
  • Green SLAs (such as commitments to code efficiency or reduced compute waste).
  • Sustainability-linked KPIs.
  • Ethical hardware sourcing and circular economy clauses.

While not yet standard, these clauses may be worth exploring, particularly for tech businesses aiming to supply corporates, public bodies or ESG-conscious investors.

Data ethics, AI & cyber resilience

Technology contracts are also under increased scrutiny over data handling, AI use and supply chain cyber risks.

Key drivers include:

  • The Data (Use and Access) Act 2025, which is reforming UK data protection and automated decision-making (ADM) rules.
  • The forthcoming Cyber Security and Resilience Bill, which is set to impose duties on digital service providers and their suppliers.
  • Growing pressure to regulate AI systems, especially around bias, transparency and environmental impact.

This evolving landscape may prompt business to reflect on whether their terms may benefit from updates, such as:

  • AI accountability clauses, including use of training data, ‘explainability’ and liability.
  • Cyber-resilience obligations across all levels of the supply chain.
  • Incident response timelines and data breach response procedures.
  • ADM restrictions and human review rights (where algorithms impact individuals).

These provisions aren’t yet widespread but may be worth exploring as part of a broader risk management strategy.

Contractual best practice — aligning risk & responsibility

To help manage these overlapping risks, it may be helpful to explore how active ESG and risk management tools could be incorporated into tech contracts.

Key contractual considerations might include:

  • Warranties and indemnities on ESG claims, cyber compliance and ethical data use.
  • Audit and flow-down provisions, especially where subcontractors or cloud platforms are involved.
  • Force majeure definitions that address climate-related or regulatory disruption.
  • Tailored limitation clauses for ESG breaches, data loss or AI-driven errors.

It is important that any such clauses are realistic, measurable and aligned with operational capabilities. Overpromising on ESG commitments can carry legal and reputational risks.

Next steps — four top tips for tech businesses

As digital infrastructure becomes a focus of both environmental and regulatory policy, tech businesses might consider:

  1. Audit existing contracts for ESG and cyber clauses.
  2. Update documents to reflect sustainability, ADM and data risk expectations.
  3. Collaborate with partners on practical and scalable green obligations.
  4. Train internal teams on the legal and commercial language of ESG in tech deals.

Brabners is a purpose-led independent law firm. 

A certified B Corp with award-winning sustainability and social impact credentials, we seek to demonstrate that business can bring about positive change.

Proudly anchored in the North of England since 1815, we offer the full range of legal services. 

Find out more at brabners.com. Talk to us at hello@brabners.com

This article first appeared on Lexology | Source