Legal Watch

The wild blue yonder - thoughts on cloud computing


I've spent increasingly more time in my practice this year dealing with the cloud for my most sophisticated clients. The cloud, as you no doubt are aware, is the Internet-based system of computing resources. Experts pretty much agree we're all moving to the cloud, including the electronic security industry. Truth is, we've all been in the cloud for some time. Google, Gmail, or any of those photo storage sites, among others, are all prime examples. Cloud computing is like having a massive main frame computer at your fingertips. And for the electronic security industry, the cloud delivers significantly increased computing power and storage volumes at a substantially decreased cost. For example, video storage on the Web can be achieved today at significant savings to the subscriber, sending the DVR the way of the eight-track tape.

Moving to the cloud, however, raises a significant number of legal issues that must be addressed. If you're moving to the cloud, consider the following.

In the clouds, storms are inevitable

I'm a lawyer, not an IT expert, but even I know preventing technology failure is impossible. All technology can and sometimes does fail. Cutting-edge technology, by its very nature, has a greater risk for failure, simply because innovation means getting the latest technology into the hands of users as quickly as possible, sometimes before it's been thoroughly time tested and proven; before all the potential problems have been identified and corrected; and before predictable user error can be indentified completely.

Not only is the technology new and unproven, and more likely to have problems, but more sophisticated technology means a steeper learning curve for those who use it, both consumers and IT professionals. The much-publicized Amazon cloud outage in April 2011 that knocked out a number of large, well-known social networking sites and impacted many other of Amazon's customers was caused by a "configuration error" made during a "network upgrade" in one of the company's regions, during which a "traffic shift was executed incorrectly." In other words, someone goofed. Basic human error caused a perfect storm of events that took Amazon nearly two days to correct. You need to protect your company from the fallout from such errors.

Of course, the advantages and rewards in terms of cost, efficiency and efficacy of being an early adopter of new technology are significant to both you and your subscribers. And the more you can minimize the risks, the more you both can take greater advantage of the rewards.

Have an umbrella and don't get "soaked"

Knowing that failures in technology can and will happen, protect yourself from getting soaked.

One important key to protecting yourself are contracts-both with subscribers and with the vendors to which you may have outsourced one or more aspects of your cloud computing, whether it's data storage, platforms or software as a service. When you move to the cloud-and ideally before you implement any new technology-take these important steps.

First, update subscriber agreements in order to address the relevant issues. The standard industry subscriber agreement, commercial or residential, most likely won't address many of the more complex, cloud-related issues. Most agreements that do cover cloud computing address the misperception that because the cloud is Internet-based, the Internet and technology will function correctly 24 hours a day, seven days a week. Make sure your contracts don't promise to deliver a level of continuous service based on technology that isn't always there. Or put another way; make sure that your contracts contain provisions that reduce your legal liabilities for the occurrences you can't control, including an effective force majeure clause. Make sure your indemnity provision also addresses the cloud-related services you provide to your subscribers.

This content continues onto the next page...