The Cloud Industry Legal Forum (CILF) has been officially launched specifically to focus on the legal issues associated with cloud computing.
The new group – chaired by Conor Ward, Partner, Hogan Lovells, has been established to provide clarity on the cloud computing legal issues and support working towards providing a conducive legal framework in support of the industry.
CILF will focus on all aspects of cloud computing law, working to reduce the fear, uncertainty and doubt, which act as barriers to the adoption of cloud computing services. This will include cloud service types, data protection issues, software licensing in the cloud, service definitions and levels, liability, procurement, applicable law, customer data and the future of cloud law encompassing both the UK and the EU.
Founder members include: Hogan Lovells, Arthur Cox, Bird & Bird, DMH Stallard, Eversheds, Latham & Watkins LLP, Palmer Biggs Legal, and Wragge & Co.
Conor Ward, Partner, Hogan Lovells, stated: “While we are associated with the goals of the Cloud Industry Forum, we believe that the group will act as an advisory sounding board on issues relating to the legal issues associated with cloud computing. This means that in reality we can advise the industry as a whole on issues as they arise on a case-by-case basis. It is our belief that we can best serve the industry by taking a non-partisan approach taking an active role in industry debates,”
“One of the first initiatives we are undertaking is to review the ‘EU Data Protection Proposals – Regulation COM (2012)11 and Directive COM(2012)10’ and have submitted a response,” he continued.
CILF has identified a number of common issues that need to be addressed in the EU Data Protection Proposals, not least:
• The need to have legal certainty over ambiguity
• Little or no bureaucracy over unnecessary form filling
• A light regulatory touch over over-regulation
• The need for flexibility and freedom to operate over unnecessary restrictions on how they run their businesses
• And the ability to manage costs over unnecessary imposition of processes and procedures, which result in increased cost.
Conor continued: “CIF and its members are at the forefront of implementing good practices and transparency in relation to the Cloud Computing sector and to that extent agree that it is good practice to ensure that proper policies and procedures are in place. But these must be prepared and agreed in consultation with industry and must be practical and capable of working in an operational environment,”
“The harmonisation envisaged by the Regulation is sometimes at too high a price and may stifle economic growth generally and in particular in relation to the take-up of cloud computing. This consultation is an opportunity to review the data protection landscape to ensure a greater take-up of these types of technologies and to remove some of the FUD which surrounds some of the compliance issues. Within the UK, data controllers (and their suppliers – often members of CIF), have benefitted from a practical, business-oriented approach to data protection, which struck a good balance with the rights of individuals. It is our contention that the Regulation could remove some of this,” he concluded.