Featured Article from Software Licensing

Cloud Services Raise New Legal Issues

September 05, 2013



While the exploding popularity of cloud computing is making the technology more conventional, historically it is still an unconventional service.

As a result, much of the standard language that appears in contracts between a business and the vendors it deals with is not applicable. Protecting the interests of businesses that use cloud services requires a new kind of contract.

According to Foley Hoag LLP, a Waltham, Mass.-based law firm that deals with technology issues, several components of conventional contracts designed to work with ‘real world’ vendors are not pertinent to cloud services and in fact, may have gaping holes that leave companies information unprotected. 


Image via Shutterstock

Many service contracts specify locations when and where products and services are to be delivered. Maintenance and cleaning services, for example, cannot be performed anywhere other than on the business’ premises. Typically their work is done after normal business hours to avoid disrupting employees.

Cloud computing services don’t work that way. Barring occasional downtime, the service is available 24/7. The service originates from the vendor’s facilities and is accessed remotely.

The standard contract often addresses how a vendor’s employees are to operate while working on the customer’s premises. Workman’s comp, vehicle insurance and commercial general liability protection are common issues in such contracts. There are provisions to ensure that there is no misrepresentations that would make it appear that the vendor’s employees were the business’ employees. 

Since the cloud vendor’s employees work at the cloud vendor’s facilities, many of these issues don’t apply. 



Conventional contracts that deal with tangible goods and property are usually silent on the matter of data, which confidentiality agreements are usually insufficient to protect.

A contract better geared towards cloud computing would do the following:

- Clearly describe what the vendor owns and what the customer owns.
- Define parameters for reliability and allow termination of the contract when the cloud system fails to meet them. 
- Allow the customer to verify that the cloud vendor has adopted best practices for protecting data 
- Provide for the customer to receive their data when the contract with the provider ends and ensure that all copies of data on the vendor’s servers are deleted.

One particular case shows how current laws are behind technology in addressing security in the cloud. In 2011 Cloudflare was the hosting site for the LulzSec hacking group, which later became defunct. So far Cloudflare has avoided any government action in spite of many complaints. The San Francisco-based provider made the argument that LulzSec used a free account, which required a minimal amount of credentialing and that the authorities have never asked it to shut any accounts down. This is somewhat shocking, given how Lavabit was easily forced to shut down, allegedly as a result of influence from NSA.

One of the disadvantages of cloud computing is that it became popular so quickly. As a result, the legal system has not caught up enough to address many of its underlying issues. Customers should resist the urge to go the cheap route by using boilerplate contracts designed for conventional vendors and instead use more modern contracts that address the technology better.




Edited by Blaise McNamee
Article comments powered by Disqus


Free Trials

See For Yourself Why So Many Trust Flexera Software Solutions

Featured White Papers

Harbrick: Industry Leader Monetizing the Internet of Things for New Opportunities

Achieving Software Monetization Maturity
Application producers and device manufacturers are faced with many challenges as they try to grow revenue and streamline back-office processes. Challenges like penetrating new markets, defending against aggressive competitors, transit ioning to new licensing and pricing models...

Harbrick: Industry Leader Monetizing the Internet of Things for New Opportunities

Harbrick: Industry Leader Monetizing the Internet of Things for New Opportunities
Harbrick is an innovative technology company that is helping shape the future of driverless (autonomous) vehicles. Harbrick produces PolySync®– "the autonomy operating system" – a software platform made to help developers build, test, and deploy automated vehicle applications quickly...

The IDC MaturityScape: Subscription Business Model Management

The IDC MaturityScape: Subscription Business Model Management
This study is designed for suppliers of products or services that are sold via subscription business models, and provides a framework required for the effective management of subscription approaches...

Featured Press Release

Featured Webinars

Why Software CFO's Should Care About Entitlement Management

Webinar: Software Monetization Maturity Model - How to Get Your Organization to the Next Level
Application producers are faced with many challenges as they try to grow revenue and streamline back-office processes, and those that are thriving have adopted a strong and well thought out software monetization strategy.

Why Software CFO's Should Care About Entitlement Management

Why Software CFO's Should Care About Entitlement Management
Learn from Joe Freda - a Top 250 Software CFO - as he discusses why entitlement management (knowing which customers license which products) can accelerate revenue recognition, reduce risk and increase customer satisfaction.

Software Monetization Maturity Model - How to Get Your Organization to the Next Level

Software Monetization Maturity Model - How to Get Your Organization to the Next Level
Application producers are faced with many challenges as they try to grow revenue and streamline back-office processes, and those that are thriving have adopted a strong and well thought out software monetization strategy.

License and Entitlement Management - Using Internet of Things to Create Opportunity

Gartner Webinar: License and Entitlement Management - Using Internet of Things to Create Opportunity
Laurie Wurster, Gartner Research Director, will share the trends that are shaping IoT, the shift from a hardware to a software company, what you need to know in order to protect your IP, and whether to build or buy a license and entitlement management solution.