1 / 16

What are the legal implications of moving into the Cloud?

What are the legal implications of moving into the Cloud?. ICAEW, 24 September 2010. Richard Kemp Senior Partner Kemp Little, Solicitors, London EC2 richard.kemp@kemplittle.com www.kemplittle.com. Mid ‘60s to early ‘80s: IBM heyday. ‘80s: rise of the PC. ‘90s to mid-00’s: Wintel heyday.

emily
Télécharger la présentation

What are the legal implications of moving into the Cloud?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. What are the legal implications of moving into the Cloud? ICAEW, 24 September 2010 Richard Kemp Senior Partner Kemp Little, Solicitors, London EC2 richard.kemp@kemplittle.com www.kemplittle.com

  2. Mid ‘60s to early ‘80s: IBM heyday ‘80s: rise of the PC ‘90s to mid-00’s: Wintel heyday Mid ‘00s onwards: Google heyday Utility Computing The rise of service based computing Cloud Computing SaaS services ASP adoption Outsourcing ITO BPO LPO, etc Early 2000s onwards: broadband replaces dial up internet 2004: Google, salesforce.com IPOs; ‘web 2.0’ coined 1995: Netscape IPO ; Bill Gates’ ‘Internet tidal wave’ memo internet 2001: .com bust 2008: Google Chrome, Microsoft Windows ‘in the Cloud’ (Azure) launched 1969: the software industry is born as IBM unbundles hardware & software 1970: UNIX released by AT&T 1981: Microsoft develops MS-DOS 1993: Linux mid ‘00s onwards: open source (OSS) in the mainstream 1990: Microsoft launches Windows 3.0 1985: open source FSF set up software 2007: IPO of hypervisor developer VMware 1940s: Adoption of programmmable computer 1957: IBM introduces FORTRAN programming language 1964: IBM introduces System 360 computer family 1971: Intel 4004 – the first micro-processor developed 1981: IBM launches PC ‘90s: rise of laptops ‘00s: rise of PDAs ‘anytime anywhere’ devices Smartphones iPad, etc 1984: Apple Mac launched hardware 1940s 1950s 1960s 1970s 1980s 1990s 2000s 2010s

  3. Evolution of service based computing • ‘Software as a licence’ • Outsourcing • ASP - 1 to 1 • SaaS– 1 to many, built for the web, Pay per use • Cloud– massively scaled • Utility – aggregated resources, supplied on metered basis

  4. Essence of service based computing Utility Aggregated resources (input, programming, processing, storage, output, comms, etc) packaged into the service the customer wants and supplied on a metered basis ASP Application service Provision Hosted application Management ‘your server room, not mine’ SaaS ‘built for the web’ application ‘web ready’ customer services ‘one to many’ secure delivery model Consumer and professional markets Incremental pay per use basis e.g.: Salesforce.com Cloud ‘massive scalability’ Mass market availability via the internet of IT-enabled, scalable resources provided as a service Bigger & bigger data centres e.g.: Azure

  5. Business Drivers/Benefits • Increasing prevalence of and reliance on technology • Improved internet/networking connectivity • IT costs increasing – personnel/hardware/software/storage • Too much bespoke tailoring and risk in ‘traditional’ models • Difficult for in-house teams to keep up let alone innovate whilst keeping a lid on costs

  6. Cloud Issues – data loss

  7. Cloud Issues – Internet outage

  8. Cloud Issues – service availability

  9. Cloud/out sourcing contracts – the similarities emperor’s new clothes?

  10. Cloud/out sourcing contracts – the differences

  11. What really matters in a SaaS/cloud contract • Performance • Key service metrics (response times, throughput, volumes, etc) • ‘room at a hotel’ • Availability • Internet delivery enabled – bandwidth, speed, etc • So who bears the risk of outages, slow response times • Data • Security, regulatory • Check you can get it back (i) at any time (ii) in usable form • Regulatory • Increasing importance – not just data privacy • Access, audit, etc • Exit • Think about exit/disengagement on the way in! • Avoid supplier dependence

  12. Data privacy and security • The amount of information we store is increasing exponentially • There is an increase in incidents and severity of losses or theft of information • There is increasing media, public and government awareness and concern about risks of information loss • There are increasing amounts of information law, regulation and enforcement…and higher penalties • Most businesses lack control of their own information - NEVER OUTSOURCE A PROBLEM…

  13. Data issues • Who owns the data • The customer of course, but you’d be surprised … • When should you be able to get access to your data? • Any time, and in usable format, but you’d be surprised … • Put in place effective back up, DR, regime, etc • What about regulatory, auditor access? • Regulatory access, etc should be guaranteed whenever sought • Data protection • Build in contractual assurance around: • Export of data to third countries (e.g. USA, India) • Security, access standards • Commitments as to no supplier use without express consent, etc

  14. What happens if it all goes wrong - remedies • Real world points • Assess risk before you do the deal and how you manage it • Ask yourself: What’s the worst that can happen? • How easy is it, long would it take, to bring back in house/move to an alternative? • Avoid supplier over dependence • Check out supplier stability, etc • Agree exit/disengagement management regime up front • Even if fault/disputed termination • ‘Fix first argue later’ • Get your data back immediately! • You want to avoid litigation!! • Know your contract! • Effective governance regime • Internal dispute escalation up through both organisation • often the best way

  15. Questions?

  16. Thank you Richard Kemp Partner Kemp Little LLP richard.kemp@kempilttle.com Tel. +44 (0) 20 7710 1610

More Related