Legal Cloud Central : Cloud Computing & Technology Attorneys & Lawyers : K&L Gates Law Firm

The Cloud Security Alliance (CSA), a non-profit coalition of industry practitioners, corporations, associations and other key stakeholders, today announced the CSA Open Certification Framework, an initiative aimed at allowing global, trusted certification of cloud service providers.  The CSA's goal is to increase trust and confidence in cloud security by providing for a level of security certification or attestation for cloud service providers similar to the SAS 70 / SSAE 16 standard in the public accounting industry.

• Email This
• Print
• Comments
• Trackbacks

Most people will read this title and assume I'm referring to the decision as to whether a company should move its applications to the cloud.  I'm not.  I'm actually referring to the implementation of the cloud solution -- the period of time after a customer signs a Software as a Service (SaaS) agreement until the point where the cloud solution is ready for production use.

• Email This
• Print
• Comments
• Trackbacks

The European Network and Information Security Agency (ENISA) is a center of network and information security expertise for the EU, its member states, the private sector and Europe's citizens that works to develop advice and recommendations on good practice in information security.  On April 2, 2012, ENISA published a guide to monitoring of security service levels in cloud contracts, in which ENISA sets forth a number of service levels that can be used to provide a monitoring framework for cloud customers. The main focus of the guide is on the public sector; however, much of the guide is also applicable to the private sector. 

• Email This
• Print
• Comments
• Trackbacks

By Samuel R. Castic

The FTC's final privacy report, Protecting Consumer Privacy in an Era of Rapid Change--Recommendations for Businesses and Policymakers, was released this morning (link here).  The announcement is at http://www.ftc.gov/opa/2012/03/privacyframework.shtm.

• Email This
• Print
• Comments
• Trackbacks

In recent months, mobile application developers (e.g., Zynga) and mobile platforms (e.g., Apple’s iTunes) have faced increasing scrutiny in connection with their privacy practices, primarily with respect to transparency.  State and federal authorities, members of Congress, and litigants have all brought attention to perceived failures of mobile applications (“apps”) to disclose information collection and disclosure practices.

• Email This
• Print
• Comments
• Trackbacks

By Christopher A. Bloom

New amendments to the Illinois Personal Information Protection Act, 815 ILCS 530 et seq., took effect January 1, 2012 (the “2012 Amendments”). In the wake of these amendments Illinois Attorney General Lisa Madigan has issued an Information Security and Security Breach Notification Guidance.  

• Email This
• Print
• Comments
• Trackbacks

By: Holly K. Towle

The Business Software Alliance ("BSA") has published a report entitled "BSA Global Cloud Computing Scorecard - A Blueprint for Economic Opportunity," surveying aspects of the legal environment impacting global integration of cloud computing in 24 countries. The report is available at http://portal.bsa.org/cloudscorecard2012/.  It includes findings and checklists measuring country readiness with respect to data privacy, security, cybercrime, intellectual property, support for industry standards and international harmonization of rules, promoting free trade, and  broadband deployment.  The report also includes a "policy blueprint" designed for international coordination and expansion of economic opportunities presented by cloud computing.

• Email This
• Print
• Comments
• Trackbacks

 By: Juliana W. Chen

The Megaupload saga is one of the latest development to affect cloud computing. Visitors to the file sharing and cloud storage site Megaupload.com will now find a notice from the U.S. government that the domain name has been seized. In connection with this seizure, several individuals and entities have been charged with an assortment of crimes, including criminal copyright infringement. The shutdown of Megaupload reinforces conventional advice and raises additional considerations for both customers and service providers.  

• Email This
• Print
• Comments
• Trackbacks

Cloud computing and the law is a hot topic in business and legal circles, and our attorneys have been busy talking about it.  Todd Fisher recently spoke on cloud computing at the Dallas Technology Summit and moderated a cloud computing panel at SMU's 19th Annual Corporate Counsel Symposium.  Chad King recently addressed cloud computing compliance and legal issues for investment companies at the Financial Technology Forum Fall Workshop.  

• Email This
• Print
• Comments
• Trackbacks

By: Susan Altman

With limited exceptions, lawyers across America have an ethical duty to not reveal confidential information relating to the representation of a client unless the client consents, a duty to act with appropriate diligence, and a duty to take appropriate steps to safeguard the client’s property. How these duties translate into practical advice for lawyers using cloud computing is the source of much discussion by state bar associations. 

• Email This
• Print
• Comments (1)
• Trackbacks

By: Juliana W. Chen

The Cloud Security Alliance (CSA), a non-profit organization that comprises various cloud computing stakeholders, recently announced that several cloud vendors intend to submit reports to the CSA Security, Trust, and Assurance Registry (STAR). What is the CSA STAR, and why have Google, Verizon, Intel, McAfee, and Microsoft agreed to submit reports to it?

• Email This
• Print
• Comments
• Trackbacks

By Susan Altman

Law firms are cautiously moving to the cloud.  So says The American Lawyer, a leading trade magazine dedicated to covering the American legal profession, in its sixteenth annual survey on law firm technology.  The survey results reflect the responses by 82 law firm technology chiefs and cover technology topics such as law firm CIO compensation and the types of mobile devices supported by the law firms.  A substantial part of the survey results focus on the use of cloud computing by lawyers.  Nearly two-thirds (65%) of responding firms use cloud computing and almost half (47%) report they are using cloud computing more this year than last year.  The rest reported using the same amount of cloud computing as last year.  No surprise: no one reported using less.  Of those firms using the cloud, 77% described it as a positive experience.

• Email This
• Print
• Comments
• Trackbacks

By: Juliana W. Chen

The House Republican Cybersecurity Task Force, a group of 12 House Republicans, recently released the “Recommendations of the House Republican Cybersecurity Task Force,” a report on how to improve cybersecurity.  The report is expected to influence future legislative efforts, just as other congressional committees are collaborating with the White House to develop comprehensive legislation in this subject area.  If these recommendations are enacted, they could affect how cloud computing service providers do business.
 

• Email This
• Print
• Comments
• Trackbacks

The National Institute of Standards and Technology ("NIST"), whose definition of cloud computing has been widely referenced and recognized, has a long-term goal of providing leadership and guidance around cloud computing to effectuate its use in industry and government.  NIST also was designated by the Federal CIO to help accelerate the U.S. government's secure adoption of cloud computing as part of FedRAMP.  To further that effort, NIST recently released a cloud computing reference architecture in which NIST sets forth the components and offerings of cloud computing, as well as a cloud computing standards roadmap in which NIST identified current standards, standards gaps, and standardization priorities.  

• Email This
• Print
• Comments
• Trackbacks