• 05.04.2012

  SKW Schwarz advises KBC Bank on LBO of univativ group by Odewald KMU

• 30.03.2012

  SKW Schwarz strengthens corporate law practice and establishes notary's office in Berlin

• 27.03.2012

  SKW Schwarz advises Dialog Semiconductor on convertible bonds issue

Our areas of work Labour Law Banking and Finance Law Corporate Law/M&A ..Corporate Law..Antitrust Law..Mergers & Acquisitions..Private Equity/Venture CapitalIntellectual Property / Competition Law ..Life Sciences, Biotech..AdvertisingCommercial and Distribution Law Real Estate Law Insolvency Law and Restructuring IT Law, Internet & E-Business Media and Entertainment Law ..Cinema and TV..Games..Music..Press and publishing houses..AdvertisingPublic Economic Law Private Clients Litigation and Dispute Resolution, Mediation Transport Law Insurance Law Notaries

Lawyers Frank van Alen Dr. Dorothee Altenburg Jan M. Antholz Dr. Helmuth Baumeister Dr. Michael Berghaus Nikolaus Bertermann Christian von Bitter Eva Bonacker Dr. Claudia Böckmann Dr. Michael Brauch Klaus Brenken Prof. Dr. Wolfgang Burandt LL.M. Dr. Oliver M. Bühr Dr. Ilja Czernik Georg Delhaes Dr. Andreas Driver, LL.M. Dr. Ulrich Fuchs Markus von Fuchs LL.M. Dr. Andrea Geiger Hartmut Götze Norbert Guhl Dr. Stefan Hackel Dr. Christoph Haesner M.C.L. Dr. Gerd Hansen Lothar W. Heitmann Dominika Henning Florian Hensel Dr. Johann Heyde Dr. Magnus Hirsch Dr. Oliver Hornung Dr. Klaus Jankowski Dr. Bernd Joch Dr. Daniel Kaboth Christoph Kallenberg Dr. Wulf Kamlah Nasmin Robert Khan Klaus Kelwing Rene Kieselmann Norbert Klingner Sigrid Koppenhöfer Oliver Korte Dr. Olaf Kreißl Stefan Kridlo Sabine Kröger Dr. Eberhard Kromer MBA Christine Lingenfelser LL.M. Caroline Lorenz Wilfried Maas Christoph Meyer Frank Müller Dr. Ulrich Muth Dr. Andreas Mylaeus Dr. Karolin Nelles LL.M. Stephan Neubauer Ulrich Neumann Dr. Matthias Nordmann M.A. Pia Odefey Dr. Matthias Orthwein LL.M. Manfred Ottinger Dr. Andreas Peschel-Mehner Sven Preiss LL.M. Jan Prielipp Astrid Pütz Marc Pussar Dr. Ulrich Reber Ermbrecht Rindtorff Dr. Martin Römermann Christian Rutsch Jan-Dierk Schaal LL.M. Stefan C. Schicker LL.M. Mareike Schlegel Dr. Tatjana Schroeder Prof. Dr. Mathias Schwarz Maren Schultz-Heinecke, LL.M. Jan Schneider Martin Schweinoch Andreas Seidel Dr. Jürgen Sparr LL.M. Martin Stück Arndt Tetzlaff LL.M. Nathalie Wache Michael Wahl Dr. Sebastian Graf von Wallwitz LL.M. Maria-Urania Dovas, LL.M. Dr. Konstantin Wegner LL.M. Julian Westpfahl Dr. Manfred Westpfahl Hanna Karl Jenny Wieske Eylem Yildiz Dr. Josef Zeller Dr. Anne Zoll

Secure contractual arrangements decide the success of cloud IT solutions

• New cloud computing BITKOM manual to be presented at the IT summit on 7.12.

• Data security, data protection, liability and payment are critical factors for the success of cloud computing

• A lack of standards necessitates individual contractual arrangements

Companies can save money with cloud computing and make their IT more flexible – but only if critical points are settled in the contract with the cloud supplier. This is one of the findings from the new BITKOM manual “Cloud Computing – What Decision-makers need to know. Positioning, contract law, data protection, information security, compliance,” which is being presented at the IT summit with Federal Chancellor Angela Merkel in Dresden on 7 December 2010. For the first time the BITKOM manual summarizes the opportunities and risks of cloud IT solutions.

For many companies their own information technology is primarily expensive and complicated. Constant new demands from technical departments for faster data processing and new software are forcing IT departments to constantly expand their capacity. This is where cloud computing offers a promising approach: instead of investing in the expansion of their own IT themselves, free capacity from other networks is used and leased from so-called cloud suppliers as and when required. Besides storage capacity, these also offer software programs of all kinds, from systems through customer management to accounting or project management. This way, cloud use makes the company more flexible. A software manufacturer can, for example, make cost savings of approximately 60 percent for certain IT business processes using the cloud principle within the group.

However, outsourcing IT services is not wholly without risk. “It is often overlooked that cloud suppliers themselves obtain some IT services from third parties and are practically no more than dealers for them. The customer does not usually know which contractual agreements exist with suppliers for data security or data protection. However, in the worst case scenario he is responsible for the gaps in the system at the end of the day,” says attorney Martin Schweinoch from law firm SKW Schwarz, co-author of the manual and chairman of the BITKOM working group ITC contract preparation and jurisdiction.

The contract with the cloud supplier is therefore decisive in terms of actual benefits from cloud IT solutions. For what has long been technically possible is still unknown territory for jurisdiction and contract preparation. “Every company considering a cloud solution must clarify the aspects of data security, data protection, liability and systems of payment for its situation,” emphasizes Martin Schweinoch. Thus, for example, German data protection law provides that the storage location for personal data must be known, but with cloud this is often precisely not the case. As every Customer Relations Management system and every e-mail program contains personal data, most cloud software solutions involve the risk of infringing applicable law. “The lack of standards can only be offset by individual preparation of contracts at present,” says Schweinoch.

Emergency management has scarcely been considered in cloud computing solutions until now. What happens if the internet connection goes down and the company is cut off from cloud services? “A secure cloud computing solution must offer alternatives in this case and provide a contingency plan,” says Martin Schweinoch. He recommends systematically approaching cloud computing solutions like an IT project because the unplanned use of supposedly cheaper cloud IT solutions can quickly turn hoped-for advantages into the reverse. Schweinoch says, “With cloud IT, too, a calculation of the long-term investment is recommended in order to compare the actual usage charges with investment in one’s own IT.”
Data protection and data security can also be regulated by means of contractual arrangement with the supplier of cloud IT solutions. If the cloud supplier gives an undertaking that personal data in the cloud will remain inside EU borders, many data protection topics are defused. If the cloud supplier rejects such an undertaking, from a data protection perspective special measures are necessary and restrictions must be observed.

In the long-term Martin Schweinoch is certain that the German legal system will also have to react to technical development. “In a global, digital world companies can no longer be obliged only to access local data systems. But the legal framework is trailing behind the economic and technical possibilities.” Until legislation and jurisdiction offer appropriate answers, suppliers and customers are urgently advised to agree the framework conditions of the required solutions contractually.