Top 7 Legal Issues in Cloud Computing

How does all our office work go on?. All of the computers are gone from the days when we used paper and big rat ridden inventories of registers where every information was stored. Well nowadays computer servers rooms have replaced those inventories. But are these inventories so feasible that an option better than them should not be explored. Well that option seems to have taken shape. That is cloud computing. Let’s deep dive into its world.

Definition

Cloud computing is basically a virtual server room of information whose managing costs are no longer the pains you have to worry about, it provides the delivery of computing facilities such as storage elasticity, analysis powers and intelligence over the internet which is generally called “THE CLOUD”. This helps in providing “better and quicker innovation”, faster scalability, and many more scope of expansion. 

It has many more added benefits such as its analysis power is so stark in comparison to human scientists that it helps to mend the various flaws in different functions of the market and helps in increasing scalability of business thus has the added advantages of removing many infrastructure spending which gets minimized to a great level. As it is very beneficial it has its own flaws too such as various legal issues to arise which can sometimes be very time taking to solve. Let’s take a look at the most common technical issue that this great tool faces as well as the solutions.

List of Legal Issues in Cloud Computing

1. Cross Border Data Transfer 

One of the greatest advantages faced by companies switching to cloud sourcing is the security of their data due to space elasticity. It can be accessed by anyone irrespective of their location and also their rivals one more problem arises due to varying data laws imposed in different countries. Due to which lot of cross borders issue arise though some steps have been taken in this respect such as some bi and multilateral data privacy law have been made and agreed upon by countries for the smoothening of cross country data processing some of them are:

Safe Harbor Framework developed by the European Union and the United States:

Whose main objective to get implemented to govern data transfer and storage along with 1995 Data Protection Directive of the European Union on the protection of personal data.

According to these laws those companies who had been given adequate status from India lack this level of data laws proficiency that is why technological advance is slow in India.

2. Lawful Interception

Now government agencies all around the world need access for information for their official task while these requests seem valid. And they can easily be retrieved as most of the cloud operations lie unencrypted but in the guise of these valid reasons lies some who can possibly harm the whole structure. And useful data of the company to destroy its own growth due to lack of encrypted data. 

One such case got highlighted during the drug case that blew the entire bollywood during 2020 when whatsapp chats of many leading celebs got revealed and were accessed  by media channels as well as other people to get their share of trp and breaking news. These brought a huge blot over the security and encrypt security of whatsapp underlying framework.

Many times there are reports of facebook information getting leaked by B Grade Level café hackers. Thus harassing poor users financially, mentally, etc. This is on a small level (peer-to-peer level). If this occurs on a huge company‘s database level then the ruckus created by the intruder is unimaginable.

In cases of encrypted data the companies have to give the enforcement agencies access to their whole data by either giving them.

3. Encryption Key Providing Them The Back Door To Access

In India, the IT laws give all the probing agencies rights to intrude, interfere in data transfer with proper law sanction. But the later part is never implemented. Section 68 and d69 also allows the domestic agencies to probe any information transfer on domestic networks.

In the U.S, access of data on company servers is provided by Patriot Act of 2001 which allow the agency to compel the companies for the production of information on Nation information letters the letters further exerts that this will not be disclosed to the users.

4. Data Subject And Jurisdiction

Cloud’s greatest tool is its non spacious scalability where companies can use huge amounts of space without any problem. But this invisible space has time and again caused friction among the service providers who fight over the cloud’s space. In short “who owns what?” is the general cry.

5. Data Ownership

Lack of a comprehensive framework of written rules for cloud computing there is no ground marking of who owns the specific data. The rules agreed upon by the company are those which are written in the cloud-provider’s service level agreement (SLA).  Which are agreed upon by companies but not service providers?. These SLA limit user’s control thus stopping the general public to use them and cannot differentiate between non-personal, personal, sensitive, and proprietary information thereby unjustifiably subjecting them to the same ownership standards.

6. Data Privacy

Now the lack of proper framework, the inherent fluid nature with no boundations lack of encryption and mismatch in privacy laws combined by dirty fights of companies over data rights leads to breach in data security thus leads to loss or disruption of important user data.

7. Content Regulation

Another grave problem faced by cloud service providers is content regulation. Governments all around the world have laid some rules regarding what type of content is visible for the general public in their country. And thus hold the tech companies very responsible for any violation in their laid down rules. Cloud fluidity cuts across boundaries thus making it difficult for enforcement agencies to locate the guilty who crossed the line laid down by their government regarding content visuality.