Featured Article from Software Licensing
Cloud Services Raise New Legal Issues
While the exploding popularity of cloud computing is making the technology more conventional, historically it is still an unconventional service.
As a result, much of the standard language that appears in contracts between a business and the vendors it deals with is not applicable. Protecting the interests of businesses that use cloud services requires a new kind of contract.
According to Foley Hoag LLP, a Waltham, Mass.-based law firm that deals with technology issues, several components of conventional contracts designed to work with ‘real world’ vendors are not pertinent to cloud services and in fact, may have gaping holes that leave companies information unprotected.
Image via Shutterstock
Many service contracts specify locations when and where products and services are to be delivered. Maintenance and cleaning services, for example, cannot be performed anywhere other than on the business’ premises. Typically their work is done after normal business hours to avoid disrupting employees.
Cloud computing services don’t work that way. Barring occasional downtime, the service is available 24/7. The service originates from the vendor’s facilities and is accessed remotely.
The standard contract often addresses how a vendor’s employees are to operate while working on the customer’s premises. Workman’s comp, vehicle insurance and commercial general liability protection are common issues in such contracts. There are provisions to ensure that there is no misrepresentations that would make it appear that the vendor’s employees were the business’ employees.
Since the cloud vendor’s employees work at the cloud vendor’s facilities, many of these issues don’t apply.
Conventional contracts that deal with tangible goods and property are usually silent on the matter of data, which confidentiality agreements are usually insufficient to protect.
A contract better geared towards cloud computing would do the following:
- Clearly describe what the vendor owns and what the customer owns.
- Define parameters for reliability and allow termination of the contract when the cloud system fails to meet them.
- Allow the customer to verify that the cloud vendor has adopted best practices for protecting data
- Provide for the customer to receive their data when the contract with the provider ends and ensure that all copies of data on the vendor’s servers are deleted.
One particular case shows how current laws are behind technology in addressing security in the cloud. In 2011 Cloudflare was the hosting site for the LulzSec hacking group, which later became defunct. So far Cloudflare has avoided any government action in spite of many complaints. The San Francisco-based provider made the argument that LulzSec used a free account, which required a minimal amount of credentialing and that the authorities have never asked it to shut any accounts down. This is somewhat shocking, given how Lavabit was easily forced to shut down, allegedly as a result of influence from NSA.
One of the disadvantages of cloud computing is that it became popular so quickly. As a result, the legal system has not caught up enough to address many of its underlying issues. Customers should resist the urge to go the cheap route by using boilerplate contracts designed for conventional vendors and instead use more modern contracts that address the technology better.
Edited by Blaise McNamee
See For Yourself Why So Many Trust Flexera Software Solutions
Featured White Papers
Achieving Software Monetization Maturity
Application producers and device manufacturers are faced with many challenges as they try to grow revenue and streamline back-office processes. Challenges like penetrating new markets, defending against aggressive competitors, transit ioning to new licensing and pricing models...
Harbrick: Industry Leader Monetizing the Internet of Things for New Opportunities
Harbrick is an innovative technology company that is helping shape the future of driverless (autonomous) vehicles. Harbrick produces PolySync®– "the autonomy operating system" – a software platform made to help developers build, test, and deploy automated vehicle applications quickly...
The IDC MaturityScape: Subscription Business Model Management
This study is designed for suppliers of products or services that are sold via subscription business models, and provides a framework required for the effective management of subscription approaches...
Featured Press Release
New Flexera Software/IDC Report: The Internet of Things, Intelligent Devices and Software Monetization Are Propelling the Third Industrial Revolution
A new survey report, The Third Industrial Revolution: Intelligent Devices, Software, and the Internet of Things, prepared jointly by Flexera Software and IDC, provides unique insights into how the third industrial revolution sweeping the global economy is being fueled by device manufacturers...
Featured Success Stories
- Siemens Building Technologies: Streamlines Inventory and Reduces Cycle Times with Flexera Software FlexNet Producer Suite