Cloud computing hits legal wall: IT vs. law

When IP lawyer Janine Anthony Bowen first saw the cloud-computing contract, her response was: these people must be crazy.

Jack Attorney & Advisors, Principal partner, Browen, said: "I see the terms that the service provider assumes no responsibility when there are any problems with its service, and that even if there is a problem, my client will have to take responsibility." ”

In order to recover the loss, her client must bring a lawsuit, and the maximum loss of compensation will not exceed 12 months of service costs, this amount of data loss compared with the loss is simply dwarfed. Bowen's reaction seemed reasonable, "because these terms are unreasonable." ”

Infolawgroup founder Tanya Forsheit has the same view: "The cloud service provider's contract takes a ' take away, don't leave ' attitude, and they want people to click ' I accept ' like the itunes site." ”

This "take away, don't pull down" approach poses a big problem within it, especially for legal professionals who are responsible for reducing risk to the enterprise. For example, Deborah Finley, head of business information and technology services at Diego, is just starting to consider using cloud computing for e-mail archiving.

Finley explained: "The supplier's contract is limited to the amount of liability compensation, and our legal department has a standard clause for compensation, if we want to change these terms, we need to obtain the board's approval." ”

After negotiations, Finley and his corporate lawyer reached an agreement, but she was unwilling to go to the board every time she signed the cloud.

The bottom line for Finley and many corporate IT executives is that cloud computing should make things easier and cheaper, but it makes lawyers and CIOs rivals, at least temporarily.

Lawyers are primarily responsible for helping companies to provide advice on legal, risk and compliance issues, and they want to limit contracts that ignore or obscure potential data loss, privacy, security, and electronic discovery issues. The CIO's job is to solve technical problems, and they want to bring cloud computing capabilities into the business as quickly as possible.

As cloud computing becomes more prevalent, the relationship between lawyers and CIOs is becoming more and more tense, though they are all trying to serve the company.

As it leaders, what should you do with legal advisers? How do you work together to make the company a productive transition to cloud computing? The process is fairly straightforward: it involves a lot of problems and requires due diligence, which can provide the foundation for future team collaboration in cloud computing.

Why cloud computing can cause trouble

Cloud computing is a new area and there is no law to draw on. "People don't think about legal issues because it's a very new area," says Barry Murphy, chief analyst at Edj Group. "There is no normative case law at the moment, so those corporate lawyers eager to protect corporate data and try to comply with government regulations are very alarmed." ”

When it comes to electronic discovery in cloud computing, case law is clear, "the court said that when you store information, we want you to consider the purpose of litigation or compliance," Murphy said. "Most companies do not ask the service providers whether they have a data regulatory chain, And many CIOs do not know the impact of privacy and transparency laws. ”

The legal issues surrounding cloud computing are now a problem because corporate cloud computing is becoming increasingly popular. SMEs that lead this trend have never had much influence over contracts involving public cloud services from suppliers such as Microsoft, Rackspace and Amazon, industry watchers say, but they can see the value of cloud computing: making applications run faster. They are also unlikely to have a dedicated legal team to remind them.

These services are now being considered by larger companies, and corporate legal advisers have been involved in making the standard contracts of some service providers modified.

In the end, CIOs and legal advisers are designed to ensure the best interests of the company, and in cloud computing, CIOs must maintain good relationships with corporate lawyers.

Legal

"Both sides need to think about things from the other side, it needs to think about what happens when there is a problem, and lawyers need to remember that it keeps the business running," said Paul Lewkowicz, an intellectual property lawyer. ”

If it wants or needs to negotiate details of the contract with the service provider, they should ask the lawyer to do it. "Negotiation is an art and part of the work of lawyers, and IT staff think the contract is just a few pages." ”

CIOs and lawyers should also form a team to study these contract terms to ensure that all issues are covered. Admittedly, this may seem counterproductive, after all, one of the benefits of cloud computing is to reduce market entry and improve competitive advantage, but it is worth the time.

Once a reasonable contract is made, things become easier and the future does not take much time or effort. This requires the procurement, risk management, supplier management, law, security and it and other departments to sit together, carefully study the contract, in order to ensure the best interests of the enterprise as a prerequisite to work out the most appropriate contract.

Industry watchers say this is a matter of due diligence and you need to know what the risks are. The big question is, how do you mitigate these risks? How do you protect your business without affecting your businesses?

Ask questions

How do CIOs and lawyers start collaborating? By asking questions. Ideally, CIOs know what to ask, but it's hard to start.

Counsel advises the chief information officer to inquire about the true meaning of the terms in the contract. The most troubling of all is the service level agreement (SLA), sometimes although the contract promises to compensate for more than the agreed period of downtime, but the amount of compensation is very small. If your lawyer doesn't pay attention, the supplier's downtime will be very small.

Another question raised by the lawyers, and the chief information Officer will not raise the question is electronic discovery. Murphy points out that some companies specialize in the electronic discovery of cloud computing, but the problem is far more complicated than that.

"In cloud computing, data is replicated, creating more data, including metadata, for electronic discovery," says Forsheit. "Federal Rules of Procedure require you to know the location of the data and to ensure that the electronic discovery can find it," if there is a server in the cloud that no one thinks of, some people may have to go to jail or fine, and the lawyer may be revoked. ”

Finally, Forsheit and other legal experts say it and lawyers need to communicate carefully, they need to express their views in each other's language, lawyers need to know it, and vice versa.

(Responsible editor: The good of the Legacy)