The Cloud Implies Many Applicable Laws

As noted in Part 1 of this article, Cloud-based IT services have no true jurisdictional neutrality. Potentially applicable laws will include those from any jurisdiction in which data are stored or accessible from, in which a person whose information has been collected resides, or in which a party contracting for or providing services is located. Conflicts in applicable laws are possible. Any party contemplating a Cloud service should, at a minimum, ask the following questions:

Where are the data transferred stored, and whom are they accessible to?
Is there a robust set of laws that protects the privacy of personal information in each of those jurisdictions?
How do these laws differ from the local law that the organization is subject to? Are these differences material?
By transferring data to these jurisdictions, is there a risk that the organization will be in breach of its privacy obligations under local law?

Reproduced with permission of the publisher of Internet and E-Commerce Law in Canada, vol. 13, no. 10, February 2013.

Stormy Weather: Jurisdiction Over Privacy and Data Protection in the Cloud – Part 2

Inscrivez-vous pour recevoir les dernières nouvelles

Restez à l’affût des nouvelles d’intérêt, des commentaires, des mises à jour et des publications de Torys.