Legal Aspects of Cloud Accountability

详细信息    查看全文

• 作者：Brian Dziminski (15)
  Niamh Christina Gleeson (15)
  
  15. School of Law ; Centre for Commercial Law Studies ; Queen Mary University of London ; London ; UK
  
• 关键词：Cloud accountability project ; A4cloud ; Cloud computing law ; Data protection ; Cloud contracts ; Cloud legal aspects
• 刊名：Lecture Notes in Computer Science
• 出版年：2015
• 出版时间：2015
• 年：2015
• 卷：8937
• 期：1
• 页码：226-247
• 全文大小：192 KB
• 参考文献：1. Zippo Manufacturing Co. v. Zippo Dot Com, Inc., 952 F.Supp. 1119 (W.D. Pa. 1997)
  2. Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data Official Journal L 281, 23/11/1995, pp. 31 鈥?50. (Hereafter referred to as the 鈥楧irective鈥?and/or the 鈥楧PD鈥?
  3. Global Tables of Data Privacy Laws and Bills (3rd edn., June 2013), UNSW Law Research Paper No. 2013-39
  4. Data protection law reform proposals published by the European Commission on 25 January 2012 are available at http://ec.europa.eu/justice/newsroom/data-protection/news/120125_en.htm
  5. WP169, Opinion 1/2010 on the Concepts of 鈥楥ontroller鈥?and 鈥楶rocessor鈥? WP 169 (2010)
  6. Commission decisions on the adequacy of the protection of personal data in third countries published by the European Commission available at http://ec.europa.eu/justice/data-protection/document/international-transfers/adequacy/index_en.htm
  7. Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council (2010/87/EU0), [12 February 2010] OJ L39/5
  8. European Commission working papers on Binding Corporate Rules at http://ec.europa.eu/justice/data-protection/document/international-transfers/binding-corporate-rules/tools/index_en.htm
  9. EU Member State data protection authorities are listed on the European Commission website at http://ec.europa.eu/justice/data-protection/bodies/authorities/eu/index_en.htm
  10. Millard, et al.: Cloud Computing Law (2013, OUP Oxford) Part III Protection of Personal Data in Clouds, pp. 165鈥?82
  11. Hon, W, Millard, C, Walden, I What is regulated as personal data in clouds?. In: Millard, C eds. (2013) Cloud Computing Law, chap. 7. Oxford University Press, Oxford, pp. 167-192
  12. Opinion 4/2007 on the Concept of Personal Data, WP 136 (2007)
  13. Hon, W, Millard, C, Walden, I Who is responsible for personal data in the clouds?. In: Millard, C eds. (2013) Cloud Computing Law, chap. 8. Oxford University Press, Oxford, pp. 193-219
  14. A29WP, Opinion 1/2010 on the Concepts of 鈥楥ontroller鈥?and 鈥楶rocessor鈥? WP169 (2010)
  15. A29WP, Opinion 05/2012 on Cloud Computing, WP196 (2012)
  16. Hon, W, H枚rnle, J, Millard, C Which law(s) apply to personal data in clouds?. In: Millard, C eds. (2013) Cloud Computing Law, chap. 9. Oxford University Press, Oxford
  17. Hon, W, Millard, C, Walden, I How do restrictions on international data transfers work in clouds?. In: Millard, C eds. (2013) Cloud Computing Law, chap. 10. Oxford University Press, Oxford, pp. 254-282
  18. Decision and Order, In the Matter of GeoCities, Inc., FTC File No. 98203915, 12 February 1999. www.ftc.gov/os/1999/02/9823015.do.htm
  19. Decision and Order, In the Matter of Eli Lilly & Co., FT File No. 012-3214, 10 May 2002. www.ftc.gov/os/1999/02/9823015.do.htm
  20. Decision and Order, In the Matter of Gateway Learning Corp., FTC File No. 042-3047, 17 September 2004. www.ftc.gov/os/caselist/0423047/040917do0423047.pdf
  21. Decision and Order, In the Matter of Google Inc., FTC File No. 102-3136, 30 March 2011. www.ftc.gov/os/caselist/1023136/110330googlebuzzagreeorder.pdf
  22. Decision and Order, In the Matter of Facebook, Inc., FTC File No. 092-3184, 29 November 2011. http://ftc.gov/os/caselist/0923184/111129facebookagree.pdf
  23. Federal Trade Commission v. Wyndham Worldwide Corporation, et al., Case No. 2聽:13-cv-1887 (ES-JAD), United States District Court, District of New Jersey, Doc. No. 181 filed April 7, 2014
  24. US Government White House 鈥楥onsumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy鈥?February 23, 2012 available at www.whitehouse.gov/sites/default/files/privacy-final.pdf
  25. Federal Trade Commission report 鈥楶rotecting Consumer Privacy in an Era of Rapid Change: Recommendations for Businesses and Policymakers鈥?March 26, 2012 available at http://www.ftc.gov/sites/default/files/documents/reports/federal-trade-commission-report-protecting-consumer-privacy-era-rapid-change-recommendations/120326privacyreport.pdf
  26. Bradshaw, S, Millard, C, Walden, I Standard contracts for cloud services. In: Millard, C eds. (2013) Cloud Computing Law, chap. 3. Oxford University Press, Oxford, pp. 39-72
  27. Hon, W, Millard, C, Walden, I Negotiated contracts for cloud services. In: Millard, C eds. (2013) Cloud Computing Law, chap. 4. Oxford University Press, Oxford, pp. 73-107
  28. Gleeson, N., Walden, I.: It鈥檚 a jungle out there鈥?: Cloud computing, standards and the law. Eur. J. Law Technol. 5(2) (2014)
  29. OFT (2012) 鈥淧rice Comparison Websites. Trust, Choice and Consumer Empowerment in online markets鈥?(November 2012, OFT 1467). European Commission 鈥楥omparison Tools 鈥?Report from the Multi-Stakeholder Dialogue, Providing consumers with transparent and reliable information鈥?(Report presented at the European Consumer Summit 18鈥?9 March 2013)
  30. Papers and updates on A4Cloud tools are available at the project website at www.a4cloud.eu
  
• 作者单位：Accountability and Security in the Cloud
• 丛书名：978-3-319-17198-2
• 刊物类别：Computer Science
• 刊物主题：Artificial Intelligence and Robotics
  Computer Communication Networks
  Software Engineering
  Data Encryption
  Database Management
  Computation by Abstract Devices
  Algorithm Analysis and Problem Complexity
  
• 出版者：Springer Berlin / Heidelberg
• ISSN：1611-3349

文摘

This paper explores the legal aspects of Cloud accountability which are being examined in great detail in the Cloud Accountability Project. This paper first provides an overview of the basic legal framework of the US and the EU, addresses the lawmaking process, and the impact and enforcement of jurisdiction. The primary laws within the data protection framework are then further explored, as such regulations have the greatest impact on the Cloud, Cloud providers, Cloud customers, and, ultimate, Cloud users. This paper then explores the role of contracts in the Cloud. Finally, all of the analysis is pulled together in discussing how the Cloud Accountability Project is addressing these legal aspects and how such aspects should influence Cloud actors, especially Cloud providers, in their policies and legal governance.