Who ultimately owns the data? How will your data be shared? Wouldn’t health insurance companies love access to your fit monitor data to set their premiums?
While the benefits of a world where the physical is integrated into the information network will bring better processes and better decision-making, there are many real and significant threats coming from many different angles, most notably compromises to customer privacy. Certainly, recent cyberattacks and data breaches should teach us something about the risk of putting customer data in the cloud, which will likely be the final repository for enabling technologies such as mobile phones, sensors and actuators, RFID, etc. (Though there’s the added risk that for many devices, data makes a number of stops before sitting in its final repository; and collection of data at multiple data points, often unsecured, can swiftly divulge personal information.)
There are similar lessons (and challenges) to draw upon from the world of electronic discovery in litigation, investigations and compliance. For example, who ultimately owns the data? How will your data be shared? (Wouldn’t health insurance companies love access to your fit monitor data to set their premiums?) There is not a lot of precedent and this gray area raises a host of new issues. Also, what if regulators or lawyers need access to that data? This raises similar issues surrounding cloud-based data in e-discovery, such as data identification, access, and collection. The courts will be forced to rule on that after the fact.
...read the fine print in the contract: how your data may be used, where it is being stored, who has access...
Based on lessons learned from e-discovery, where data for attorney review is often transferred to and hosted in the cloud, clients should know and demand certain things. Most notably, read the fine print in the contract: how your data may be used, where it is being stored (is it a public or private cloud?), who has access and under what conditions and authorizations, will it be sold to another third-party, and what encryption mechanisms are in place.
[[JD Supra's new Law Matters series asks experts for their quick take on popular news of the day, and specifically how such matters affect people in their personal or professional lives. Stay tuned for other posts in the series.
Rachel Teisch oversees all of Xerox Litigation Services’ marketing initiatives. She brings 12+ years of experience in marketing and business development, including nearly 10 years in e-discovery enterprise software and consulting services. Prior to joining Xerox Litigation Services, Rachel was the head of global marketing for CloudShare, a cloud computing company. Previously, she led marketing at H5, an e-discovery company, and held various business and strategic development positions at Navigant Consulting.]