However, if the pandemic continues to persist as a severe worldwide health crisis, the disease could negatively impact our business, financial condition results of operations and cash flows, and may also have the effect of heightening many of the other risks described in this “Risk Factors” section.
Even after the COVID-19 pandemic has subsided, we may continue to experience an adverse impact to our business as a result of COVID-19’s global economic impact, including any recession that has occurred or may occur in the future.
Our facilities or operations could be damaged or adversely affected as a result of prolonged power outages, natural disasters and other catastrophic events.
Our facilities or operations could be adversely affected by power outages as well as events outside of our control, such as natural disasters and other calamities. We cannot assure you that any backup systems will be adequate to protect us from the effects of fire, floods, typhoons, earthquakes, power loss resulting from such natural disasters, telecommunications failures, break-ins, war, riots, terrorist attacks or similar events. Any of the foregoing events may give rise to interruptions, breakdowns, system failures, technology platform failures or internet failures, which could cause delays in development and fabrication, the loss or corruption of data or malfunctions of software or hardware as well as adversely affect our ability to provide services. A significant power outage may disrupt our operations and could have a material adverse impact on our business, financial condition, results of operations and cash flows
Further, the British National Grid recently warned that the United Kingdom, where we have significant operations, could face planned power cuts to homes and businesses throughout the winter of 2022 and 2023 if the country is unable to import electricity from Europe and it struggles to attract enough gas imports to fuel its gas-fired power plants. A significant power outage could have a material adverse impact on our business, financial condition, results of operations and cash flows.
Risks Related to Litigation and Government Regulation
We are subject to stringent and evolving U.S. state, federal and foreign laws and regulations, rules, contractual obligations, policies and other obligations related to privacy, data use and security. Our actual or perceived failure to comply with such obligations could lead to regulatory investigations or actions; litigation; fines and penalties; disruptions of our business operations; reputational harm; loss of revenue or profits; loss of customers or sales; and otherwise could adversely affect us and our business.
In the ordinary course of business, we collect, receive, store, process, generate, use, transfer, disclose, make accessible, protect, secure, dispose of, transmit, and share (collectively, “processing”) personal data and other sensitive information, including proprietary and confidential business data, trade secrets, and intellectual property. We are, therefore, subject to numerous data privacy and security obligations, such as state and federal laws and regulations, guidance, industry standards, external and internal privacy and security policies, contractual requirements, and other obligations related to privacy, data use and security.
In the United States, federal, state, and local governments have enacted numerous data privacy and security laws, including data breach notification laws, personal data privacy laws, consumer protection laws (e.g., Section 5 of the Federal Trade Commission Act), and other similar laws (e.g., wiretapping laws). In addition, several states have enacted privacy or security breach legislation requiring varying levels of consumer notification in the event of a security breach. For example, the California Consumer Privacy Act (“CCPA”), applies to personal information of consumers, business representatives, and employees, and requires businesses to provide specific disclosures in privacy notices and grants consumers resident in California new rights with respect to the collection of their personal data. The CCPA provides for civil penalties of up to $7,500 per violation and allows private litigants affected by certain data breaches to recover significant statutory damages. In addition, the California Privacy Rights Act of 2020 (“CPRA”) expands the CCPA’s requirements, including
50