This website uses cookies

This website uses cookies to ensure you get the best experience. By using our website, you agree to our Privacy Policy

Sign Up for our Free Newsletter
Solictors Journal logoSolictors Journal logo
Subscribe
Jean-Yves Gilg

Editor, Solicitors Journal

IP/IT update: cloud computing and data protection

Feature
Share:
IP/IT update: cloud computing and data protection

By

New guidance on cloud computing in the legal services sector, an investigation in IT contracting, and the setting up of an expert group on cloud computing are only some of the most significant development considered by Susan Singleton

Intellectual property law has not stood still since the last IP/IT update in September, but IT development have moved markedly apace in that period, which is what we will focus on in this update.

Distance selling

The Consumer Contracts (Information, Cancellation and Additional Charges) Regulations 2013 were adopted in December and come into force on 13th June 2014. The regulations implement an EU consumer law directive and in particular change the period for cancelling contracts made at a distance, such as most internet sales of goods or services, mail order and the like, from seven days to 14 days.

At the same time the Department for Business issued 23 pages of implementing guidance. These regulations will apply to contracts concluded on or after 13 June 2014. On this date, the distance selling regulations 2000 and off-premises (doorstep) regulations 2008 will be revoked.

The new regulations are very important. All those who advise clients on commercial law and in particular terms and conditions for website should read the regulations and the accompany guidance notes. It would also be wise early this year to alert clients to the changes. Suggesting an update to their terms and conditions to reflect all recent changes in consumer and commercial law would also be appropriate, now that the details of the statutory instrument are final. Such a review could also include a check on whether the client complies with current data protection legislation in relation to its website.

Copyright hub

The creation of a copyright hub was the main recommendation arising from the Hooper Report, commissioned by the UK government and published in July 2012 following the Hargreaves independent review of intellectual property in 2011.

The Hooper Report recommended the creation of a not-for-profit, industry-led copyright hub based in the UK that would "link interoperably and scalably to the growing national and international network of private and public sector digital copyright exchanges, rights registries and other copyright-related databases, using agreed cross-sectoral and cross-border data building blocks and standards, based on voluntary, opt-in, non-exclusive and pro-competitive principles".

The pilot version of the Copyright Hub is designed to provide information about copyright, allow people wanting to use copyrighted material to obtain a licence to do so, and provide details of and links to places where details of copyright can be registered. In its current pilot form, the Copyright Hub provides links to a handful of copyright databases (including the BBC picture library and Getty Images) and it is intended that as time goes on more information and resources will be developed and the number of linked databases will increase substantially.

Cloud computing in the legal sector

The Solicitors Regulation Authority released its 'Silver Linings' report which examines the impact cloud computing has on law firms.

'Silver Linings: cloud computing, law firms and risk' draws attention to the danger of firms failing to exercise due diligence in controlling the risks associated with outsourcing.

Cloud computing involves outsourcing data processing to an external provider. It continues to increase in popularity, with low cost and flexibility the key advantages. Firms are obliged to keep client information confidential. This does not bar them from using cloud systems, but they must ensure that the system they choose provides sufficient protection. This publication is a good resource for any firm involved in outsourcing.

Data protection

All recent data protection cases and guidance as they apply to law firms are at www.ico.gov.uk.

If you haven't already, you should check that your law firm has registered with the ICO, which in most cases costs £35 a year.

Those involved with sales of businesses should also check on the ICO's site whether the target company is registered when it ought to be as part of due diligence. Searches on the register are free. Make sure commercial contracts particularly in the IT sector contain data protection clauses and warranties. Often a buyer will want liability for breach of warranty in this field (as well as for breach of IP rights and confidentiality) to be unlimited.

Cloud computing contract terms

The European Commission has started an "expert group" including cloud providers, solicitors and academics in an attempt to create a new set of cloud computing contract terms. The group includes Telecom Italia and UK-based cloud provider Skyscape. They are going to try to identify "safe and fair contract terms and conditions for cloud computing services for consumers and small firms". Use of the terms within cloud computing contracts will be optional. The group should report back early in the spring of 2014.

The group will look at how the new terms will interact with the proposed voluntary new common European sales law (CESL) including where users buy digital material held in the cloud.

It is envisaged that CESL would offer businesses and consumers entering into distance contracts an optional legal framework on which to base their contract and resolve any subsequent disputes.

IT contracting investigation

The OFT is investigating the degree of competition between the companies which supply public sector IT. This sector accounts for a significant proportion of total public sector expenditure, estimated at £13.8bn for 2011-12.

The market study follows an OFT call for information which raised a number of issues that the OFT believes merit further analysis. Most notably, concerns were raised that certain businesses appear to have a large share of contracts in some areas of the sector, that there are high barriers to entry and expansion (especially for smaller scale ICT businesses) and that public sector organisations face difficulties and high costs in switching suppliers.

During the CFI, issues were also raised regarding public sector procurement practices. The market study will examine the extent to which these practices interact with the market structure and suppliers' behaviour. Existing reports and ongoing initiatives to improve public sector procurement will be examined.

The OFT aims to complete the market study and publish findings in March 2014. For more information about the market study, see the OFT's project page.

In April 2014, the Competition and Markets Authority (the CMA) will become the UK's lead competition body.

The CMA will bring together the existing competition and consumer protection functions of the Office of Fair Trading and the Competition Commission, as amended by the Enterprise and Regulatory Reform Act 2013.

The CMA, which is a non-ministerial government department, was established on 1 October 2013 but will not be taking on responsibility for cases or other work until 1 April. Just as important for commercial lawyers is to remember that from 1 April the FCA takes over from the OFT for consumer credit work.

Personal electronic devices at work

A YouGov survey has shown that 47 per cent of all UK employees now use their smartphone, tablet computer or other portable device for work purposes.

There is therefore a concern that many organisations are failing to update their data protection policies to account for this growing trend. The warning comes after the Royal Veterinary College breached the Data Protection Act when a member of staff lost their camera, which included a memory card containing the passport images of six job applicants. The organisation had no guidance in place explaining how personal information stored for work should be looked after on personal devices.

ICO head of enforcement Stephen Eckersley has warned organisations to be aware of how people are now storing and using personal information for work.

"It is clear that more and more people are now using a personal device, particularly their mobile phones and tablets, for work purposes so its crucial employers are providing guidance and training to staff which covers this use," he said. The ICO's guidance on Bring Your Own Device (BYOD) is available on its data protection guidance page.

 

 

Susan Singleton, SingletonsSusan Singleton is a solicitor at Singletons?

www.singlelaw.com

@singlelaw