Judicial Frameworks and Privacy Issues of Cloud Computing

Computer Law & Security Review, 2013

Privacy Data Conflict of laws Private international law Rome I Rome II Restatement (second) conflict of laws Directive 95/46 EC General data protection regulation 2012 Privacy act 1988 (Cth) Stored Communication act Proper law a b s t r a c t Cloud technology offers wonderful potential for users in terms of convenience, ease of obtaining updates etc. However, it presents significant legal challenges. Our laws, largely based on notions of territoriality, struggle to respond to technology in which lines on maps are largely irrelevant. In this article, I articulate some of the specific challenges. The law of contract, tort and national regulation might all apply to a claim of breach of privacy in relation to material uploaded to the cloud. Unfortunately, each of the jurisdictions studied would approach the issues in different ways, potentially creating significant confusion. The article proposes a need for international co-operation and agreement on these matters.

Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences, 2012

Cloud computing technologies have reached a high level of development, yet a number of obstacles still exist that must be overcome before widespread commercial adoption can become a reality. In a cloud environment, end users requesting services and cloud providers negotiate service-level agreements (SLAs) that provide explicit statements of all expectations and obligations of the participants. If cloud computing is to experience widespread commercial adoption, then incorporating risk assessment techniques is essential during SLA negotiation and service operation. This article focuses on the legal issues surrounding risk assessment in cloud computing. Specifically, it analyses risk regarding data protection and security, and presents the requirements of an inherent risk inventory. The usefulness of such a risk inventory is described in the context of the OPTIMIS project.

Cloud computing refers to anything that involves delivering hosted services over the Internet. It is fast, cheap, flexible and elastic in nature. In spite of its benefits, cloud computing raises risks for data protection and privacy. One key issue presented by cloud computing is the fact that it changes our thinking of what we consider to be "our data". Data is no longer physically stored on a specific set of computers or servers, but is rather geographically distributed. The globalised nature of cloud computing poses a challenge for personal data protection, which requires a clear location for personal data, an identification of the processor and a responsible individual for data processing. Cloud data can be misused and/or shared with third parties without prior knowledge or consent of the data owner. The direct participation of an individual in transborder data transfer, third party participation in data storage, the processing and transmission of data and, finally, negligence of data protection due diligence from cloud service providers, makes data protection and privacy laws more relevant. The recent PRISM surveillance programme scandal at the US National Security Agency (NSA) demonstrated the privacy risks that citizens around the world take on when their personal information is stored and processed in the cloud. This situation requires a wellestablished techno-legal solution along international standards. India, unlike the European Union, has no dedicated regulatory framework to deal with privacy and personal data protection. Although cloud computing is still in its initial stages in India, existing laws for people who are currently using facilities offered by cloud service providers are extremely inadequate. However, cloud computing requires legal protection in India under the country's data protection laws, privacy laws and data breach laws, which must meet "international standards". It is the right time for the Indian government to enact appropriate regulatory frameworks to protect personal data and privacy in the cloud era. The overall objective of this paper is to understand the impact of cloud computing on privacy and personal data protection and to analyse present legal frameworks governing privacy and personal data protection in India and Europe.

International Journal for Research in Applied Science and Engineering Technology IJRASET, 2020

Cloud computing has revolutionised the way in which computing services are delivered and managed in the contemporary society and economy. The emergence of computers and the internet, the one hand, accelerated the swift technological developments in especially in the computing domain thus speeding up the rapid growth and diffusion of cloud computing. But, at one and the same time, on the other hand, they tectonically transformed the contemporary society and economy into information/knowledge/ digital society and economy. Both are reciprocally and interactively related, strengthening each other in their operational and functional practices. These practices, in the wake of coming of 'data revolution' and consequent 'datafication' of the society and economy, abundantly exhibited different types of security issues, especially privacy risks, which transmuted the erstwhile society and economy into an the information/knowledge/ digital risk society and economy and, simultaneously, became an hindrance to the diffusion of cloud computing, which itself is embedded in this risk society and economy in the global information capitalist order. Risks, particularly privacy risks, constitute the strong bridge and link between them. The present paper critically analyses and surveys these stated socio-technical developments.

Public and Private Law Bulletin, 2018

Extracting data’s value can only be possible by using a high amount of processing power. The most eligible way of procuring such amount of processing power is using cloud computing services. Cloud computing services face several interventions by governments around the globe. The most notable interventions relate to the localization of data and data processing facility. Since cloud computing services nearly always provided internationally, there is a need to explore the possibility of protecting cloud computing services from those interventions by using a legal tool from the 1960s namely the ICSID Convention which allows forming arbitrational tribunals to solve investment disputes between investors and states. One of the conditions for ICSID tribunals to have jurisdiction over disputes is that the dispute at hand must be related to an investment. However, the ICSID Convention does not contain a definition of the investment term. Mainly, there are two different approaches among the case law and legal doctrine for defining the investment term. The first approach is leaving the duty of defining the term to the parties. The second approach requires simultaneous fulfilment of the parties’ consent and certain objective criteria. Cloud computing services can meet the required criteria under those approaches.