There are numerous legal issues in cloud computing like operational, legislative or regulatory, security, third party contractual limitations, risk allocation or mitigation, and jurisdictional issues.
Security, privacy and confidentiality remain the biggest concern for the data owner, as when the data is stored on the cloud the same might be accessible to multiple users. There is concern for its safety and protection of valuable data and trade secrets. Then there are intellectual property issues regarding ownership of and rights in information and services placed in the cloud.
The cloud service provider owns the infrastructure and any applications being run on it, while the data owner owns the content, data, and results obtained from using those applications. It becomes complex in cases where the result is obtained by converging software or by multiple users working on segments of a work. One of the key issues also remains of jurisdiction as in cloud services one doesn’t know where data is being stored and where the jurisdiction would lie in case of a dispute.
In cloud computing issues also come up because of trans-border data flow. Each country has its own set of laws regarding data protection and privacy, which complicates the issue if a dispute comes in. If a privacy breach occurs due to a fault of cloud vendor, is there any liability coverage policy taken up by the vendor? What happens in case the data center gets hacked? What happens in case of discontinuation of relationship between the vendor and the owner of the data or in case of technical, financial or other difficulties? These contingencies can be covered by way of contracts and the risk can be mitigated.
This presentation will highlight the key legal issues associated with cloud computing and some implementation methods for minimizing or mitigating those risks.