Cyber Intrusions in the Cloud and Legal Risk

01 February 2016 Publication
Authors: Peter Vogel

National Paralegal Reporter

For those of you who thought that “the cloud” was simply a handy place to store your music and videos for later use without having to waste precious storage capacity on your mobile phone, think again. Cloud computing has become a way for companies of all sizes to share a variety of business related resources without having to invest heavily in more traditional storage and communication infrastructures. Law firms and corporate law departments in particular see cloud computing as a way to provide fast and efficient representation to their clients at a fraction of the normal cost. Yet use of this relatively new technology, like may advances over the past ten years, is not without its risks and dangers. Thirdparty vendors providing cloud computing services are a big lure for hackers looking to score a treasure trove of sensitive data, personally identifiable information and confidential documents. If these hackers break through the cloud’s security defenses and steal client information, the law firm could be on the hook, legally, ethically and from a business standpoint. Finding the right cloud provider and striking the right arrangement is critical to taking advantage of this valuable tool, while minimizing your firm’s risk.

What is “the Cloud”?
The phrase “the cloud” is a relatively recent marketing buzz word, but the concept of remote computing has actually been commercially available since 1964, when it was know at Dartmouth University as time-sharing – a telephone linebased service for obtaining remote access. Over the past sixty or so years, time-sharing has been known by many names, including Application Service Provider (ASP), Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). But regardless of the name, cloud computing is simply the idea that user can utilize large computer resources and applications over the Internet without having to make huge investments. It is analogous to a city electrical grid: everyone can tap into it to obtain electricity (for a price) without each person having to purchase his or her own generator.

Many large Internet-based companies, such as Amazon, Google and Rackspace, provide cloud services, while some companies, like DropBox, focus exclusively on cloud computing and the ability to share documents and other files. While it might be tempting to go with a “name brand” when it comes to cloud services (because of cost, ease of use or simply ubiquity), bear in mind that these companies offer “take it or leave it style terms of service,” usually by merely agreeing to a click agreement. Hence, if you click “I agree” you will likely be stuck with whatever terms and conditions they offer you and will not be able to negotiate things like limiting the locale of the data to the US (or any country for that matter), the right to audit your data. and the format in which you receive the data back whenever your relationship ends. As we see below, not only might that be risky from a business and legal perspective, it might also be downright unethical.

Read more.


Related Services


California Statute Offers Dramatic Change to Independent Contractor, Franchise-Franchisee Relationships
20 September 2019
Legal News: Distribution & Franchise
AI Ouch! AI Job Interview Law Starting in 2020!
20 September 2019
Internet, IT & e-Discovery Blog
RCE PTA Carve-Out Resumes After Interference
18 September 2019
The Ninth Circuit Expected to Rule that Doctors Can Be Wrong in the Winter v. Gardens False Claims Act Case
18 September 2019
Legal News: Government Enforcement Defense & Investigations
Lacktman, Ferrante Cited in mHealth Intelligence About Ryan Haight Act
19 September 2019
mHealth Intelligence
Vernaglia Comments on AHA v Azar Decision
18 September 2019
MedPage Today
Tinnen Discusses How Viewpoint Diversity Helps Businesses Thrive
18 September 2019
Lach Comments on Launch of New Group
16 September 2019
BizTimes Milwaukee
MedTech Impact Expo & Conference
13-15 December 2019
Las Vegas, NV
Review of 2020 Medicare Changes for Telehealth
11 December 2019
Member Call
BRG Healthcare Leadership Conference
06 December 2019
Washington, D.C.
CTeL Telehealth Fall Summit 2019
04-06 December 2019
Washington, D.C.