UK: The Growing Role Of Standards In Cloud Contracts – Some Perspectives On ISO 27018

Quietly, and away from the headlines, the Standard Setting Organisations (SSOs), the journeymen of the interconnected world, are methodically and painstakingly weaving trust into the fabric of cloud computing.

Driven by innovation and the delivery of cheaper computing, cloud growth is accelerating quickly. But ‘trust’ – a word which resonates in this context with both visceral and specific anxieties about your data in other people’s data centres – has emerged as the single biggest piece of grit in the wheels of growth, generating friction that spikes with every new revelation about hacking and compromise of personal data.

As cloud computing develops, this tension between benefit and risk is being mediated as a practical matter through the contract between the cloud service provider and the cloud customer. Up to now the wide range of approaches to cloud contracts can be characterised as short on customer rights and provider obligations. In a 2012 paper ‘Negotiating Cloud Contracts: Looking at Clouds from Both Sides Now1, the writers presented the results of research by the Cloud Legal Project2 into cloud providers’ standard contract terms. They concluded that “users considered that providers’ standard terms do not sufficiently accommodate customer needs” and cited polls where data security and privacy were ranked by 62% and 55% of respondents respectively as their biggest concern with cloud adoption.

Read more at: The Growing Role Of Standards In Cloud Contracts – Some Perspectives On ISO 27018  by Richard Kemp