Interested in training for your team? Click here to learn more

Data Protection in Cloud Computing Agreements: Allocating Risk, Interplay With Other Terms, Managing Compliance

Recording of a 90-minute CLE video webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Tuesday, January 30, 2024

Recorded event now available

or call 1-800-926-7926

This CLE course will explore the myriad issues associated with data protection provisions in cloud computing agreements. Business and technology counsel will hear from our expert panel as they discuss issue-spotting, key provisions for inclusion, and practical considerations for crafting data protection measures across different cloud applications.


Data protection ranks as one of the highest priorities for technology counsel when negotiating cloud computing agreements. Counsel for providers, end-users, and third-party vendors all face the challenge of ensuring that clear boundaries are set for the ownership, control, use, and access to hosted data across various service and deployment models. While the advantages of cloud computing are well documented, the exposure from poorly crafted data protection terms can prove devastating in the event of a breach.

Practitioners approaching the negotiation of these agreements must have a firm grasp on a few key considerations for data protection and how they play in the broader context of other contractual terms and inter-party agreements. For example, the parties' definition of "ownership" of hosted data should not only narrowly address the user's intellectual property rights but should also encompass the collateral issues of control over the data's use and rights of access. The agreement should squarely address liability and indemnity issues for parties to the primary agreement, but what measures are advisable for data management by third-party vendors?

Listen as our panel of experts offers guidance to practitioners facing these issues and provides practical insight on how to address some of the more challenging aspects of negotiating and drafting these contract terms.



  1. Data protection issues in cloud computing agreements
    1. Deployment model considerations
    2. Shared responsibility
    3. Compliance concerns
    4. Data breach risk
  2. Key drafting and negotiation considerations
    1. Relevant terms
    2. Balancing multi-customer terms with customer information security requirements
    3. Interplay with other provisions
    4. Interplay with other agreements


The panel will review these and other key issues:

  • How can data protection terms be crafted to afford broad compliance with privacy laws?
  • How can counsel for users and service providers effectively balance the risks associated with access to data by third-party vendors?
  • How can counsel use the cloud computing agreement's data protection terms to inform and manage the user's data retention policy?


Christy, Sean
Sean Christy

Norton Rose Fulbright US

Mr. Christy counsels public and privately-held companies around the world on technology, outsourcing and other...  |  Read More

Ross, Susan
Susan L. Ross

Senior Counsel
Norton Rose Fulbright US

Ms. Ross’ practice focused on technology and U.S. privacy matters. Her extensive experience with technology and...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video