Legal Issues

by Mike Masnick

Filed Under:
cloud computing, discovery, law

The Law Isn't Quite Ready For Cloud Computing

from the that-could-be-a-problem dept

Michael Scott points us to an interesting discussion among some lawyers trying to grapple with the implications of a rise in "cloud computing." For example, they note that courts usually don't take kindly to excuses such as "the hard drive ate my documents" when certain documents are unable to be found during the discovery process. But, if people are using a cloud computing solution such as Google Docs, this could actually be an issue. Google's terms of service allows it to cancel accounts and delete documents -- and someone who relies on a system like that only to find out later that he or she needs to hand over documents as a part of a court case may be in trouble. Of course, I don't see how this should be any different than any other "out of my hands" issue. What if a fire destroys paper documents? Or should the problem be that the user didn't make backup copies? The problem here isn't necessarily cloud computing itself, but the way the law views the discovery process.

Reader Comments

Subscribe: RSS

View by: Time | Thread

  • identicon
    Anonymous Coward, 11 Aug 2009 @ 9:03pm

    What serious company would use Google Docs? No public company would.

    reply to this | link to this | view in chronology ]

  • icon
    Digital Protector (profile), 11 Aug 2009 @ 9:51pm

    Even if you use Google Docs in a limited capacity as a company, you would be foolish to not make some form of backup. The nature of cloud computing makes it unreliable at times, and any company using it as a resource should take steps to protect its data. That being said, if you were an idiot and decided to forgo backups, the worst the court should charge you with is non-malignant negligence, save in the presence of evidence that the decision was made with the consideration of escaping a court order.

    reply to this | link to this | view in chronology ]

  • identicon
    Gordon Quinn, 11 Aug 2009 @ 10:11pm

    This is a good topic that we're going to see come up more and more. I'm not a fan of Google because I think they're moving to the dark side, but in general Cloud computing/storage is more reliable than personal computing for the consumer because consumer-grade servers fail a lot. For enterprises, you get what you pay for. You can leave yourself exposed or you can pay for redundancy. "I must have my storage in-house" will seem ridiculous in a decade, IMHO.

    reply to this | link to this | view in chronology ]

    • identicon
      CleverName, 12 Aug 2009 @ 5:31am


      You have made several unsupported claims.

      How is CC more reliable than personal computing?
      GQ -> "because consumer grade servers fail a lot"

      I thought it had more to do with the medium upon which the data is stored and how it is stored upon that medium. How many consumers actually buy a server? Most consumers use a usb drive or two. Isn't this less expensive, and more reliable ?

      Why is in-house storage ridiculous ?

      You seem ridiculous - IMHO

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 11 Aug 2009 @ 10:34pm

    So the whole concept of google docs would leave google open to an accomplice charge if they were to delete documents of a company under law suit or expecting to be sued. .

    reply to this | link to this | view in chronology ]

    • icon
      The Infamous Joe (profile), 12 Aug 2009 @ 5:27am


      Right, because Google knows they're being sued.

      Oh wait...

      reply to this | link to this | view in chronology ]

    • icon
      btr1701 (profile), 12 Aug 2009 @ 6:30am

      Re: Accomplices

      In order to be an accomplice to a crime, you have to have knowledge of and be an active and intentional participant in the offense. Google deleting documents or accounts as part of routine system maintenance, with no knowledge that the owner of the account is involved in litigation in no way makes them an accomplice or puts them in danger of an obstruction charge.

      reply to this | link to this | view in chronology ]

  • identicon
    Jake, 12 Aug 2009 @ 3:42am

    This has just highlighted my problem with the whole concept of cloud computing. The instant you transfer data to a server you do not personally own, you no longer have any control over how carefully it's being preserved.

    reply to this | link to this | view in chronology ]

    • icon
      The Infamous Joe (profile), 12 Aug 2009 @ 5:29am


      That's your problem with cloud computing?

      Cloud computing is a business like any other. Over time some companies that offer it will become known as more trustworthy, and the ones that aren't will go out of business because no one will use them.

      reply to this | link to this | view in chronology ]

      • identicon
        Jake, 13 Aug 2009 @ 5:49am


        Which still leaves you exceedingly screwed if you hire the wrong one and they go bankrupt without warning, or a tornado takes out one of their datacentres and it turns out they didn't have an off-site mirror.
        Off-site backups are a damned useful thing to have, as is remote access to company resources. But they are not a replacement for storing your data on hard drives you own and maintain.

        reply to this | link to this | view in chronology ]

  • identicon
    Rob, 12 Aug 2009 @ 6:26am

    Archive your web 2.0 stuff

    This is the trend that caused us to build - a tool for backing up and archiving web2.0 sites.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Aug 2009 @ 8:19am

    It seems to me a more apt title would be "The Legal Profession Isn't Quite Ready For Cloud Computing".

    reply to this | link to this | view in chronology ]

  • identicon
    Free Capitalist, 12 Aug 2009 @ 11:29am


    Any company beholden to Sarbanes-Oxley or public accounting rules in general will not be moving any family jewels into a public cloud any time soon. Most companies are too conservative (wisely cautious) to consider 'walking the line' with regards to their legal obligations. Frankly I don't even want to imagine a SOX audit on a clouded app.

    For some major corporations I can see limited use of public-clouds in the short-term for ancillary services that carry no accounting, transactional or personally identifiable information. In most cases, however, that wouldn't leave much for the cloud players to cheer about.

    For now the public cloud services are for non-critical apps and private companies that have a lot of trust.

    reply to this | link to this | view in chronology ]

  • icon
    Saqib Ali (profile), 12 Aug 2009 @ 9:22pm

    Progress can not be avoided indefinitely

    @ Folks who raised security / reliability / recovery concerns about Cloud Computing:

    NIST recently published a working draft of the Cloud Computing Security presentation. Some of the Security Advantages mentioned in the presentation are:

    1. Shifting public data to a external cloud reduces the exposure of the internal sensitive data
    2. Cloud homogeneity makes security auditing/testing simpler
    3. Clouds enable automated security management
    4. Redundancy / Disaster Recovery
    5. Data Fragmentation and Dispersal
    6. Dedicated Security Team
    7. Greater Investment in Security Infrastructure
    8. Fault Tolerance and Reliability
    9. Greater Resiliency
    10. Hypervisor Protection Against Network Attacks
    11. Possible Reduction of C&A Activities (Access to Pre-Accredited Clouds)
    12. Simplification of Compliance Analysis
    13. Data Held by Unbiased Party (cloud vendor assertion)
    14. Low-Cost Disaster Recovery and Data Storage Solutions
    15. On-Demand Security Controls
    16. Real-Time Detection of System Tampering
    17. Rapid Re-Constitution of Services
    18. Advanced Honeynet Capabilities

    I understand that these will depend on the actual implementation. It usually does for everything. For e.g. you can create world's most secure cipher, but the poor implementation is usually the weakest link.

    But in theory, if cloud services are implemented properly, I think NIST's list of advantages hold true.

    As Professor David Deutsch would say, "Problems are Soluble. Problems are inevitable"

    No amount of precautions can avoid problems that we do not yet foresee. Hence we need an attitude of problem fixing, not just problem "avoidance". And it's true that an ounce of prevention equals a pound of cure, but that's only if we know what to "prevent". If you've been punched on the nose, then the science of medicine does not consist of teaching you how to avoid punches. If medical science stopped seeking cures and concentrated on prevention only, then it would achieve very little of either.

    The traditional Enterprise IT world is buzzing at the moment with plans on how to stop Cloud Computing from entering into the workplace. It ought to be buzzing with plans to reduce the security and privacy risks associated with Cloud Computing and improve data-portability and forensic capabilities. And not at all costs, but efficiently and cheaply. And some such plans exist, host-prood hosting[1], for example.

    With problems that we are not aware of yet, the ability to put right -- not the sheer good luck of avoiding indefinitely -- is our only hope, not just of solving problems, but of making technological progress.

    (the above is based on a talk by Professor David Deutsch on problem avoidance)


    reply to this | link to this | view in chronology ]

  • identicon
    Gene Cavanaugh, 13 Aug 2009 @ 8:58pm

    Discovery in a courtroom

    Actually, we covered all that in law school, and "cloud computing" or any other implementation doesn't change anything, except in the minds of an attorney bent on perverting justice by influencing a jury with bad information.
    The reason courts take a dim view of not having hard evidence is that historically softer forms of "evidence" tend to be manipulated.
    Of course, people no longer try to pervert justice (giggle!), but the courts still like to see objective data, and I for one agree wholeheartedly - have trouble maintaining it? That's YOUR problem, pal!

    reply to this | link to this | view in chronology ]

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Special Affiliate Offer
Anonymous number for texting and calling from Hushed. $25 lifetime membership, use code TECHDIRT25
Report this ad  |  Hide Techdirt ads
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.