Welcome to the United Nations
Language:
  1. Home
  2. Verification of mandatory law and other requirements

Verification of mandatory law and other requirements

Legal Framework

The legal framework applicable to the customer, the provider or both may impose conditions for entering into a cloud computing contract. Such conditions may stem also from contractual commitments, including intellectual property (IP) licences. The customer and the provider should, in particular, be aware of laws and regulations related to personal data, cybersecurity, export control, customs, tax, trade secrets, IP and sector-specific regulation that may be applicable to them and their future contract. Negative consequences of noncompliance with mandatory requirements may be significant, including, invalidity or unenforceability of a contract or part thereof, administrative fines and criminal liability.

Conditions

Conditions for entering into a cloud computing contract may vary by sector and jurisdiction. They may include requirements to take special measures for the protection of data subjects’ rights, to deploy a particular model (e.g., private as opposed to public cloud), to encrypt data placed in the cloud and to register a transaction or a software used in the processing of personal data with State authorities. They may also include data localization requirements, as well as requirements regarding the provider.
 

Next: requirements as regards the provider

Additional Resources

Glossary

  • IP licences: agreements between an IP rights owner (the licensor) and a person authorized to use those IP rights (the licensee).
  • Personal data: data that can be used to identify the natural person to whom such data relates. The definition of personal data in some jurisdictions may encompass any data or information directly or indirectly linked or relating to an identified or identifiable individual (the data subject)