Would you agree to a service- level agreement (SLA) where outages for a cloud service of up to 30 minutes would not be considered downtime? Would you sign a contract that, on termination of a service, gave no opportunity to retrieve your data – not even one day?
Would you use a service provider that exempted itself from any form of liability for losing or deleting your data?
Few enterprises would agree to such arrangements with a systems integrator or an IT outsourcer, however these terms were included in service-level agreements for cloud computing services available in the market today.
Sydney law firm Truman Hoyle surveyed 25 SLAs for cloud computing services targeting the corporate market. The project, led by technology and intellectual property law partner Mark Vincent, found huge variations in the terms and conditions buried in the legal documents – even in jurisdictions, from Australia to Singapore to Britain.
The lack of a standard model for cloud computing agreements showed the immaturity of the industry and how much further it needs to travel before companies can use cloud services with a reasonable guarantee of fairness.
No choice in law
The white paper “Cloud Computing Contracts – A Survey of Terms and Conditions” was written by Vincent and two colleagues in early 2011 and surveyed contracts from infrastructure-as-a-service (IaaS), platform-as-a-service (PaaS) and software-as-a-service (SaaS) providers.
Vincent released the white paper at a seminar in the Hilton Hotel, Sydney, in conjunction with CRN’s sister site iTnews.com.au and vendor VMware. While all services were available to Australian companies, the choice of law for the SLAs was not always the local code. Providers typically choose the country where the main office is located as the only location and legal framework for settling disputes.