Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

sections

Study highlights contractual traps of the Cloud

  • Print
  • Share
  • Comment
  • Save

A report released by the Queen Mary University of London’s Centre for Commercial Law Studies has raised concern about unfair terms, often non-negotiable, that can come with cloud contracts.

Research showed there are a number of off-the-shelf clauses commonly found in contracts that can exclude suppliers of liability for failure.

Many contacts can also come with service level agreements (SLAs) that aren’t compatible with EU data protection rules and end users can also find themselves locked into a contract that allows suppliers to change service features without notice.

Hogan Lovells International LLP Conor Ward, also Chair of the Cloud Industry Legal Forum, said legal issues surrounding the cloud may be long established but this does not mean end users should not be cautious when considering their legal implications with a move to a cloud environment.

To date, the relative immaturity of the market has resulted in contracts being used which are not particularly well suited to the services provided but the study anticipates that contracting models will mature as a combined result of pressure from regulatory bodies and experience from negotiations on the larger deals,” Ward said.

“Cloud computing is not going to be suitable for every circumstance and potential customers would, as this study demonstrates, be well advised to undertake a detailed risk analysis before committing new applications to the Cloud.”

Ward said customers need to remember cloud service providers not act as insurers of their business needs and that remedies under the contract may form part of, but should not be considered, to be an entire risk mitigation strategy.

“Agreed service levels with limited service credits will generally not provide an adequate remedy and where the loss of service is due to a force majeure event, the supplier may have no liability at all,” Ward said.

“A careful review of the contract and SLAs should highlight the extent to which the customer has any meaningful remedy if the service levels are not met and should enable the customer to take measures to minimise losses or disruption in the event that a disaster does occur.”

The research was funded by Microsoft as part of a group of projects looking at information ownership in the cloud, personal data in cloud and law enforcement.

 

Related images

  • The legal implications need to be considered when moving to the Cloud

Have your say

Please view our terms and conditions before submitting your comment.

required
required
required
required
required
  • Print
  • Share
  • Comment
  • Save

Webinars

  • The CFD Myth: Why there is no real time CFD.

    Wed, 20 May 2015 14:00:00

    Join DatacenterDynamics and Siemens as we explore the myth of real time CFD and expose the necessity for Real-Time Environmental Monitoring.

  • Prioritising public sector data centre energy efficiency: approach and impacts

    Wed, 20 May 2015 11:30:00

    The University of St Andrews was founded in 1413 and is in the top 100 Universities in the world and is one of the leading research universities in the UK.

  • A pPUE approaching 1- Fact or Fiction?

    Tue, 5 May 2015 14:00:00

    Rittal’s presentation focuses on the biggest challenge facing data centre infrastructures: efficient cooling. The presentation outlines the latest technology for rack, row, and room cooling. The focus is on room cooling with rear door heat exchangers (RHx)

  • APAC - “I Heard It Through the Grapevine” – Managing Data Center Risk

    Wed, 29 Apr 2015 05:00:00

    Join this webinar to understand how to minimize the risk to your organization and learn more about Anixter’s unique approach.

  • Americas - “I Heard It Through the Grapevine” – Managing Data Center Risk

    Tue, 28 Apr 2015 18:00:00

    Join this webinar to understand how to minimize the risk to your organization and learn more about Anixter’s unique approach to: • Data center security concerns and the best strategies to address them • Top risk management challenges and planning to guard against them • Regulatory standards and steps to comply with them • Industry best practices and how to implement them in your business • Interoperability and the path for achieving it • Engagement and how to put it into practice

More link