Vendors have their head in the clouds

Posted by Mike Magee in Paris, France

 The widespread push by computer vendors to a "cloud" based model where data for enterprises and end users is held remotely has unfathomed legal and security consequences.

That emerged from a roundtable at the Etre conference in Paris called "Placing Bets on Cloud Computing's Evolution" - with a panel including Deborah Majid, director of strategic alliances at IBM Software; Daniel Arthursson, CEO of Xcerion; Paul Ostergaard, CEO of ShipServ; and Olivier Edwards, partner at Morgan, Lewis and Bockius.

It was Edwards who raised the alarm about the dangers of a widespread move to the so-called "cloud". He said it raised all types of legal questions. "Today, everything is virtual," he said. If your data was hosted in Sao Paolo Brazil and your enterprise was based in Manhattan or in Rome, the legal liabilities were far from clear.

He also pointed out that if the provider goes bust, how does an enterprise or an end user, for example, retrieve the data entrusted to a "cloud". "There are lots of questions from a legal perspective," he said.

But Majid claimed that companies like hers and for that matter other "cloud" services like HP and Amazon, had built in service level agreements (SLAs) which would protect customers.

A delegate from Wave Systems, however, pointed out that "cloud" systems also raised questions about how legal discovery could be made. A subpoena issued to secure some documents or other would involve the seizure of a hard drive but getting to the hard drive itself was something of a problem.

Majid at this point said that the term called "cloud" wasn't actually a cloud at all, it's a managed system.