Ireland’s communications regulator ComReg in its recent quarterly report has pointed to research that suggests the pervasiveness of cloud computing will precipitate a morass of legal questions and will therefore attract regulatory scrutiny.
Pointing to research by the Yankee Group, ComReg said that the cloud will test the current rights, obligations and liabilities of service providers and their partners, businesses and consumers.
In terms of privacy protection it said that the protection of personal information as well as sensitive business data are central concerns. Unauthorised access to and disclosure of data are set to be topics of debate and at present the situation raises more legal questions than answers.
In terms of data protection, compliance with electronic communications laws and storage laws, particularly over the handing over of data to third parties as well as other third party arrangements, questions over who owns and controls the data and who is liable if a data breach occurs come to the fore.
Another factor that will need to be considered when it comes to cloud computing regulation is jurdisdiction and different national laws based on the physical location of cloud users, service providers, and infrastructure and hosted data. In the world of cloud computing, data may be transferred across multiple national borders and the end-user in most cases is simply unaware of this.
ComReg concludes that regulators will need to issue guidance on how existing laws apply to information on the cloud.
“The success of the cloud will rely on providers establishing more transparent and accountable security and privacy policies.
“Broad industry buy-in will be necessary to set baseline standards that yield customer trust and assurances. This is not to suggest that a cloud provider will be able to assure a 100pc guarantee of service reliability or security.
“There is room for improvement, however, in current standard customer agreements,” ComReg said.
By John Kennedy