Software Licensing Featured Articles

Cloud Services Raise New Legal Issues

September 05, 2013
By Christopher Mohr, Software Licensing Contributing Writer

While the exploding popularity of cloud computing is making the technology more conventional, historically it is still an unconventional service.

As a result, much of the standard language that appears in contracts between a business and the vendors it deals with is not applicable. Protecting the interests of businesses that use cloud services requires a new kind of contract.

According to Foley Hoag LLP, a Waltham, Mass.-based law firm that deals with technology issues, several components of conventional contracts designed to work with ‘real world’ vendors are not pertinent to cloud services and in fact, may have gaping holes that leave companies information unprotected. 


Image via Shutterstock

Many service contracts specify locations when and where products and services are to be delivered. Maintenance and cleaning services, for example, cannot be performed anywhere other than on the business’ premises. Typically their work is done after normal business hours to avoid disrupting employees.

Cloud computing services don’t work that way. Barring occasional downtime, the service is available 24/7. The service originates from the vendor’s facilities and is accessed remotely.

The standard contract often addresses how a vendor’s employees are to operate while working on the customer’s premises. Workman’s comp, vehicle insurance and commercial general liability protection are common issues in such contracts. There are provisions to ensure that there is no misrepresentations that would make it appear that the vendor’s employees were the business’ employees. 

Since the cloud vendor’s employees work at the cloud vendor’s facilities, many of these issues don’t apply. 



Conventional contracts that deal with tangible goods and property are usually silent on the matter of data, which confidentiality agreements are usually insufficient to protect.

A contract better geared towards cloud computing would do the following:

- Clearly describe what the vendor owns and what the customer owns.
- Define parameters for reliability and allow termination of the contract when the cloud system fails to meet them. 
- Allow the customer to verify that the cloud vendor has adopted best practices for protecting data 
- Provide for the customer to receive their data when the contract with the provider ends and ensure that all copies of data on the vendor’s servers are deleted.

One particular case shows how current laws are behind technology in addressing security in the cloud. In 2011 Cloudflare was the hosting site for the LulzSec hacking group, which later became defunct. So far Cloudflare has avoided any government action in spite of many complaints. The San Francisco-based provider made the argument that LulzSec used a free account, which required a minimal amount of credentialing and that the authorities have never asked it to shut any accounts down. This is somewhat shocking, given how Lavabit was easily forced to shut down, allegedly as a result of influence from NSA.

One of the disadvantages of cloud computing is that it became popular so quickly. As a result, the legal system has not caught up enough to address many of its underlying issues. Customers should resist the urge to go the cheap route by using boilerplate contracts designed for conventional vendors and instead use more modern contracts that address the technology better.




Edited by Blaise McNamee

Featured Press Release

Featured White Papers

The Third Industrial Revolution: Intelligent Devices, Software, and the Internet of Things

The IDC MaturityScape: Subscription Business Model Management
This study is designed for suppliers of products or services that are sold via subscription business models, and provides a framework required for the effective management of subscription approaches...

Virtualization, License Compliance and the Application Producer/Enterprise Relationship

Market Trends: Move Beyond Homegrown Licensing and Entitlement as the IoT Creates New Revenue for Software
This Gartner report explains that the Internet of Things is turning manufacturers into software vendors that need to protect, differentiate and monetize offerings. By changing their approach to licensing, manufacturing product strategists can maximize revenue potential...

The New World of Global Electronic Software Distribution: Sophisticated, Scalable … and Business Smart

Plugging Revenue Leaks from the ERP Gap: A Revenue Opportunity for Application Producers
This white paper explains how ERP systems were built to handle physical assets, not digital goods and provides recommendations for alternative software licensing and compliance solutions...

Featured Webinars

Key Trends in Software Licensing and Pricing and 2014 Predictions

Usage, Subscription and Value-based Licensing Model Trends, Insight & Guidance
Amy Konary, Research Vice President with IDC and Flexera Software will discuss usage, subscription and value-based licensing model trends and provide insight and guidance on approaches to achieve the best business and revenue outcomes.

Grow and Differentiate Your Device Business

Gartner Webinar: License and Entitlement Management - Using Internet of Things to Create Opportunity
Laurie Wurster, Gartner Research Director, will share the trends that are shaping IoT, the shift from a hardware to a software company, what you need to know in order to protect your IP, and whether to build or buy a license and entitlement management solution.

Reduce Security Risks

Considerations When Transitioning to Physical + Digital Solutions
Network equipment providers' core business model is under pressure due to a combination of business and technology trends impacting the telecommunications industry. This webinar looks at the trends and provides essential guidance.

Free Trials

See For Yourself Why So Many Trust Flexera Software Solutions

  • LinkedIn
  • Google+
  • News
  • Twitter
  • Youtube
  • Facebook