Two papers have been published on SSRN as part of the Cloud Legal Project:
Caveat Consumer? – Consumer Protection and Cloud Computing Part 1 – Issues of Definition in the Cloud by Alan Cunningham & Chris Reed
Caveat Consumer? – Consumer Protection and Cloud Computing Part 2 – The Application of ex ante and ex post Consumer Protection Law in the Cloud by Alan Cunningham & Chris Reed
In the first paper, we explore a number of core issues of definition relating to the application of consumer protection in the cloud environment. First, we address the important question, what is a consumer for the purposes of consumer protection law in the context of cloud computing? We then examine the issue of mixed cloud use. Cloud services are often increasingly mixed in nature i.e. it can often be both for personal and for professional, or business, purposes. Such mixed use complicates the application of consumer protection laws in many instances, for if the use is more professional than personal, the user may well not be considered a consumer for the purpose of the law. In addition, the converse is equally true: businesses that use cloud services may also use them in a personal way, the demarcation being often equally unclear. These two phenomena have major implications regarding the assessment of responsibilities of cloud service providers under consumer protection law. In addition, cloud services, especially those that are free, may often be used in relation to activities undertaken during the foundation of a business. Again, such “foundational” use by a private individual makes identification of a legal 'consumer' difficult.Finally, the question of whether cloud computing companies are providing a good, a service or something sui generis requires addressing, because the correct categorization of cloud computing in this regard has implications for the types of consumer protection laws that will apply.
In the second paper, having addressed a number of issues of definition, the applicability of existing consumer protection laws to cloud computing is explored. Specifically the paper examines (a) the applicability of ex post consumer protection law as to standard, non-negotiable terms and conditions, assessing them as to potential unfairness and also (b) the role of ex ante consumer protection law in regulating the manner in which cloud service providers ought to advertise and communicate, in general terms, to and with consumers.