Posts by Frank Jennings - The Cloud Lawyer 15 publicly visible posts • joined 10 Mar 2016
Quick, dig out the contract to see what protections you've got.
Clause 10: The service offerings are provided “As Is.” We…make no representations or warranties of any kind…that the service offerings or third party content will be uninterrupted.” https://aws.amazon.com/agreement/
If you didn't like that one, you definitely won't like clause 11.
"But I don't believe schools or NHS/Trusts should be fined, it just takes money away they desperately need."
As Baldy50 says, we often don't have a choice to use public sector services so they should lead by example but taking away money from an entity funded by the taxpayer is not a great solution. In fact, the whole principle of fining has always struck me as dodgy. "You've committed a [data / road traffic / tax (delete as required)] offence but if you pay us money we'll forgive you."
Largest public sector ICO fine (and largest ICO fine ever until TalkTalk) was £325k against Brighton and Sussex University Hospitals NHS Trust.
https://www.theregister.co.uk/2012/06/06/nhs_trust_disputes_ico_fine/
> Unless the UK waives the two year exit negotiation period...
---> I've actually read Article 50 and there is no provision for that
You're right. Much of the Leave spin has been about Hard Brexit and simply moving onto WTO standards rather than suffer the humility of trying to negotiate a suitable deal the remaining 27 member states might not give us. Therefore, technically, Parliament could take us out of the EU by simply passing a law to do that. Boris is good at acting like a surly child on the international stage but even for him this might be a step too far.
---> So all EU laws and regulations in place at the end of the 2 years would apply, if I understand May's idea of a Great Repeal Bill.
Yes, apart from the ones which conflict with whatever Brexit deal we do such as the ECJ being the supreme court and freedom of movements etc.
Exactly. Upon Brexit the UK gov will preserve all laws except for those directly associated with Brexit. This will likely affect the UK contributions to the EU budget, the 4 freedoms (goods, workers, services & capital) and "red tape". This last one is the most vague (none of it is particularly certain) but I don't see culling data protection laws as being high up the agenda.
Fair question. I wrote about this for Databarracks a couple of years ago. Search for "The Real Challenges and Benefits of Cloud Computing to Law Firms" and then did a "One Year On" follow up. The solicitors regulatory body has a paper on cloud too.
...as you said, maybe one for another article.
Good question. The insurance might not cover loss of data or, if it does, it may require the customer to ensure it has suitable protections from its outsourced provider.
That means the customer could get into trouble from its own customers, get a fine from a regulator, suffer loss of business & reputation but not be able to claim under insurance or against the provider.
Yes, more murky and will depend upon the use made. Some cases have said that it's the employee's personal account and this sits well with the LI terms. Conversely, an employee who has run the employer's LI group page, or who has uploaded contacts or who has used LI as their contacts database may have to turn it over to the employer.
Yes, remains to be seen how Privacy Shield will improve in practice what was Safe Harbour.
I see what you mean about hacking & ownership - once it's out of your control, do you really own it, but that's a different point. The person I spoke to the other day had heard that a large public cloud vendor had inserted terms transferring ownership of data.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
