T. Noble Foster


This paper explores legal issues associated with cloud computing, provides analysis and commentary on typical clauses found in contracts offered by well-known cloud service providers, and identifies strategies to mitigate the risk of exposure to cloud-based legal claims in the critical areas of data security, privacy, and confidentiality. While current research offers numerous case studies, viewpoints, and technical descriptions of cloud processes, our research provides a close examination of the language used in cloud contract terms. Analysis of these contract terms supports the finding that most standard cloud computing contracts are unevenly balanced in favor of the cloud service provider. The implication for cloud users is that additional measures, both legal and practical, are necessary in order to achieve a reasonable level of data security, privacy, and confidentiality, and to mitigate the inherent risks in cloud computing solutions. This research was limited to an analysis of some of the leading cloud computing service providers and the con-tract clauses they offer to cloud users. Although the selected cloud provider contracts are representative of the currently available contract terms throughout the industry, these terms are evolving along with the practices of the cloud providers and cloud users.