Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users

Purpose – to analyse the compliance with basic principles of data protection in selected consumer oriented cloud services contracts, and also to highlight the adequate level of data protection in the mentioned contracts, evaluating existing data protection directive 95/46/EC, also proposed General d...

Full description

Bibliographic Details
Main Authors: Darius Štitilis, Inga Malinauskaitė
Format: Article
Language:English
Published: Mykolas Romeris University 2014-03-01
Series:Social Technologies
Subjects:
Online Access:https://www3.mruni.eu/ojs/social-technologies/article/view/1873
id doaj-223a98a0710c49eb84f87398b8837616
record_format Article
spelling doaj-223a98a0710c49eb84f87398b88376162020-11-24T21:56:40ZengMykolas Romeris UniversitySocial Technologies2029-75642014-03-013210.13165/ST-13-3-2-111705Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-UsersDarius ŠtitilisInga MalinauskaitėPurpose – to analyse the compliance with basic principles of data protection in selected consumer oriented cloud services contracts, and also to highlight the adequate level of data protection in the mentioned contracts, evaluating existing data protection directive 95/46/EC, also proposed General data protection regulation.<br />Design/methodology/approach – various survey methods have been used in the work integrated. Documental analysis method has been used in analysis of scientific literature, legal acts and other documents, where aspects of legal data protection requirements have been included. Legal documents analysis method together with logical-analytic method has been used in analysing Directive 95/46/EU, Proposal for a regulation of the European Parliament and of the Council and jurisprudence of the European Court of Human Rights. Comparative method has been applied for revealing difference between particular cloud services contracts and also comparing the compliance of cloud services contracts to requirements of basic European data protection principles, established in the international documents.<br />Findings – from the brief analysis of selected consumer oriented cloud service providers, it may be implied that more or less all the legal principles, established in the legal acts, are reflected in the privacy policies and/or service agreements. However, it shall be noted that there is a big difference in wording of the analysed documents. Regarding other principles, all examined cloud service providers do not have indemnification provisions regarding unlawful use of personal data.<br />Research limitations/implications – the concept of the contract was presented in a broad sense, including the privacy policies and/or terms and conditions of the service providers. In accordance with the content of the principles, the authors grouped data protection principles, applied in cloud services into fundamental and recommendatory.<br />Practical implications – the research results will be helpful for cloud service providers, dealing with personal data of data subjects (natural persons).<br />Originality/value – the mentioned research of cloud provider contracts examined 4 sets of standard terms and conditions of cloud service providers targeting individual consumers. The following personal data protection principles were evaluated: transparency, purpose specification and limitation, erasure of data, confidentiality, availability, integrity, indemnification.<br />Research type: research paper, viewpoint, case study.https://www3.mruni.eu/ojs/social-technologies/article/view/1873privacy and data protectioncloud servicescompliance principleslegal regulation
collection DOAJ
language English
format Article
sources DOAJ
author Darius Štitilis
Inga Malinauskaitė
spellingShingle Darius Štitilis
Inga Malinauskaitė
Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
Social Technologies
privacy and data protection
cloud services
compliance principles
legal regulation
author_facet Darius Štitilis
Inga Malinauskaitė
author_sort Darius Štitilis
title Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
title_short Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
title_full Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
title_fullStr Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
title_full_unstemmed Evaluation of Legal Data Protection Requirements in Cloud Services in the Context of Contractual Relations with End-Users
title_sort evaluation of legal data protection requirements in cloud services in the context of contractual relations with end-users
publisher Mykolas Romeris University
series Social Technologies
issn 2029-7564
publishDate 2014-03-01
description Purpose – to analyse the compliance with basic principles of data protection in selected consumer oriented cloud services contracts, and also to highlight the adequate level of data protection in the mentioned contracts, evaluating existing data protection directive 95/46/EC, also proposed General data protection regulation.<br />Design/methodology/approach – various survey methods have been used in the work integrated. Documental analysis method has been used in analysis of scientific literature, legal acts and other documents, where aspects of legal data protection requirements have been included. Legal documents analysis method together with logical-analytic method has been used in analysing Directive 95/46/EU, Proposal for a regulation of the European Parliament and of the Council and jurisprudence of the European Court of Human Rights. Comparative method has been applied for revealing difference between particular cloud services contracts and also comparing the compliance of cloud services contracts to requirements of basic European data protection principles, established in the international documents.<br />Findings – from the brief analysis of selected consumer oriented cloud service providers, it may be implied that more or less all the legal principles, established in the legal acts, are reflected in the privacy policies and/or service agreements. However, it shall be noted that there is a big difference in wording of the analysed documents. Regarding other principles, all examined cloud service providers do not have indemnification provisions regarding unlawful use of personal data.<br />Research limitations/implications – the concept of the contract was presented in a broad sense, including the privacy policies and/or terms and conditions of the service providers. In accordance with the content of the principles, the authors grouped data protection principles, applied in cloud services into fundamental and recommendatory.<br />Practical implications – the research results will be helpful for cloud service providers, dealing with personal data of data subjects (natural persons).<br />Originality/value – the mentioned research of cloud provider contracts examined 4 sets of standard terms and conditions of cloud service providers targeting individual consumers. The following personal data protection principles were evaluated: transparency, purpose specification and limitation, erasure of data, confidentiality, availability, integrity, indemnification.<br />Research type: research paper, viewpoint, case study.
topic privacy and data protection
cloud services
compliance principles
legal regulation
url https://www3.mruni.eu/ojs/social-technologies/article/view/1873
work_keys_str_mv AT dariusstitilis evaluationoflegaldataprotectionrequirementsincloudservicesinthecontextofcontractualrelationswithendusers
AT ingamalinauskaite evaluationoflegaldataprotectionrequirementsincloudservicesinthecontextofcontractualrelationswithendusers
_version_ 1725857869464600576