Autodesk 2016 Annual Report Download - page 93

Download and view the complete annual report

Please find page 93 of the 2016 Autodesk annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 196

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196

2016 Form 10-K 21
security barriers to such programs, it is virtually impossible for us to entirely eliminate this risk. Like all software, our
software is vulnerable to cyber attacks. In the past, hackers have targeted our software, and they may do so in the future.
The impact of cyber attacks could disrupt the proper functioning of our software products or services, cause errors in the
output of our customers' work, allow unauthorized access to sensitive, proprietary or confidential information of ours or
our customers, and other destructive outcomes. Moreover, as we continue to invest in new lines of consumer products and
services we are exposed to increased security risks and the potential for unauthorized access to, or improper use of, the
information of our consumer users. If any of the foregoing were to occur, our reputation may suffer, customers may stop
buying our products or services, we could face lawsuits and potential liability, and our financial performance could be
negatively impacted.
Changes in laws or regulations related to the Internet, local data storage or related to privacy and data security concerns
may impact our business or expose us to increased liability.
The future success of our business depends upon the continued use of the Internet as a primary medium for
commerce, communication, and business applications. Federal, state, or foreign government bodies or agencies have in
the past adopted, and may in the future adopt, laws or regulations affecting data privacy and the transmission of certain
types of content using the Internet. For example, the State of California has adopted legislation requiring operators of
commercial websites and mobile applications that collect personal information from California residents to conspicuously
post and comply with privacy policies that satisfy certain requirements. Several other U.S. states have adopted legislation
requiring companies to protect the security of personal information that they collect from consumers over the Internet, and
more states may adopt similar legislation in the future. Additionally, the Federal Trade Commission has used its authority
under Section 5 of the Federal Trade Commission Act to bring actions against companies for failing to maintain adequate
security for personal information collected from consumers over the Internet and for failing to comply with privacy-
related representations made to Internet users. The U.S. Congress has at various times proposed federal legislation
intended to protect the privacy of Internet users and the security of personal information collected from Internet users that
would impose additional compliance burdens upon companies collecting personal information from Internet users, and
the U.S. Congress may adopt such legislation in the future. The European Union also has adopted various directives
regulating data privacy and security and the transmission of content using the Internet involving residents of the European
Union, including those directives known as the Data Protection Directive, the E-Privacy Directive, and the Privacy and
Electronic Communications Directive, and may adopt similar directives in the future. Other countries, including Canada
and several Latin American and Asian countries, have constitutional protections for, or have adopted legislation
protecting, individuals' personal information. Additionally, some federal, state, or foreign governmental bodies have
established laws that seek to censor the transmission of certain types of content over the Internet or require that
individuals be provided with the ability to permanently delete all electronic personal information, such as the German
Multimedia Law of 1997 and the California “Eraser law” for minors. Additionally, some foreign governmental bodies
(such as Russia and China) have established laws or have proposed laws that seek to require local data storage.
In addition, new laws and industry self-regulatory codes have been enacted and more are being considered that may
affect our ability to reach current and prospective customers, to understand how our products and services are being used,
to respond to customer requests allowed under the laws, and to implement our new business models effectively. These
new laws and regulations would similarly affect our competitors as well as our customers.
Given the variety of global privacy and data protection regimes, it is possible we may find ourselves subject to
inconsistent obligations. For instance, the USA Patriot Act is considered by some to be in conflict with certain directives
of the European Union. Situations such as these require that we make prospective determinations regarding compliance
with conflicting regulations. Increased enforcement of existing laws and regulations, as well as any laws, regulations or
changes that may be adopted or implemented in the future, could limit the growth of the use of public cloud applications
or communications generally, result in a decline in the use of the Internet and the viability of Internet-based applications,
and require us to implement of additional technological safeguards.
In addition, in October 2015 the European Court of Justice issued a ruling immediately invalidating the U.S.-EU
Safe Harbor Framework, which facilitated personal data transfers to the U.S. in compliance with applicable EU data
protection laws. In February of 2016, The European Commission and the United States agreed on a new framework for
transatlantic data flows: the EU-US Privacy Shield. Autodesk is currently awaiting additional guidance from European
regulators on how the EU-US Privacy Shield will be implemented. We continue to comply with the previous Safe Harbor
principles and rely on other legal mechanisms for data transfers.
2016 Annual Report