Ms Kuan Hon, MA (Cantab), LLM (UPenn), MSc (Imperial), LLM (Queen Mary)
Senior Researcher, Project Co-ordinator and Research Assistant , Cloud Computing Project
Email: w.k.hon@qmul.ac.ukTelephone: +44 (0)20 7882 8215Room Number: Lincoln's Inn FieldsWebsite: http://www.cloudlegal.ccls.qmul.ac.uk
Profile
Kuan Hon joined the Centre for Commercial Law Studies (CCLS) in October 2010 as the Research Assistant to the Cloud Computing Legal Research Project which commenced in October 2009.
She was responsible during 2010-2011 for undertaking research and project coordination tasks in support of this Microsoft-funded programme to investigate the legal issues arising from the growing use of Cloud Computing. She remains consultant to the project on an ongoing part-time basis and is a research assistant on the A4Cloud EU project.
Kuan Hon originally qualified as a Solicitor of the Supreme Court of England and Wales and was admitted as an Attorney to the Bar of the State of New York. She then worked as a solicitor in the City of London, gaining broad experience in finance-related and commercial English legal issues (particularly banking, debt capital markets and corporate insolvency law).
Pursuing a long-standing interest in technology, she obtained an MSc in Computing Science with merit from Imperial College, London in 2009 and then an LLM in Computer and Communications Law with merit from Queen Mary, University of London in 2010.
Research
Research Interests:
Legal issues arising from the spread and adoption of Cloud Computing, particularly data protection, privacy and information governance.
Publications
Selected recent publications (and see also Kuan's papers on SSRN)
- ‘FOSS in Cloud Computing’ (with Jakub Menci) in Shemtov, Noam and Walden, Ian, Free and Open Source Software: Policy, Law, and Practice, Oxford University Press (2013)
- ‘How Do Restrictions on International Transfers of Personal Data Work in Clouds?’ (with Christopher Millard) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Which Law(s) Apply to Personal Data in Clouds?’ (with Christopher Millard and Julia Hörnle) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Who is Responsible for Personal Data in Clouds?’ (with Christopher Millard and Ian Walden) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘What is Regulated as Personal Data in Cloud Environments?’ (with Christopher Millard and Ian Walden) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Public Sector Cloud Contracts’ (with Christopher Millard and Ian Walden) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Negotiated Contracts for Cloud Services’ (with Christopher Millard and Ian Walden) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Control, Security and Risk in the Cloud’ (with Christopher Millard) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- ‘Cloud Technologies and Services’ (with Christopher Millard) in Millard, Christopher, Cloud Computing Law, Oxford University Press (2013)
- Negotiating Cloud Contracts - Looking at Clouds from Both Sides Now (with Christopher Millard and Ian Walden), Stanford Technology Law Review, 16 Stan Tech L Rev 81 (2012)
- This work has been reported eg by Forbes
- UK G-Cloud v1 and the impact on cloud contracts (with Christopher Millard and Ian Walden) – Part I, Communications Law, (2012) Volume 17 Number 3 p 78; part II, Communications Law, (2012) Volume 17 Number 4 p 121 - the full working paper on UK G-Cloud v1 is downloadable
- Cloud Computing vs Traditional Outsourcing – Key Differences, Society for Computers & Law, Oct 2012 (with Christopher Millard) - the full working paper is available on SSRN
- 'Data protection jurisdiction and cloud computing – when are cloud users and providers subject to EU data protection law? The cloud of unknowing', (2012) 26:2-3 International Review of Law, Computers & Technology Special Issue: Current Developments in Cyberlaw (SLS Cyberlaw Section 2011) (with Christopher Millard and Julia Hörnle)
- 'Cookies and Law Firm Compliance', Society for Computers & Law, June 2012
- 'US PATRIOT Act - Can UK cloud customers use US cloud providers?' (a summary of Ian Walden's updated paper), ComputerWorldUK Cloud Vision blog, 29 May 2012
- 'Cloud computing and EU data protection law: Part Two - On international transfers of personal data', ComputerWorldUK Cloud Vision blog, 23 Apr 2012
- 'UK G-Cloud v1 and the Impact on Cloud Contracts', summarised in G-Cloud v1: Cloud Legal Project’s Analysis, Society for Computers & Law, Apr 2012 (with Christopher Millard and Ian Walden)
- 'The 12 Cs of Cloud Computing - a Culinary Confection', Society for Computers & Law, Apr 2012
- 'Data Export in Cloud Computing – How can Personal Data be Transferred Outside the EEA? The Cloud of Unknowing, Part 4', (2012) 9:1 SCRIPTed 25 (with Christopher Millard)
- This work has been referenced eg in a study on Reforming the Data Protection Package for the European Parliament's Committee on Internal Market and Consumer Protection (IMCO), a study on Fighting Cyber Crime and Protecting Privacy in the Cloud for the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE), and a study for the European Parliament on The US National Security Agency (NSA) surveillance programmes (PRISM) and Foreign Intelligence Surveillance Act (FISA) activities and their impact on EU citizens' fundamental rights.
- 'Defining 'Personal Data' in E-Social Science', (2012) 15(1) Information, Communication and Society 66 (with Christopher Millard)
- ‘Who is responsible for ‘personal data’ in cloud computing?—The cloud of unknowing, Part 2', (2012) 2(1) International Data Privacy Law 3 (with Christopher Millard and Ian Walden)
- This work has been referenced eg in a study on Cloud Computing for the European Parliament's Committee on Internal Market and Consumer Protection (IMCO), a study on Reforming the Data Protection Package for the European Parliament's Committee on Internal Market and Consumer Protection (IMCO) and a study on Fighting Cyber Crime and Protecting Privacy in the Cloud for the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE)
- Cloud computing and EU data protection law, Part one: Understanding the international issues, ComputerWorldUK Cloud Vision blog, 28 Sep 2011
- 'The problem of ‘personal data’ in cloud computing: what information is regulated?—the cloud of unknowing', (2011) 1(4) International Data Privacy Law 211 (with Christopher Millard and Ian Walden)
- This work has been acknowledged eg by the UK Information Commissioner (p 11 text to fn 4), and referenced in the ICO's Anonymisation: Managing Data Protection Risk Code of Practice, a study on Cloud Computing for the European Parliament's Committee on Internal Market and Consumer Protection (IMCO), a study on Data Protection Review: Impact on EU Innovation and Competitiveness for the European Parliament's Committee on Industry, Research and Energy (ITRE) and a study on Fighting Cyber Crime and Protecting Privacy in the Cloud for the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE)
- Law enforcement agencies access rights to your cloud data (a summary of Ian Walden's paper), ComputerWorldUK Cloud Vision blog, 22 July 2011
- Who's responsible for personal data in cloud computing? You and your Saas, Paas and IaaS providers, ComputerWorldUK Cloud Vision blog, 23 May 2011
- Data protection, the law and you - The cloud of unknowing, and the "personal data" problem, ComputerWorldUK Cloud Vision blog, 13 Apr 2011.
Public Engagement
- Member of the Institute of Computer and Communications Law at CCLS
- 25 March 2014 - 'Data sovereignty – border controls for data clouds?', at Think Cloud for Government 2014, London, UK
- 27 November 2013 - Panelist, 'Myth-busting - The importance of understanding where your data is in the Cloud', Cloud Industry Forum, London, UK
- 19 November 2013 - 'Establishing a secure legal framework for Data Protection and Data privacy for cloud services', Information Security Financial Services Conference 2013, London, UK
- 13 September 2013 - 'Geography or technology, virtualisation and control', SCL Policy Forum "The Shock of the New" or "How we are losing (and gaining) control over data", London, UK
- 16 May 2013 - 'New technologies and paradigms, old laws (cloud, open data, big data)', at Eduserv Symposium 2013: In with the new, London, UK
- 25 April 2013 - 'Location location location', CloudCampLondon 19, London, UK
- 11 February 2013 - 'Role of contracts in cloud data protection', for the European Commission's DG-Connect, Brussels, Belgium
- 8 November 2012 - 'The Legal Background to Cloud Computing', for the British Computer Society's Advanced Programming Specialist Group, London, UK