scispace - formally typeset
Search or ask a question
Journal ArticleDOI

Privacy and consumer risks in cloud computing

01 Jul 2010-Computer Law & Security Review (Elsevier)-Vol. 26, Iss: 4, pp 391-397
TL;DR: In this article, the privacy and consumer risks that are associated with cloud computing are examined.
About: This article is published in Computer Law & Security Review.The article was published on 2010-07-01 and is currently open access. It has received 211 citations till now. The article focuses on the topics: Information privacy & Privacy software.

Summary (1 min read)

1. Introduction

  • Anyone with an interest in information technology would have found it virtually impossible to avoid coming across the term 'cloud computing' in recent times.
  • The data is under the legal control of the user; Some of the resources on which the service depends are 'virtualised', which means that the user has no technical need to be aware which server running on which host is delivering the service, nor where the hosting device is located; and .
  • The service is acquired under a relatively flexible contractual arrangement, at least as regards the quantum used.
  • Yet cloud computing is associated with a range of obvious privacy and consumer risks, such as risks relating to: How data provided to a cloud computing operator will be used by that operator; .
  • The authors discuss those, and related, risks.

2. Privacy Risks

  • Cloud computing is associated with a range of severe and complex privacy issues.
  • The authors discuss the privacy concerns that are associated with cloud computing and how different cloud computing structures give rise to different types of privacy concerns.
  • As a result extraterritorial claim of jurisdiction, providers of cloud computing products are exposing themselves to the laws of all countries from which the products are used -potentially a heavy burden indeed.

3. Consumer Risks

  • This section considers the risks to consumers that arise from the use of a cloud computing service.
  • Like virtually all other consumer products on the Internet, the supply of consumer cloud computing products is typically governed by contracts drafted exclusively by the providers with no input from consumers.
  • Such restrictions include laws relating to mandatory information disclosure about the product and/or provider, 30 misleading and deceptive conduct, 31 and misrepresentations.

4. Concluding remarks

  • This article has highlighted that so-called cloud computing is associated with serious risks to privacy and consumer rights, and that current privacy law may struggle to address some of those risks.
  • It has also highlighted that consumers using cloud computing products, like other cloud computing users, need to be cautious.
  • The article should also have sent a warning that providers of cloud computing products would do well to familiarise themselves with applicable consumer protection and privacy laws -a very difficult task where they are marketing, or otherwise making available, their products globally and thereby expose themselves to the diverse laws of multiple countries.
  • Finally, in the article the authors have also highlighted that the tension between the law's focus on geographical locations and the ubiquitous nature of cloud computing may represent the largest obstacle to a widespread adoption of cloud computing.

Did you find this useful? Give us your feedback

Citations
More filters
Journal ArticleDOI
Alex Kuo1
TL;DR: The concept and its current place in health care is discussed, and 4 aspects (management, technology, security, and legal) are used to evaluate the opportunities and challenges of this computing model.
Abstract: Cloud computing is a new way of delivering computing resources and services. Many managers and experts believe that it can improve health care services, benefit health care research, and change the face of health information technology. However, as with any innovation, cloud computing should be rigorously evaluated before its widespread adoption. This paper discusses the concept and its current place in health care, and uses 4 aspects (management, technology, security, and legal) to evaluate the opportunities and challenges of this computing model. Strategic planning that could be used by a health organization to determine its direction, strategy, and resource allocation when it has decided to migrate from traditional to cloud-based health services is also discussed.

404 citations


Cites background from "Privacy and consumer risks in cloud..."

  • ...The use of cloud computing presents many legal issues such as contract law, intellectual property rights, data jurisdiction, and privacy [67-71]....

    [...]

Journal ArticleDOI
TL;DR: An extensive review on cloud computing with the main focus on gaps and security concerns is presented, which identifies the top security threats and their existing solutions and investigates the challenges/obstacles in implementing threat remediation.

288 citations


Cites background from "Privacy and consumer risks in cloud..."

  • ...Additionally, some professionals have voiced their concerns on the current privacy laws strangling the process of addressing some of the cloud computing specific risks (Svantesson & Clarke, 2010)....

    [...]

Journal ArticleDOI
TL;DR: In this article, the authors present a descriptive literature review and classification scheme for cloud computing research, which includes 205 refereed journal articles published since the inception of cloud computing and classify them into four main categories: technological issues, business issues, domains and applications, and conceptualizing cloud computing.
Abstract: We present a descriptive literature review and classification scheme for cloud computing research. This includes 205 refereed journal articles published since the inception of cloud computing research. The articles are classified based on a scheme that consists of four main categories: technological issues, business issues, domains and applications, and conceptualising cloud computing. The results show that although current research is still skewed towards technological issues, new research themes regarding social and organisational implications are emerging. This review provides a reference source and classification scheme for IS researchers interested in cloud computing, and to indicate under-researched areas as well as future directions.

240 citations

Journal ArticleDOI
TL;DR: Results from a pilot study of a model that takes account of contextual, economic, and technological influences in the perception and adoption of cloud computing at universities in sub-Saharan Africa shows reliability and validity of the instrument and supports its usage for a more extensive study.

239 citations

Journal ArticleDOI
TL;DR: A hybrid model including Multiple Linear Regression and Neural Network Modeling is proposed to predict motivators influencing the adoption of cloud computing services by information technology (IT) professionals and a new construct, "job opportunity" is introduced.

176 citations

Frequently Asked Questions (6)
Q1. What are the contributions mentioned in the paper "Privacy and consumer risks in cloud computing" ?

In this paper, Clarke et al. adopt the definition devised by the second author in an earlier paper and define cloud computing as a service that satisfies all of the following conditions: 1 ) The service is delivered over a telecommunications network ; 2 ) Users rely on the service for access to and/or processing of data ; 3 ) The data is under the legal control of the user ; 4 ) Some of the resources on which the service depends are virtualized, which means that the user has no technical need to be aware which server running on which host is delivering the service, nor 

8The starting point of any privacy discussion regarding cloud computing must be the realisation that several forms of cloud computing are in their infancy. 

While the legal issues facing cloud operators and cloud users stem from the fact that personal data is transferred across jurisdictional borders, applicable privacy regulation typically draws a line between data being transferred within an organisation, and data being transferred between organisations. 

To assess whether the company could do so, it would need to know in which country, or countries, its data would be stored – it would need to know the location of the cloud. 

If they fail to earn the trust of their customers by adopting clear and transparent policies on how their customers’ data will be used, stored, and protected, governments will come under increasing pressure to regulate privacy in the Cloud. 

organisations, businesses and individuals interested in utilising cloud computing products must ensure they are aware of the privacy and security risks associated with using the product and take those risks into account when deciding whether to use it.