SlideShare a Scribd company logo
Big Legal Issues Affecting
Cloud
23 March 2016
Dr Kuan Hon
@kuan∅ | k@kuan0.com
kuan.hon@pinsentmasons.com
Cloudscape 2016
@kuan∅
Canter through
Already law ! – contracts from 1 Oct 2015
The Insolvency ( Protection of Essential
Supplies ) Order 2015
Adoption expected 2016, effective in 2 yrs
Network & Information Systems Security
Directive ( NIS Directive )
General Data Protection Regulation ( GDPR )
@kuan∅
If cloud customer goes bust...
More info http://bit.ly/ITinsolvency
Cloud provider can’t use contractual right,
exerciseable upon administration or
“voluntary arrangement”, to -
Terminate contract - unless eg new charges
unpaid >= 28 days
Stop supply of service - unless notice to office-
holder to terminate without personal guarantee of
new charges, & none within 14 days
@kuan∅
More points
• Purpose – where rescue / restructuring, ie
breathing space only
• Liquidation, bankruptcy - can still exercise
contractual right to terminate
• Not just cloud services – supply of
o Data storage / processing ( which must
include cloud ! ), webhosting, computer
software / hardware, IT info / advice /
assistance...
@kuan∅
NIS Directive
All data, not just “personal data”
Security obligations + breach / incident notification
obligations + penalties for infringement – 2 classes
Operators of essential services
Banks, healthcare, transport, utilities, Internet
infrastructure ( IXPs, DNS service providers, top level
domain name registries )
Essential service relying on DSP, incident at provider
“Digital service providers” ( lighter obligations )
Incl. ALL cloud providers - IaaS, PaaS, and SaaS
( Also search engines, online marketplaces )
@kuan∅
NIS Directive implications
Cloud contracts ( operators using cloud for
“essential service” )
provider notification
Breach / incident notification to authorities
systems & processes
preparation / rehearsal – all stakeholders
Insurance ?
@kuan∅
GDPR
New processor ( cloud provider ) obligations
Security, breach notification to customers,
international transfers, records, DPO - 2% / €10m
New processor ( cloud provider ) liability for
compensation if “involved” in processing
Choice of who to sue – bigger pockets ?
Claim back against others at fault iff paid in full
New detailed, prescriptive requirements regarding
contract terms, incl. cloud contracts
Audit rights + regulators can demand info / audits
“Assist” cloud customer ( vs. commodity cloud )
@kuan∅
GDPR implications
Cloud and other processor contracts - change of
law / change control clause now !
Providers - allocate responsibilities & liabilities,
indemnities; costs / pricing
Both - new required terms - 2% / €10m
Cloud-appropriate standard contract terms ?
CIF, Eurocloud, CSA put forward for approval ?
Approved certifications, codes of conduct
Breach notification / preparation too !
Different authorities than under NIS Directive ?
Insurance ?
@kuan∅
Killing cloud quickly with DP ?
The GDPR's coming, soon to be law they say
Middle of 20-18 may be the fateful day !
What will this mean for clo-ud ?
Will cloud be here to sta-ay ?
Don't want to be pessimistic, not sure how we'll find a way
Killing cloud quickly with DP, killing cloud quickly, with DP,
tearing up SaaS, PaaS and I-aaS
Killing cloud quickly, with DP…?
Full article www.scl.org/site.aspx?i=ed46375
Photo of Roberta Flack by Roland Godefroy CC BY SA 2.5
@kuan∅
Thank you!
Dr Kuan Hon
Half lawyer | half geek | mostly harmless
Twitter: @kuan∅
Email: k @ my domain below; also
kuan.hon@pinsentmasons.com
www.kuan∅.com | blog.kuan∅.com

More Related Content

Viewers also liked

How effective is the combination of your main updated
How effective is the combination of your main updatedHow effective is the combination of your main updated
How effective is the combination of your main updated
Fergus Bell
 
Práctica iv núclidos
Práctica iv   núclidosPráctica iv   núclidos
Práctica iv núclidos
Giuliana Tinoco
 
Helping Employees Find a Work-Life Balance
Helping Employees Find a Work-Life BalanceHelping Employees Find a Work-Life Balance
Helping Employees Find a Work-Life Balance
G&A Partners
 
David costlow power point
David costlow power pointDavid costlow power point
David costlow power point
dc0615
 
Guía de distancia y desplazamiento
Guía de  distancia y desplazamientoGuía de  distancia y desplazamiento
Guía de distancia y desplazamiento
Giuliana Tinoco
 
Lista de-precios-compugreiff-enero-14-2014
Lista de-precios-compugreiff-enero-14-2014Lista de-precios-compugreiff-enero-14-2014
Lista de-precios-compugreiff-enero-14-2014
xxxxx
 
Profile
ProfileProfile
Profile
Confidential
 
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes SocialesUn mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
Víctor Martínez
 
Aborten
AbortenAborten
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
Erica Campbell Byrum
 
Joseph Moore Dissertation
Joseph Moore DissertationJoseph Moore Dissertation
Joseph Moore Dissertation
Joseph Moore
 
Barna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
Barna encendida - Evento de Marketing Digital de SiteGround - Joan BoludaBarna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
Barna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
SiteGround España
 
Метод дискретных особенностей и компьютерный инструментарий для моделировани...
Метод дискретных особенностей и компьютерный  инструментарий для моделировани...Метод дискретных особенностей и компьютерный  инструментарий для моделировани...
Метод дискретных особенностей и компьютерный инструментарий для моделировани...
Andrii Gakhov
 

Viewers also liked (13)

How effective is the combination of your main updated
How effective is the combination of your main updatedHow effective is the combination of your main updated
How effective is the combination of your main updated
 
Práctica iv núclidos
Práctica iv   núclidosPráctica iv   núclidos
Práctica iv núclidos
 
Helping Employees Find a Work-Life Balance
Helping Employees Find a Work-Life BalanceHelping Employees Find a Work-Life Balance
Helping Employees Find a Work-Life Balance
 
David costlow power point
David costlow power pointDavid costlow power point
David costlow power point
 
Guía de distancia y desplazamiento
Guía de  distancia y desplazamientoGuía de  distancia y desplazamiento
Guía de distancia y desplazamiento
 
Lista de-precios-compugreiff-enero-14-2014
Lista de-precios-compugreiff-enero-14-2014Lista de-precios-compugreiff-enero-14-2014
Lista de-precios-compugreiff-enero-14-2014
 
Profile
ProfileProfile
Profile
 
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes SocialesUn mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
Un mundo 2.0: Charlas para padres y madres sobre Internet y Redes Sociales
 
Aborten
AbortenAborten
Aborten
 
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
Leveraging Social Media Marketing: Lincoln Property Company Annual Marketing ...
 
Joseph Moore Dissertation
Joseph Moore DissertationJoseph Moore Dissertation
Joseph Moore Dissertation
 
Barna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
Barna encendida - Evento de Marketing Digital de SiteGround - Joan BoludaBarna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
Barna encendida - Evento de Marketing Digital de SiteGround - Joan Boluda
 
Метод дискретных особенностей и компьютерный инструментарий для моделировани...
Метод дискретных особенностей и компьютерный  инструментарий для моделировани...Метод дискретных особенностей и компьютерный  инструментарий для моделировани...
Метод дискретных особенностей и компьютерный инструментарий для моделировани...
 

Similar to Kuan Hon - Big Legal Issues Affecting Cloud

How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
IBM Security
 
Privacy and the GDPR: How Cloud computing could be your failing
Privacy and the GDPR: How Cloud computing could be your failingPrivacy and the GDPR: How Cloud computing could be your failing
Privacy and the GDPR: How Cloud computing could be your failing
IT Governance Ltd
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
Jason Lackey
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law Firms
CloudMask inc.
 
The cloud: financial, legal and technical
The cloud: financial, legal and technicalThe cloud: financial, legal and technical
The cloud: financial, legal and technical
Morgan Hill Consultants Ltd
 
FG2.pptx
FG2.pptxFG2.pptx
Clouds and Chains
Clouds and ChainsClouds and Chains
Clouds and Chains
Tim Swanson
 
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
Global Business Events
 
Policies & Laws in IT industry
Policies & Laws in IT industryPolicies & Laws in IT industry
Policies & Laws in IT industry
Rohana K Amarakoon
 
Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013
IgorMate
 
IntellectEU - InsurTech Innovation Award 2022
IntellectEU - InsurTech Innovation Award 2022IntellectEU - InsurTech Innovation Award 2022
IntellectEU - InsurTech Innovation Award 2022
The Digital Insurer
 
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009 Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
EuroCloud
 
Impact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economiesImpact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economies
EquiGov Institute
 
Contracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy BortzContracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy Bortz
itnewsafrica
 
Cloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesCloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issues
Lilian Edwards
 
DevOps vs GDPR: How to Comply and Stay Agile
DevOps vs GDPR: How to Comply and Stay AgileDevOps vs GDPR: How to Comply and Stay Agile
DevOps vs GDPR: How to Comply and Stay Agile
Ben Saunders
 
What is GDPR?
What is GDPR?What is GDPR?
What is GDPR?
Faidepro
 
Vertragswechselservice GmbH - InsurTech Innovation Award 2022
Vertragswechselservice GmbH - InsurTech Innovation Award 2022Vertragswechselservice GmbH - InsurTech Innovation Award 2022
Vertragswechselservice GmbH - InsurTech Innovation Award 2022
The Digital Insurer
 
Cloud Computing & IT in the Boardroom
Cloud Computing & IT in the BoardroomCloud Computing & IT in the Boardroom
Cloud Computing & IT in the Boardroom
Brendon Noney
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issues
ISPABelgium
 

Similar to Kuan Hon - Big Legal Issues Affecting Cloud (20)

How IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity LegislationHow IBM Supports Clients around GDPR and Cybersecurity Legislation
How IBM Supports Clients around GDPR and Cybersecurity Legislation
 
Privacy and the GDPR: How Cloud computing could be your failing
Privacy and the GDPR: How Cloud computing could be your failingPrivacy and the GDPR: How Cloud computing could be your failing
Privacy and the GDPR: How Cloud computing could be your failing
 
GDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can HelpGDPR and NIS Compliance - How HyTrust Can Help
GDPR and NIS Compliance - How HyTrust Can Help
 
Securing data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law FirmsSecuring data in the cloud: A challenge for UK Law Firms
Securing data in the cloud: A challenge for UK Law Firms
 
The cloud: financial, legal and technical
The cloud: financial, legal and technicalThe cloud: financial, legal and technical
The cloud: financial, legal and technical
 
FG2.pptx
FG2.pptxFG2.pptx
FG2.pptx
 
Clouds and Chains
Clouds and ChainsClouds and Chains
Clouds and Chains
 
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
Sam De Silva, Partner - Head of IT and Outsourcing Group at Penningtons Manch...
 
Policies & Laws in IT industry
Policies & Laws in IT industryPolicies & Laws in IT industry
Policies & Laws in IT industry
 
Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013Cloud computing in Hungarian financial industry 2013
Cloud computing in Hungarian financial industry 2013
 
IntellectEU - InsurTech Innovation Award 2022
IntellectEU - InsurTech Innovation Award 2022IntellectEU - InsurTech Innovation Award 2022
IntellectEU - InsurTech Innovation Award 2022
 
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009 Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
Carla Pinheiro Presentation / CloudViews.Org - Cloud Computing Conference 2009
 
Impact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economiesImpact of GDPR on the pre dominant business model for digital economies
Impact of GDPR on the pre dominant business model for digital economies
 
Contracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy BortzContracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy Bortz
 
Cloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issuesCloud computing : legal , privacy and contract issues
Cloud computing : legal , privacy and contract issues
 
DevOps vs GDPR: How to Comply and Stay Agile
DevOps vs GDPR: How to Comply and Stay AgileDevOps vs GDPR: How to Comply and Stay Agile
DevOps vs GDPR: How to Comply and Stay Agile
 
What is GDPR?
What is GDPR?What is GDPR?
What is GDPR?
 
Vertragswechselservice GmbH - InsurTech Innovation Award 2022
Vertragswechselservice GmbH - InsurTech Innovation Award 2022Vertragswechselservice GmbH - InsurTech Innovation Award 2022
Vertragswechselservice GmbH - InsurTech Innovation Award 2022
 
Cloud Computing & IT in the Boardroom
Cloud Computing & IT in the BoardroomCloud Computing & IT in the Boardroom
Cloud Computing & IT in the Boardroom
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issues
 

Recently uploaded

Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Safe Software
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
Techgropse Pvt.Ltd.
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
panagenda
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
Daiki Mogmet Ito
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
kumardaparthi1024
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
Zilliz
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
David Brossard
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
FODUU
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
Alpen-Adria-Universität
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
tolgahangng
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 

Recently uploaded (20)

Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Driving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success StoryDriving Business Innovation: Latest Generative AI Advancements & Success Story
Driving Business Innovation: Latest Generative AI Advancements & Success Story
 
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdfAI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
AI-Powered Food Delivery Transforming App Development in Saudi Arabia.pdf
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
HCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAUHCL Notes and Domino License Cost Reduction in the World of DLAU
HCL Notes and Domino License Cost Reduction in the World of DLAU
 
How to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For FlutterHow to use Firebase Data Connect For Flutter
How to use Firebase Data Connect For Flutter
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
GenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizationsGenAI Pilot Implementation in the organizations
GenAI Pilot Implementation in the organizations
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Generating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and MilvusGenerating privacy-protected synthetic data using Secludy and Milvus
Generating privacy-protected synthetic data using Secludy and Milvus
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
OpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - AuthorizationOpenID AuthZEN Interop Read Out - Authorization
OpenID AuthZEN Interop Read Out - Authorization
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Things to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUUThings to Consider When Choosing a Website Developer for your Website | FODUU
Things to Consider When Choosing a Website Developer for your Website | FODUU
 
Video Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the FutureVideo Streaming: Then, Now, and in the Future
Video Streaming: Then, Now, and in the Future
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 
Serial Arm Control in Real Time Presentation
Serial Arm Control in Real Time PresentationSerial Arm Control in Real Time Presentation
Serial Arm Control in Real Time Presentation
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 

Kuan Hon - Big Legal Issues Affecting Cloud

  • 1. Big Legal Issues Affecting Cloud 23 March 2016 Dr Kuan Hon @kuan∅ | k@kuan0.com kuan.hon@pinsentmasons.com Cloudscape 2016
  • 2. @kuan∅ Canter through Already law ! – contracts from 1 Oct 2015 The Insolvency ( Protection of Essential Supplies ) Order 2015 Adoption expected 2016, effective in 2 yrs Network & Information Systems Security Directive ( NIS Directive ) General Data Protection Regulation ( GDPR )
  • 3. @kuan∅ If cloud customer goes bust... More info http://bit.ly/ITinsolvency Cloud provider can’t use contractual right, exerciseable upon administration or “voluntary arrangement”, to - Terminate contract - unless eg new charges unpaid >= 28 days Stop supply of service - unless notice to office- holder to terminate without personal guarantee of new charges, & none within 14 days
  • 4. @kuan∅ More points • Purpose – where rescue / restructuring, ie breathing space only • Liquidation, bankruptcy - can still exercise contractual right to terminate • Not just cloud services – supply of o Data storage / processing ( which must include cloud ! ), webhosting, computer software / hardware, IT info / advice / assistance...
  • 5. @kuan∅ NIS Directive All data, not just “personal data” Security obligations + breach / incident notification obligations + penalties for infringement – 2 classes Operators of essential services Banks, healthcare, transport, utilities, Internet infrastructure ( IXPs, DNS service providers, top level domain name registries ) Essential service relying on DSP, incident at provider “Digital service providers” ( lighter obligations ) Incl. ALL cloud providers - IaaS, PaaS, and SaaS ( Also search engines, online marketplaces )
  • 6. @kuan∅ NIS Directive implications Cloud contracts ( operators using cloud for “essential service” ) provider notification Breach / incident notification to authorities systems & processes preparation / rehearsal – all stakeholders Insurance ?
  • 7. @kuan∅ GDPR New processor ( cloud provider ) obligations Security, breach notification to customers, international transfers, records, DPO - 2% / €10m New processor ( cloud provider ) liability for compensation if “involved” in processing Choice of who to sue – bigger pockets ? Claim back against others at fault iff paid in full New detailed, prescriptive requirements regarding contract terms, incl. cloud contracts Audit rights + regulators can demand info / audits “Assist” cloud customer ( vs. commodity cloud )
  • 8. @kuan∅ GDPR implications Cloud and other processor contracts - change of law / change control clause now ! Providers - allocate responsibilities & liabilities, indemnities; costs / pricing Both - new required terms - 2% / €10m Cloud-appropriate standard contract terms ? CIF, Eurocloud, CSA put forward for approval ? Approved certifications, codes of conduct Breach notification / preparation too ! Different authorities than under NIS Directive ? Insurance ?
  • 9. @kuan∅ Killing cloud quickly with DP ? The GDPR's coming, soon to be law they say Middle of 20-18 may be the fateful day ! What will this mean for clo-ud ? Will cloud be here to sta-ay ? Don't want to be pessimistic, not sure how we'll find a way Killing cloud quickly with DP, killing cloud quickly, with DP, tearing up SaaS, PaaS and I-aaS Killing cloud quickly, with DP…? Full article www.scl.org/site.aspx?i=ed46375 Photo of Roberta Flack by Roland Godefroy CC BY SA 2.5
  • 10. @kuan∅ Thank you! Dr Kuan Hon Half lawyer | half geek | mostly harmless Twitter: @kuan∅ Email: k @ my domain below; also kuan.hon@pinsentmasons.com www.kuan∅.com | blog.kuan∅.com