(by Ben & Duncan)

So cloud computing is the “next big thing”.  But what’s the catch?

“Cloud computing” is really just outsourcing bits of your computing task to someone else over the Internet, where the complexity of the task and hardware required to complete it is hidden from the end user.  That task could be manipulating a database of just editing your home photos online.  Remember “network computing”, “distributed computing”, “utility computing” and others of the past?  Well it’s really only the marketing people that can tell the difference between those and “Cloud computing”, if you know what I mean.

While the idea of “cloud computing” (or whatever you’d like to call it) has been around since networks began, there is truly something new this time.  We now have the infrastructure (which is really just lots of bandwidth and significant progress on sophisticated and standardised interoperability between software) to release retail focused applications on a never before seen scale.  All of that together makes cloud computing a commercial opportunity.

The technology to implement cloud computing has some real end user benefits too.  For example, hardware can be shifted to the service provider and the user only needs a thin client to access the service.  A great example is Google Maps – imagine if you had to run that without an Internet connection at home on your laptop pc!

However, it’s not just technological improvement that’s got all the big IT companies in a spin.  A fundamental shift from single purchase software to a subscription model has been the financial holy grail, and “cloud computing” makes it possible and even somewhat sensible to the end user.

But just before you jump on board and proclaim that the future is here, this time, for sure, there are a number of legal issues which should make you think twice.
1.    You’re signing-up to move your data to a third party.  What are they doing with it?  Where will it be stored (in what country)?
2.    Wherever your data ends up, what are the confidentiality and privacy implications?  Does the government in that country have a different view as to confidentiality and privacy that you’re used to?  And that you’ve committed to those with a stake in the data?
3.    If you’re buying processing power to run your own software, have you considered your freedom to operate in the country where the software will actually run?
4.    How does moving corporate documents outside your home country effect issues like legal professional privilege?  Could someone obtain a discovery order against your documents in a foreign jurisdiction for a claim that is really home grown?
5.    Don’t assume that strong encryption is the answer – think about whether that country’s government requires that encryption algorithms allow access by the government under discretionary powers.
6.    For that matter, where is your supplier’s home country and does that change your ability to influence them legally should things go wrong?
7.    How is your current application suite licensed?  Does it even contemplate a cloud infrastructure, with very abstract concepts of a CPUs, process and server?  Will you end up paying significantly more to move to a globally distributed environment?

Finally, as always, we would love your feedback – what are other issues have you encountered with this next evolution of computing?