Cloud computing continues to be a powerful and cost-effective means to build a business with international reach. Regardless of where the business is located, any person in the world with access to a web browser is a potential customer. Here are some legal tips regarding cloud computing.
1. Know which laws apply.
Despite wishful thinking in the early days that online communications would be free of local laws, the reality is that the law remains stubbornly rooted to local geography. Different laws apply depending on the location of each server, the location of each business office, and the location of each user or other customer. You should learn which laws apply to your business.
2. Keep your customers close and your servers closer.
When starting and growing a cloud computing business in the United States, initially limit your customer base to the U.S. and keep your data on servers physically located in the U.S. to keep legal compliance simple. You can roll out the business to other countries later as you grow.
3. Encrypt, encrypt, encrypt.
When possible, you should encrypt all personal information that you store, process, or share at all times, including when the data is in transit and at rest. If your business is hacked, then most state laws require you to notify each person represented in the database, unless the data is encrypted. Encrypting personal information not only protects your customers better, it may also reduce your costs of compliance.
4. Put your user agreement in your customer’s face.
Online contracts, often called “clickwraps,” are generally enforceable in the United States if you give the customer the right to read the agreement before and after clicking the “I Agree” button. It must be obvious to the customer that taking an action, such as clicking the “I Agree” button, binds them to the clickwrap. If the clickwrap is hard to locate or is on a different part of the screen from the “I Agree” button, then the clickwrap may not be enforceable. Put the clickwrap (or a link to the clickwrap) right in the customer’s face and right next to the “I Agree” button. You should also record the date and time that the customer clicks the “I Agree” button as part of the data you store for that customer.
5. Use your domain name as your trademark.
Domain names are subject to written contracts with the domain name company and a United States law that protects trademark rights in domain names. If you use your domain name as a trademark and then register that trademark with the U.S. Patent and Trademark Office, that makes it harder for anyone to claim that your domain name infringes their trademark rights, and it protects your trademarks. Since many customers guess that the domain name or URL of a company matches its trademark, obtaining a trademark registration on the term also protects the method by which some of your customers find you online.
