Cookie policy: This site uses cookies (small files stored on your computer) to simplify and improve your experience of this website. Cookies are small text files stored on the device you are using to access this website. For more information on how we use and manage cookies please take a look at our privacy and cookie policies. Some parts of the site may not work properly if you choose not to accept cookies.

sections

Study highlights contractual traps of the Cloud

  • Print
  • Share
  • Comment
  • Save

A report released by the Queen Mary University of London’s Centre for Commercial Law Studies has raised concern about unfair terms, often non-negotiable, that can come with cloud contracts.

Research showed there are a number of off-the-shelf clauses commonly found in contracts that can exclude suppliers of liability for failure.

Many contacts can also come with service level agreements (SLAs) that aren’t compatible with EU data protection rules and end users can also find themselves locked into a contract that allows suppliers to change service features without notice.

Hogan Lovells International LLP Conor Ward, also Chair of the Cloud Industry Legal Forum, said legal issues surrounding the cloud may be long established but this does not mean end users should not be cautious when considering their legal implications with a move to a cloud environment.

To date, the relative immaturity of the market has resulted in contracts being used which are not particularly well suited to the services provided but the study anticipates that contracting models will mature as a combined result of pressure from regulatory bodies and experience from negotiations on the larger deals,” Ward said.

“Cloud computing is not going to be suitable for every circumstance and potential customers would, as this study demonstrates, be well advised to undertake a detailed risk analysis before committing new applications to the Cloud.”

Ward said customers need to remember cloud service providers not act as insurers of their business needs and that remedies under the contract may form part of, but should not be considered, to be an entire risk mitigation strategy.

“Agreed service levels with limited service credits will generally not provide an adequate remedy and where the loss of service is due to a force majeure event, the supplier may have no liability at all,” Ward said.

“A careful review of the contract and SLAs should highlight the extent to which the customer has any meaningful remedy if the service levels are not met and should enable the customer to take measures to minimise losses or disruption in the event that a disaster does occur.”

The research was funded by Microsoft as part of a group of projects looking at information ownership in the cloud, personal data in cloud and law enforcement.

 

Related images

  • The legal implications need to be considered when moving to the Cloud

Have your say

Please view our terms and conditions before submitting your comment.

required
required
required
required
required
  • Print
  • Share
  • Comment
  • Save

Webinars

  • How to Secure Your Critical Assets today and tomorrow

    Tue, 18 Oct 2016 18:00:00

    Whether you're a company looking to evaluate a data center, or a data / tech company looking to upgrade and improve their physical security, we'll discuss some of the requirements from major organizations along with important considerations for each facility layer, from ‘curb to core’. In this webinar we’ll discuss: • The rise of the data centre and new security challenges • Risks that businesses face from data loss • Three layers of physical security and 12 data centre security tips • Cost effective access control and 'curb to core' security • Best practices in securing data against attack and business continuity • How to manage and achieve compliance with regulatory requirements.

  • Next Generation Data Centers – Are you ready for scale?

    Wed, 24 Aug 2016 16:00:00

    This presentation will provide a general overview of the data center trends and the ecosystem that comprises of “hyperscale DC”, “MTDC”, and “enterprise DC”.

  • Ian Bitterlin -DC Power Professional

    Fri, 12 Aug 2016 08:55:00

    Professor Ian Bitterlin talks about DC Pro's Power Professional course.

  • White Space 49: Good news and Bad News this week

    Fri, 5 Aug 2016 14:10:00

    Editorial team at DCD talks about data center fires, cyber wars and network sabotage

  • White Space 47: There's a Pokéstop outside our office

    Fri, 22 Jul 2016 10:35:00

    This week on White Space, we talk everyhting: > Pokémon > Microsoft's Azure Stack launch > DatacenterDynamics Awards 2016 program > Digital Realty's move into Wind Power

More link