– Brian Carver (pdf)
Cloud computing is inherently multijurisdictional. This panel will discuss the differing, and often contradictory regulations that cloud providers must navigate in order to provide their services. Who can demand data from cloud providers and how should cloud providers handle requests for data from third party sources (both public and private)? Which country’s data retention and data access laws apply to data stored in a cloud environment? The panel will also discuss best security practices for cloud providers.
Does the cloud require a new privacy framework? This panel will address the privacy threats that arise due to remote hosting and processing of data. Does the cloud permit increased third party access to data for both private individuals (via subpoena) and governments (via the Patriot Act, for example)? To what extent may cloud providers mine user data for economic and strategic gains? Who is responsible to ensure compliance with national and local privacy laws? This panel will attempt to structure policies to relieve the tension between cloud users’ privacy rights and cloud provider’s legal and economic obligations.
The benefits of cloud computing can obscure the risk of data loss and data removal. Moreover, the difficulty of moving data (including e-mail, photos, audio and video) from one vendor’s cloud application to another and the advantages provided by vendor access to information about user behavior can effectively lock-in consumers and decrease competition. Is government regulation required to protect cloud users and their data? Are limits on the use of user datastreams by intermediaries necessary to protect consumers and promote competition?
– Daren Orzechowski (pdf)
Experienced practitioners will discuss the typical terms and conditions of agreements between users and vendors at various levels of cloud computing: infrastructure-as-service (IAS), platform-as-a-service (PAS) and software-as-a-service (SAS). They will also discuss ways to negotiate resolutions when the parties’ interests are conflicting.
– Peter Tennant (pdf)
This panel will address the intellectual property issues that arise in the cloud. Do the notice and takedown provisions provide an adequate structure to regulate copyright infringement in the cloud? Do the anticircumvention portions of the Digital Millennium Copyright Act remain relevant in a cloud environment? How do intellectual property holders enforce their rights given the increased anonymity of both users and content providers? Will trade secrecy increase in importance when software is no longer distributed to users? Will jurisdictional and infringement issues reduce the effectiveness of patent protection for online software?