Publication details

Office 365 v. Google Apps: A data protection perspective

Authors

TOMÍŠEK Jan

Year of publication 2015
Type Article in Periodical
Magazine / Source Masaryk University Journal of Law and Technology
MU Faculty or unit

Faculty of Law

Citation
Web Open access časopisu
Field Law sciences
Keywords Data protection; cloud; SaaS; Google Apps; Office 365; data processing agreement; DPA
Attached files
Description This article lists the requirements of European data protection law as regards the contents of a contract between cloud provider and cloud client. Based on these requirements the contracts for the provision of Google Apps for Work and Microsoft Office 365 for small and medium enterprises are evaluated and compared from the data protection perspective. The article also discusses the shortcomings of the current legal framework for data protection with regard to cloud computing, and analyses the possible improvements made by the General Data Protection Regulation. A cloud client usually plays the role of a data controller, while the provider may be a data controller, data processor or may not fall under the scope of data protection law. The relationship between the client and cloud provider, as a data processor, must be governed by a contract stating that the provider is bound by the instructions of the client, and describing the security measures. The contract for Microsoft Office 365 was found to be compliant with data protection law. The contract for Google Apps for Work suffers from several deficiencies that may cause a breach of data protection law. The current data protection framework lacks unification, clarity, scalability and balance regarding liability. With the exception of unification, the General Data Protection Regulation is not expected to bring a substantial improvement if it is adopted using the proposed wording. To cope with the problems arising from the interaction of cloud contracts with current law, cloud clients and providers may use the Cloud Service Level Agreement Standardisation Guidelines.

You are running an old browser version. We recommend updating your browser to its latest version.

More info