Cloud Computing Agreements

Published by Tejashree Upadhye on

Loading

Introduction:

The era of the 21st century is known as the digital era or the world of cyberspace. Due to ravenous innovation and progress on the internet as well as the technological world, most of the activities have digitalised including service providing and working of the business. Now a day’s virtualisation and digitalisation of business and service providers have been increased as it is easier quick to use. Cloud computing is one of the progressive movements given to this internet generation. In this article, we will discuss the topic of cloud computing agreement from a legal perspective.

What is Cloud Computing?

In layman’s language cloud computing is the delivery of data service using means of the internet. In short cloud computing in sort of service provider; but this is not a whole explanation and doesn’t justify the concept of cloud computing. In a wider sense cloud computing is the use of computing appliances which are data software computation which is delivered to the remote user using internet access. The symbol of this activity is cloud-shaped hence the name is derived from the symbol cloud computing. The use of cloud computing has become popular in a very short period. Various business is using it for an effective cost quotation. It is practically everywhere available as well as accessible. The integrated IT sector of cloud computing removes geographical limitations and easier workflow in any remote area. Hence this mechanism is widely used. Many national and international companies now provide purely internet-based services through cloud computing. Cost-saving, security, increase in speed, productivity and efficiency are the best points to support cloud computing over the traditional system.

Cloud Computing Agreements

The service of cloud computing agreements (CCA)is generally used by large companies like Google Amazon, Microsoft etc. These are one of the largest service providers of cloud computing. These cloud service providers help in doing effective business; hence it is necessary to own or run business to enter into a contractual agreement. Some service providers are generally premade by some service providers. For e.g., Amazon Web Services Customer Agreements. Either these are readily available or custom made as per customer demands tailor-made. In the case of custom-made agreements, a customer who is going to provide service at a large scale can demand and notify their issues and negotiate with the service provider. In India Information Technology Act of 2000 helps to legalise the cloud computing Agreements. Both service providers and customer has to follow the premade decisions as they both are signatory to the contract.

Essentials of Cloud Computing Agreements

Cloud computing agreements are similar to the traditional agreements but include some extra points to ensure security and preferences of customer who is investing their business in providing services. As the cloud computing name suggests its working is in the virtual world and is closely depending upon internet data it is highly risky in case of malfunction. In the world of cybercrime, data information is the biggest treasure in criminals’ hands. Therefore, it is necessary to make agreement watertight without any loopholes which can stagger the smooth-running business. There is a checklist which ensures that cloud computing agreements are beneficial to the customer.

The first part of the agreement is the general aspect which includes the title of agreement, address of the registered office, company identification number, signatory parties and their authorities, the preamble of agreement, signature and date of the agreement, in short, it includes all technical and legal aspects of the agreement which are followed in regular agreements also. In the second part of the agreement exactly how the cloud computing service is going to work in correlation with business is mentioned. Following are the aspects of cloud computing agreements[1] which distinguish them from the traditional method of agreement

  1. Security of Data and its confidentiality
  2. Liability of CSP [2]
  3. Time to time modification in service or change in service
  4. Termination of service
  5. Data transfer
  6. Fee model and payment for services
  7. General warranties by the service provider
  8. Dispute resolution service
  9. Jurisdiction and applicable laws

These are most frequently sought and followed pattern to draw effective cloud computing agreement. Data security is the most important factor of cloud computing services. The standard of security is to be checked before entering into the contract. Another subpart is data confidentiality; it is divided into two parts: 1)data need to know 2) data need to use both the data are to be provided with clients free consent. Data of business should be protected at any cost on every level hence the security and confidentiality is to be strictly followed. The second aspect is the liability of CSP. Generally, CSP refuses to take any liability to malfunctions in process. Hence, it is necessary to form agreement in such a way that CSP is liable for partial or complete loss depending on the situation. The third aspect is the change in service. Taking into consideration the benefit of business there is a clause in an agreement which provides a quick change in service provider without any unilateral notice period. It also gives time to service provider to modify their service according to customers requirement. Fee Model and Payment of services use pattern of pay as per use but is essential to draw payment structure in agreement to be safe. Termination of service can be done by indemnity or by end of the contract. It can be done by both the service provider or by customer. If there is a breach of contract suffering party can solve the problem by legal clause added in dispute resolution. Appropriate notice is provided. Safe and protected data transfer is the responsibility of the cloud computing service provider and it must be strictly followed. The end but necessary point of agreement is in case any dispute arises in the duration of the contract. In general alternative dispute resolution is preferred over traditional court system for quick proceedings. Mediation and Arbitration are frequently used to solve technical and legal issues. If the parties choose to enter into court system place of jurisdiction is to be selected according to benefit of both the parties.

Advantages of Cloud Computing Agreements

Some of the advantages that make cloud computing agreements popular are mentioned in piechart below.[3]

Disadvantages of Cloud Computing Agreements

Cloud computing is an emerging technology that almost every company is switching to cloud computing agreements. The time and infrastructure that goes waste in collecting data of employees is easily possible from cloud computing above smart charts describes the advantages and disadvantages of cloud computing. Cloud computing agreements are really cost-effective and save a lot of capital of the business. The high speed and easy accessibility of the internet make cloud computing more effective. The disaster recovery of cloud computing services is highly reliable with strong backup plans. In all cloud computing services gears up for progressive runny of any business.

Like every coin has two sides the disadvantages of cloud computing services are equally disastrous and dangerous. The security of data is main problem and threat to business as many confidential data is stored on cloud computing. Cloud computing services are also with limited features. In  India internet access is not much widely spread compared to American or European countries. Technical issues are also point to be considered while using services. While using cloud computing agreements loss of control on our own data and information is experienced by many customers. Hence a feeling of helplessness is engulfed around client.

Legal Issues Concerning Cloud Computing Agreements

Though the innovative advancement and tremendous progress are coming because of the information technology sector the legal system is too slow to adopt such changes. There are so many issues that have arisen which have no legal terms complying it apparently. Various legal issues such as privacy data breach and security location of data leaking confidential information of the customer and contracting issues are prominent problems in handling cloud computing agreements.

In India, network issues are the most irritating and primary obstacle between customer and service provider. Hence even though the ambiguous project of ‘Digital India’ is introduced in India legal and technical issues are hard to handle due to lack of judicial as well as legislative instruments for such revolutionary changes.

  • Data Privacy and Security of Data:

The data breach is the main cause to harm data security and its privacy. In general words, breach of data means loss of unencrypted personal information stored electronically. The data breach can be harmful to both service provider and client. The huge financial harm can occur due to data breach. The crimes of identity theft, credit card fraud, money laundering, potential lawsuits against service providers are legal problems to be faced hence data privacy and security conditions are important in the time of the agreement

  • Confusion in Jurisdiction Authority:

This is the biggest problem between service provider and customer that which authority to approach if any dispute arises between them. Generally, service providers completely deny taking responsibilities it is also a hindrance to their reputation if any lawsuit arisen against them. In this virtual space tracing exact location of both service provider and client is nearly impossible hence determination of place of jurisdiction also becomes hard. Some times on international level laws of which countries are to be applicable also becomes an issue.

  • Contractual issues negotiation problems:

India is not much friendly to cloud computing services due to limited internet services. Due to limited expansion of cloud servicing these agreements are also averting to the Indian population at large. Mostly Click-wrap agreement system is used in India. So basically, it becomes a contract of adhesion[4], it gives almost no place or chance to negotiate with the service provider. Legal provisions fail to protect the right of negotiations at every session but they can put forth reasonable parameters for service providers.

  • Commercial and business issues:

There are many forceable and unforce able issues which arise concerning commercial factors of customer its dependency on service providers. Standard agreements made by the legislation of India are needed to business which will act like a guide and judiciary will pronounce judgements according to it. The future of cloud computing in India is depending upon the commercial profits in business and legal backup by Indian Government.

Indian Government about Cloud Computing Services

The Indian ministry is currently in the thought of creating clear cut separate legal framework pertaining to cloud computing service. The telecom regulation Authority in India had made suggestion and consultation paper in the year 2016 concerning the issue of cloud computing agreements[5]. The Ministry of Electronics and Information and Technology addressed the issue of cloud computing services in their national policymaking in the year 2017. The focus of the policy was on drafting a national digital telecommunication policy 2018

Though cloud computing services have no specified legislation fixed for the following are some of the instances where Indian legislation recognises the term.

  • Goods and Services Tax Act 2017: The GST Act[6] recognises cloud servicing as online data services using internet access. Hence service providers are entitled to pay Goods and Service tax.
  •  Section 43A of the Information Technology Act 2000 (the IT Act): The IT Act and rules provide security to customers and provides the legal framework for creation collection and storage of data for service providers.
  • The Government of India has specifically introduced Personal Data Protection Bill 2018 which will notify the threat to personal data and give protection to customers.

Provision under Information And Technology Act 2000

There were no specified laws concerning computers o data transformation until the year 2000. The crimes were solved and judgements were given under Indian Penal Code 1947. In the year 2000 Information and Technology Act[7] was enacted to provide a concrete legal framework for all laws pertaining to computers and internet access. The IT Act deals with computer-related issues or digital issues crimes and punishments. Any cybercrime related to cloud computing agreement will be dealt by the IT Act.

Section 72: Penalty for breach of confidentiality and privacy:

 This section is applicable to cloud computing services. If there is a breach of privacy the culprit may face imprisonment up to 2 years and fine up to 1 lakh.

Section 80: Power of police officer and other officers to enter, search:

This will give power to police officials to seize computer data recovered from the crime scene and present as electronic evidence in court.

Bright future of Cloud Computing Agreements

Every system has its pros and cons. The cloud computing services are the future of an evolving business world. As internet access all over the world, cloud computing has become essential of the modern digital world. It is easy to spread business when infrastructure is not being wasted on data collection and processing. The various cloud computing service holders are providing effective services. Though advantages are pulling the wool over the faults of these services data security is an important point in cloud computing service. Indian legislations are trying to comprehend with current innovations in the IT area. Indian Government has proposed the idea of digital India and cloud computing service is the x-factor of this digital world.

Conclusion

It seems that cloud computing services are bringing a lot of changes in businesswise. The benefits of cloud computing are huge. This scenario is pleasant on one side but the legal department is suffering from its brunt side. The legal and privacy challenges which come with cloud computing agreements are little tricky to handle. It is highly risky to put up confidential data and private information in some third party’s hands which is virtually available on most of the times. There is a need for separate regulations, legislations and complete separate quasi-judicial body to handle legal issues of this type. In India, Cybersecurity cell takes an important role in solving computing-based problems and crimes. In all if used correctly the cloud computing agreements are boon to the business world otherwise will act as a curse.

References:

[1] https://blog.ipleaders.in/cloud-computing-agreements-overview/

[2] (communication service provider)

[3] https://www.salesforce.com/products/platform/best-practices/benefits-of-cloud-computing/

[4] Where on party is more powerful than other from the beginning   with zero negotiating chances

[5] https://www.lexology.com/library/detail.aspx?g=e5fe0db7-4a93-4a65-8cfd-0cd36ed6a585

[6] Goods and Service Act 2017 (02 of 2017)

[7] Information and Technology Act 200 (21 of 2000)

Categories: Cyber Laws
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Related Posts
Cyber Laws

Data Mining Information Retrieval for Crime Prevention and Forensics

In its truest sense, digital forensics provides answers to the questions of when, what, who, where, how, and why a digital crime occurred.
Cyber Laws

Criminal Investigative Criteria and Standard of Procedure on Computer Crime

Cybercrime scenes are different from traditional crimes & electronic evidence can easily be altered or tampered with.

Competition Laws

Analysing the Relationship between Data Privacy and Competition Law: An Indian Perspective with Reference to Global Scenario

While maintaining healthy competition among companies, the protection of the citizens’ data cannot be side tracked as secondary priority.