6 ‘Golden Rules' When Reviewing Cloud Contracts

Author:Mr Philip Nolan, Mark Adair and Oisin Tobin
Profession:Mason Hayes & Curran

More and more businesses are relying on cloud computing - for their own use and to provide their services to end customers. However, cloud computing can be a complex and fast-moving technology, and gives rise to a number of legal issues that parties need to address. While most cloud customers will see data protection and security as an obvious priority, in this article we explore some of the other legal challenges businesses should consider when reviewing a cloud contract.

What is cloud computing?

In broad terms, cloud computing delivers technology as a service on demand, over the internet. In other words, a customer does not need to install stand-alone software or run its own applications and servers. The cloud supplier hosts applications and provides the computing power to many different customers from the supplier's data centres. This allows each customer to benefit from economies of scale and dramatically lowers the costs of obtaining a range of IT services.

Components of a cloud contract

Many cloud suppliers will include some or all of the following documents in their cloud computing contract bundle. These documents will need to be reviewed in conjunction with each other.

strong>Terms of Service: sets out the general legal terms and conditions that govern the use of the service and the relationship between the supplier and the customer. Also known as the 'Terms of Use'. It may incorporate other documents by reference. strong>Privacy Policy: An extremely important document that sets out the cloud supplier's approach to collecting, using and protecting personal information. strong>Acceptable Usage Policy (AUP): Often used by social networks and cloud storage providers to specify permitted and prohibited practices when using the cloud service (for example, prohibiting hate speech or forbidding use of the service to deliver spam). strong>Service Level Agreement (SLA): The SLA documents any target levels of service availability and other metrics, and possibly service level rebates, that the cloud supplier offers. 6 Golden Rules

When reviewing the various documents that make up a cloud contract a business should consider the impact of the following six 'golden rules' and seek legal advice if necessary:

Liability: When reviewing a cloud contract customers and their legal advisers should carefully consider the issue of liability. Cloud suppliers will often attempt to provide the services "as is" with no warranties regarding service...

To continue reading