SlideShare a Scribd company logo

Risks and Benefits of Cloud Computing

Download as PPT, PDF
DLA Piper (Canada) LLP
DLA Piper (Canada) LLP
TechnologyBusiness
1 of 30
“Looking at Clouds from both Sides” – Risks and Benefits of Cloud Computing Employment and Labour Law Conference May 24, 2012 Tamara Hunter
What is Cloud Computing?
What is cloud computing? • technologies that provide computation, software, data access and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services (Wikipedia) • delivered over a network (typically, the Internet)
Categories • Infrastructure as a Service (“IaaS”) and Storage • Delivers computer infrastructure, along with storage and networking • Software as a Service (“Saas”) • Delivers software without the need to install and run applications • Platform as a Service (“PaaS”) • Allows the development and deployment of applications without the need to purchase specific hardware or software
Benefits • Cost • Scalability • User mobility • Customizability • Reliability? • Performance? • Security?
Cloud Computing: General Issues and Risks
General Issues and Risks • Location and jurisdiction • Data ownership • Business interruption (service provider) • Loss of access (customer)
General Issues and Risks • Source code and escrow • Migration • Who can access? • Backup and archiving
General Issues and Risks • Security • Destruction of data • IP infringement
Cloud Computing: Litigation (E-Discovery)
Key Obligations • Disclosure • must disclose every relevant document in possession, control or power • “document” is broadly defined • Preservation • must preserve all relevant documents • Serious consequences for breach
E-Discovery • Electronic documents increase scope, complexity and cost of discovery process • Courts aware of importance of electronic documents
Cloud Computing and Discovery • Disclosure and preservation obligations still apply • Court does not care if you store data in your building or in the cloud – only cares whether you have possession or control
Cloud Computing and Discovery • Consider risks: • lost data • non-compliant data preservation practices • platform not easily searched • sub-outsourcing
Cloud Computing and Discovery • Cloud computing contract is key • Maintain legal control over data • Due diligence on cloud provider • Ability to retrieve data in any circumstance
Cloud Computing: Privacy Law Compliance
• When you think about Cloud Computing, consider it as “mega-outsourcing”
• Regular outsourcing is when you store your data on your own servers, but you send certain data to an outside service provider or a service, so they can perform a function with the data and provide a product (e.g. send personalized cheques to your customers or process your payroll and arrange for direct deposits for your employees).
• Cloud computing means you don’t have your own servers anymore – you’ve “out-sourced” that whole infrastructure
• The key privacy law compliance issue is security of personal information
• Geographic location of personal information is a significant privacy law issue, especially for public bodies in British Columbia (and service providers to public bodies) but the concern with geographical location of data really boils down to a security issue
Public Bodies in B.C.: Section 30.1 of FOIPPA • A public body must ensure that personal information in its custody or under its control is stored only in Canada and accessed only in Canada, [unless a specific exception applies] • Breach of s. 30.1 of FOIPPA is an offence • Some cloud service providers are aware of this requirement and offer cloud services that meet this requirement
Québec – Private Sector Privacy Legislation • If using service provider outside Québec to store or process personal information, must take all reasonable steps to ensure that the personal information will not be used for purposes not relevant to the object of the file or communicated to third persons without consent • If cannot be satisfied that the personal information will be properly protected, must not communicate the information outside Québec (s. 17)
• What about professionals (e.g., doctors, lawyers, accountants, etc.) and businesses handling highly sensitive personal information (e.g. banks, credit unions, insurance companies)? • Ethical and contractual obligations around confidentiality may also require specialized cloud computing solutions • Community Cloud or Private Cloud may work (e.g. Law Society Cloud for lawyers is being considered)
• Private Sector - still have obligation under PIPEDA, PIPA, the Québec Private Sector Privacy Legislation (and, possibly, contractual obligations) to make reasonable security arrangements to protect personal information from risks such as unauthorized access, disclosure, destruction, etc. • Standard Cloud Computing contracts may not sufficiently protect customer/employee personal information • Requirement for transparency/notification (customers/employees have a right to know)
Security issues: • What geographic locations could be involved? Rule some out or stipulate acceptable jurisdictions • Reputation/history of cloud provider • What other data will be mingled with your organization's data? Concern re: concentration of high-risk data • Will your organization be able to access audit logs?
• How quickly could you be required to produce a copy of your organization’s records? will your organization be able to meet that timeframe? • What obligations does the cloud provider have in the event of an information security breach? • Immediate notification to your organization? • Indemnity for any damages and professional fees?
• What happens if the cloud provider goes bankrupt? backup/escrow might not be sufficient without access to the application software necessary to decode the stored data • Does the contract provide for a method for your organization to audit the cloud provider’s compliance with its contractual security obligations?
• Insurance – does your organization’s insurance coverage for information security breaches or data loss apply if your data is “in the clouds”?
Thank You Tamara Hunter Associate Counsel, Head of Privacy Law Group, Vancouver tamara_hunter@davis.ca 604.643.2952

Recommended

Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issuesAdv Prashant Mali
 
CloudSecurity
CloudSecurityCloudSecurity
CloudSecurityUtkarsh Kumar
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Cloud security
Cloud securityCloud security
Cloud securityAdeel Javaid
 

Recommended

Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
Legal ethics & cloud computing
Legal ethics & cloud computingLegal ethics & cloud computing
Legal ethics & cloud computingPatrick Fowler
 
MISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Cloud Workshop_ ipc privacy in the cloud
MISA Cloud Workshop_ ipc privacy in the cloudMISA Ontario Cloud SIG
 
Cloud computing legal issues
Cloud computing legal issuesCloud computing legal issues
Cloud computing legal issuesAdv Prashant Mali
 
CloudSecurity
CloudSecurityCloudSecurity
CloudSecurityUtkarsh Kumar
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNithin Raj
 
Cloud security
Cloud securityCloud security
Cloud securityAdeel Javaid
 
IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011Donald E. Hester
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3Anne Starr
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computingmovinghats
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud ComputingJyotika Pandey
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Lisa Abe-Oldenburg, B.Comm., JD.
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitymaheralgamdi
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud securityDrRajapraveenkN
 
Know Your Attacker - Core Security
Know Your Attacker - Core SecurityKnow Your Attacker - Core Security
Know Your Attacker - Core SecurityCore Security
 
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...Livingstone Advisory
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Security challenges of cloud computing
Security challenges of cloud computingSecurity challenges of cloud computing
Security challenges of cloud computingMd. Hasibur Rashid
 
Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basicsRahul Gurnani
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingAbhishek Kumar Sinha
 
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30This account is closed
 
Legal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landyLegal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landyIFCLA - International Federation of Computer Law Associations
 

More Related Content

What's hot

IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011Donald E. Hester
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeAhmad Abdalla
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorBrian Miller, Solicitor
 
gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3Anne Starr
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computingmovinghats
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationVenkateswar Reddy Melachervu
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud IBM Security
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitygangal
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud ComputingJyotika Pandey
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computingSeema Kumari
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing securitymaheralgamdi
 
Know Your Attacker - Core Security
Know Your Attacker - Core SecurityKnow Your Attacker - Core Security
Know Your Attacker - Core SecurityCore Security
 
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...Livingstone Advisory
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big DataNicolas Morales
 
Security challenges of cloud computing
Security challenges of cloud computingSecurity challenges of cloud computing
Security challenges of cloud computingMd. Hasibur Rashid
 
Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basicsRahul Gurnani
 

What's hot (20)

IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011IT Series: Cloud Computing Done Right CISOA 2011
IT Series: Cloud Computing Done Right CISOA 2011
 
Securing Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & NetskopeSecuring Apps & Data in the Cloud by Spyders & Netskope
Securing Apps & Data in the Cloud by Spyders & Netskope
 
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller SolicitorCloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
Cloud Computing: Legal Issues and Safety Risks by Brian Miller Solicitor
 
gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3gkknwqeq3232,sqSecurity essentials domain 3
gkknwqeq3232,sqSecurity essentials domain 3
 
Legal issues in cloud computing
Legal issues in cloud computingLegal issues in cloud computing
Legal issues in cloud computing
 
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter PresentationCloud Computing and Security - ISACA Hyderabad Chapter Presentation
Cloud Computing and Security - ISACA Hyderabad Chapter Presentation
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud Computing
 
Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014Mining IT Summit Nov 6 2014
Mining IT Summit Nov 6 2014
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issues
 
Security issue in Cloud computing
Security issue in Cloud computingSecurity issue in Cloud computing
Security issue in Cloud computing
 
Cloud computing security
Cloud computing securityCloud computing security
Cloud computing security
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud security
 
Know Your Attacker - Core Security
Know Your Attacker - Core SecurityKnow Your Attacker - Core Security
Know Your Attacker - Core Security
 
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
UTSpeaks Public Lecture: Clearing up the Cloud -19th July 2011 - Rob Living...
 
Security and Audit for Big Data
Security and Audit for Big DataSecurity and Audit for Big Data
Security and Audit for Big Data
 
Security challenges of cloud computing
Security challenges of cloud computingSecurity challenges of cloud computing
Security challenges of cloud computing
 
Cloud computing & security basics
Cloud computing & security basicsCloud computing & security basics
Cloud computing & security basics
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 

Similar to Risks and Benefits of Cloud Computing

The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30This account is closed
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and factsArun Ganesh
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeLisa Abe-Oldenburg, B.Comm., JD.
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Mark Williams
 
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Danny Miller
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Valencell, Inc.
 
The Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThe Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThis account is closed
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersGokul Alex
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationTejaswi Agarwal
 
Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Bianca Mueller, LL.M.
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud ComputingFalgun Rathod
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsAbbie Hosta
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaAchSulav
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaAchSulav
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2Ankit Gupta
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!centralohioissa
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think Uni Systems S.M.S.A.
 

Similar to Risks and Benefits of Cloud Computing (20)

The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
The Cloud Computing Contract Playbook - Contracting for Cloud Services, Sept. 30
 
Legal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landyLegal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landy
 
Bird&Bird
Bird&BirdBird&Bird
Bird&Bird
 
Cloud Computing in Business and facts
Cloud Computing in Business and factsCloud Computing in Business and facts
Cloud Computing in Business and facts
 
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of TradeSecuring Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
Securing Apps and Data in the Cloud - July 23 2014 Toronto Board of Trade
 
Cloud Security: A matter of trust?
Cloud Security: A matter of trust?Cloud Security: A matter of trust?
Cloud Security: A matter of trust?
 
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
Nfp Seminar Series Danny November 18 Emerging Technology Challenges And...
 
Extending security in the cloud network box - v4
Extending security in the cloud network box - v4Extending security in the cloud network box - v4
Extending security in the cloud network box - v4
 
The Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud ServicesThe Cloud Computing Contract Playbook: Contracting for Cloud Services
The Cloud Computing Contract Playbook: Contracting for Cloud Services
 
Cloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and FrontiersCloud Security - Emerging Facets and Frontiers
Cloud Security - Emerging Facets and Frontiers
 
ICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference PublicationICRTITCS-2012 Conference Publication
ICRTITCS-2012 Conference Publication
 
Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data? Everyone is talking Cloud - How secure is your data?
Everyone is talking Cloud - How secure is your data?
 
Security in Cloud Computing
Security in Cloud ComputingSecurity in Cloud Computing
Security in Cloud Computing
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Securing Your Digital Files from Legal Threats
Securing Your Digital Files from Legal ThreatsSecuring Your Digital Files from Legal Threats
Securing Your Digital Files from Legal Threats
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Unit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav AcharyaUnit 9 Technological trends in Information Technology By Sulav Acharya
Unit 9 Technological trends in Information Technology By Sulav Acharya
 
Lecture27 cc-security2
Lecture27 cc-security2Lecture27 cc-security2
Lecture27 cc-security2
 
Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!Bil Harmer - Myths of Cloud Security Debunked!
Bil Harmer - Myths of Cloud Security Debunked!
 
The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think The most trusted, proven enterprise-class Cloud:Closer than you think
The most trusted, proven enterprise-class Cloud:Closer than you think
 

More from DLA Piper (Canada) LLP

Consumer Protection: Recent Developments and Trends
Consumer Protection: Recent Developments and TrendsConsumer Protection: Recent Developments and Trends
Consumer Protection: Recent Developments and TrendsDLA Piper (Canada) LLP
 
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...Latest Developments in Advertising and Marketing Law and Their Impact on Cana...
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...DLA Piper (Canada) LLP
 
The Need to Know Legalities of Marketing Sponsorships
The Need to Know Legalities of Marketing SponsorshipsThe Need to Know Legalities of Marketing Sponsorships
The Need to Know Legalities of Marketing SponsorshipsDLA Piper (Canada) LLP
 
The Importance of Documentation in an Employment Relationship
The Importance of Documentation in an Employment RelationshipThe Importance of Documentation in an Employment Relationship
The Importance of Documentation in an Employment RelationshipDLA Piper (Canada) LLP
 
Operational Information as "Personal Information"
Operational Information as "Personal Information"Operational Information as "Personal Information"
Operational Information as "Personal Information"DLA Piper (Canada) LLP
 
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...DLA Piper (Canada) LLP
 
Anatomy of a Failed Termination Process
Anatomy of a Failed Termination ProcessAnatomy of a Failed Termination Process
Anatomy of a Failed Termination ProcessDLA Piper (Canada) LLP
 
Maternity and Parental Leave: Current Issues
Maternity and Parental Leave: Current IssuesMaternity and Parental Leave: Current Issues
Maternity and Parental Leave: Current IssuesDLA Piper (Canada) LLP
 
Mental Health as a Safety Issue in the Workplace
Mental Health as a Safety Issue in the WorkplaceMental Health as a Safety Issue in the Workplace
Mental Health as a Safety Issue in the WorkplaceDLA Piper (Canada) LLP
 
Employing Contractors and Contracting Employees
Employing Contractors and Contracting EmployeesEmploying Contractors and Contracting Employees
Employing Contractors and Contracting EmployeesDLA Piper (Canada) LLP
 
What to Do When Regulators Come A-knocking
What to Do When Regulators Come A-knockingWhat to Do When Regulators Come A-knocking
What to Do When Regulators Come A-knockingDLA Piper (Canada) LLP
 
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...DLA Piper (Canada) LLP
 
To Disclaim or Not and How? Very Big Questions. A Primer for Marketers
To Disclaim or Not and How? Very Big Questions. A Primer for MarketersTo Disclaim or Not and How? Very Big Questions. A Primer for Marketers
To Disclaim or Not and How? Very Big Questions. A Primer for MarketersDLA Piper (Canada) LLP
 
Notre ami, Anton Piller (l’ordonnance d’injonction)
Notre ami, Anton Piller (l’ordonnance d’injonction)Notre ami, Anton Piller (l’ordonnance d’injonction)
Notre ami, Anton Piller (l’ordonnance d’injonction)DLA Piper (Canada) LLP
 
Our Friend, Anton Piller (The Injunction)
Our Friend, Anton Piller (The Injunction)Our Friend, Anton Piller (The Injunction)
Our Friend, Anton Piller (The Injunction)DLA Piper (Canada) LLP
 
Surveillance of Your Electronic Systems
Surveillance of Your Electronic SystemsSurveillance of Your Electronic Systems
Surveillance of Your Electronic SystemsDLA Piper (Canada) LLP
 

More from DLA Piper (Canada) LLP (20)

Current Issues in Employment Law
Current Issues in Employment LawCurrent Issues in Employment Law
Current Issues in Employment Law
 
Consumer Protection: Recent Developments and Trends
Consumer Protection: Recent Developments and TrendsConsumer Protection: Recent Developments and Trends
Consumer Protection: Recent Developments and Trends
 
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...Latest Developments in Advertising and Marketing Law and Their Impact on Cana...
Latest Developments in Advertising and Marketing Law and Their Impact on Cana...
 
The Need to Know Legalities of Marketing Sponsorships
The Need to Know Legalities of Marketing SponsorshipsThe Need to Know Legalities of Marketing Sponsorships
The Need to Know Legalities of Marketing Sponsorships
 
The Importance of Documentation in an Employment Relationship
The Importance of Documentation in an Employment RelationshipThe Importance of Documentation in an Employment Relationship
The Importance of Documentation in an Employment Relationship
 
Operational Information as "Personal Information"
Operational Information as "Personal Information"Operational Information as "Personal Information"
Operational Information as "Personal Information"
 
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...
Background Checks: The Legality of Reference, Credit, Criminal and Qualificat...
 
Anatomy of a Failed Termination Process
Anatomy of a Failed Termination ProcessAnatomy of a Failed Termination Process
Anatomy of a Failed Termination Process
 
Maternity and Parental Leave: Current Issues
Maternity and Parental Leave: Current IssuesMaternity and Parental Leave: Current Issues
Maternity and Parental Leave: Current Issues
 
Mental Health as a Safety Issue in the Workplace
Mental Health as a Safety Issue in the WorkplaceMental Health as a Safety Issue in the Workplace
Mental Health as a Safety Issue in the Workplace
 
Disclaimer in Ads - Resting Not Dead?
Disclaimer in Ads - Resting Not Dead?Disclaimer in Ads - Resting Not Dead?
Disclaimer in Ads - Resting Not Dead?
 
Employing Contractors and Contracting Employees
Employing Contractors and Contracting EmployeesEmploying Contractors and Contracting Employees
Employing Contractors and Contracting Employees
 
Breaking Up Is Hard to Do!
Breaking Up Is Hard to Do!Breaking Up Is Hard to Do!
Breaking Up Is Hard to Do!
 
What to Do When Regulators Come A-knocking
What to Do When Regulators Come A-knockingWhat to Do When Regulators Come A-knocking
What to Do When Regulators Come A-knocking
 
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...
Mitigating Legal Risks and Staying Compliant While Running a Successful Onlin...
 
To Disclaim or Not and How? Very Big Questions. A Primer for Marketers
To Disclaim or Not and How? Very Big Questions. A Primer for MarketersTo Disclaim or Not and How? Very Big Questions. A Primer for Marketers
To Disclaim or Not and How? Very Big Questions. A Primer for Marketers
 
How to Make Litigation Pay
How to Make Litigation PayHow to Make Litigation Pay
How to Make Litigation Pay
 
Notre ami, Anton Piller (l’ordonnance d’injonction)
Notre ami, Anton Piller (l’ordonnance d’injonction)Notre ami, Anton Piller (l’ordonnance d’injonction)
Notre ami, Anton Piller (l’ordonnance d’injonction)
 
Our Friend, Anton Piller (The Injunction)
Our Friend, Anton Piller (The Injunction)Our Friend, Anton Piller (The Injunction)
Our Friend, Anton Piller (The Injunction)
 
Surveillance of Your Electronic Systems
Surveillance of Your Electronic SystemsSurveillance of Your Electronic Systems
Surveillance of Your Electronic Systems
 

Recently uploaded

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 

Recently uploaded (20)

Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 

Risks and Benefits of Cloud Computing

  • 1. “Looking at Clouds from both Sides” – Risks and Benefits of Cloud Computing Employment and Labour Law Conference May 24, 2012 Tamara Hunter
  • 2. What is Cloud Computing?
  • 3. What is cloud computing? • technologies that provide computation, software, data access and storage services that do not require end-user knowledge of the physical location and configuration of the system that delivers the services (Wikipedia) • delivered over a network (typically, the Internet)
  • 4. Categories • Infrastructure as a Service (“IaaS”) and Storage • Delivers computer infrastructure, along with storage and networking • Software as a Service (“Saas”) • Delivers software without the need to install and run applications • Platform as a Service (“PaaS”) • Allows the development and deployment of applications without the need to purchase specific hardware or software
  • 5. Benefits • Cost • Scalability • User mobility • Customizability • Reliability? • Performance? • Security?
  • 7. General Issues and Risks • Location and jurisdiction • Data ownership • Business interruption (service provider) • Loss of access (customer)
  • 8. General Issues and Risks • Source code and escrow • Migration • Who can access? • Backup and archiving
  • 9. General Issues and Risks • Security • Destruction of data • IP infringement
  • 11. Key Obligations • Disclosure • must disclose every relevant document in possession, control or power • “document” is broadly defined • Preservation • must preserve all relevant documents • Serious consequences for breach
  • 12. E-Discovery • Electronic documents increase scope, complexity and cost of discovery process • Courts aware of importance of electronic documents
  • 13. Cloud Computing and Discovery • Disclosure and preservation obligations still apply • Court does not care if you store data in your building or in the cloud – only cares whether you have possession or control
  • 14. Cloud Computing and Discovery • Consider risks: • lost data • non-compliant data preservation practices • platform not easily searched • sub-outsourcing
  • 15. Cloud Computing and Discovery • Cloud computing contract is key • Maintain legal control over data • Due diligence on cloud provider • Ability to retrieve data in any circumstance
  • 17. When you think about Cloud Computing, consider it as “mega-outsourcing”
  • 18. Regular outsourcing is when you store your data on your own servers, but you send certain data to an outside service provider or a service, so they can perform a function with the data and provide a product (e.g. send personalized cheques to your customers or process your payroll and arrange for direct deposits for your employees).
  • 19. Cloud computing means you don’t have your own servers anymore – you’ve “out-sourced” that whole infrastructure
  • 20. The key privacy law compliance issue is security of personal information
  • 21. Geographic location of personal information is a significant privacy law issue, especially for public bodies in British Columbia (and service providers to public bodies) but the concern with geographical location of data really boils down to a security issue
  • 22. Public Bodies in B.C.: Section 30.1 of FOIPPA • A public body must ensure that personal information in its custody or under its control is stored only in Canada and accessed only in Canada, [unless a specific exception applies] • Breach of s. 30.1 of FOIPPA is an offence • Some cloud service providers are aware of this requirement and offer cloud services that meet this requirement
  • 23. Québec – Private Sector Privacy Legislation • If using service provider outside Québec to store or process personal information, must take all reasonable steps to ensure that the personal information will not be used for purposes not relevant to the object of the file or communicated to third persons without consent • If cannot be satisfied that the personal information will be properly protected, must not communicate the information outside Québec (s. 17)
  • 24. What about professionals (e.g., doctors, lawyers, accountants, etc.) and businesses handling highly sensitive personal information (e.g. banks, credit unions, insurance companies)? • Ethical and contractual obligations around confidentiality may also require specialized cloud computing solutions • Community Cloud or Private Cloud may work (e.g. Law Society Cloud for lawyers is being considered)
  • 25. Private Sector - still have obligation under PIPEDA, PIPA, the Québec Private Sector Privacy Legislation (and, possibly, contractual obligations) to make reasonable security arrangements to protect personal information from risks such as unauthorized access, disclosure, destruction, etc. • Standard Cloud Computing contracts may not sufficiently protect customer/employee personal information • Requirement for transparency/notification (customers/employees have a right to know)
  • 26. Security issues: • What geographic locations could be involved? Rule some out or stipulate acceptable jurisdictions • Reputation/history of cloud provider • What other data will be mingled with your organization's data? Concern re: concentration of high-risk data • Will your organization be able to access audit logs?
  • 27. How quickly could you be required to produce a copy of your organization’s records? will your organization be able to meet that timeframe? • What obligations does the cloud provider have in the event of an information security breach? • Immediate notification to your organization? • Indemnity for any damages and professional fees?
  • 28. What happens if the cloud provider goes bankrupt? backup/escrow might not be sufficient without access to the application software necessary to decode the stored data • Does the contract provide for a method for your organization to audit the cloud provider’s compliance with its contractual security obligations?
  • 29. Insurance – does your organization’s insurance coverage for information security breaches or data loss apply if your data is “in the clouds”?
  • 30. Thank You Tamara Hunter Associate Counsel, Head of Privacy Law Group, Vancouver tamara_hunter@davis.ca 604.643.2952