Submit Search
Upload
Slide share cloudx_counsel ppt
•
Download as PPTX, PDF
•
0 likes
•
341 views
Mark Sanders
Follow
Emerging Issues: Reconsidering Intellectual Property in Cloud Computing
Read less
Read more
Law
Slideshow view
Report
Share
Slideshow view
Report
Share
1 of 21
Download now
Recommended
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
Cloud computing
Cloud computing
hundejibat
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
DivvyCloud
02 05 d_51_cc_efiles
02 05 d_51_cc_efiles
Vinay Bondirwad
Intro to cloud computing
Intro to cloud computing
Kashif Bhatti
Citrix Customer Story: Franciscan Missionaries of Our Lady Health System
Citrix Customer Story: Franciscan Missionaries of Our Lady Health System
Citrix
Cloud computing applications for e health
Cloud computing applications for e health
Hector Martin Garcia
Load Balancing and Data Management in Cloud Computing
Load Balancing and Data Management in Cloud Computing
ijtsrd
Recommended
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Gene Kim
Cloud computing
Cloud computing
hundejibat
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
Bringing Cloud Computing Out of the Shadows: Shine the light on Shadow IT wit...
DivvyCloud
02 05 d_51_cc_efiles
02 05 d_51_cc_efiles
Vinay Bondirwad
Intro to cloud computing
Intro to cloud computing
Kashif Bhatti
Citrix Customer Story: Franciscan Missionaries of Our Lady Health System
Citrix Customer Story: Franciscan Missionaries of Our Lady Health System
Citrix
Cloud computing applications for e health
Cloud computing applications for e health
Hector Martin Garcia
Load Balancing and Data Management in Cloud Computing
Load Balancing and Data Management in Cloud Computing
ijtsrd
DriCloud. Cloud based Electronic Medical Record
DriCloud. Cloud based Electronic Medical Record
dricloud
Citrix Customer Story: Southcoast Health System
Citrix Customer Story: Southcoast Health System
Citrix
wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125
Gabor Bokor
Cloud computing in healthcare
Cloud computing in healthcare
Mithisar Basumatary
Impact of cloud computing on health industry
Impact of cloud computing on health industry
Suyati Technologies
Towards a fair (My)Data economy
Towards a fair (My)Data economy
Alexandros Nousias
Taking Healthcare to the Cloud
Taking Healthcare to the Cloud
Jerry Collins
Cloud Computing in Healthcare IT
Cloud Computing in Healthcare IT
Mahindra Satyam
Data management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunities
Editor Jacotech
Introduction to the HAT Microserver
Introduction to the HAT Microserver
Jonathan Holtby
Protection of identity information in cloud computing without ttp
Protection of identity information in cloud computing without ttp
Mithil Parab
The Business Case for Cloud
The Business Case for Cloud
Esri
Healthcare in the Clouds
Healthcare in the Clouds
Gail Wilcox
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
Cloud business case
Cloud business case
Amos Kosgei
Ppt 1
Ppt 1
shanmugamsara
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Booz Allen Hamilton
Cloud computing in healthcare
Cloud computing in healthcare
Mohammad Al-Ubaydli
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
ijtsrd
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
IJERA Editor
Auxilia pleasure yacht
Auxilia pleasure yacht
RTN SRL
Omnes medium20
Omnes medium20
Ramichlyn Sabrina
More Related Content
What's hot
DriCloud. Cloud based Electronic Medical Record
DriCloud. Cloud based Electronic Medical Record
dricloud
Citrix Customer Story: Southcoast Health System
Citrix Customer Story: Southcoast Health System
Citrix
wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125
Gabor Bokor
Cloud computing in healthcare
Cloud computing in healthcare
Mithisar Basumatary
Impact of cloud computing on health industry
Impact of cloud computing on health industry
Suyati Technologies
Towards a fair (My)Data economy
Towards a fair (My)Data economy
Alexandros Nousias
Taking Healthcare to the Cloud
Taking Healthcare to the Cloud
Jerry Collins
Cloud Computing in Healthcare IT
Cloud Computing in Healthcare IT
Mahindra Satyam
Data management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunities
Editor Jacotech
Introduction to the HAT Microserver
Introduction to the HAT Microserver
Jonathan Holtby
Protection of identity information in cloud computing without ttp
Protection of identity information in cloud computing without ttp
Mithil Parab
The Business Case for Cloud
The Business Case for Cloud
Esri
Healthcare in the Clouds
Healthcare in the Clouds
Gail Wilcox
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Tom Kirby
Cloud business case
Cloud business case
Amos Kosgei
Ppt 1
Ppt 1
shanmugamsara
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Booz Allen Hamilton
Cloud computing in healthcare
Cloud computing in healthcare
Mohammad Al-Ubaydli
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
ijtsrd
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
IJERA Editor
What's hot
(20)
DriCloud. Cloud based Electronic Medical Record
DriCloud. Cloud based Electronic Medical Record
Citrix Customer Story: Southcoast Health System
Citrix Customer Story: Southcoast Health System
wp-security-dbsec-cloud-3225125
wp-security-dbsec-cloud-3225125
Cloud computing in healthcare
Cloud computing in healthcare
Impact of cloud computing on health industry
Impact of cloud computing on health industry
Towards a fair (My)Data economy
Towards a fair (My)Data economy
Taking Healthcare to the Cloud
Taking Healthcare to the Cloud
Cloud Computing in Healthcare IT
Cloud Computing in Healthcare IT
Data management in cloud study of existing systems and future opportunities
Data management in cloud study of existing systems and future opportunities
Introduction to the HAT Microserver
Introduction to the HAT Microserver
Protection of identity information in cloud computing without ttp
Protection of identity information in cloud computing without ttp
The Business Case for Cloud
The Business Case for Cloud
Healthcare in the Clouds
Healthcare in the Clouds
Expanded top ten_big_data_security_and_privacy_challenges
Expanded top ten_big_data_security_and_privacy_challenges
Cloud business case
Cloud business case
Ppt 1
Ppt 1
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Shifting Risks and IT Complexities Create Demands for New Enterprise Security...
Cloud computing in healthcare
Cloud computing in healthcare
Study on Secure Cryptographic Techniques in Cloud
Study on Secure Cryptographic Techniques in Cloud
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
Data Partitioning Technique In Cloud: A Survey On Limitation And Benefits
Viewers also liked
Auxilia pleasure yacht
Auxilia pleasure yacht
RTN SRL
Omnes medium20
Omnes medium20
Ramichlyn Sabrina
Visit norway
Visit norway
Floris Smit
cần mua đồng hồ casio tại hcm
cần mua đồng hồ casio tại hcm
kyra645
2015/6_Database Management_Final Project
2015/6_Database Management_Final Project
Sean Cherng
Ethics ch 3
Ethics ch 3
phebeshen
Thüringen
Thüringen
Floris Smit
reseume ccr
reseume ccr
Manoj Krishna
Project People Oil and Gas
Project People Oil and Gas
Paul Anderson FIRP
Rigorz GC
Rigorz GC
Emre Bektaş
A Bar to Drink, _VIVACITY 3
A Bar to Drink, _VIVACITY 3
Arun Khanna
Fast Methods In Hostel In Marrakech Explained
Fast Methods In Hostel In Marrakech Explained
rilufamarrakesh19
Microfranquia - EncontraBrasil
Microfranquia - EncontraBrasil
EncontraBrasil
Sarbatori traditionale
Sarbatori traditionale
GabrielGh1999
Bệnh viện thẩm mỹ viện JW toàn quốc
Bệnh viện thẩm mỹ viện JW toàn quốc
Su Su
EricNormanResume
EricNormanResume
Eric Norman
Personas ancianas reflexión sem 1y2
Personas ancianas reflexión sem 1y2
elviragarciafdz
skydrive_ppt_doc
skydrive_ppt_doc
JohnIKopu0303-174819 Doe
Viewers also liked
(18)
Auxilia pleasure yacht
Auxilia pleasure yacht
Omnes medium20
Omnes medium20
Visit norway
Visit norway
cần mua đồng hồ casio tại hcm
cần mua đồng hồ casio tại hcm
2015/6_Database Management_Final Project
2015/6_Database Management_Final Project
Ethics ch 3
Ethics ch 3
Thüringen
Thüringen
reseume ccr
reseume ccr
Project People Oil and Gas
Project People Oil and Gas
Rigorz GC
Rigorz GC
A Bar to Drink, _VIVACITY 3
A Bar to Drink, _VIVACITY 3
Fast Methods In Hostel In Marrakech Explained
Fast Methods In Hostel In Marrakech Explained
Microfranquia - EncontraBrasil
Microfranquia - EncontraBrasil
Sarbatori traditionale
Sarbatori traditionale
Bệnh viện thẩm mỹ viện JW toàn quốc
Bệnh viện thẩm mỹ viện JW toàn quốc
EricNormanResume
EricNormanResume
Personas ancianas reflexión sem 1y2
Personas ancianas reflexión sem 1y2
skydrive_ppt_doc
skydrive_ppt_doc
Similar to Slide share cloudx_counsel ppt
Cloud computing
Cloud computing
Hira Zahan
Cloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared Carstensen
jaredcarst
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
University of Technology, Sydney
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
James Wier
Enabling Cloud Computing
Enabling Cloud Computing
tntsa1972
Module-1 introductaion cloud computing.pdf
Module-1 introductaion cloud computing.pdf
Sitamarhi Institute of Technology
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
sarah david
Partly Sunny With a Chance of Rain: Forecasting the Legal Issues in Cloud Com...
Partly Sunny With a Chance of Rain: Forecasting the Legal Issues in Cloud Com...
Tom Kulik
Cloud security and services
Cloud security and services
Jas Preet
Read the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docx
makdul
Cloud computing
Cloud computing
Kshitij Mittal
htcia-5-2015
htcia-5-2015
Tony Godfrey
Cloud computing and its security issues
Cloud computing and its security issues
Jyoti Srivastava
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Tudor Damian
Chapter 1.pdf
Chapter 1.pdf
khan593595
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
lisaabe
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
Kim Cook
Bni cloud presentation
Bni cloud presentation
richszy
Whitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
CloudSmartz
Security of the Cloud
Security of the Cloud
Epoch Universal, Inc.
Similar to Slide share cloudx_counsel ppt
(20)
Cloud computing
Cloud computing
Cloud computing - Assessing the Security Risks - Jared Carstensen
Cloud computing - Assessing the Security Risks - Jared Carstensen
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
UTSpeaks: Clearing up the Cloud - How should we navigate the pitfalls of IT’s...
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
Enabling Cloud Computing
Enabling Cloud Computing
Module-1 introductaion cloud computing.pdf
Module-1 introductaion cloud computing.pdf
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
Partly Sunny With a Chance of Rain: Forecasting the Legal Issues in Cloud Com...
Partly Sunny With a Chance of Rain: Forecasting the Legal Issues in Cloud Com...
Cloud security and services
Cloud security and services
Read the Discussions below and give a good replyDiscussion 1..docx
Read the Discussions below and give a good replyDiscussion 1..docx
Cloud computing
Cloud computing
htcia-5-2015
htcia-5-2015
Cloud computing and its security issues
Cloud computing and its security issues
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Digital Transformation in the Cloud: What They Don’t Always Tell You [2020]
Chapter 1.pdf
Chapter 1.pdf
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
Cloud Computing presentation by Lisa Abe at the Canadian IT Lawyers Associat...
eBook: 5 Steps to Secure Cloud Data Governance
eBook: 5 Steps to Secure Cloud Data Governance
Bni cloud presentation
Bni cloud presentation
Whitepaper: Security of the Cloud
Whitepaper: Security of the Cloud
Security of the Cloud
Security of the Cloud
Recently uploaded
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
Fs Las
Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126
Oishi8
How You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad Visa
BridgeWest.eu
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
o8wvnojp
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
SD DS
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
nibresliezel23
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
Fs Las
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
srikarna235
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
Abhishekchatterjee248859
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
srikarna235
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
Fir L
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
Fir sss
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
Fir L
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
SS A
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
Fs Las
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
st Las
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
SD DS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
Dr. Oliver Massmann
Recently uploaded
(20)
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Greater Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
Russian Call Girls Service Gomti Nagar \ 9548273370 Indian Call Girls Service...
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
如何办理(USF文凭证书)美国旧金山大学毕业证学位证书
Indemnity Guarantee Section 124 125 and 126
Indemnity Guarantee Section 124 125 and 126
How You Can Get a Turkish Digital Nomad Visa
How You Can Get a Turkish Digital Nomad Visa
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
国外大学毕业证《奥克兰大学毕业证办理成绩单GPA修改》
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
如何办理(uOttawa毕业证书)渥太华大学毕业证学位证书
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
QUASI-JUDICIAL-FUNCTION AND QUASI JUDICIAL AGENCY.pptx
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
如何办理(SFSta文凭证书)美国旧金山州立大学毕业证学位证书
Test Identification Parade & Dying Declaration.pptx
Test Identification Parade & Dying Declaration.pptx
POLICE ACT, 1861 the details about police system.pptx
POLICE ACT, 1861 the details about police system.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
Constitutional Values & Fundamental Principles of the ConstitutionPPT.pptx
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理普利茅斯大学毕业证(本硕)Plymouth学位证书
如何办理佛蒙特大学毕业证学位证书
如何办理佛蒙特大学毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
如何办理澳洲南澳大学(UniSA)毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
一比一原版旧金山州立大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
如何办理(Lincoln文凭证书)林肯大学毕业证学位证书
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
定制(BU文凭证书)美国波士顿大学毕业证成绩单原版一比一
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
如何办理(UNK毕业证书)内布拉斯加大学卡尼尔分校毕业证学位证书
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
VIETNAM – LATEST GUIDE TO CONTRACT MANUFACTURING AND TOLLING AGREEMENTS
Slide share cloudx_counsel ppt
1.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited 1
2.
It would not
be a CLE presentation without the requisite DISCLAIMER: - Nothing in this presentation shall be construed as legal advice. - The information and opinions expressed in this presentation are solely my own and not those of The Knowledge Group or the other speakers. - Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 2
3.
Director, Senior Legal
Counsel, IT Offerings, Avanade Inc. Special Legal Counsel, Adobe Systems, Inc. (NASDAQ: ADBE) Director of Legal Affairs, Amdocs, Ltd. (NYSE: DOX) General Counsel, DTI, Inc.(formerly Electronic Evidence Discovery) General Counsel, Over-The-Air Wireless, Inc. General Counsel, DocuTouch, Inc. (now DocuSign) Special Counsel, ClassMates.com and Vulcan (a Paul Allen company) Co-inventor U.S. Patent: “System, Method for Managing Transferable Records” Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 3
4.
Goal of Presentation Understand
that success for online services whether already operating within, or moving to the Cloud will require a different skill set and understanding. In the Cloud DATA may very well be Intellectual Property Three (3) Components of Review Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 4
5.
Component No.1 Know Your
Data: Elements (and the CLOUD) Operating in the “Cloud” has tremendous benefits, but the benefits are at the expense (loss) of data sovereignty (control). Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 5
6.
Data: Two (2)
Perspectives… 1. Data Elements: What makes up Data? • Beyond the Bits & Bytes and Ones and Zeros • Personal information (name, address, DMV, SSN) • Private or Confidential information (identified by your company or industry) • Regulated information (healthcare or financial) • Unique information (passwords, identifiers) • Data protected as intellectual property 2. Data Handling: What happens to Data? • Beginning Point (upload/input): Who, Where, How, Why • Stored: for how long; in what condition; location? • Access, who and for what purpose (add-value, aggregate, anonymize, license, analytics) • Sold, licensed, shared, transferred, transmitted • Service Level (maintenance and support) Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 6
7.
the “CLOUD” “a
visible mass of condensed water vapor floating in the atmosphere, typically high above the ground.” “a state or cause of gloom, suspicion, trouble, or worry.” “a general term for the delivery of hosted services over the Internet requiring hardware and software services and resources from a provider on the Internet (the "cloud"). Cloud computing comprises "software as a service" (SaaS), "infrastructure as a service" (IaaS) and "platform as a service" (PaaS).” Cloud: 3 Distinguishing Features: 1. (Scalability) Cloud computing servers can be quickly configured to process more data or to handle larger, workloads; 2. (Speed) Cloud providers are connected to the Internet via multiple Tier 1 backbones for fast response times and fault tolerance; and 3. (Self Service) The customer (end user or IT professional) can sign up online, activate and use applications and services from start to finish without phoning a provider to set up an account. Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 7
8.
EXAMPLE: Contextual Data
Analytics Context as a Service (CaaS) is a concept where several external data inputs (location, temperature, brightness, motion) and internal (calendar, email) from a user’s mobile device are collected and analyzed to provide a richer understanding for mobile marketing purposes. User w/iPhone at the beach every day between 2-3PM. CaaS enables the collection/analysis of data elements including: location, time, temperature, sound, motion (lack of) which provides a marketing opportunity for swim wear, sun tan lotion … The collected data points individually do not raise a concern, but as a contextual analysis is completed, is there a privacy issue? Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 8
9.
Component No.2 Data Mapping:
Transmission and Handling Operating in the “Cloud” has tremendous benefits, but the benefits are at the expense (loss) of data sovereignty (control). Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 9
10.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 10 Data Mapping – A Best Practice “Computer Science” Data Type: Identifying data is a computer science concept which classifies data as various types; real, integer or Boolean determining the possible values and the operations which can be done given that data type. Data Mapping: Is a computing management concept typically used to map two distinct data models. Data mapping is used as a first step for a wide variety of data integration tasks including: Data transformation or data mediation between a data source and a destination, or moving data between 2 data bases. ____________________________________________________________________________________________________________________________________________________________________________________________________________________________ “LEGAL” Data Type: Identifying those elements which make up the subject matter data; data owner, input, subject matter, security and privacy obligations, storage, access and transmission. Example: consumer data which is also PHI regulated by HIPAA. Data Mapping: The process of following the data trail from beginning to end. How does it get into the system, does something happen to it, (aggregated, anonymized, encrypted), where can it be accessed and by whom (licensing), where is it stored and managed.
11.
Platforms and Infrastructure: Copyright
© 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 11 Oh … those acronyms: SaaS / IaaS / PaaS … SaaS Software as a Service delivers the entire application to end user, relieving organization of hardware and software maintenance. Examples: Web-based e-mail, Google Apps and Salesforce.com. IaaS Infrastructure as a service (IaaS) provides the servers and operating systems. PaaS Platform as a Service adds [to IaaS] databases, runtime engines and necessary software for customer to deploy its application MBaaS Mobile Backend as a Service provides web and mobile app developers backend cloud storage and software/APIs. XaaS Anything [Everything] as a Service. Term for any on demand service and applications AaaS Attorney as a Service OnPrem. Private (corporate) infrastructure Public Cloud A form of cloud computing where company relies on a third-party cloud service provider for services such as servers, data storage and applications, delivered to the company through the Internet. Private Cloud Cloud computing platform is implemented within the corporate firewall, under the control of IT department. Hybrid Cloud Mix of private and public clouds - critical data resides in corp. private cloud other data is stored in and accessible from public cloud. Goal: Deliver advantages of scalability, reliability, rapid deployment with the security, increased control and management of private clouds.
12.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 12 Examples: Data Type and Description TYPE ID type of Data: Corporate, operational, customer, third-party, children, enterprise, consumer, healthcare, financial, PHI/PII, subject matter (legal, sales, HR), meta-data, regulated (EU) data. OWNER ID owner of Data: Who owns, who has the rights (access, use) , locate all points data is introduced into Platform or used by Software. At each point ask, whose data is it? What kind of data is it? CONTROLLER ID controller of Data: The individual, company or government in control and responsible the data. PROCESSOR ID processor of Data: The person or company who processes/transmits data on behalf of the Controller. DATA ACCESS ID all parties with access to data: What is being done to the data (uploaded, deleted, transmitted, viewed, processed or stored) and by whom (Customers, end-users, third-party vendors, licensees, operational resources)? VERACITY Data Subjects must be given access to information, and the ability to correct or delete such information if it is inaccurate. LICENSE Identify the license (use) rights and restrictions at all points in data's lifecycle; allow mapping and tie-back license rights to a commercial terms/paper. Vendors and third-party providers adding value and functionality to underlying Service may go unidentified resulting in liability (HIPAA/BAA regulations).
13.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 13 Data Path: Transmission; Storage and Use Entry: upload How is data introduced into the system/service? (company, user, other); describe how it is uploaded (constraints)? Transmission: Access; Onward Transfer ID and describe transmission path of data and the protections/security efforts applied to data at all points of transit. ID all access points, and those with rights to access. Private data transferred to third-parties, only if the third-party follows adequate data protection principles. Security & Management ID security standards and how managed: Encryption process / where it occurs - Encryption (depending on type) is the ‘standard’ for protecting data Delete; Retention Define delete? Define Retention. If data is deleted what is schedule? Is it part of a Data Destruction (Disaster Recovery) Policy? What types of data are deleted (corporation vs., customer data)? Notice Data Subjects must be given notice to opt-out of the collection and forward transfer of data to a third-party. Data Security Data Controllers and Processors must make reasonable efforts to prevent loss or unauthorized use or access of private data. Data Integrity Data must be relevant and reliable for the purpose collected, which must be clear to the data Subject and must not change without notice.
14.
Component No.3 The LAW
in the CLOUD Now with an understanding of the data elements and the path which data takes through the Cloud; we can apply the law. Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 14
15.
Data in the
Cloud: A Compliance Challenge • Data resides and is handled using 3rd party equipment, infrastructure and resources. This means that others may be adding value to the services you are contracting for – Do you know who has access and under what terms? Does this access result in a compliance violation (HIPAA)? • Data is used in a multi-tenant manner (by more than a single user). This means the services may not be tailored to satisfy a regulatory standard that is unique to a service. • Data is borderless, nationless and user agnostic and at times separately regulated. If electronic signatures are invalid in a country there is no technology restriction, to prohibit electronic signatures. • Data may be subject to changing terms and conditions concerning support, maintenance and protection. Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 15
16.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 16 When ‘thinking’ about the law and your Cloud services do so under the three (3) concepts: (1) First Concept: Know your data (2) Second Concept: What happens to your data (transmission, access, etc.) (3) Third Concept: Relevant laws, policies and regulations determined by knowing (1) and (2) Individual Who is the user/consumer? Corporate/enterprise, consumer, regulated business. Contract Are there contract terms with users, and third party vendors? ID terms and conditions between company offering the services and those adding value or using the services (customers, enterprise users (SaaS or Master Services agreement); are there terms of use and privacy terms which create legal obligations? Industry / Technology Are you operating or offering a service in a regulatory industry? Healthcare, and finance are heavily regulated industries (HIPAA and GLBA). Are you using electronic or digital signatures (ESIGN)? State What state laws and regulations impact the services? Example: Data privacy breach notices statutes vary between states. State AG (and class action attorneys) frequently target companies violating laws which may not be widely known. See Auto Renewal Statue example. Federal Federal laws may overlap with both industry and state laws (HIPAA/GLBA/ESIGN) Global See EU Directive: US-Safe Harbor Example.
17.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 17 EXAMPLE: No.1 SAFE HARBOR What happened? The Court of Justice of the European Union issued a ruling effectively invalidating the Safe Harbor option, (in place since 2000), as an option to transfer personal data outside the European Economic Area. What’s the impact? Safe Harbor, the most used of the options, approved as ensuring an “adequate” level of data protection has directly enabled the proliferation of technology and data services enhancing our professional and personal lives. With the ruling, companies must now figure out a way to proceed in order to avoid destroying businesses and/or being fined. The Binding Corporate Rules (“BCR”); Standard Contractual Clauses (“SCC”); Data Subject Consent options are still available. Now what? You must know your DATA and WHAT HAPPENS TO IT! Companies must fully understand their cross-border data flows (data mapping) identifying data; type, character, license, owner, status as well as how is it collected, used, transmitted, processed, accessed stored and secured. Understanding your data and its flow will enable an appropriate response as the regulatory (privacy) landscape continues to change and take shape while allowing businesses to consider alternative data transfer methods during this uncertain time-period.
18.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 18 EXAMPLE: No.2 AUTO RENEWAL Class Action Notice: Your online service client just got hit with a ‘notice’ for settlement or class action. California Auto-Renewal Law (“CARL”) Section 17602 protects CA consumers from companies targeting them through online transactions. CARL has been a focus of litigation, triggering class action cases (against large well known companies) offering automatically renewing subscription services. Damages: Restitution = 100 percent of gross revenues received pursuant to a non-compliant automatic renewal term, whether or not the consumer actually wanted and used the service, even if the consumer was not actually deceived and otherwise lacks damages. The concept of the subscriptions considered a “gift” has also been offered. Compliance (CARL): • Clear and Conspicuous Terms and Presentation (continue/term, how to cancel, font proximity) • Consent (affirmative consent prior to charge) and Acknowledgement of Receipt (in form to be retained) • Contact Information for consumer to contact and Notice of Changes, must be conveyed Take Away: Operating in the Cloud subjects the business/service to laws, regulations and policies that are state specific, industry specific and globally relevant. Be aware, even the smallest concepts (auto-renewal) can trip up an online service!
19.
Copyright © 2015CloudXCounsel
pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 19 DATA PRIVACY DATA SECURITY Data privacy is defined as the appropriate use of data. When companies and merchants use data or information provided or entrusted to them, the data should be used according to the agreed purposes. The Federal Trade Commission enforces penalties against companies that have failed to ensure customer privacy. Data security is commonly explained as the Confidentiality, Availability, and Integrity of data. All of the practices and processes in place to ensure data isn't being used or accessed by unauthorized individuals or parties. Data security ensures data is accurate, reliable and available when those authorized need it. The Relationship Between Data Security and Data Privacy. Data security ensures data privacy. You protect data (privacy) through strong data security measures put in place and documented in a Data Security Policy. To accomplish securing data, and ensuring privacy you must (1) know your data; (2) know how it is being used, accessed, stored, transmitted; and (3) the laws and regulations that impact you data.
20.
Y2K REVISITED Liability Up
The Chain = Checking All The Boxes Remember when the Y2K bug scared and clouded the judgments of so many businesses, causing them to seek out all sorts of offered solutions, allowing ‘vendors’ claiming to have a magic bullet to make all sorts of money, betting on the fact there would be no impact? FAST FORWARD 25 years later … business are scared about data breaches. With executives facing potential liability they are reacting with instructions check all the boxes; ISO, PCI, Pen Tests, Bounties, etc. The unintended result is high expense, resource drain, conflicting compliance actions, risk of failed vendor work and unnecessary complexities in trying to manage the various compliance policies. Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 20
21.
Mark G. Sanders 809
Olive Way, 1704 Seattle, WA 98101 (o) (206) 556-4310 / (m) (425) 422-9480 msanderslaw@cloudxcounsel.com www.cloudxcounsel.com http://www.linkedin.com/in/msanderslaw Copyright © 2015CloudXCounsel pllc. All Rights Reserved. Any commercial use or distribution without the express written consent of CloudXCounsel pllc is strictly prohibited. 21
Download now