Τρίτη, 29 Σεπτεμβρίου 2009
Legal Issues of Cloud Computing
In our days, many companies and corporations use the services of providers known as "Cloud Computing". In this way, they minimize expenses for hardware and software. however, this might result into certain legal problems concering mainly data protection, data security and more specific issues, such as tax law issues. Thus, users of cloud computing have to take into consideration this problematic before making any decision as to which services they will use.
According to Wikipedia, cloud computing is a paradigm of computing in which dynamically scalable and often virtualized resources are provided as a service over the Internet. It essentially refers to specilised services, provided over the Internet and making available computer and network infrastructure, software and platform. For example, a company can maintain its own e-mail account system, but will be handled by a (cloud computing) provider, so that the company will not have to maintain its own server for this purpose.
This model of services offers evidently financial advantages to users, however, it also has some negative features. In particular, it noted that it may limit the freedom of users to choose applications. Certainly, users are free to choose whether they will make use of cloud computing or not. Further, it is pointed out by Richard Stallman, founder of the Free Software Foundation, that cloud computing endangers liberties because users sacrifice their privacy and personal data to a third party. He states that cloud computing is "simply a trap aimed at forcing more people to buy into locked, proprietary systems that would cost them more and more over time.
Besides that, as it happens with many network services, even if data are securely stored in a cloud, many factors can temporarily disrupt access to the data, such as network outages, denial of service attacks against the service provider, and a major failure of the service provider infrastructure.
The most critical issue, however, is protection of personal data. Since personal data provided by users are being processed by cloud computing providers it has to be determined whether the requirements of applicable national data protection law are satisfied. This would not be the case if such data are being transfered to a third country, outside the EU, which does not provide an adequate level of protection. The Berliner Datenschutzbeauftragte Alexander Dix states in his annual report
that the transfer of data in countries such the USA, China or Japan would not be allowed ("Die datenschutzrechtlich für die Datenverarbeitung verantwortlichen, z. B. deutschen Kundinnen und Kunden, müssen sich davon überzeugen, dass die Datenverarbeitung nicht in einem Drittland ohne angemessenes Datenschutzniveau, z. B. in den USA, China oder Japan, stattfindet".)
Same problems are caused when data are being transfer with regard to tax law, since national tax law require that financial data are directly accessible.
See also: Fallstricke in der "Cloud"