In this paper, we analyse the results of a detailed survey of the privacy policies, and data protection terms more broadly, of 40 major cloud computing services, including Amazon Web Services, Google Cloud, and Microsoft Azure. We review terms relating to controller and processor designations;...

Effective protection of individuals under the EU’s General Data Protection Regulation (‘GDPR’) depends mainly on the ‘accountability’ of one or more persons, usually organizations, for ensuring compliance with relevant obligations. As we will see, identifying the ‘controllers’,...

This paper provides an analysis of the impact of using machine learning to conduct profiling of individuals in the context of the EU General Data Protection Regulation.We look at what profiling means and at the right that data subjects have not to be subject to decisions based solely on...

In this paper, we report the results of a detailed survey of the standard contracts for 40 major cloud computing services, including Amazon Web Services, Google Cloud, and Microsoft Azure. We cover a broad range of contractual issues, including clauses dealing with choice of law, termination,...

This article sets out the current regulatory framework within which the radiocommunication spectrum is managed at both international and national levels, with particular reference to the UK, prior to considering certain legal implications of reforms which have been proposed. Due to the...

This paper assesses some of the key legal and regulatory questions arising from the integration of physical robotic systems with cloud-based services, also called “cloud robotics.” The literature on legal and ethical issues in robotics has a strong focus on the robot itself, but largely...

This paper explores the extent to which public cloud computing is in fact being used in practice by banks operating in the EU, including global banks. It is based primarily on anonymised interviews with banks, cloud providers, advisers, and financial services regulators. This paper describes how...

In this document, we respond to the “Digital Assets and Private Law Public Consultation” (‘Consultation’) of the International Institute for the Unification of Private Law (‘UNIDROIT’). In its Consultation, UNIDROIT proposes a series of principles on digital assets and private law...

Where data centres located in the European Economic Area ('EEA') are utilised for cloud computing services, the customers, and in some circumstances even cloud service providers, could become subject to the EU Data Protection Directive on the basis that the data centre may be an...

The concept of ‘personal data’ under UK and EU data protection law is important for e-social science researchers in the EU who handle ‘personal data’, particularly in cross-border projects. The lack of harmonisation across different EU Member States is problematic. Uncertainties and...