This document summarizes a presentation about protecting businesses that use cloud computing. It discusses the three main types of cloud services, the benefits and risks of cloud computing, applicable laws and regulations, and key legal issues to consider in cloud computing contracts. The presentation was given by attorneys from the law firm Technology Law Group, which specializes in telecommunications and technology law. They advise understanding applicable laws to protect client interests and ensure balanced client-provider relationships when using cloud services.

1. Get Your Head IN the Cloud: Protect Your
Business in the Virtual World
May 5, 2015
Presentation By:
Matthew R. Friedman, Esq.
Neil S. Ende, Esq.

2. Presentation Overview
• Who is Technology Law Group (TLG)?
• Overview
– Types of Cloud Computing
– The Nature of Cloud Computing
– Applicable Law and Key Legal Issues
– Strategies for Maximizing Protection, Minimizing Risk
• Q&A

3. Who is TLG?
• Boutique telecommunications and
technology law firm
• Washington DC based, nationwide
practice
• Combined 100+ years of experience,
including Cloud services contract drafting
and review
Who is TLG?

4. OVERVIEW OF FEDERAL REGULATIONS
• 3 fundamental service models
– Software as a Service (“SaaS”)
• Ex: Google Drive
– Platform as a Service (“Paas”)
• Ex.: Google App Engine
– Infrastructure as a Service “(IaaS”)
Types of Cloud Computing

5. OVERVIEW OF FEDERAL REGULATIONS
• Provides both benefits and risks not
available through traditional model
–Benefits
• Lowers costs
• Improved accessibility to information
• Improved flexibility
• Reduces harm from single point failures
• Environmentally friendly
The Nature of Cloud
Computing

6. • Risks
– Relinquished autonomy over data
– Cyber Attacks and other Exploits
– Use of Click-Wrap/form agreements
• Drafted by cloud provider and often fail to
adequately protect Client interests
– Lack of standardization
– Lack of visibility/access
The Nature of Cloud
Computing, Cont.

7. • Agent understanding of the law is critical
component in:
– Protecting client interests; and
– Ensuring harmonious client/cloud provider
relationship
• Common Law
– Contract
– Tort
• Negligence
• Privacy torts
• Fraud
• Breach of confidence
Applicable Law

8. Applicable Law, Cont.
• Federal statutes and regulations
– Section 5 of the Federal Trade Act
– Family Educational Rights and Privacy Act
– USA PATRIOT Act
– Section 222 of the Communications Act of 1934
– Health Insurance Portability and Accountability Act
(“HIPAA”)
– Export control laws

9. Applicable Law, Cont.
• State statutes and regulations
– Consumer protection statutes
– State bar rules
• International law
– International Covenant on Civil and Political
Rights (“ICCPR”)
– EU Directive 95/46/EC

10. • Scope of the Agreement
• Liability & Remedies
– Allocation of Risk
– Termination & Suspension
• Data Ownership
• Choice of Law
• Access
• Privacy
• Security
Key Legal Issues

11. Strategies for
Maximizing Protection,
Minimizing Risk
• Consider applicable laws when negotiating
terms to ensure risk of liability and compliance
lie with the correct party
• Despite cloud provider claims to the contrary,
they negotiate contract terms
– Client signing one-sided agreement exposes them
to increased risk and relationship instability
– In turn, threatens likelihood of long-term
commission flows

12. • Laws at the state, federal and international and
state levels affect client rights
• Due diligence is key
– Don’t unnecessarily waive common law and
statutory rights
• Contracts are often silent on critical issues (or
worse, create adverse incentives for Cloud
providers)
Take-Aways

13. QUESTIONS?