Live Blog -- CLoud Launch: Martin Kratz

One of the perennial questions around cloud computing is how tio protect intellectual property in a world where everything is offered as a service and scalable.

Martin Kratz, of Bennet Jones LLP, is pointing out that contracts for cloud based services are not the same as traditional outsourcing or service contracts because the cloud vendor you deal with is probably relying on other cloud vendors as well to keep their own costs down by treating every customer the same.

Kratz contradicts Fisher by saying that risk should not necessarily be embraced without appropriate mitigation and that customization is not necessarily de rigueur: "terms of service are often non-negotiable and tend to favour the service provider".

Kratz outlines some legal issues to consider when contracting with cloud service providers:

• Service security
• Trade secret protection information confidentiality
• Data integrity
• Compliance with privacy laws and regs
• Assurance of data segregation

Having presented with IP lawyers and discussed many issues around cloud computing with them over the past few years, it seems that there are three overarching issues (according to them): data integrity and protection of intellectual property; management of risk via contractual vehicles; and how the two previous issues are different for traditional services vs. cloud based services.

One of the most common issues related to those Kratz mentioned has to do with information lifecycle management.

1. Does the organisation have an ILM policy?
2. How is it managed?
3. Is it enforced?
4. How is data stored in the cloud impacted by this policy?
5. Is the cloud service provider adhereing to their customers' ILM requirements?
6. Who has ultimate control over the data?

Deep questions for any organisation that wants to take advantage of cloud computing.