Cloud Computing 2025

Browne Jacobson (Ireland) is pleased to present the Chambers Cloud Computing Global Practice Guide. Its team of experienced lawyers has extensive knowledge of the legal issues surrounding cloud computing and has advised numerous clients on these matters. In recent years, the legal landscape has undergone a digital revolution by moving towards the use of cloud systems.

Cloud computing has become an essential part of modern business operations. Instead of data being stored on hard drives and local computers as in the past, remote servers are used. Cloud applications are often referred to as “web services” or “hosted services”, but here the term cloud services is used.

Cloud services may be hosted by a third party (eg, Microsoft) or by a provider that runs its services on Microsoft or another data centre provider.

It is a delivery model for IT services to store data on remote servers owned or controlled by third parties, typically on the internet or via private networks. These remote servers are usually hosted in data centres across the world, providing global distribution of computing power, increased storage capacity, fast delivery and on-demand bandwidth. The cloud model is very attractive in that it enables companies to meet their ever-growing IT needs with smaller capital expenditure and less reliance on their IT departments. However, the use of cloud computing also presents a range of legal and regulatory issues that businesses must navigate. These challenges include data protection and privacy, intellectual property, and contractual issues.

Contents of the guide aim to provide businesses with a comprehensive understanding of the legal issues surrounding cloud computing in the covered jurisdictions, exploring the key legal considerations that businesses must take into account when using cloud computing services, including compliance with data protection and privacy laws, the protection of intellectual property rights, and the negotiation of effective cloud computing contracts.

This piece can prove a valuable resource for businesses looking to use or which are currently using cloud computing services. Providing businesses with a comprehensive understanding of the legal issues surrounding cloud computing can help them make informed decisions about the use of cloud computing services and manage the associated risks effectively.

Further, the guide looks at issues contained in cloud providers’ (including VARs or Value-Added-Resellers) contracts with their customers, to ensure that customers are adequately protected from the legal risks inherent in cloud service usage. That said, there are benefits, including enhanced back-up and disaster recovery, and the increased data handling capacities these services offer, which are noteworthy and should be factored in by customers in any legal/risk analysis.

Legal Challenges Posed by Cloud Computing

Data sovereignty

When data is stored on remote servers across different jurisdictions, it can raise concerns about data sovereignty and jurisdictional conflicts.

Data protection and privacy

One of the key legal issues surrounding cloud computing is data protection and privacy. Businesses must ensure that they comply with data protection and privacy laws when using cloud computing services. This includes ensuring that personal data is processed in accordance with the relevant data protection laws.

General Data Protection Regulation

When using cloud services, businesses need to consider the key principles of the GDPR, including:

• data minimisation;
• purpose limitation;
• data accuracy;
• accountability;
• lawfulness, fairness, and transparency;
• storage limitation; and
• integrity and confidentiality.

Businesses must ensure they have appropriate data protection and privacy policies when using cloud computing services. These policies should outline how personal data will be processed, who will have access to that data, and how it will be protected.

Furthermore, businesses need to establish proper contractual agreements with their cloud computing service providers. These contracts should set out the responsibilities of the service provider in relation to data protection and privacy, and should include appropriate data protection and privacy clauses.

Consideration should be given to whether a DPIA (Data Protection Impact Assessment) for the cloud service needs to be prepared, which may be a requirement under applicable laws, or as a matter of good practice.

Compliance

When companies move their information to the cloud, they must ensure they are compliant with service laws and regulations – this can create hurdles in cloud storage and back-up services.

IP

Another key legal issue surrounding cloud computing is intellectual property. Businesses must ensure that they protect their IP rights when using cloud computing services. This includes ensuring that internal IP policies are in place and that the company has established appropriate contractual arrangements with its cloud computing service providers.

Businesses must also ensure that they have appropriate measures in place to protect their IP when using cloud computing services. This may include implementing appropriate access controls, encryption, and other security measures to ensure data integrity and confidentiality.

Contractual issues

Finally, businesses must ensure that they negotiate effective cloud computing contracts with their service providers. These contracts should set out the responsibilities of the service provider and should include appropriate service level agreements (SLAs) and other contractual provisions. Liability issues are crucial and influence the pricing of the underlying service. The considerations of liability caps and their exclusions are vital as market practices develop in this area.

Businesses must also guarantee appropriate exit strategies are in place when using cloud computing services. This may include establishing proper data back-up and recovery procedures, as well as ensuring that the company has suitable termination clauses in its contracts with service providers.

Other issues which are core to good governance in selecting and contracting with a cloud provider include:

• access to the stored data for customers;
• access to the stored data for law enforcement;
• liability issues, including for any failure of service;
• service levels and service credits;
• jurisdiction and governing law;
• use policies;
• insurance matters;
• renewals and notice periods;
• subcontracting; and
• transitional arrangements when service migration is to occur.

Summary

Cloud computing has become an essential part of modern business operations, providing organisations with an efficient and cost-effective way to store, process, and manage data. However, the use of cloud computing also creates a range of legal challenges that businesses must navigate.

This guide explores the key legal issues surrounding cloud computing, including data protection and privacy, intellectual property, and contractual issues. Its content provides practical guidance on how businesses can effectively navigate these issues and highlights the importance of having appropriate policies and contractual arrangements in place when utilising cloud computing services.

Additionally, it can be a valuable resource for businesses seeking to utilise cloud computing services, enabling them to make informed decisions about cloud computing adoption and effectively manage the associated legal risks.