Microsoft vs US.gov, Internet of Stuff, Big Data: Some of 2015's legal cloudy issues

4. Google Spain case will get greater scrutiny

Last year Mr Costeja unintentionally achieved international fame, infamy even. The Court of Justice of the European Union ruled that Google had to remove links from search results about Costeja that were accurate but out-of-date. This was dubbed the “right to be forgotten”, reflecting the 'right' about to be introduced under the new EU Data Protection Regulation. In fact, it is based on the existing law that data must be kept accurate and up-to-date.

The judgement has had far-reaching consequences, polarising debate; on one hand, many individuals are happy that they are able to exercise a greater degree of control over what search engine users may find about them. Others (including me) are left wondering whether making Google Spain a “data controller” for the purposes of the legislation is a step too far.

Even though the respected Article 29 Working Party has published guidance on implementing the judgement, there is still much concern. For example, it seems hard to reconcile this judgement with the mere conduit, caching and hosting defences enshrined in the E-commerce Directive to protect ISPs.

This judgement indicates that protecting personal data trumps these long-established legal principles. With such a disparity in the law, we can expect greater scrutiny of the judgement this year.

5. Cloud standards get closer

There are numerous attempts to introduce cloud standards. There are initiatives from the European Union, official standard-setting organisations such as the International Telecommunications Union and the International Standards Organisation. There are also private standard-setting organisations (such as the UK Cloud Industry Forum with whom I have an association) and government-imposed standards. In all, the European Telecommunications Standards identified 20 bodies producing 150 documents in this area.

A definitive set of standards is some way off, as is a standard cloud contract, and cloud providers have little enthusiasm for one. The European Commission is attempting to introduce a standard approach to cloud SLAs.

In June 2014 its Cloud Select Industry Group published guidelines. A standard SLA is not close to being established, and the guidance is intended to serve as a form of checklist.

Expect standards, contracts and SLAs to receive attention during the course of the year. Of course, once there are generally acceptable standards, the next stage will be for customers to recognise - demand - that their providers should comply with those standards.

This will lead to the advent of certification schemes and organisations to help providers adhere to those standards. ®