‘It’s a Jungle Out There’?: Cloud Computing, Standards and the Law

Niamh Christina Gleeson, Queen Mary University of London, and Ian Walden, Queen Mary University of London, School of Law

4/27/2016
(Original Publish Date: 5/23/2014)

This article focuses on EU initiatives on cloud standards, particularly the work of ETSI, ENISA and the working groups set up by the European Commission; while acknowledging that cloud standardisation is obviously also a global issue. Consideration is given to the Commission’s actions on cloud standards and the main issues that feature in the debate about the need for cloud computing standards: data protection, data security, interoperability, data portability, reversibility and SLAs. We review the standard-setting process for cloud and give an overview of the variety of standards setting organisations, governmental bodies and international organisations involved in developing standards for the cloud market. Finally, we examine how the adoption of cloud standards can be granted, or acquire, legal and regulatory effects under both public and private law regimes, which impact on both providers and users of cloud services. We conclude that, while technical standards for cloud appear to be developing as expected, informational and evaluative standards will inevitably take longer to emerge and may require greater stability within the legal frameworks into which they are intended to operate.