Cloud Computing - a legal nightmare?

Popped down to the IP 08 Expo in London yesterday, mainly to listen to a couple of keynotes from people I trust in the IT industry.

Listening to the marketing spiel at the event, however, is fascinating, especially when it comes to cloud computing.

Behind all the hoo-hah, the principles behind CC are quite simple - instead of storing your data on a local PC or server in your firm, the data is stored centrally, rather like the Google model.

Amazon is quietly rolling out its new CC service - called Elastic Compute or EC2 for short - and others are lining up.

The really big snag with CC, good though the concept is, is that it's a legal quagmire as far as corporate governance legislation is concerned.

With Amazon's EC2, for example, your data could be stored in the US, in Asia or anywhere in Europe. Or spread amongst various data centres around the world.

Although I'm no expert in such matters, this means that, in using this useful service, your company could be in breach of the Data Protection Act, the Companies Act 2006 and Basel II, all of which are designed to force companies to protect employees and customers' personal data.

Clearly these laws have to be amended to allow CC to take off, as it surely will. Otherwise these important new services will effectively be strangled at birth.

But that's just my two cents worth. As they say, watch this space...