Service Providers And The Law

Syed Raza

Cloud Service Providers And The Law

Imagine opting out of the continuous struggle to keep software up to date, and essentially getting rid of overburdened corporate IT departments struggling to keep systems functional. This initial flavor of cloud computing given to the public is increasingly holding true to its promise due to numerous benefits such as flexibility, cost reduction, accessibility, and reliability. Undoubtedly, cloud computing presents a potential paradigm shift for all industries and sectors with many benefits such as flexibility, cost reduction, accessibility, and reliability.

While several technical benefits of cloud computing exist, there are few important considerations for users and corporations. One of the most important is the legal repercussions these new technologies may trigger. With the arrival of any new technology, the applicability of existing laws and the possibility of new laws tailored specifically to the new technology remain unclear until precedents are set. The cloud computing phenomena is global in nature challenging the very touchstone of jurisdictional complexities.

Cloud Service Providers And The Law

(Infographic Source: Business Of Law Blog)

These legal qualms pose significant risks to cloud service providers and users alike. Service providers constantly battle to strike a balance between reward of investing in better and new technologies; on the other hand, they expose themselves to greater risk of potential lawsuits as well as uncertain future regulations. For small businesses, this issue may even be greater as they lack resources to effectively negotiate contracts with large cloud service providers. On the other hand, large corporations may be easier to draft and negotiate a ‘strong’ contract with service providers.

Broadly speaking, there are six widely applicable regulations relating to cloud computing in the United States.

1. Stored communications Act (SCA)
2. USA Patriot Act
3. The health Insurance Portability and Accountability Act (HIPAA)
4. US Export Control Regulations
5. Federal Trade Commission Act
6. Communications Privacy Act of 1986 (ECPA).

While laws extensively cover areas related to security and privacy, loopholes are certain when referring matters relating to cloud computing. For instance, in 2011, a class action complaint was lodged against a cloud storage provider in Wong v. Dropbox, Inc., where, it was alleged that the company violated the California Unfair Competition Law and negligently invaded privacy of individuals. The class action complaint against Dropbox arose out of an update that inadvertently allowed anyone to log into any account using any password within a four hour window.

The risks are geared towards confusion as to applicable laws, the changing regulatory climate, and lack of industry standards. Cloud computing does reflect paradigm shift for both users and corporations, as it allows taking advantage of economies of scale as well as specialization to provide a more efficient and economical solution.

As jurisdiction within the cloud is so unclear, the only option would be to come to a mutual agreement or a compromise between cloud provider and user. Therefore, a harmonious and uniform set of laws governing data privacy and security is required which, in turn, would be beneficial in several respects. For instance, service providers would be able to assess their risks more accurately subsequently decreasing the need for them to push their risk onto users through contracts that force the customer to deal with privacy breaches that may be the fault of the service provider.

By Syed Raza

Gilad David Maayan
Network Security in the Public Cloud What is Network Security? Network security is a strategic approach to securing an organization’s resources and data across the corporate network. It helps protect organizations of all sizes, industries, ...
Maxim Melamedov
Trouble is Brewing Cloud Paradise - 2023 Will Determine Company's Long-Term Plans for Cloud Use The relationship between developers and the cloud was practically love at first sight. For years, migration to the cloud in ...
Gilad David Maayan
What is SASE (Secure Access Service Edge)? SASE (Secure Access Service Edge) is a term coined by Gartner to refer to a new architecture for networking and security that combines both functions into a single, ...
Stacey Farrar
Modern Auth and Exchange Online Migrations Microsoft has phased out Basic Authentication (Basic Auth), replacing it with Modern Authentication (Modern Auth) to provide increased protection and user security. Through this, Microsoft has turned off Basic ...
10 Leading Open Source Business Intelligence Tools
Open Source Business Intelligence Tools It’s impossible to take the right business decisions without having insightful information to back up the decision-making process. Open Source Business Intelligence Tools make it easier to have our raw ...
Anita Raj
Coronavirus and Telemedicine Technology COVID-19 has brought the world to a near standstill. From NBA to Met Ball and Coachella, all major events and festivals are canceled. Disneyland is shut and movies are postponed. Flights ...
John Peluso
Save Your Organization on Cloud Costs Organizations of all sizes are currently navigating their plans to avoid the recent surge in cyber-attacks and data breaches and preparing for unforeseen setbacks. Building a sensible backup and ...
Gary Bernstein
Common DevOps Misconceptions 86% of businesses say it’s important for their company to develop and produce new software fast to win market share and beat the competition, Harvard Business Review reveals. Yet, just 10% of businesses ...