Download or read book Regulating the Cloud written by Christopher S. Yoo and published by MIT Press. This book was released on 2015-08-21 with total page 329 pages. Available in PDF, EPUB and Kindle. Book excerpt: The emergence of the cloud as infrastructure: experts from a range of disciplines consider policy issues including reliability, privacy, consumer protection, national security, and copyright. The emergence of cloud computing marks the moment when computing has become, materially and symbolically, infrastructure—a sociotechnical system that is ubiquitous, essential, and foundational. Increasingly integral to the operation of other critical infrastructures, such as transportation, energy, and finance, it functions, in effect, as a meta-infrastructure. As such, the cloud raises a variety of policy and governance issues, among them market regulation, fairness, access, reliability, privacy, national security, and copyright. In this book, experts from a range of disciplines offer their perspectives on these and other concerns. The contributors consider such topics as the economic implications of the cloud's shifting of computing resources from ownership to rental; the capacity of regulation to promote reliability while preserving innovation; the applicability of contract theory to enforce service guarantees; the differing approaches to privacy taken by United States and the European Union in the post-Snowden era; the delocalization or geographic dispersal of the archive; and the cloud-based virtual representations of our body in electronic health data. Contributors Nicholas Bauch, Jean-François Blanchette, Marjory Blumenthal, Sandra Braman, Jonathan Cave, Lothar Determann, Luciana Duranti, Svitlana Kobzar, William Lehr, David Nimmer, Andrea Renda, Neil Robinson, Helen Rebecca Schindler, Joe Weinman, Christopher S. Yoo

Download or read book Regulating the Cloud written by Christopher S. Yoo and published by MIT Press. This book was released on 2015-08-07 with total page 329 pages. Available in PDF, EPUB and Kindle. Book excerpt: The emergence of the cloud as infrastructure: experts from a range of disciplines consider policy issues including reliability, privacy, consumer protection, national security, and copyright. The emergence of cloud computing marks the moment when computing has become, materially and symbolically, infrastructure—a sociotechnical system that is ubiquitous, essential, and foundational. Increasingly integral to the operation of other critical infrastructures, such as transportation, energy, and finance, it functions, in effect, as a meta-infrastructure. As such, the cloud raises a variety of policy and governance issues, among them market regulation, fairness, access, reliability, privacy, national security, and copyright. In this book, experts from a range of disciplines offer their perspectives on these and other concerns. The contributors consider such topics as the economic implications of the cloud's shifting of computing resources from ownership to rental; the capacity of regulation to promote reliability while preserving innovation; the applicability of contract theory to enforce service guarantees; the differing approaches to privacy taken by United States and the European Union in the post-Snowden era; the delocalization or geographic dispersal of the archive; and the cloud-based virtual representations of our body in electronic health data. Contributors Nicholas Bauch, Jean-François Blanchette, Marjory Blumenthal, Sandra Braman, Jonathan Cave, Lothar Determann, Luciana Duranti, Svitlana Kobzar, William Lehr, David Nimmer, Andrea Renda, Neil Robinson, Helen Rebecca Schindler, Joe Weinman, Christopher S. Yoo

Download or read book Regulating the Cloud written by Jonathan Cave and published by . This book was released on 2012 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: Cloud computing challenges existing regulatory paradigms in a variety of ways. This paper, which differentiates among cloud services, services hosted on cloud platforms and 'cloud-enhanced' services delivered with the aid of cloud-based storage, processing and other functions, seeks to identify and analyse challenges to existing regulation arising from the spread of cloud and cloud-hosted services and areas where new regulatory intervention may be necessary (especially to meet the competition and consumer protection obligations of telecommunications regulators). The paper further tries to distinguish between problems specific to the cloud (e.g. the IPR issues associated with content-matching for cloud-hosted content) and those that are simply more noticeable or less tractable there (e.g. issues of data location). The first part of the paper develops a framework for analysing these issues, taking into account i) cloud features (e.g. service, contractual and deployment models, B2B vs. B2C offerings); ii) specific mechanisms for creating or preventing citizen, consumer and competitive harm; and iii) regulatory mechanisms or relations (ex ante/ex post, rule- or principle-based, competition vs. utility). The regulatory issues can be divided among: a) bypass (where regulated activity escapes regulation by going 'via the cloud'); b) direct regulation (of cloud services); and c) indirect regulation (e.g. regulation of cloud-hosted services or use of telecom or direct cloud regulation to address issues arising in cloud-hosted or 'cloud-enhanced' services. The analysis identifies (for European telecom regulators) whether the issues require an extension of the existing mandate or duties and whether they are likely to be transitional (solved by market developments) or amenable to self- or co-regulation. This framework is populated by an inventory of issues and recommendations regarding such specific cases as customer mobility, data location and migration and the telecom regulatory implications of communications-as-a-service. The inventory of policy issues is divided between regulatory concerns arising from the statutory duties of telecoms regulators and implementation issues arising from the distributed and internationally peripatetic nature of the cloud. However, it raises more questions than it answers; while Section 4.2 indicates some areas where existing justifications for regulatory intervention can be applied to the cloud and Section 4.3 discusses how regulation may or may not work, it is useful to consider whether distributed and delocalised computing as a service calls for a reconsideration of the regulatory heritage of communications and/or broadcast content distribution. To partially address, this, the final section provides a prolegomena to an alternative theoretical analysis. It concentrates on economic regulation of cloud services, specifically cloud platform competition and neutrality. To the extent that computational services complement many forms of economic activity, it may be necessary to revise fundamental assumptions regarding market identification, quantification of market power and the appropriate locus of liability (whether regulatory or contractual). This is most obvious for location-based issues but applies as well to linkage between or potential conflict among different competition and consumer protection regulations. For instance, exclusive and transferable IPR protection for content or cloud-hosted applications may need to be recast in shared or networked cloud environments. It may be necessary to devise new forms of protection for economically-valuable personal, proprietary or private data, or at least to reconcile existing tensions between economic vs. fundamental rights and between individual and collective rights. As a final example, quality of service is important both to the efficiency of cloud service markets and to their contribution to the economy as a whole; the very different ways service and platform providers and different classes of users experience quality should engender new contract forms and mechanisms for matching parties and monitoring and enforcing contracts; but these have been slow to develop. The paper suggests extending the conventional two-sided markets approach (viewing public cloud providers as platforms) to differentiate e.g. situations where: • value is derived from a specific matching or relationship among individual users and service providers; • the value of participation for players on one side depends on an aggregate (e.g. distribution or number) of those on the other side or - eventually - the dynamic topology of their networked interaction; and • users and their demands and service providers and their outputs migrate from one platform to another - and where, in consequence, the layered network structure is critical to market structure and performance. This analysis can identify the implications of different deployment strategies, 'freemium' and pay-or-play models and predatory or collusive use of the cloud and cloud-based resources. Specifically, the value of engagement with (through) the cloud should be treated as a real option based on the totality of content and services available. From this, it is possible to derive the technical, allocational and innovation efficiency consequences or various market regimes and business models and to assess stakeholders' incentives to invest in shareable resources (including telecom infrastructures) and the platform operator or hosted developers' willingness to provide risk-management services (e.g. privacy as a service, processing of encrypted material). This naturally raises the issue of cloud neutrality as a generalisation of net or platform neutrality. While we remain convinced that the 'right kind' of differentiation is potentially valuable - or even essential to provision of certain services at particular stages of development - we feel that it is also valuable to consider the effects on cloud services of 'net neutrality' regulation binding on ISPs and the potential effects of more extensive 'cloud neutrality' regulation. This is a very broad topic; the discussion here is limited to quality of service discrimination (specifically latency) with reference to some promising specific application areas: algorithmic or high-frequency computer-based financial trading; supply chain data repositories; app ecosystems; and privacy of action and computational communication.

Download or read book Cloud Computing Law written by Christopher Millard and published by OUP Oxford. This book was released on 2013-10 with total page 448 pages. Available in PDF, EPUB and Kindle. Book excerpt: Building on innovative research undertaken by the 'Cloud Legal Project' at Queen Mary, University of London, this work analyses the key legal and regulatory issues relevant to cloud computing under European and English law.

Download or read book IT Laws in the Era of Cloud Computing written by Xenofon Kontargyris and published by Nomos Verlag. This book was released on 2018-12-10 with total page 378 pages. Available in PDF, EPUB and Kindle. Book excerpt: Der Band dokumentiert die Ergebnisse und Empfehlungen einer Analyse zur Frage, wie sich IT-Gesetze entwickeln sollten, unter der Prämisse, dass die heutige und zukünftige Informations- und Kommunikationstechnologie durch Cloud Computing geprägt ist. Insbesondere entwickelt sich diese Untersuchung auf einer vergleichenden und einer interdisziplinären Achse, d.h. als Rechtsvergleich zwischen EU und US-Recht und interdisziplinär zwischen Recht und IT. Die Arbeit konzentriert sich auf den Schwerpunkt vom Datenschutz und Datensicherheit in Cloud-Umgebungen und analysiert drei Hauptherausforderungen auf dem Weg zu einer effizienteren Cloud-Computing-Regulierung: Verständnis der Gründe für die Entwicklung divergierender Rechtsordnungen und Denkschulen zum IT-Recht Gewährleistung der Privatsphäre und Datenschutz in der Cloud konvergierende Regulierungsansätze für die Cloud in der Hoffnung auf eine harmonisierte Landschaft von IT-Gesetzen in der Zukunft.

Download or read book Data Localization Laws and Policy written by W. Kuan Hon and published by Edward Elgar Publishing. This book was released on with total page 488 pages. Available in PDF, EPUB and Kindle. Book excerpt: Countries are increasingly introducing data localization laws, threatening digital globalization and inhibiting cloud computing adoption despite its acknowledged benefits. This multi-disciplinary book analyzes the EU restriction (including the Privacy Shield and General Data Protection Regulation) through a cloud computing lens, covering historical objectives and practical problems, showing why the focus should move from physical data location to effective jurisdiction over those controlling access to intelligible data, and control of access to data through security.

Download or read book Data Privacy and Trust in Cloud Computing written by Theo Lynn and published by Springer Nature. This book was released on 2020-10-13 with total page 149 pages. Available in PDF, EPUB and Kindle. Book excerpt: This open access book brings together perspectives from multiple disciplines including psychology, law, IS, and computer science on data privacy and trust in the cloud. Cloud technology has fueled rapid, dramatic technological change, enabling a level of connectivity that has never been seen before in human history. However, this brave new world comes with problems. Several high-profile cases over the last few years have demonstrated cloud computing's uneasy relationship with data security and trust. This volume explores the numerous technological, process and regulatory solutions presented in academic literature as mechanisms for building trust in the cloud, including GDPR in Europe. The massive acceleration of digital adoption resulting from the COVID-19 pandemic is introducing new and significant security and privacy threats and concerns. Against this backdrop, this book provides a timely reference and organising framework for considering how we will assure privacy and build trust in such a hyper-connected digitally dependent world. This book presents a framework for assurance and accountability in the cloud and reviews the literature on trust, data privacy and protection, and ethics in cloud computing.

Download or read book Privacy and Legal Issues in Cloud Computing written by Anne S. Y Cheung and published by Edward Elgar Publishing. This book was released on 2015-06-29 with total page 319 pages. Available in PDF, EPUB and Kindle. Book excerpt: Adopting a multi-disciplinary and comparative approach, this book focuses on emerging and innovative attempts to tackle privacy and legal issues in cloud computing, such as personal data privacy, security and intellectual property protection. Leading i

Download or read book Regulation of Cloud Services Under US and EU Antitrust Competition and Privacy Laws written by Sára Gabriella Hoffman and published by PL Academic Research. This book was released on 2017 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book examines how cloud-based services challenge the current application of antitrust and privacy laws in the EU and the US. It discusses how platform interoperability can be a driver of incremental innovation and the consequences of not promoting radical innovation. It focusses on the impact of the EU General Data Protection Regulation.

Download or read book Data Protection Regulation and Cloud Computing written by Henry Chang and published by . This book was released on 2015 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: The benefits of cloud computing make it appealing to a wide range of organizational customers: from small and medium enterprises to non- government organizations, which lack the expertise or resources to manage a complex and costly internal information technology (IT) infrastructure, to large multinational corporations that are attracted by the potential cost savings. However, despite the management and cost advantages of cloud computing, there are a number of information security and privacy protection concerns in particular, when the cloud is used to process or handle personal data. These concerns result from organizational customers' apparent lack of control over and oversight of the way in which personal data are protected and managed therein. This chapter covers the issues that organizational customers need to consider if they decide to engage the services of cloud providers. It first outlines the basic data protection principles underpinning the obligations of data users/controllers, and then describes the common data protection concerns that organizations have when engaging outsourcers, of which cloud providers are considered as a special type. Finally, the chapter outlines several characteristics of the business model that many cloud providers adopt and how those characteristics affect the protection of personal data privacy. Throughout the discussion, recommendations from data protection authorities (DPAs) are provided, where applicable.

Download or read book Security Trust and Regulatory Aspects of Cloud Computing in Business Environments written by Srinivasan, S. and published by IGI Global. This book was released on 2014-03-31 with total page 325 pages. Available in PDF, EPUB and Kindle. Book excerpt: Emerging as an effective alternative to organization-based information systems, cloud computing has been adopted by many businesses around the world. Despite the increased popularity, there remain concerns about the security of data in the cloud since users have become accustomed to having control over their hardware and software. Security, Trust, and Regulatory Aspects of Cloud Computing in Business Environments compiles the research and views of cloud computing from various individuals around the world. Detailing cloud security, regulatory and industry compliance, and trust building in the cloud, this book is an essential reference source for practitioners, professionals, and researchers worldwide, as well as business managers interested in an assembled collection of solutions provided by a variety of cloud users.

Download or read book Cloud Policy written by Jennifer Holt and published by MIT Press. This book was released on 2024-09-17 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: How the United States’ regulation of broadband pipelines, digital platforms, and data—together understood as “the cloud”—has eroded civil liberties, democratic principles, and the foundation of the public interest over the past century. Cloud Policy is a policy history that chronicles how the past century of regulating media infrastructure in the United States has eroded global civil liberties as well as democratic principles and the foundation of the public interest. Jennifer Holt explores the long arc of regulating broadband pipelines, digital platforms, and the data centers that serve as the cloud’s storage facilities—an evolution that is connected to the development of nineteenth- and twentieth-century media and networks, including railroads, highways, telephony, radio, and television. In the process, Cloud Policy unearths the lasting inscriptions of policy written for an analog era and markets that no longer exist on the contemporary governance of digital cloud infrastructure. Cloud Policy brings together numerous perspectives that have thus far remained largely siloed in their respective fields of law, policy, economics, and media studies. The resulting interdisciplinary argument reveals a properly scaled view of the massive challenge facing policymakers today. Holt also addresses the evolving role of the state in the regulation of global cloud infrastructure and the growing influence of corporate gatekeepers and private sector self-governance. Cloud policy’s trajectory, as Holt explains, has enacted a transformation in the cultural valuation of infrastructure as civic good, turning it into a tool of commercial profit generation. Despite these current predicaments, the book’s historical lens ultimately helps the reader to envision restorative interventions and new forms of activism to create a more equitable future for infrastructure policy.

Download or read book IT Control Objectives for Cloud Computing written by Isaca and published by ISACA. This book was released on 2011 with total page 192 pages. Available in PDF, EPUB and Kindle. Book excerpt:

Download or read book Regulating New Technologies in Uncertain Times written by Leonie Reins and published by Springer. This book was released on 2019-03-21 with total page 313 pages. Available in PDF, EPUB and Kindle. Book excerpt: This book deals with questions of democracy and governance relating to new technologies. The deployment and application of new technologies is often accompanied with uncertainty as to their long-term (un)intended impacts. New technologies also raise questions about the limits of the law as the line between harmful and beneficial effects is often difficult to draw. The volume explores overarching concepts on how to regulate new technologies and their implications in a diverse and constantly changing society, as well as the way in which regulation can address differing, and sometimes conflicting, societal objectives, such as public health and the protection of privacy. Contributions focus on a broad range of issues such as Citizen Science, Smart Cities, big data, and health care, but also on the role of market regulation for new technologies.The book will serve as a useful research tool for scholars and practitioners interested in the latest developments in the field of technology regulation. Leonie Reins is Assistant Professor at the Tilburg Institute for Law, Technology, and Society (TILT) in The Netherlands.

Download or read book Us and Eu Cloud Computing Policy and Acceptance for Regulated Entities written by Darral Addison and published by Validated Quality Systems. This book was released on 2017 with total page 78 pages. Available in PDF, EPUB and Kindle. Book excerpt: The federal government is not in the business of developing new technologies, but they are in the business of facilitating them. If you are planning to develop computer-based products and services for regulated industries or would like to gain a better grasp on how IT policies are promulgated, then I strongly suggest you read this book. This book will make plain which government agencies help promulgate policies that aid in the acceptance of Cloud and Computerized systems. This book will help you understand how Cloud computing technology, design, and architecture are facilitated and protected by laws, regulations, and funding priorities. In the United States, the integrity, privacy, and security of medical and health records is a prime directive. In the European Community, personal privacy and data security are major factors that encourage the acceptance of cloud computing. Paying close attention to the spirit of the regulations, policies, codes, rules, and standards is key towards succeeding in the industry. Even though policies, guidance, and interpretations from various agencies may echo similar definitions, it is important to understand those small distinctions governing each complementary framework. This book unveils the stakeholders and policy shakers who provide funding and drive public policy towards the acceptance of cloud and computer networks. Regulatory Agencies have developed a set of expectations for companies who develop and operate computer systems in regulated spaces. Understanding how these policies are promulgated help will uncover the IT requirements that drive industry activities.

Download or read book EU Privacy and the Cloud written by Paul M. Schwartz and published by . This book was released on 2015 with total page 0 pages. Available in PDF, EPUB and Kindle. Book excerpt: The cloud is a business sector in which U.S. companies lead the world in new products and services. The market for cloud computing is already a multibillion-dollar international market. Forrester Research Inc. has predicted a growth in the size of this market from $40.7 billion in 2011 to more than $241 billion in 2020. Due to the international dimensions of cloud computing, regulations outside of the United States are now as important as those inside it. The European Union is the most important bilateral trade area for the United States, and its proposed data protection regulation is of profound significance for U.S. companies that offer cloud services. As the European Commission notes, concerns about data protection constitute "one of the most serious barriers to cloud computing take-up." It calls for "a chain of confidence-building steps to create trust in cloud solutions." One of the most important of these steps is the Proposed Data Protection Regulation. U.S. cloud services should take particular note of two areas of the Proposed Regulation. The first concerns its limitations on the use of an individual's consent to permit data processing. The second is how it crafts a broad jurisdictional reach for EU information privacy law. This Essay argues that the Proposed Data Protection Regulation drastically narrows the conditions for reliance on the use of "consent" mechanisms as a justification for data processing. The Proposed Regulation also extends EU privacy jurisdiction beyond the existing framework. This Essay analyzes the resulting strict "fair information practices" regarding consent in EU information privacy law. It also proposes adjustments to the proposed jurisdictional approach for EU privacy law.

Download or read book Protecting Digital Identity in the Cloud written by Clare Linda Sullivan and published by . This book was released on 2014 with total page 17 pages. Available in PDF, EPUB and Kindle. Book excerpt: Widespread use of cloud computing and other off-shore hosting and processing arrangements make regulation of cross border data one of the most significant issues for regulators around the world. Cloud computing has made data storage and access cost effective but it has changed the nature of cross border data. Now data does not have to be stored or processed in another country or transferred across a national border in the traditional sense, to be what we consider to be cross border data. Nevertheless, the notion of physical borders and transfers still pervades thinking on this subject. The European Commission (“EC”) is proposing a new global standard for data transfer to ensure a level of protection for data transferred out of the EU similar to that within the EU. This paper examines the two major international schemes regulating cross-border data, the EU approach and the US approach, and the new EC and US proposals for a global standard. These approaches which are all based on data transfer are contrasted with the new Australian approach which regulates disclosure. The relative merits of the EU, US and Australian approaches are examined in the context of digital identity, rather than just data privacy which is the usual focus, because of the growing significance of digital identity, especially to an individual's ability to be recognized and to transact. The set of information required for transactions which invariably consists of full name, date of birth, gender and a piece of what is referred to as identifying information, has specific functions which transform it from mere information. As is explained in this article, as a set, it literally enables the system to transact. For this reason, it is the most important, and most vulnerable, part of digital identity. Yet while it is deserving of most protection, its significance has been largely underappreciated. This article considers the issues posed by cross border data regulation in the context of cloud computing, with a focus on transaction identity and the other personal information which make up an individual's digital identity. The author argues that the growing commercial and legal importance of digital identity and its inherent vulnerabilities mandate the need for its more effective protection which is provided by regulation of disclosure, not just transfer.