Skip to main content Accessibility help
×
Hostname: page-component-cd9895bd7-dzt6s Total loading time: 0 Render date: 2024-12-27T06:37:49.489Z Has data issue: false hasContentIssue false

References

Published online by Cambridge University Press:  10 December 2021

Kevin McGillivray
Affiliation:
Norwegian Research Centre for Computers and Law
Get access

Summary

Image of the first page of this content. For PDF version, please use the ‘Save PDF’ preceeding this image.'
Type
Chapter
Information
Government Cloud Procurement
Contracts, Data Protection, and the Quest for Compliance
, pp. 253 - 285
Publisher: Cambridge University Press
Print publication year: 2021

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

References

Primary Sources

Charter of Fundamental Rights of the European Union [2012] OJ C 326, 391Google Scholar
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995] OJ L 281, 31Google Scholar
Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market [2000] OJ L 178, 1Google Scholar
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [2002] OJ L 201, 37Google Scholar
Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council Text with EEA relevance [2011] OJ L 304, 64Google Scholar
Directive 2014/25/EU of the European Parliament and of the Council of 26 February 2014 on procurement by entities operating in the water, energy, transport and postal services sectors and repealing Directive 2004/17/EC Text with EEA relevance [2014] OJ L 94, 243Google Scholar
Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union [2016] OJ L 194, 1Google Scholar
Regulation (EC) No 864/2007 of the European Parliament and of the Council of 11 July 2007 on the law applicable to non-contractual obligations (Rome II) [2007] OJ L 199, 40Google Scholar
Regulation (EC) No 593/2008 of the European Parliament and of the Council of 17 June 2008 on the law applicable to contractual obligations (Rome I) [2008] OJ L 177, 6Google Scholar
Regulation (EU) No 1215/2012 of the European Parliament and of the Council of 12 December 2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters (recast) [2012] OJ L 351, 1Google Scholar
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance) [2016] OJ L 119, 1Google Scholar
Commission Decision 2000/520/EC on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce [2000] OJ L215/7Google Scholar
Commission Decision of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries, under Directive 95/46/EC (2001/497/EC) [4 July 2001] OJ L181/19Google Scholar
Commission Decision of 27 December 2001 on standard contractual clauses for the transfer of personal data to processors established in third countries, under Directive 95/46/EC (2002/16/EC) [10 January 2002] OJ L6/52Google Scholar
Commission Decision of 27 December 2004 amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries (2004/915/EC) [29 December 2004] OJ L385/74Google Scholar
Commission Implementing Regulation (EU) 2015/806 of 22 May 2015 laying down specifications relating to the form of the EU trust mark for qualified trust services (Text with EEA relevance) C/2015/3364Google Scholar
Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-US Privacy Shield (notified under document C (2016) 4176) (Text with EEA relevance) C/2016/4176Google Scholar
Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data (Convention 108)Google Scholar
European Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as Amended) (ECHR) (1950)Google Scholar
Administrative Procedure Act, Pub. L. No. 79–404, 60 Stat. 237 (codified as amended at 5 U.S.C. §§ 551–706)Google Scholar
Bank Secrecy Act, Pub. L. 91–508, Titles I, II, 84 Stat. 1114 to 1124 (1970) (as codified at 12 U.S.C.A. § 1951–59)Google Scholar
Children’s Online Privacy Protection 15 U.S.C. §§ 6501–06, Pub. L. 105–277Google Scholar
Clarifying Lawful Overseas Use of Data Act (CLOUD Act) part of the Consolidated Appropriations Act, 2018, Pub. L. 115–141.Google Scholar
Computer Fraud and Abuse Act, Pub. L. 99–474, 18 U.S.C. § 1030Google Scholar
Electronic Communications Privacy Act of 1986, Pub. L. 99–508, § 201, 100 Stat. 1848, 1860–68 (codified as amended at 18 U.S.C. §§ 2701–12)Google Scholar
Fair Credit Reporting Act of 1970, 15 U.S.C. § 1681Google Scholar
Family Education Rights and Privacy Act of 1974, Pub. L. 93–380, 88 Stat. 484 (1974) (codified as amended at 20 USC § 1232)Google Scholar
Federal Information Security Management Act of 2002, 44 U.S.C. § 3541Google Scholar
Federal Trade Commission Act, 15 U.S.C.A. § 45(a)Google Scholar
Freedom of Information Act, 5 U.S.C. § 552, As Amended by Public Law No. 104–231, 110 Stat. 3048Google Scholar
Genetic Information Nondiscrimination Act of 2008, Pub. L. 110–233, 122 Stat. 881 (2008) (codified at 42 U.S.C.A. §§ 2000ff et. seq.)Google Scholar
Gramm–Leach–Bliley Financial Modernization Act, Pub. L. 106–102, 113 Stat. 1338 (codified at 15 U.S.C. §§ 6801–09)Google Scholar
Right to Financial Privacy Act of 1978, Pub. L. 95–630, 92 Stat. 3697 (1978) (codified as amended at 12 U.S.C. §§ 3401–22)Google Scholar
Stored Communications Act, Codified at 18 U.S.C. Chapter 121 §§ 2701–12Google Scholar
United States Constitution, Amendment IVGoogle Scholar
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001, Pub. L. 107–156, 115 Stat. 272Google Scholar
US Health Information Technology for Economic and Clinical Health Act, 42 U.S.C. § 17932 (2012)Google Scholar
US Health Insurance Portability and Accountability Act of 1996, Pub. L. 104–191, 110 Stat. 1936Google Scholar
Video Privacy Protection Act, Pub L. 100–618, 102 Stat. 3195 (1988) (codified at 18 U.S.C. § 2710) (2012)Google Scholar

Secondary Sources

Charter of Fundamental Rights of the European Union [2012] OJ C 326, 391Google Scholar
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data [1995] OJ L 281, 31Google Scholar
Directive 2000/31/EC of the European Parliament and of the Council of 8 June 2000 on certain legal aspects of information society services, in particular electronic commerce, in the Internal Market [2000] OJ L 178, 1Google Scholar
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications) [2002] OJ L 201, 37Google Scholar
Directive 2011/83/EU of the European Parliament and of the Council of 25 October 2011 on consumer rights, amending Council Directive 93/13/EEC and Directive 1999/44/EC of the European Parliament and of the Council and repealing Council Directive 85/577/EEC and Directive 97/7/EC of the European Parliament and of the Council Text with EEA relevance [2011] OJ L 304, 64Google Scholar
Directive 2014/25/EU of the European Parliament and of the Council of 26 February 2014 on procurement by entities operating in the water, energy, transport and postal services sectors and repealing Directive 2004/17/EC Text with EEA relevance [2014] OJ L 94, 243Google Scholar
Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union [2016] OJ L 194, 1Google Scholar
Regulation (EC) No 864/2007 of the European Parliament and of the Council of 11 July 2007 on the law applicable to non-contractual obligations (Rome II) [2007] OJ L 199, 40Google Scholar
Regulation (EC) No 593/2008 of the European Parliament and of the Council of 17 June 2008 on the law applicable to contractual obligations (Rome I) [2008] OJ L 177, 6Google Scholar
Regulation (EU) No 1215/2012 of the European Parliament and of the Council of 12 December 2012 on jurisdiction and the recognition and enforcement of judgments in civil and commercial matters (recast) [2012] OJ L 351, 1Google Scholar
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance) [2016] OJ L 119, 1Google Scholar
Commission Decision 2000/520/EC on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce [2000] OJ L215/7Google Scholar
Commission Decision of 15 June 2001 on standard contractual clauses for the transfer of personal data to third countries, under Directive 95/46/EC (2001/497/EC) [4 July 2001] OJ L181/19Google Scholar
Commission Decision of 27 December 2001 on standard contractual clauses for the transfer of personal data to processors established in third countries, under Directive 95/46/EC (2002/16/EC) [10 January 2002] OJ L6/52Google Scholar
Commission Decision of 27 December 2004 amending Decision 2001/497/EC as regards the introduction of an alternative set of standard contractual clauses for the transfer of personal data to third countries (2004/915/EC) [29 December 2004] OJ L385/74Google Scholar
Commission Implementing Regulation (EU) 2015/806 of 22 May 2015 laying down specifications relating to the form of the EU trust mark for qualified trust services (Text with EEA relevance) C/2015/3364Google Scholar
Commission Implementing Decision (EU) 2016/1250 of 12 July 2016 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the EU-US Privacy Shield (notified under document C (2016) 4176) (Text with EEA relevance) C/2016/4176Google Scholar
Convention for the Protection of Individuals with Regard to Automatic Processing of Personal Data (Convention 108)Google Scholar
European Convention for the Protection of Human Rights and Fundamental Freedoms (European Convention on Human Rights, as Amended) (ECHR) (1950)Google Scholar
Administrative Procedure Act, Pub. L. No. 79–404, 60 Stat. 237 (codified as amended at 5 U.S.C. §§ 551–706)Google Scholar
Bank Secrecy Act, Pub. L. 91–508, Titles I, II, 84 Stat. 1114 to 1124 (1970) (as codified at 12 U.S.C.A. § 1951–59)Google Scholar
Children’s Online Privacy Protection 15 U.S.C. §§ 6501–06, Pub. L. 105–277Google Scholar
Clarifying Lawful Overseas Use of Data Act (CLOUD Act) part of the Consolidated Appropriations Act, 2018, Pub. L. 115–141.Google Scholar
Computer Fraud and Abuse Act, Pub. L. 99–474, 18 U.S.C. § 1030Google Scholar
Electronic Communications Privacy Act of 1986, Pub. L. 99–508, § 201, 100 Stat. 1848, 1860–68 (codified as amended at 18 U.S.C. §§ 2701–12)Google Scholar
Fair Credit Reporting Act of 1970, 15 U.S.C. § 1681Google Scholar
Family Education Rights and Privacy Act of 1974, Pub. L. 93–380, 88 Stat. 484 (1974) (codified as amended at 20 USC § 1232)Google Scholar
Federal Information Security Management Act of 2002, 44 U.S.C. § 3541Google Scholar
Federal Trade Commission Act, 15 U.S.C.A. § 45(a)Google Scholar
Freedom of Information Act, 5 U.S.C. § 552, As Amended by Public Law No. 104–231, 110 Stat. 3048Google Scholar
Genetic Information Nondiscrimination Act of 2008, Pub. L. 110–233, 122 Stat. 881 (2008) (codified at 42 U.S.C.A. §§ 2000ff et. seq.)Google Scholar
Gramm–Leach–Bliley Financial Modernization Act, Pub. L. 106–102, 113 Stat. 1338 (codified at 15 U.S.C. §§ 6801–09)Google Scholar
Right to Financial Privacy Act of 1978, Pub. L. 95–630, 92 Stat. 3697 (1978) (codified as amended at 12 U.S.C. §§ 3401–22)Google Scholar
Stored Communications Act, Codified at 18 U.S.C. Chapter 121 §§ 2701–12Google Scholar
United States Constitution, Amendment IVGoogle Scholar
Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act of 2001, Pub. L. 107–156, 115 Stat. 272Google Scholar
US Health Information Technology for Economic and Clinical Health Act, 42 U.S.C. § 17932 (2012)Google Scholar
US Health Insurance Portability and Accountability Act of 1996, Pub. L. 104–191, 110 Stat. 1936Google Scholar
Video Privacy Protection Act, Pub L. 100–618, 102 Stat. 3195 (1988) (codified at 18 U.S.C. § 2710) (2012)Google Scholar
Big Brother Watch and Others v. the United Kingdom (applications nos. 58170/13, 62322/14, and 24960/15) [2018] ECHRGoogle Scholar
Bodil Lindqvist (C-101/01) [2003] CJEUGoogle Scholar
Breyer v. Germany (C-582/14) [2016] CJEUGoogle Scholar
Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems [2017] IEHC 545Google Scholar
Digital Rights Ireland v. Ireland and Kärntner Landesregierung, Tschohl, Seitlinger and Others (C-293/12 and C-594/12) [2014] CJEUGoogle Scholar
Falk Pharma GmbH v. DAK-Gesundheit (C-410/14) [2016] CJEUGoogle Scholar
Google LLC v. Commission Nationale de l’Informatique et des Libertés (CNIL) (C-507/17) [2019] CJEUGoogle Scholar
Google Spain SL, Google Inc. v. Agencia Espannola de Proteccion de Datos (AEPD), Mario Costeja Gonzalez (C-131/12) [2014] CJEUGoogle Scholar
Heinz Huber v. Federal Republic of Germany (C-524/06) [2008] CJEUGoogle Scholar
Maximillian Schrems v. Data Protection Commissioner (C362/14) [2015] CJEUGoogle Scholar
Peter Nowak v. Data Protection Commissioner (C-434/16) [2017] CJEUGoogle Scholar
Peter Pammer v. Reederei Karl Schlüter GmbH & Co. KG (C-585/08) and Hotel Alpenhof GesmbH v. Oliver Heller (C-144/09) [2010] CJEUGoogle Scholar
Tirkkonen v. Maaseutuvirasto (C-9/17) [2018] CJEUGoogle Scholar
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v. Wirtschaftsakademie Schleswig-Holstein GmbH (C-210/16) [2018] CJEUGoogle Scholar
UsedSoft GmbH v. Oracle International Corp (C-128/11) [2012] CJEUGoogle Scholar
Weltimmo s.r.o. v. Nemzeti Adatvédelmi és Információszabadság Hatóság (C-230/14) [2015] CJEUGoogle Scholar
AstraZeneca v. International Business Machines Corporation [2011] EWHC 306 (TCC)Google Scholar
Cavendish Square Holding BV v. Talal El Makdessi [2015] UKSC 67 [2015] 3 WLR 1373Google Scholar
GB Gas Holdings Limited v. Accenture (UK) Limited and others [2010] EWCA (Civ) 912Google Scholar
Hadley v. Baxendale [1854] 9 Ex 341, 156 Eng Rep 145 (Court of Exchequer)Google Scholar
Nash and others v. Paragon Finance Plc [2001] EWCA (Civ) 1466Google Scholar
St Albans City and DC v. International Computers Ltd [1996] 4 All ER 481Google Scholar
Amazon Web Services, Incorporated v. United States, 113 Fed. Cl. 102 (2014)Google Scholar
American Broadcasting Co., Inc. v. Aereo, Inc., 134 Supreme Court 2498 (2014)Google Scholar
Applied Data Processing, Inc. v. Burroughs Corp., 394 F. Supp. 504 (D. Conn. 1975)Google Scholar
Carpenter v. United States, 138 U.S. 2206 (2018)Google Scholar
Couch v. United States, 409 U.S. 322 (1973)Google Scholar
EEOC v. United Parcel Serv., Inc., 587 F 3d 136, 139–140 (2d Cir 2009)Google Scholar
Ellis v. Cartoon Network, Inc., 803 F. 3d 1251 (11th. Cir. 2015)Google Scholar
FTC v. Wyndham Worldwide Corp., 799 F. 3d 236 (3d Cir. 2015)Google Scholar
Griswold v. Connecticut, 381 U.S. 479 (1965)Google Scholar
Katz v. United States, 389 U.S. 347 (1967)Google Scholar
LabMD, Inc. v. FTC, 894 F. 3d 1221 (2018)Google Scholar
Microsoft Corporation v. United States 829 F.3d 197 (2d Cir. 2016)Google Scholar
Microsoft Corp. v. United States, 855 F.3d 53 (2d Cir. 2017)Google Scholar
Re Warrant to Search a Certain Email Account Controlled & Maintained by Microsoft Corp., 15 F. Supp. 3d 446 (2014)Google Scholar
Re Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corp., 829 F. 3d 197, 204 (CA2 2016)Google Scholar
Re Search Warrant to Google, 232 F. Supp 3d 708 (2017)Google Scholar
Riley v. California, 134 U.S. 2473 (2014)Google Scholar
Smith v. Maryland, 442 U.S. 735 (1979)Google Scholar
State of Indiana v. IBM, 51 NE. 3d 150 (2015)Google Scholar
United States, Petitioner v. Microsoft Corporation on Writ of Certiorari to the United States Court of Appeals for the Second Circuit, 584 U.S. ____ (2018)Google Scholar
United States v. Miller, 425 U.S. 435 (1976)Google Scholar
US v. Jones, 565 U.S. 400 (2012)Google Scholar
Warshak v. United States, 490 F. 3d 455 (6th Cir. 2007)Google Scholar
Wartsila NSD North America, Inc. v. Hill Intern, Inc., 436 F. Supp. 2d 690 (2006)Google Scholar
SS Lotus (France v. Turkey) 1927 PCIJ (ser. A) No 10 (7 September 1927)Google Scholar
Krishnamurthy, V. and Kortzus, M., ‘Brief Amicus Curiae of UN Special Rapporteur on the Right to Privacy Joseph Cannataci in Support of Neither Party’ in US v. Microsoft Corporation (2017)Google Scholar
Vandenberg, J., ‘Brief for 51 Computer Scientists as Amici Curiae in Support of the Respondent’ in Amici Curie Brief Filed in Microsoft Warrant Case (2017)Google Scholar
Thon, B. and Alhaug, G., ‘Varsel om vedtak – overtredelsesgebyr – Akershus universitetssykehus HF’ [Notification of Decision and Fine – Akershus University Hospital] (Datatilsynet [Norwegian DPA]) (2017) www.datatilsynet.no/globalassets/global/regelverk/avgjorelser-datatilsynet/2017/16-01531-53-varsel-om-vedtak--overtredelsesgebyr--akershus-universitetssykehus-hf--222955_3_1.pdfGoogle Scholar
Big Brother Watch and Others v. the United Kingdom (applications nos. 58170/13, 62322/14, and 24960/15) [2018] ECHRGoogle Scholar
Bodil Lindqvist (C-101/01) [2003] CJEUGoogle Scholar
Breyer v. Germany (C-582/14) [2016] CJEUGoogle Scholar
Data Protection Commissioner v. Facebook Ireland Limited and Maximillian Schrems [2017] IEHC 545Google Scholar
Digital Rights Ireland v. Ireland and Kärntner Landesregierung, Tschohl, Seitlinger and Others (C-293/12 and C-594/12) [2014] CJEUGoogle Scholar
Falk Pharma GmbH v. DAK-Gesundheit (C-410/14) [2016] CJEUGoogle Scholar
Google LLC v. Commission Nationale de l’Informatique et des Libertés (CNIL) (C-507/17) [2019] CJEUGoogle Scholar
Google Spain SL, Google Inc. v. Agencia Espannola de Proteccion de Datos (AEPD), Mario Costeja Gonzalez (C-131/12) [2014] CJEUGoogle Scholar
Heinz Huber v. Federal Republic of Germany (C-524/06) [2008] CJEUGoogle Scholar
Maximillian Schrems v. Data Protection Commissioner (C362/14) [2015] CJEUGoogle Scholar
Peter Nowak v. Data Protection Commissioner (C-434/16) [2017] CJEUGoogle Scholar
Peter Pammer v. Reederei Karl Schlüter GmbH & Co. KG (C-585/08) and Hotel Alpenhof GesmbH v. Oliver Heller (C-144/09) [2010] CJEUGoogle Scholar
Tirkkonen v. Maaseutuvirasto (C-9/17) [2018] CJEUGoogle Scholar
Unabhängiges Landeszentrum für Datenschutz Schleswig-Holstein v. Wirtschaftsakademie Schleswig-Holstein GmbH (C-210/16) [2018] CJEUGoogle Scholar
UsedSoft GmbH v. Oracle International Corp (C-128/11) [2012] CJEUGoogle Scholar
Weltimmo s.r.o. v. Nemzeti Adatvédelmi és Információszabadság Hatóság (C-230/14) [2015] CJEUGoogle Scholar
AstraZeneca v. International Business Machines Corporation [2011] EWHC 306 (TCC)Google Scholar
Cavendish Square Holding BV v. Talal El Makdessi [2015] UKSC 67 [2015] 3 WLR 1373Google Scholar
GB Gas Holdings Limited v. Accenture (UK) Limited and others [2010] EWCA (Civ) 912Google Scholar
Hadley v. Baxendale [1854] 9 Ex 341, 156 Eng Rep 145 (Court of Exchequer)Google Scholar
Nash and others v. Paragon Finance Plc [2001] EWCA (Civ) 1466Google Scholar
St Albans City and DC v. International Computers Ltd [1996] 4 All ER 481Google Scholar
Amazon Web Services, Incorporated v. United States, 113 Fed. Cl. 102 (2014)Google Scholar
American Broadcasting Co., Inc. v. Aereo, Inc., 134 Supreme Court 2498 (2014)Google Scholar
Applied Data Processing, Inc. v. Burroughs Corp., 394 F. Supp. 504 (D. Conn. 1975)Google Scholar
Carpenter v. United States, 138 U.S. 2206 (2018)Google Scholar
Couch v. United States, 409 U.S. 322 (1973)Google Scholar
EEOC v. United Parcel Serv., Inc., 587 F 3d 136, 139–140 (2d Cir 2009)Google Scholar
Ellis v. Cartoon Network, Inc., 803 F. 3d 1251 (11th. Cir. 2015)Google Scholar
FTC v. Wyndham Worldwide Corp., 799 F. 3d 236 (3d Cir. 2015)Google Scholar
Griswold v. Connecticut, 381 U.S. 479 (1965)Google Scholar
Katz v. United States, 389 U.S. 347 (1967)Google Scholar
LabMD, Inc. v. FTC, 894 F. 3d 1221 (2018)Google Scholar
Microsoft Corporation v. United States 829 F.3d 197 (2d Cir. 2016)Google Scholar
Microsoft Corp. v. United States, 855 F.3d 53 (2d Cir. 2017)Google Scholar
Re Warrant to Search a Certain Email Account Controlled & Maintained by Microsoft Corp., 15 F. Supp. 3d 446 (2014)Google Scholar
Re Warrant to Search a Certain E-Mail Account Controlled and Maintained by Microsoft Corp., 829 F. 3d 197, 204 (CA2 2016)Google Scholar
Re Search Warrant to Google, 232 F. Supp 3d 708 (2017)Google Scholar
Riley v. California, 134 U.S. 2473 (2014)Google Scholar
Smith v. Maryland, 442 U.S. 735 (1979)Google Scholar
State of Indiana v. IBM, 51 NE. 3d 150 (2015)Google Scholar
United States, Petitioner v. Microsoft Corporation on Writ of Certiorari to the United States Court of Appeals for the Second Circuit, 584 U.S. ____ (2018)Google Scholar
United States v. Miller, 425 U.S. 435 (1976)Google Scholar
US v. Jones, 565 U.S. 400 (2012)Google Scholar
Warshak v. United States, 490 F. 3d 455 (6th Cir. 2007)Google Scholar
Wartsila NSD North America, Inc. v. Hill Intern, Inc., 436 F. Supp. 2d 690 (2006)Google Scholar
SS Lotus (France v. Turkey) 1927 PCIJ (ser. A) No 10 (7 September 1927)Google Scholar
Krishnamurthy, V. and Kortzus, M., ‘Brief Amicus Curiae of UN Special Rapporteur on the Right to Privacy Joseph Cannataci in Support of Neither Party’ in US v. Microsoft Corporation (2017)Google Scholar
Vandenberg, J., ‘Brief for 51 Computer Scientists as Amici Curiae in Support of the Respondent’ in Amici Curie Brief Filed in Microsoft Warrant Case (2017)Google Scholar
Thon, B. and Alhaug, G., ‘Varsel om vedtak – overtredelsesgebyr – Akershus universitetssykehus HF’ [Notification of Decision and Fine – Akershus University Hospital] (Datatilsynet [Norwegian DPA]) (2017) www.datatilsynet.no/globalassets/global/regelverk/avgjorelser-datatilsynet/2017/16-01531-53-varsel-om-vedtak--overtredelsesgebyr--akershus-universitetssykehus-hf--222955_3_1.pdfGoogle Scholar
Thon, B. and Alhaug, G., ‘Varsel om vedtak – overtredelsesgebyr – Akershus universitetssykehus HF’ [Notification of Decision and Fine – Akershus University Hospital] (Datatilsynet [Norwegian DPA]) (2017) www.datatilsynet.no/globalassets/global/regelverk/avgjorelser-datatilsynet/2017/16-01531-53-varsel-om-vedtak--overtredelsesgebyr--akershus-universitetssykehus-hf--222955_3_1.pdfGoogle Scholar
Bar, C. and others, ‘Principles, Definitions and Model Rules of European Private Law: Draft Common Frame of Reference (DCFR): Vol. 1’ (Full ed., Sellier 2009) sec. IIGoogle Scholar
Costello, M., ‘Data Security Generally’ 1 Data Security & Privacy Law Westlaw (2017) sec. 3: 2Google Scholar
Restatement (Fourth) of Foreign Relations Law, ‘Jurisdiction Based on Effects’ (2016) sec. 213Google Scholar
Restatement (Second) of Contracts, ‘Contract Defined’ (1981) sec. 1Google Scholar
Restatement (Second) of Contracts, ‘Intended and Incidental Beneficiaries’ (1981) sec. 302Google Scholar
Restatement (Third) of Foreign Relations Law, ‘Bases of Jurisdiction to Prescribe’ (1987) sec. 402Google Scholar
Uniform Commercial Code (UCC), ‘Article 2 – Implied Warranty of Merchantability’ (2002) sec. 2-314-315Google Scholar
Uniform Commercial Code (UCC), ‘Article 2 – Sales: Breach, Repudiation and Excuse’ (2002) sec. 2-615Google Scholar
Datatilsynet [Norwegian Data Protection Authority], ‘Reply - Use of Microsoft Office 365 Cloud Computing Services - Municipality of Moss’ Vol 11/01198-4/LON (2012)Google Scholar
Datatilsynet [Norwegian Data Protection Authority], ‘Saken avsluttes - Ny e-postløsning i Narvik Kommune-Google Apps’ [‘Case Closed- New Email solution for Narvik Municipality – Google Apps’] Vol. 11/00593-18 RTH (2012)Google Scholar
European Data Protection Board, ‘Endorsement 1/2018’ (25 May 2018) https://edpb.europa.eu/sites/edpb/files/files/news/endorsement_of_wp29_documents_en_0.pdfGoogle Scholar
European Data Protection Board, ‘European Data Protection Board Rules of Procedure’ (25 May 2018) https://edpb.europa.eu/sites/edpb/files/files/file1/edpb_rop_adopted_en.pdfGoogle Scholar
European Data Protection Board, ‘Statement of the EDPB on the Revision of the ePrivacy Regulation and its Impact on the Protection of Individuals with Regard to the Privacy and Confidentiality of their Communications’ (25 May 2018) https://edpb.europa.eu/our-work-tools/our-documents/other/edpb-statement-eprivacy-25052018_enGoogle Scholar
European Data Protection Board, ‘Guidelines 4/2019 on Article 25 Data Protection by Design and by Default’ Version 2.0 (20 October 2020) https://edpb.europa.eu/our-work-tools/our-documents/guidelines/guidelines-42019-article-25-data-protection-design-and_enGoogle Scholar
European Data Protection Board, ‘Frequently Asked Questions on the Judgment of the Court of Justice of the European Union in Case C-311/18 - Data Protection Commissioner v Facebook Ireland Ltd and Maximillian Schrems 24/ 07/2020’ (23 July 2020) https://edpb.europa.eu/our-work-tools/our-documents/ohrajn/frequently-asked-questions-judgment-court-justice-european-union_enGoogle Scholar
European Data Protection Board, ‘Recommendations 01/2020 on Measures that Supplement Transfer Tools to Ensure Compliance with the EU Level of Protection of Personal Data - Version for Public Consultation’ (11 November 2020) https://edpb.europa.eu/our-work-tools/public-consultations-art-704/2020/recommendations-012020-measures-supplement-transfer_enGoogle Scholar
European Data Protection Board, ‘Guidelines 3/2018 on the territorial scope of the GDPR (Article 3)- Version for public consultation’ (16 November 2018) https://edpb.europa.eu/our-work-tools/public-consultations/2018/guidelines-32018-territorial-scope-gdpr-article-3_enGoogle Scholar
European Data Protection Supervisor, ‘Guidelines on the Use of Cloud Computing Services by the European Institutions and Bodies’ (16 March 2018) https://edps.europa.eu/data-protection/our-work/publications/guidelines/guidelines-use-cloud-computing-services-european_enGoogle Scholar
European Data Protection Supervisor, ‘Opinion 5/2018 Preliminary Opinion on Privacy by Design’ (2018) https://edps.europa.eu/data-protection/our-work/publications/opinions/privacy-design_enGoogle Scholar
European Data Protection Supervisor, ‘The Transfer of Personal Data to Third Countries and International Organisations by EU Institutions and Bodies’ (2014) https://edps.europa.eu/sites/edp/files/publication/14-07-14_transfer_third_countries_en.pdfGoogle Scholar
Federal Trade Commission, ‘ASUS Settles FTC Charges That Insecure Home Routers and “Cloud” Services Put Consumers’ Privacy at Risk’ Press Release (23 February 2016) www.ftc.gov/news-events/press-releases/2015/12/lifelock-pay-100-million-consumers-settle-ftc-charges-it-violatedGoogle Scholar
Federal Trade Commission, ‘Facebook Settles FTC Charges That It Deceived Consumers by Failing to Keep Privacy Promises’ Press Release (17 December 2015) www.ftc.gov/news-events/press-releases/2015/12/lifelock-pay-100-million-consumers-settle-ftc-charges-it-violatedGoogle Scholar
Federal Trade Commission and ASUSTeK Computer, Inc., ‘Agreement Containing Consent Order File No. 1423156’ (2016) www.ftc.gov/system/files/documents/cases/160222asusagree.pdfGoogle Scholar
Information Commissioner Elizabeth Denham, ‘Investigation into the Use of Data Analytics in Political Campaigns’ United Kingdom Information Commissioner (ICO) Report (11 July 2018) https://ico.org.uk/media/action-weve-taken/2259371/investigation-into-data-analytics-for-political-purposes-update.pdfGoogle Scholar
Information Commissioner’s Office, ‘Guidance on the Use of Cloud Computing 2012100 2 Version: 1.1’ (2012) https://ico.org.uk/media/fororganisations/documents/1540/cloud_computing_guidance_for_organisations.pdfGoogle Scholar
WP29, ‘Guidelines on Consent under Regulation 2016/679’ 259 rev. 01 (2018)Google Scholar
WP29, ‘Guidelines on Consent under Regulation 2016/679’ 259 (2017)Google Scholar
WP29, ‘Guidelines on Data Protection Impact Assessment (DPIA) and Determining whether Processing Is “Likely to Result in a High Risk” for the Purposes of Regulation 2016/679’ 248 rev. 01 (2017)Google Scholar
WP29, ‘Guidelines on Data Protection Officers’ 243 rev. 01 (2017)Google Scholar
WP29, ‘Guidelines on Personal Data Breach Notification under Regulation 2016/679’ wp250 rev.01 (2017)Google Scholar
WP29, ‘Guidelines on the Application and Setting of Administrative Fines for the Purpose of the Regulation 2016/679’ 253 (2017)Google Scholar
WP29, ‘Guidelines on the Right to Data Portability’ 242 rev. 01 (2017)Google Scholar
WP29, ‘Guidelines on Transparency under Regulation 2016/679’ 260 (2016)Google Scholar
WP29, ‘Letter of Ms Falque-Pierrotin (ART29 WP) to CISPE’ (2018)Google Scholar
WP29, ‘Opinion 01/2016 on the EU – U.S. Privacy Shield Draft Adequacy Decision’ 238 (2016)Google Scholar
WP29, ‘Opinion 1/2010 on the Concepts of “Controller” and “Processor”’ 169 (2010)Google Scholar
WP29, ‘Opinion 2/2017 on Data Processing at Work’ 249 (2017)Google Scholar
WP29, ‘Opinion 03/2013 on Purpose Limitation’ 203 (2013)Google Scholar
WP29, ‘Opinion 3/2010 on the Principle of Accountability’ 173 (2010)Google Scholar
WP29, ‘Opinion 4/2007 on the Concept of Personal Data’ 136 (2007)Google Scholar
WP29, ‘Opinion 05/2012 on Cloud Computing’ 196 (2012)Google Scholar
WP29, ‘Opinion 05/2014 on Anonymisation Techniques’ 216 (2014)Google Scholar
WP29, ‘Opinion 06/2014 on the Notion of Legitimate Interests of the Data Controller under Article 7 of Directive 95/46/EC’ 217 (2014)Google Scholar
WP29, ‘Opinion 15/2011 on the Definition of Consent’ 187 (2011)Google Scholar
Alassafi, M. and others, ‘Security in Organisations: Governance, Risks and Vulnerabilities in Moving to the Cloud’ in Chang, V. and others (eds.), Enterprise Security: Second International Workshop, ES 2015, Vancouver, BC, Canada, November 30 – December 3, 2015, Revised Selected Papers (Cham: Springer International 2017)Google Scholar
Albano, G. and Nicholas, C., ‘The Design of Framework Agreements’ in Nicholas, C. and Albano, G. L. (eds.), The Law and Economics of Framework Agreements: Designing Flexible Solutions for Public Procurement (Cambridge: Cambridge University Press 2016)Google Scholar
Alhamad, M., Dillon, T., and Chang, E., ‘Conceptual SLA Framework for Cloud Computing’ (Digital Ecosystems and Technologies [DEST] 4th IEEE International Conference, 2010)Google Scholar
Andrecka, M., ‘Sustainable Public Procurement under Framework Agreements’ in Sjåfjell, B. and Wiesbrock, A. (eds.), Sustainable Public Procurement Under EU Law: New Perspectives on the State as Stakeholder (Cambridge: Cambridge University Press 2015)Google Scholar
Aplin, T. and others (eds.), Gurry on Breach of Confidence: The Protection of Confidential Information (Oxford: Oxford University Press 2012)Google Scholar
Bamberger, K. and Mulligan, D. K., Privacy on the Ground: Driving Corporate Behavior in the United States and Europe (Cambridge, MA: MIT Press 2015)Google Scholar
Beatson, J., Burrows, A., and Cartwright, J. (eds.), Anson’s Law of Contract (30th ed., Oxford: Oxford University Press 2016)Google Scholar
Bentzen, H. and Svantesson, D. J. B., ‘Jurisdictional Challenges Related to DNA Data Processing in Transnational Clouds’ in Svantesson, D. J. B. and Kloza, D. (eds.), Trans-Atlantic Data Privacy Relations as a Challenge for Democracy (Cambridge: Intersentia 2017)Google Scholar
Bix, B., ‘History and Sources’ in Bix, B. H. (ed.), Contract Law: Rules, Theory, and Context (Cambridge: Cambridge University Press 2012)Google Scholar
Bock, K., ‘Data Protection Certification: Decorative or Effective Instrument? Audit and Seals as a Way to Enforce Privacy’ in Wright, D. and Hert, P. De (eds.), Enforcing Privacy: Regulatory, Legal and Technological Approaches (Cham: Springer International 2016)Google Scholar
Bovis, C., ‘The Principles of Public Procurement Regulation’ in Bovis, C. H. (ed.), Research Handbook on EU Public Procurement Law (Cheltenham: Edward Elgar 2016)Google Scholar
Bradshaw, S., Millard, C., and Walden, I., ‘Standard Contracts for Cloud Services’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Bygrave, L., ‘Contract vs. Statute in Internet Governance’ in Brown, I. (ed.), Research Handbook on Governance of the Internet (Cheltenham: Edward Elgar 2013)Google Scholar
Bygrave, L., Data Privacy Law: An International Perspective (Oxford: Oxford University Press 2014)Google Scholar
Bygrave, L., Data Protection Law: Approaching its Rationale, Logic, and Limits (London: Kluwer Law International 2002)Google Scholar
Bygrave, L., ‘Hardwiring Privacy’ in Brownsword, R., Scotford, E., and Yeung, K. (eds.), The Oxford Handbook of Law, Regulation and Technology (Oxford: Oxford University Press 2017)Google Scholar
Bygrave, L., Internet Governance by Contract (Oxford: Oxford University Press 2015)Google Scholar
Bygrave, L. and Michaelsen, T., ‘Governors of Internet’ in Bygrave, L. and Bing, J. (eds.), Internet Governance: Infrastructure and Institutions (Oxford: Oxford University Press 2009)Google Scholar
Bygrave, L. and others, ‘The Naming Game: Governance of the Domain Name System’ in Bygrave, L. and Bing, J. (eds.), Internet Governance: Infrastructure and Institutions (Oxford: Oxford University Press 2009)Google Scholar
Caimi, C. and others, ‘Implementing Privacy Policies in the Cloud’ in Cleary, F. and Felici, M. (eds.), Cyber Security and Privacy: 4th Cyber Security and Privacy Innovation Forum, CSP Innovation Forum 2015, Brussels, Belgium April 28–29, 2015, Revised Selected Papers (Cham: Springer International 2015)Google Scholar
Caimi, C. and others, ‘Legal and Technical Perspectives in Data Sharing Agreements Definition’ in Berendt, B. and others (eds.), Privacy Technologies and Policy: Third Annual Privacy Forum, APF 2015, Luxembourg, October 7–8, 2015, Revised Selected Papers (Cham: Springer 2016)Google Scholar
Canavan, R., ‘Public Procurement and Frameworks’ in Bovis, C. H. (ed.), Research Handbook on EU Public Procurement Law (Cheltenham: Edward Elgar 2016)Google Scholar
Canuel, E., ‘Comparing Exculpatory Clauses under Anglo-American Law: Testing Total Legal Convergence’ in Cordero-Moss, G. (ed.), Boilerplate Clauses, International Commercial Contracts and the Applicable Law (Cambridge: Cambridge University Press 2011)Google Scholar
Charles, C., ‘Public Procurement and Contracting Authorities’ in Bovis, C. (ed.), Research Handbook on EU Public Procurement Law (Cheltenham: Edward Elgar 2016)Google Scholar
Chesterman, S., ‘Intelligence Services’ in Chesterman, S. and Fisher, A. (eds.), Private Security, Public Order: The Outsourcing of Public Services and Its Limits (Oxford: Oxford University Press 2009)Google Scholar
Cordero-Moss, G., ‘Conclusion: The Self-Sufficient Contract, Uniformly Interpreted on the Basis of Its Own Terms: An Illusion, But Not Fully Useless’ in Cordero-Moss, G. (ed.), Boilerplate Clauses, International Commercial Contracts and the Applicable Law (Cambridge: Cambridge University Press 2011)Google Scholar
Cordero-Moss, G., ‘Contract Practice and Its Expectations in Terms of the Governing Law’ in Cordero-Moss, G. (ed.), International Commercial Contracts: Applicable Sources and Enforceability (Cambridge: Cambridge University Press 2014)Google Scholar
Cordero-Moss, G., ‘The Impact of the Governing Law’ in Cordero-Moss, G. (ed.), International Commercial Contracts: Applicable Sources and Enforceability (Cambridge: Cambridge University Press 2014)Google Scholar
Corthaut, T. and others, ‘Operationalizing Accountability in Respect of Informal International Lawmaking Mechanisms’ in Pauwelyn, J., Wessel, R., and Wouters, J. (eds.), Informal International Lawmaking (Oxford: Oxford University Press 2012)Google Scholar
Cottrell, M., ‘Legitimacy and Institutional Replacement’ in Cottrell, M. P. (ed.), The Evolution and Legitimacy of International Security Institutions (Cambridge: Cambridge University Press 2016)Google Scholar
Cunningham, A. and Reed, C., ‘Consumer Protection in Cloud Environments’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Czerniawski, M., ‘Extraterritoriality in the Age of the Equipment-Based Society. Do We Need the “Use of Equipment” as a Factor for the Territorial Applicability of the EU Data Protection Regime?’ in Svantesson, D. and Kloza, D. (eds.), European Integration and Democracy Series, vol. 4 (Cambridge: Intersentia 2017)Google Scholar
Davies, A., The Public Law of Government Contracts (Oxford: Oxford University Press 2008)Google Scholar
DiMatteo, L., Zhou, Q., and Saintier, S., ‘Transatlantic Perspectives’ in Rowley, K. and others (eds.), Commercial Contract Law: Transatlantic Perspectives (Cambridge: Cambridge University Press 2013)Google Scholar
Dobinson, I. and Johns, F., ‘Qualitative Legal Research’ in McConville, M. and Chui, W. H. (eds.), Research Methods for Law (Edinburgh: Edinburgh University Press 2007)Google Scholar
Donahue, J., ‘The Transformation of Government Work: Causes, Consequences, and Distortions’ in Freeman, J. and Minow, M. (eds.), Government by Contract: Outsourcing and American Democracy (Cambridge, MA: Harvard University Press 2009)Google Scholar
Dziminski, B. and Gleeson, N. C., ‘Legal Aspects of Cloud Accountability’ in Felici, M. and Fernández-Gago, C. (eds.), Accountability and Security in the Cloud: First Summer School, Cloud Accountability Project, A4Cloud, Malaga, Spain, June 2–6, 2014, Revised Selected Papers and Lectures (Cham: Springer International 2015)Google Scholar
Egea, M. and others, ‘Definition of Data Sharing Agreements: The Case of Spanish Data Protection Law’ in Felici, M. and Fernández-Gago, C. (eds.), Accountability and Security in the Cloud: First Summer School, Cloud Accountability Project, A4Cloud, Malaga, Spain, June 2–6, 2014, Revised Selected Papers and Lectures (Cham: Springer International 2015)Google Scholar
Esayas, S., Mahler, T., and McGillivray, K., ‘Is a Picture Worth a Thousand Terms? Visualising Contract Terms and Data Protection Requirements for Cloud Computing Users’ in Casteleyn, S., Dolog, P., and Pautasso, C. (eds.), Current Trends in Web Engineering: ICWE 2016 International Workshops, DUI, TELERISE, SoWeMine, and Liquid Web, Lugano, Switzerland, June 6-9, 2016. Revised Selected Papers (Cham: Springer International 2016)Google Scholar
Fawcett, J. J., Harris, J., and Bridge, M., International Sale of Goods in the Conflict of Laws (Oxford: Oxford University Press 2005)Google Scholar
Feldman, S., Government Contracts in a Nutshell (Saint Paul, MN: West Academic 2015)Google Scholar
Ferguson, I., ‘Outsourcing Contract Structures’ in Jongen, H. (ed.), International Outsourcing Law and Practice (Alphen aan den Rijn: Kluwer Law International 2008)Google Scholar
Forgó, N., Hänold, S., and Schütze, B., ‘The Principle of Purpose Limitation and Big Data’ in Corrales, M., Fenwick, M., and Forgó, N. (eds), New Technology, Big Data and the Law (Singapore: Springer 2017)Google Scholar
Freeman, J. and Minow, M., ‘Introduction: Reframing the Outsourcing Debates’ in Freeman, J. and Minow, M. (eds.), Government by Contract: Outsourcing and American Democracy (Cambridge, MA: Harvard University Press 2009)Google Scholar
Gandal, N. and Régibeau, P., ‘Standard-Setting Organisations’ in Delimatsis, P. (ed.), The Law, Economics and Politics of International Standardisation (Cambridge: Cambridge University Press 2015)Google Scholar
Garner, B. (ed.), Black’s Law Dictionary (10th ed., Eagan, MN: Thomson West 2014)Google Scholar
Gellman, R. and Dixon, P., ‘Failures of Privacy Self-Regulation in the United States’ in Wright, D. and De Hert, P. (eds.), Enforcing Privacy: Regulatory, Legal and Technological Approaches (Cham: Springer International 2016)Google Scholar
Georgieva, I., ‘The EU Principles in Public Procurement. Transparency – Origin and Main Characteristics’ in Georgieva, I. (ed.), Using Transparency against Corruption in Public Procurement: A Comparative Analysis of the Transparency Rules and Their Failure to Combat Corruption (Cham: Springer 2017)Google Scholar
Greenleaf, G., Asian Data Privacy Laws: Trade & Human Rights Perspectives (Oxford: Oxford University Press 2014)Google Scholar
Hagstrøm, V., ‘The Nordic Tradition: Application of Boilerplate Clauses under Norwegian Law’ in Cordero-Moss, G. (ed.), Boilerplate Clauses, International Commercial Contracts and the Applicable Law (Cambridge: Cambridge University Press 2011)Google Scholar
Halliday, T. and Shaffer, G., ‘Transnational Legal Orders’ in Halliday, T. C. and Shaffer, G. (eds.), Transnational Legal Orders (Cambridge: Cambridge University Press 2015)Google Scholar
Hippelainen, L., Oliver, I., and Lal, S., ‘Towards Dependably Detecting Geolocation of Cloud Servers’ in Yan, Z. and others (eds.), Network and System Security (Cham: Springer 2017)Google Scholar
Hon, W. K., Data Localization Laws and Policy: The EU Data Protection International Transfers Restriction through a Cloud Computing Lens (Cheltenham: Edward Elgar 2017)Google Scholar
Hon, W. K. and Millard, C., ‘Cloud Technologies and Services’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Hon, W. K., Millard, C., and Walden, I., ‘Negotiated Contracts for Cloud Services’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Hon, W. K., Millard, C., and Walden, I., ‘Public Sector Cloud Contracts’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Hon, W. K., Millard, C., and Walden, I., ‘What is Regulated as Personal Data in Clouds?’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Hon, W. K., Hörnle, J., and Millard, C., ‘Which Law(s) Apply to Personal Data in Clouds?’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Hoofnagle, C., Federal Trade Commission Privacy Law and Policy (Cambridge: Cambridge University Press 2016)Google Scholar
Kelman, S., ‘Federal Contracting in Context: What Drives It, How to Improve It’ in Freeman, J. and Minow, M. (eds.), Government by Contract: Outsourcing and American Democracy (Cambridge, MA: Harvard University Press 2009)Google Scholar
Kimball, G., Outsourcing Agreements: A Practical Guide (Oxford: Oxford University Press 2010)Google Scholar
Klass, G., Contract Law in the United States (2nd ed., Alphen aan den Rijn: Kluwer Law International 2012)Google Scholar
Koops, B.-J. and others, ‘Should Self-Regulation be the Starting Point?’ in Koops, B.-J. and others (eds.), Starting Points for ICT Regulation: Deconstructing Prevalent Policy One-liners (Den Haag, Netherlands: T.M.C. Asser 2006)Google Scholar
Kosta, E. and Stuurman, K., ‘Technical Standards and the Draft General Data Protection Regulation’ in Delimatsis, P. (ed.), The Law, Economics and Politics of International Standardisation (Cambridge: Cambridge University Press 2015)Google Scholar
Kuner, C., ‘Applicable Law, Extraterritoriality, and Transborder Data Flows’ in Transborder Data Flows and Data Privacy Law (Oxford: Oxford University Press 2013)Google Scholar
Lee, N., ‘Social Networks and Privacy’ in Lee, N. (ed.), Facebook Nation (New York: Springer-Verlag 2013)Google Scholar
Lessig, L., Code: Version 2.0 (New York: Basic Books 2006)Google Scholar
Lord, R. A., Williston on Contracts (4th ed., London: Sweet & Maxwell 1993)Google Scholar
Lynskey, O., The Foundations of EU Data Protection Law (Oxford: Oxford University Press 2015)Google Scholar
Marsden, C. T., Internet Co-Regulation: European Law, Regulatory Governance and Legitimacy in Cyberspace (Cambridge: Cambridge University Press 2011)Google Scholar
Mendelson, N., ‘Six Simple Steps to Increase Contractor Accountability’ in Freeman, J. and Minow, M. (eds.), Government by Contract: Outsourcing and American Democracy (Cambridge, MA: Harvard University Press 2009)Google Scholar
Merry, S., ‘Firming Up Soft Law’ in Halliday, T. C. and Shaffer, G. (eds.), Transnational Legal Orders (Cambridge: Cambridge University Press 2015)Google Scholar
Metheny, M., Federal Cloud Computing: The Definitive Guide for Cloud Service Providers (Cambridge, MA: Elsevier Science 2012)Google Scholar
Millard, C. and Kamarinou, D., ‘Article 28. Processor’ in Kuner, C., Bygrave, L., Docksey, C., and Drechsler, L. (eds.), The EU General Data Protection Regulation (GDPR): A Commentary (Oxford: Oxford University Press, 2020)Google Scholar
Miller, L., The Emergence of EU Contract Law: Exploring Europeanization (Oxford: Oxford University Press 2011)Google Scholar
Miller, L., ‘The Notion of Europeanization and the Significance of Transnational Private Lawmaking’ in Miller, L. (ed.), The Emergence of EU Contract Law: Exploring Europeanization (Oxford: Oxford University Press 2011)Google Scholar
Mills, A., ‘Public International Law and Private International Law’ in Basedow, J. and others (eds.), Encyclopedia of Private International Law (Cheltenham: Edward Elgar 2017)Google Scholar
Moerel, L., Binding Corporate Rules: Corporate Self-Regulation of Global Data Transfers (Oxford: Oxford University Press 2012)Google Scholar
Morgan, R. and Burden, K., Morgan and Burden on Computer Contracts (8th ed., London: Sweet & Maxwell Thomson Reuters 2009)Google Scholar
Negroponte, N., Being Digital (London: Hodder and Stoughton 1996)Google Scholar
Ojanen, T., ‘Rights-Based Review of Electronic Surveillance after Digital Rights Ireland and Schrems in the European Union’ in Cole, D., Fabbrini, F., and Schulhofer, S. (eds.), Surveillance, Privacy and Trans-Atlantic Relations, vol. 1 (Oxford: Hart 2017)Google Scholar
Pannetrat, A. and Luna, J., ‘Standards for Accountability in the Cloud’ in Felici, M. and Fernández-Gago, C. (eds.), Accountability and Security in the Cloud: First Summer School, Cloud Accountability Project, A4Cloud, Malaga, Spain, June 2–6, 2014, Revised Selected Papers and Lectures (Cham: Springer International 2015)Google Scholar
Peel, E., ‘The Common Law Tradition: Application of Boilerplate Clauses under English Law’ in Cordero-Moss, G. (ed.), Boilerplate Clauses, International Commercial Contracts and the Applicable Law (Cambridge: Cambridge University Press 2011)Google Scholar
Polčák, R. and Svantesson, D. J. B., Information Sovereignty: Data Privacy, Sovereign Powers and the Rule of Law (Cheltenham: Edward Elgar 2017)Google Scholar
Reed, C., ‘Cloud Governance: The Way Forward’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Reed, C., Making Laws for Cyberspace (Oxford: Oxford University Press 2012)Google Scholar
Reich, N., ‘The Public/Private Divide in European Law’ in Micklitz, H.-W. and Cafaggi, Fo (eds.), European Private Law after the Common Frame of Reference (Cheltenham: Edward Elgar 2010)Google Scholar
Rotenberg, M., ‘In re EPIC and the Role of NGOs and Experts in Surveillance Cases’ in Cole, D., Fabbrini, F., and Schulhofer, S. (eds.), Surveillance, Privacy and Trans-Atlantic Relations (Oxford: Hart 2017)Google Scholar
Rubinstein, I., Nojeim, G. T., and Lee, R. D., ‘Systematic Government Access to Private-Sector Data’ in Cate, F. H. and Dempsey, J. X. (eds.), Bulk Collection: Systematic Government Access to Private-Sector Data (Oxford: Oxford University Press 2017)Google Scholar
Ruiz, J. and others, ‘A Lifecycle for Data Sharing Agreements: How it Works Out’ in Schiffner, S. and others (eds.), Privacy Technologies and Policy. APF 2016. Lecture Notes in Computer Science, vol. 9857 (Cham: Springer 2016)Google Scholar
Ruparelia, N., Cloud Computing (Cambridge, MA: MIT Press 2016)Google Scholar
Ryngaert, C., Jurisdiction in International Law (Oxford: Oxford University Press 2008)Google Scholar
Sanz-Requena, R. and others, ‘A Cloud-Based Radiological Portal for the Patients: IT Contributing to Position the Patient as the Central Axis of the 21st Century Healthcare Cycles’ in 2015 IEEE/ACM 1st International Workshop on TEchnical and LEgal aspects of data pRivacy and SEcurity (IEEE Press 2015)Google Scholar
Soloway, S. and Chvotkin, A., ‘Federal Contracting in Context: What Drives It, How to Improve It’ in Freeman, J. and Minow, M. (eds.), Government by Contract: Outsourcing and American Democracy (Cambridge, MA: Harvard University Press 2009)Google Scholar
Spagnoli, F., Bellini, F., and Ghi, A., ‘A Methodology for the Impact Assessment of a G-Cloud Strategy for the Italian Ministry of the Economic Development’ in Rossignoli, C, Gatti, M, and Agrifoglio, R (eds), Organizational Innovation and Change: Managing Information and Technology (Cham: Springer International 2016)Google Scholar
Statsky, W., West’s Legal Thesaurus/Dictionary (Special deluxe ed., Eagan, MN: Thomson West 1986)Google Scholar
Svantesson, D., Extraterritoriality in Data Privacy Law (Copenhagen: Ex Tuto 2013)Google Scholar
Svantesson, D., Solving the Internet Jurisdiction Puzzle (Oxford: Oxford University Press 2017)Google Scholar
Swire, P., ‘US Surveillance Law, Safe Harbour and Reforms Since 2013’ in Kloza, D. and Svantesson, D. (eds.) Trans-Atlantic Data Privacy Relations as a Challenge for Democracy, vol. 4 (Cambridge: Intersentia 2017)Google Scholar
Taylor, L., FISMA Compliance Handbook: Second Edition (Burlington, MA: Elsevier Science 2013)Google Scholar
Tollen, D., The Tech Contracts Handbook: Cloud Computing Agreements, Software Licenses, and Other IT Contracts for Lawyers and Businesspeople (Chicago, IL: American Bar Association 2016)Google Scholar
Treitel, G. H., The Law of Contract (8th ed., London: Sweet & Maxwell 1991)Google Scholar
Tzanou, M., The Fundamental Right to Data Protection: Normative Value in the Context of Counter-terrorism Surveillance (Portland: Hart 2017)Google Scholar
Tønseth, M. and others, Personvernhåndboken (Oslo: Gyldendal juridisk 2016)Google Scholar
Ustaran, E., ‘The Scope of Application of EU Data Protection Law and Its Extraterritorial Reach’ in Noriswadi, I., Cieh, Y., and Lee, E. (eds.), Beyond Data Protection: Strategic Case Studies and Practical Guidance (Heidelberg: Springer 2013)Google Scholar
Velasco, C., Hörnle, J., and Osula, A.-M., ‘Global Views on Internet Jurisdiction and Trans-border Access’ in Gutwirth, S., Leenes, R., and De Hert, P. (eds.), Data Protection on the Move: Current Developments in ICT and Privacy/Data Protection (Dordrecht: Springer 2016)Google Scholar
Vermeulen, G., ‘The Paper Shield: On the Degree of Protection of the EU-US Privacy Shield against Unnecessary or Disproportionate Data Collection by the US Intelligence and Law Enforcement Services’ in Kloza, D. and Svantesson, D. (eds.), Trans-Atlantic Data Privacy Relations as a Challenge for Democracy, vol. 4 (Cambridge: Intersentia 2017)Google Scholar
Vettese, M., ‘Multinational Companies and National Contracts’ in Cordero-Moss, G. (ed.), Boilerplate Clauses, International Commercial Contracts and the Applicable Law (Cambridge: Cambridge University Press 2011)Google Scholar
Voigt, P. and von dem Bussche, A., The EU General Data Protection Regulation (GDPR) (Cham: Springer 2017)Google Scholar
Wagle, S., ‘Cloud Computing Contracts’ in Lehmann, A. and others (eds.), Privacy and Identity Management Facing up to Next Steps: 11th IFIP WG 92, 95, 96/117, 114, 116/SIG 922 International Summer School, Karlstad, Sweden, August 21–26, 2016, Revised Selected Papers (Cham: Springer International 2016)Google Scholar
Walden, I., ‘Telecommunications Law and Regulation: An Introduction’ in Walden, I. (ed.), Telecommunications Law and Regulation (Oxford: Oxford University Press 2009)Google Scholar
Walden, I. and Da Correggio Luciano, L., ‘Facilitating Competition in the Clouds’ in Millard, C. (ed.), Cloud Computing Law (Oxford: Oxford University Press 2013)Google Scholar
Wang, F., Internet Jurisdiction and Choice of Law: Legal Practices in the EU, US and China (Cambridge: Cambridge University Press 2010)Google Scholar
Weber, R. H. and Staiger, D., Transatlantic Data Protection in Practice (Cham: Springer 2017)Google Scholar
Weinrib, E., The Idea of Private Law (Oxford: Oxford University Press 2013)Google Scholar
Weinstein, S. and Wild, C., ‘Developing the Right Formula for Successful Legal Risk Management, Governance and Compliance’ in Weinstein, S. and Wild, C. (eds.), Legal Risk Management, Governance and Compliance: A Guide to Best Practice From Leading Experts (London: Globe Law and Business 2013)Google Scholar
Weitzenböck, E., A Legal Framework for Emerging Business Models: Dynamic Networks as Collaborative Contracts (Cheltenham: Edward Elgar 2012)Google Scholar
Wilderspin, M., ‘Contractual Obligations’ in Basedow, J. and others (eds.), Encyclopedia of Private International Law (Cheltenham: Edward Elgar 2017)Google Scholar
Wilderspin, M., ‘Overriding Mandatory Provisions’ in Basedow, J. and others (eds.), Encyclopedia of Private International Law (Cheltenham: Edward Elgar 2017)Google Scholar
Yoo, C., ‘Cloud Computing, Contractibility, and Network Architecture’ in Yoo, C. S. and Blanchette, J.-F. (eds.), Regulating the Cloud: Policy for Computing Infrastructure (Cambridge, MA: MIT Press 2015)Google Scholar
Yoo, C. and Blanchette, J.-F., Regulating the Cloud: Policy for Computing Infrastructure (Cambridge, MA: MIT Press 2015)Google Scholar
Aitchison, S., ‘Privacy in the Cloud: The Fourth Amendment Fog’ (2018) 93 Washington Law Review 1019Google Scholar
Alonso, J., Escalante, M., and Orue-Echevarria, L., ‘Transformational Cloud Government (TCG): Transforming Public Administrations with a Cloud of Public Services’ (2016) 97 Procedia Computer Science 43Google Scholar
Alsenoy, B., ‘Liability under EU Data Protection Law: From Directive 95/46 to the General Data Protection Regulation’ (2017) 7 Journal of Intellectual Property, Information Technology and e-Commerce Law 271Google Scholar
Aman, A. and Dugan, J. C., ‘The Human Side of Public-Private Partnerships: From New Deal Regulation to Administrative Law Management’ (2017) 102 Iowa Law Review 883Google Scholar
Amoore, L., ‘Cloud Geographies: Computing, Data, Sovereignty’ (2018) 42 Progress in Human Geography 4Google Scholar
Andrews, D. C. and Newman, J. M., ‘Personal Jurisdiction and Choice of Law in the Cloud’ (2013) 73 Maryland Law Review 58Google Scholar
Arsham, B., ‘Monetizing Infringement: A New Legal Regime for Hosts of User-Generated Content’ (2013) 101 Georgetown Law Journal 28Google Scholar
Auty, M. and others, ‘Inadequacies of Current Risk Controls for the Cloud’ (2010) 2nd IEEE International Conference on Cloud Computing Technology and Science, Indianapolis, IN, 659Google Scholar
Bamberger, K. and Mulligan, D. K., ‘Privacy on the Books and on the Ground’ (2011) 63 Stanford Law Review 247Google Scholar
Bender, D., ‘Having Mishandled Safe Harbor, Will the CJEU Do Better with Privacy Shield? A US Perspective’ (2016) 6 International Data Privacy Law 117Google Scholar
Bender, S., ‘Privacy in the Cloud Frontier: Abandoning the “Take It or Leave It” Approach’ (2011) 4 Drexel Law Review 27Google Scholar
Bilgic, S., ‘Something Old, Something New, and Something Moot: The Privacy Crisis under the Cloud Act’ (2018) 32 Harvard Journal of Law & Technology 321Google Scholar
Black, J., ‘Constructing and Contesting Legitimacy and Accountability in Polycentric Regulatory Regimes’ (2008) 2 Regulation & Governance 137Google Scholar
Black, J., ‘“Says Who?” Liquid Authority and Interpretive Control in Transnational Regulatory Regimes’ (2017) 9 International Theory 286Google Scholar
Blackman, J. and others, ‘Cloud Act Establishes Framework to Access Overseas Stored Electronic Communications’ (2018) 30 Intellectual Property & Technology Law Journal 10Google Scholar
Blair, M. and others, ‘Outsourcing, Modularity, and the Theory of the Firm’ (2011) 2011 Brigham Young University Law Review 263Google Scholar
Blume, P., ‘Controller and Processor: Is There a Risk of Confusion?’ (2013) 3 International Data Privacy Law 140Google Scholar
Bolin, R., ‘Risky Mail: Concerns in Confidential Attorney-Client Email’ (2012) 81 University of Cincinnati Law Review 601Google Scholar
Bolognini, L. and Bistolfi, C., ‘Pseudonymization and Impacts of Big (Personal/Anonymous) Data Processing in the Transition from the Directive 95/46/EC to the New EU General Data Protection Regulation’ (2017) 33 Computer Law & Security Review 171Google Scholar
Bougiakiotis, E., ‘The Enforcement of the Google Spain Ruling’ (2016) 24 International Journal of Law and Information Technology 311Google Scholar
Boyne, S., ‘Data Protection in the United States’ (2018) 66 American Journal of Comparative Law 299Google Scholar
Brookman, J., ‘Protecting Privacy in an Era of Weakening Regulation. The Consumer Always Has Rights: Envisioning a Progressive Free Market’ (2015) 9 Harvard Law & Policy Review 355Google Scholar
Brown, K., ‘Outsourcing, Data Insourcing, and the Irrelevant Constitution’ (2015) 49 Georgia Law Review 607Google Scholar
Bygrave, L., ‘Data Protection by Design and by Default: Deciphering the EU’s Legislative Requirements’ (2017) 2 Oslo Law Review 105Google Scholar
Cafaggi, F., ‘New Foundations of Transnational Private Regulation’ (2011) 38 Journal of Law and Society 20Google Scholar
Cafaggi, F., ‘Transnational Private Regulation and the Production of Global Public Goods and Private “Bads”’ (2012) 23 European Journal of International Law 695Google Scholar
Calloway, T., ‘Cloud Computing, Clickwrap Agreements, and Limitation on Liability Clauses: A Perfect Storm’ (2012) 11 Duke Law & Technology Review 163Google Scholar
Canuel, E., ‘Comparative Commercial Law: Methodologies, Black Letter Law and Law-in-Action’ (2012) 2012 Nordic Journal of Commercial Law 1Google Scholar
Carmeli, D., ‘Keep an I on the Sky: E-discovery Risks Forecasted for Apple’s iCloud’ (2013) Boston College Intellectual Property and Technology Forum 34Google Scholar
Carpenter, R. Jr., ‘Walking from Cloud to Cloud: The Portability Issue in Cloud Computing’ (2010) 6 Washington Journal of Law, Technology & Arts 9Google Scholar
Cate, F. and Mayer-Schönberger, V., ‘Notice and Consent in a World of Big Data’ (2013) 3 International Data Privacy Law 67Google Scholar
Cate, F. and others, ‘Systematic Government Access to Private-sector Data’ (2012) 2 International Data Privacy Law 195Google Scholar
Celestine, C., ‘Cloudy Skies, Bright Futures? In Defense of a Private Regulatory Scheme for Policing Cloud Computing’ (2013) 2013 University of Illinois Journal of Law Technology and Policy 141Google Scholar
Chesterman, S., ‘“We Can’t Spy … If We Can’t Buy!”: The Privatization of Intelligence and the Limits of Outsourcing “Inherently Governmental Functions”’ (2008) 19 European Journal of International Law 1055Google Scholar
Citron, D., ‘The Privacy Policymaking of State Attorneys General’ (2016) 92 Notre Dame Law Review 747816Google Scholar
Clarke, R., ‘Data Risks in the Cloud’ (2013) 8 Journal of Theoretical and Applied Electronic Commerce Research (JTAER) 6074 www.rogerclarke.com/II/DRC.htmlGoogle Scholar
Clopton, Z., ‘Territoriality, Technology, and National Security’ (2016) 83 University of Chicago Law Review 45Google Scholar
Colangelo, A., ‘What Is Extraterritorial Jurisdiction’ (2014) 99 Cornell Law Review 1303Google Scholar
Colarusso, D., ‘Heads in the Cloud, A Coming Storm: The Interplay of Cloud, Encryption, and the Fifth Amendment’s Protection against Self-Incrimination’ (2011) 17 Boston University Journal of Science & Technology Law 69Google Scholar
Cook, C., ‘Cross-Border Data Access and Active Cyber Defense: Assessing Legislative Options for a New International Cybersecurity Rulebook’ (2018) 29 Stanford Law & Policy Review 205Google Scholar
Cordero-Moss, G., ‘International Contracts between Common Law and Civil Law: Is Non-State Law to Be Preferred? The Difficulty of Interpreting Legal Standards Such as Good Faith’ (2007) 7 Global Jurist 3Google Scholar
Cordero-Moss, G., ‘Limits to Party Autonomy in International Commercial Arbitration’ (2014) 1 Oslo Law Review 47Google Scholar
Custers, B. and Uršič, H., ‘Big Data and Data Reuse: A Taxonomy of Data Reuse for Balancing Big Data Benefits and Personal Data Protection’ (2016) 6 International Data Privacy Law 4Google Scholar
Daley, M., Bennett, S. C., and Gerlach, N., ‘Storm Clouds Gathering for Cross-Border Discovery and Data Privacy: Cloud Computing Meets the U.S.A. Patriot Act’ (2012) 13 Sedona Conference Journal 20Google Scholar
Danaher, B. and Smith, M. D., ‘Gone in 60 Seconds: The Impact of the Megaupload Shutdown on Movie Sales’ (2014) 33 International Journal of Industrial Organization 1Google Scholar
Daskal, J., ‘Microsoft Ireland, the CLOUD Act, and International Lawmaking 2.0’ (2018) 71 Stanford Law Review Online 9Google Scholar
Daskal, J., ‘The Un-Territoriality of Data’ (2015) 125 Yale Law Journal 326Google Scholar
Datesh, A., ‘Storms Brewing in the Cloud: Why Copyright Law Will Have to Adapt to the Future of Web 2.0’ (2012) 40 American Intellectual Property Law Association Quarterly Journal 30Google Scholar
De Filippi, P. and McCarthy, S., ‘Cloud Computing: Centralization and Data Sovereignty’ (2012) 3 European Journal of Law and Technology 1Google Scholar
Deeks, A., ‘An International Legal Framework for Surveillance’ (2015) 55 Virginia Journal of International Law 291Google Scholar
Delic, E., ‘Cloudy Jurisdiction: Foggy Skies in Traditional Jurisdiction Create Unclear Legal Standards for Cloud Computing and Technology’ (2017) 50 Suffolk University Law Review 32Google Scholar
Dietz, T., ‘Contract Law, Relational Contracts, and Reputational Networks in International Trade: An Empirical Investigation into Cross-Border Contracts in the Software Industry’ (2011) 37 Law and Social Inquiry 25Google Scholar
Diorio, S., ‘Data Protection Laws: Quilts Versus Blankets’ (2015) 42 Syracuse Journal of International Law and Commerce 485Google Scholar
Easterbrook, F. H., ‘Cyberspace and the Law of the Horse’ (1996) 1996 University of Chicago Legal Forum 207Google Scholar
Edwards, C., ‘Freedom of Contract and Fundamental Fairness for Individual Parties: The Tug of War Continues’ (2009) 77 University of Missouri-Kansas City Law Review 647Google Scholar
El Emam, K. and Álvarez, C., ‘A Critical Appraisal of the Article 29 Working Party Opinion 05/2014 on Data Anonymization Techniques’ (2015) 5 International Data Privacy Law 73Google Scholar
El-Gazzar, R., Hustad, E., and Olsen, D. H., ‘Understanding Cloud Computing Adoption Issues: A Delphi Study Approach’ (2016) 118 Journal of Systems and Software 64Google Scholar
Elvy, S., ‘Hybrid Transactions and the Internet of Things: Goods, Services, or Software?’ (2017) 74 Washington and Lee Law Review 77Google Scholar
Emmanuel, J. and Caral, E. A., ‘Lessons from ICANN: Is Self-Regulation of the Internet Fundamentally Flawed?’ (2004) 12 International Journal of Law and Information Technology 1Google Scholar
Epstein, D. and others, ‘An “App” for Third Party Beneficiaries’ (2016) 91 Washington Law Review 1663Google Scholar
Epstein, W., ‘Contract Theory and the Failures of Public-Private Contracting’ (2013) 34 Cardozo Law Review 2211Google Scholar
Esayas, S., ‘A Walk into the Cloud and Cloudy it Remains: The Challenges and Prospects of “Processing” and “Transferring” Personal Data’ (2012) 28 Computer Law & Security Review 662Google Scholar
Esayas, S., ‘The Idea of “Emergent Properties” in Data Privacy: Towards a Holistic Approach’ (2017) 25 International Journal of Law and Information Technology 139Google Scholar
Esayas, S., ‘The Role of Anonymisation and Pseudonymisation under the EU Data Privacy Rules: Beyond the “All or Nothing” Approach’ (2015) 6(2) European Journal of Law and Technology 5Google Scholar
Faulkenberry, R., ‘Reviewing and Negotiating Cloud Computing Vendor Contracts’ (2013) 6 Journal of Health & Life Sciences Law 21Google Scholar
Foster, N., ‘Navigating through the Fog of Cloud Computing Contracts’ (2013) 30 Journal of Information Technology & Privacy Law 13Google Scholar
Freiwald, S. and Smith, S., ‘The Carpenter Chronicle: A Near-Perfect Surveillance’ (2018) 132 Harvard Law Review 205Google Scholar
Friendler, E., ‘Protecting the Innocent - the Need to Adapt Federal Asset Forfeiture Laws to Protect the Interest of Third Parties in Digital Asset Seizures’ (2013) 32 Cardozo Arts and Entertainment Law Journal 283Google Scholar
Froomkin, A., ‘Lessons Learned Too Well: Anonymity in a Time of Surveillance’ (2017) 59 Arizona Law Review 66Google Scholar
Geis, G., ‘Business Outsourcing and the Agency Cost Problem’ (2007) 82 Notre Dame Law Review 955Google Scholar
Gervais, D. and Hyndman, D., ‘Cloud Control: Copyright, Global Memes and Privacy’ (2011) 10 Journal on Telecommunications and High Technology Law 53Google Scholar
Gleeson, N. and Walden, I., ‘“It’s a Jungle Out There”?: Cloud Computing, Standards and the Law’ (2014) 5 European Journal of Law and Technology 683Google Scholar
Gleeson, N. and Walden, I., ‘Placing the State in the Cloud: Issues of Data Governance and Public Procurement’ (2016) 32 Computer Law & Security Review 683Google Scholar
Gottschalk, P. and Solli-Sæther, H., ‘Critical Success Factors from IT Outsourcing Theories: An Empirical Study’ (2005) 105 Industrial Management & Data Systems 685Google Scholar
Gray, A., ‘Conflict of Laws and the Cloud’ (2013) 29 Computer Law & Security Review 58Google Scholar
Gstrein, O. and Ritsema van Eck, G., ‘Mobile Devices as Stigmatizing Security Sensors: The GDPR and a Future of Crowdsourced “Broken Windows”’ (2018) 8 International Data Privacy Law 69Google Scholar
Hall, H., ‘Restoring Dignity and Harmony to United States-European Union Data Protection Regulation’ (2018) 23 Communication Law and Policy 125Google Scholar
Harris, D., ‘Riley v. California and the Beginning of the End for the Third-Party Search Doctrine’ (2016) 18 University of Pennsylvania Journal of Constitutional Law 895Google Scholar
Harshbarger, J., ‘Cloud Computing Providers and Data Security Law: Building Trust with United States Companies’ (2011) 16 Journal of Technology Law & Policy 20Google Scholar
Hartzog, W., ‘The Inadequate, Invaluable Fair Information Practices’ (2017) 76 Maryland Law Review 33Google Scholar
Hartzog, W. and Solove, D., ‘The Scope and Potential of FTC Data Protection’ (2015) 83 George Washington Law Review 2230Google Scholar
Hayes, C., Kesan, J. P., and Bashir, M. N., ‘Cloud Services, Contract Terms, and Legal Rights’ (2013) 17 Journal of Internet Law 18Google Scholar
Henry, L., ‘Information Privacy and Data Security’ (2015) 2015 Cardozo Law Review De Novo 107Google Scholar
de Hert, P. and Czerniawski, M., ‘Expanding the European Data Protection Scope Beyond Territory: Article 3 of the General Data Protection Regulation in its Wider Context’ (2016) 6 International Data Privacy Law 230Google Scholar
de Hert, P., Papakonstantinou, V., and Kamara, I., ‘The Cloud Computing Standard ISO/IEC 27018 through the Lens of the EU Legislation on Data Protection’ (2016) 32 Computer Law and Security Review 16Google Scholar
Hill, J. W. and others, ‘A Proposed National Health Information Network Architecture and Complementary Federal Preemption of State Health Information Privacy Laws’ (2011) 48 American Business Law Journal 503Google Scholar
Hojnik, J., ‘Technology Neutral EU Law: Digital Goods Within the Traditional Goods/Services Distinction’ (2016) 25 International Journal of Law and Information Technology 63Google Scholar
Hon, W. K., Millard, C., and Walden, I., ‘Negotiating Cloud Contracts: Looking at Clouds from Both Sides Now’ (2012) 16 Stanford Technology Law Review 79Google Scholar
Hon, W. K. and others, ‘Policy, Legal and Regulatory Implications of a Europe-Only Cloud’ (2016) 24 International Journal of Law and Information Technology 25Google Scholar
Hon, W. K. and others, ‘Cloud Accountability: The Likely Impact of the Proposed EU Data Protection Regulation’ (2014) Queen Mary School of Law Legal Studies Research Paper No. 172/2014; Tilburg Law School Research Paper No. 07/2014 http://dx.doi.org/10.2139/ssrn.2405971Google Scholar
Hoofnagle, C. and Whittington, J., ‘Free: Accounting for the Costs of the Internet’s Most Popular Price’ (2014) 61 University of California Los Angeles Law Review 606Google Scholar
Hutchinson, T. and Duncan, N., ‘Defining and Describing What We Do: Doctrinal Legal Research’ (2012) 17 Deakin Law Review 83Google Scholar
Irion, K., ‘Government Cloud Computing and National Data Sovereignty’ (2012) 4 Policy & Internet 40Google Scholar
Irion, K., ‘Your Digital Home is No Longer Your Castle: How Cloud Computing Transforms the (Legal) Relationship between Individuals and Their Personal Records’ (2015) 23 International Journal of Law and Information Technology 348Google Scholar
Ismail, U. and others, ‘A Framework for Security Transparency in Cloud Computing’ (2016) 8 Future Internet 5Google Scholar
Johnson, E., ‘Lost in the Cloud: Cloud Storage, Privacy, and Suggestions for Protecting Users’ Data’ (2017) 69 Stanford Law Review 867Google Scholar
Joint, A. and Baker, E., ‘Knowing the Past to Understand the Present – Issues in the Contracting for Cloud Based Services’ (2011) 27 Computer Law & Security Review 407Google Scholar
Kalinich, D. and others, ‘Data Sovereignty and the Cloud: A Board and Executive Officer’s Guide’ (2013) 1 Cyberspace Law and Policy Centre, UNSW Faculty of Law 1 www.cyberlawcentre.org/data_sovereignty/CLOUD_DataSovReport_Full.pdfGoogle Scholar
Kamarinou, D., Millard, C., and Hon, W. K., ‘Cloud Privacy: An Empirical Study of 20 Cloud Providers’ Terms and Privacy Policies – Part I’ (2016) 6 International Data Privacy Law 79Google Scholar
Kamarinou, D., Millard, C., and Hon, W. K., ‘Cloud Privacy: An Empirical Study of 20 Cloud Providers’ Terms and Privacy Policies – Part II’ (2016) 6 International Data Privacy Law 170Google Scholar
Kamarinou, D., Millard, C., and Oldani, I., ‘Compliance as a Service’ (2018) Queen Mary School of Law Legal Studies Research Paper No. 287/2018Google Scholar
Kerr, O., ‘A User’s Guide to the Stored Communications Act and a Legislator’s Guide to Amending It’ (2003) 72 George Washington Law Review 1208Google Scholar
Kerr, O., ‘Searches and Seizures in a Digital World’ (2005) 119 Harvard Law Review 531Google Scholar
Kerr, O., ‘The Next Generation Communications Privacy Act’ (2014) 162 University of Pennsylvania Law Review 373Google Scholar
Kesan, J., Hayes, C. M., and Bashir, M. N., ‘Information Privacy and Data Control in Cloud Computing: Consumers, Privacy Preferences, and Market Efficiency’ (2013) 70 Washington and Lee Law Review 341Google Scholar
King, V. and Raja, V. T., ‘Protecting the Privacy and Security of Sensitive Customer Data in the Cloud’ (2012) 28 Computer Law & Security Review 11Google Scholar
Kirschenbaum, A., ‘Beyond Microsoft: A Legislative Solution to the SCA’s Extraterritoriality Problem’ (2018) 86 Fordham Law Review 1923Google Scholar
Kokott, J. and Sobotta, C., ‘The Distinction between Privacy and Data Protection in the Jurisprudence of the CJEU and the ECtHR’ (2013) 3 International Data Privacy Law 222Google Scholar
Krebs, D., ‘Regulating the Cloud: A Comparative Analysis of the Current and Proposed Privacy Frameworks in Canada and the European Union’ (2012) 10 Canadian Journal of Law and Technology 1Google Scholar
Kuner, C., ‘Data Protection Law and International Jurisdiction on the Internet (Part I)’ (2010) 18 International Journal of Law and Information Technology 176Google Scholar
Kuner, C., ‘Extraterritoriality and Regulation of International Data Transfers in EU Data Protection Law’ (2015) 5 International Data Privacy Law 235Google Scholar
Kuner, C., ‘Regulation of Transborder Data Flows under Data Protection and Privacy Law: Past, Present, and Future’ (2010) TILT Law & Technology Working Paper 15 http://dx.doi.org/10.1787/5kg0s2fk315f-enGoogle Scholar
Lachaud, E., ‘Why the Certification Process Defined in the General Data Protection Regulation Cannot be Successful’ (2016) 32 Computer Law & Security Review 814Google Scholar
Lametti, D., ‘The Cloud: Boundless Digital Potential or Enclosure 3.0?’ (2012) 17 Virginia Journal of Law & Technology 192Google Scholar
Langvardt, A. and others, ‘A Proposed National Health Information Network, Architecture and Complementary Federal Preemption of State Health Information Privacy Laws’ (2011) 48 American Business Law Journal 548Google Scholar
LeSieur, F., ‘Regulating Cross-Border Data Flows and Privacy in the Networked Digital Environment and Global Knowledge Economy’ (2012) 2 International Data Privacy Law 93Google Scholar
Lessig, L., ‘The Law of the Horse: What Cyberlaw Might Teach’ (1999) 113 Harvard Law Review 501Google Scholar
Lindqvist, J., ‘New Challenges to Personal Data Processing Agreements: Is the GDPR Fit to Deal with Contract, Accountability and Liability in a World of the Internet of Things?’ (2017) 26 International Journal of Law and Information Technology 45Google Scholar
Lusch, S., ‘State Taxation of Cloud Computing’ (2013) 29 Santa Clara Computer & High Tech Law Journal 369Google Scholar
Macioce, D. Jr, ‘PII in Context: Video Privacy and a Factor-Based Test for Assessing Personal Information (Personally Identifiable Information)’ (2017) 45 Pepperdine Law Review 331Google Scholar
Marinho, C. and others, ‘Digital Content and Cloud-Based Contracts in Brazil and the European Union’ (2016) 24 International Journal of Law and Information Technology 99Google Scholar
Martin, B. and Newhall, J., ‘Criminal Copyright Enforcement against Filesharing Services’ (2013) 15 North Carolina Journal of Law & Technology 35Google Scholar
Martin, M., ‘HIPAA Compliant Clouds: A Reality That Should Not Become a Missed Opportunity by Health Care Providers’ (2014) 83 University of Missouri Kansas City Law Review 25Google Scholar
Matwyshyn, A., ‘Privacy the Hacker Way’ (2013) 87 Southern California Law Review 1Google Scholar
Matwyshyn, A., ‘The Law of the Zebra’ (2013) 28 Berkeley Technology Law Journal 155Google Scholar
Matzner, T., ‘Why Privacy is Not Enough Privacy in the Context of “Ubiquitous Computing” and “Big Data”’ (2014) 12 Journal of Information, Communication and Ethics in Society 93Google Scholar
Mazur, O., ‘Taxing the Cloud’ (2015) 103 California Law Review 1Google Scholar
McGillivray, K., ‘A Right too Far? Requiring Cloud Service Providers to Deliver Adequate Data Security to Consumers’ (2016) 25 International Journal of Law and Information Technology 25Google Scholar
McGillivray, K., ‘Conflicts in the Cloud: Contracts and Compliance with Data Protection Law in the EU’ (2014) 17 Tulane Journal of Technology and Intellectual Property 36Google Scholar
McGillivray, K., ‘FedRAMP, Contracts, and the US Federal Government’s Move to Cloud Computing: If an 800-pound Gorilla Can’t Tame the Cloud, Who Can?’ (2016) 17 The Columbia Science and Technology Law Review 336Google Scholar
McGillivray, K., ‘Give It Away Now? Renewal of the IANA Functions Contract and Its Role in Internet Governance’ (2014) 22 International Journal of Law and Information Technology 3Google Scholar
Medeiros, F., ‘Is “.com” International? The .com gTLD: An Analysis of its Global Nature through the Prism of Jurisdiction’ (2013) 21 International Journal of Law and Information Technology 269Google Scholar
Millard, C., ‘Forced Localization of Cloud Services: Is Privacy the Real Driver?’ (2015) 2 Cloud Computing, IEEE 10Google Scholar
Mizrahi, S., ‘The Dangers of Sharing Cloud Storage: The Privacy Violations Suffered by Innocent Cloud Users During the Course of Criminal Investigations in Canada and the United States’ (2017) 25 Tulane Journal of International and Comparative Law 303Google Scholar
Moskowitz, Y., ‘MLATS and the Trusted Nation Club: The Proper Cost of Membership’ (2016) 41 Yale Journal of International Law Online 15Google Scholar
Mowbray, M., ‘The Fog Over the Grimpen Mire: Cloud Computing and the Law’ (2009) 6 SCRIPTed 14Google Scholar
Nagel, T. and Kelley, E. M., ‘The Impact of Globalization on Structuring, Implementing, and Advising on Sourcing Arrangements’ (2007) 38 Georgetown Journal of International Law 619Google Scholar
Narayanan, V., ‘Harnessing the Cloud: International Law Implications of Cloud-Computing’ (2012) 12 Chicago Journal of International Law 783Google Scholar
Nepple, M. and Sableman, M., ‘Will the Zippo Sliding Scale for Internet Jurisdiction Slide into Oblivion?’ (2016) 20 Journal of Internet Law 6Google Scholar
Nichols, M. and others, ‘Chasing the Clouds without Getting Drenched: A Call for Fair Practices in Cloud Computing Services’ (2011) 16 Journal of Technology Law & Policy 163Google Scholar
Nicholson, J., ‘Plus Ultra: Third-Party Preservation in a Cloud Computing Paradigm’ (2012) 8 Hastings Business Law Journal 191Google Scholar
O’Hara O’Connor, E., Blair, M. M., and Kirchhoefer, G., ‘Outsourcing, Modularity, and the Theory of the Firm’ (2011) 2 Brigham Young University Law Review 263Google Scholar
Osula, A., ‘Transborder Access and Territorial Sovereignty’ (2015) 31 Computer Law and Security Review 719Google Scholar
Padova, Y., ‘The Safe Harbour is Invalid: What Tools Remain for Data Transfers and What Comes Next?’ (2016) 6 International Data Privacy Law 139Google Scholar
Padova, Y., ‘What the European Draft Regulation on Personal Data is Going to Change for Companies’ (2014) 4 International Data Privacy Law 39Google Scholar
Palmer, V., ‘From Lerotholi to Lando: Some Examples of Comparative Law Methodology’ (2004) 4 Global Jurist Frontiers 1Google Scholar
Paquette, S., Jaeger, P. T., and Wilson, S. C., ‘Identifying the Security Risks Associated with Governmental Use of Cloud Computing’ (2010) 27 Government Information Quarterly 245Google Scholar
Parker, J., ‘Lost in the Cloud: Protecting End-User Privacy in Federal Cloud Computing Contracts’ (2012) 41 Public Contract Law Journal 385Google Scholar
Perritt, H. Jr., Taylor, J., and Morgan, J., ‘Achieving Legal and Business Order in Cyberspace: A Report on Global Jurisdiction Issues Created by the Internet’ (2000) 55 Business Lawyer 1801Google Scholar
Pham, C., ‘E-Discovery in the Cloud Era: What’s a Litigant to Do?’ (2013) 5 Hastings Science & Technology Law Journal 41Google Scholar
Pierce, J., ‘Shifting Data Breach Liability: A Congressional Approach’ (2016) 57 William and Mary Law Review 975Google Scholar
Purtova, N., ‘Between the GDPR and the Police Directive: Navigating through the Maze of Information Sharing in Public–Private Partnerships’ (2018) 8 International Data Privacy Law 52Google Scholar
Purtova, N., ‘Private Law Solutions in European Data Protection: Relationship to Privacy, and Waiver of Data Protection Rights’ (2010) 28 Netherlands Quarterly of Human Rights 179Google Scholar
Rachovitsa, A., ‘Engineering and Lawyering Privacy by Design: Understanding Online Privacy both as a Technical and an International Human Rights Issue’ (2016) 24 International Journal of Law and Information Technology 374Google Scholar
Raymond, A., ‘Heavyweight Bots in the Clouds: The Wrong Incentives and Poorly Crafted Balances That Lead to the Blocking of Information Online’ (2013) 11 Northwestern Journal of Technology & Intellectual Property 26Google Scholar
Revolidis, I., ‘Judicial Jurisdiction Over Internet Privacy Violations and the GDPR: A Case of “Privacy Tourism”?’ (2017) 11 Masaryk University Journal of Law and Technology 7Google Scholar
Robison, W. J., ‘Free at What Cost?: Cloud Computing Privacy under the Stored Communications Act’ (2010) 98 The Georgetown Law Journal 1195Google Scholar
Rustad, M. and Onufrio, M. V., ‘Reconceptualizing Consumer Terms of Use for a Globalized Knowledge Economy’ (2012) 14 University of Pennsylvania Journal of Business Law 1085Google Scholar
Sako, M., ‘Outsourcing and Offshoring: Implications for Productivity of Business Services’ (2006) 22 Oxford Review of Economic Policy 499Google Scholar
Saw, C. L. and Chik, W. B., ‘Whither the Future of Internet Streaming and Time-shifting? Revisiting the Rights of Reproduction and Communication to the Public in Copyright Law after Aereo’ (2015) 23 International Journal of Law and Information Technology 53Google Scholar
Schartum, D., ‘Making Privacy by Design Operative’ (2016) 24 International Journal of Law and Information Technology 151Google Scholar
Schoorl, J., ‘Clicking the Export Button: Cloud Data Storage and US Dual-Use Export Controls’ (2012) 80 George Washington Law Review 632Google Scholar
Schrop, K., ‘Your Cooperation is Greatly Appreciated: The Fourth Amendment, National Security Letters, and Public-Private Data Sharing’ (2018) 122 Penn State Law Review 849Google Scholar
Schwartz, P., ‘Information Privacy in the Cloud’ (2013) 161 University of Pennsylvania Law Review 31Google Scholar
Schwartz, P., ‘Legal Access to the Global Cloud’ (2018) 118 Columbia Law Review 1681Google Scholar
Schwartz, P. and Solove, D. J., ‘Reconciling Personal Information in the United States and European Union’ (2014) 102 California Law Review 887Google Scholar
Seddon, J. and Currie, W. L., ‘Cloud Computing and Trans-border Health Data: Unpacking US and EU Healthcare Regulation and Compliance’ (2013) 2 Health Policy and Technology 229Google Scholar
Segall, S., ‘Jurisdictional Challenges in the United States Government’s Move to Cloud Computing Technology’ (2013) 23 Fordham Intellectual Property, Media and Entertainment Law Journal 1105Google Scholar
Selby, J., ‘Data Localization Laws: Trade Barriers or Legitimate Responses to Cybersecurity Risks, or Both?’ (2017) 25 International Journal of Law and Information Technology 213Google Scholar
Sloan, P., ‘The Reasonable Information Security Program’ (2014) 21 Richmond Journal of Law & Technology 2Google Scholar
Sluijs, J. P. J. B., Larouche, P., and Sauter, W., ‘Cloud Computing in the EU Policy Sphere Interoperability, Vertical Integration and the Internal Market’ (2012) 3(1) Journal of Intellectual Property, Information Technology and e-Commerce Law: JIPITEC 1232Google Scholar
Snukal, A., Rosenbaum, J. I., and Bernstein, L. A., ‘Cloud Computing – Transcending the Cloud: A Legal Guide to the Risks and Rewards of Cloud Computing, Part One’ (2011) 65 Consumer Finance Law Quarterly Report 11Google Scholar
Solove, D. and Hartzog, W., ‘The FTC and the New Common Law of Privacy’ (2014) 114 Columbia Law Review 583Google Scholar
Solove, D. and Hartzog, W., ‘The FTC and Privacy and Security Duties for the Cloud’ (2014) 13 BNA Privacy & Security Law Report 577Google Scholar
Solum, L. and Chung, M., ‘The Layers Principle: Internet Architecture and the Law’ (2004) 79 Notre Dame Law Review 815Google Scholar
Spivey, G., ‘Computer Software Sales and Licenses as Subject to Article 2 of Uniform Commercial Code’ (2017) 26 American Law Reports § 1Google Scholar
Stegmaier, G. and Bartnick, W., ‘Psychics, Russian Roulette, and Data Security: The FTC’s Hidden Data-Security Requirements’ (2013) 20 George Mason Law Review 673Google Scholar
Stoolman, M., ‘The Cause of Action for Breach of Data?: The Problem with Relying on Courts when Managing the Risks of Cloud Services’ (2018) 70 Rutgers University Law Review 717Google Scholar
Story, J., ‘Cloud Computing and the NSA: The Carbon Footprint of the Secret Servers’ (2014) 9 Pittsburgh Journal of Environmental and Public Health Law 33Google Scholar
Summers, D., ‘Third Party Beneficiaries and the Restatement (Second) of Contracts’ (1982) 67 Cornell Law Review 880Google Scholar
Surden, H., ‘Computable Contracts’ (2012) 46 University of California Davis Law Review 643Google Scholar
Svantesson, D., ‘Against “Against Data Exceptionalism”’ (2016) 10(2) Masaryk University Journal of Law and Technology 200Google Scholar
Svantesson, D., ‘A Legal Method for Solving Issues of Internet Regulation’ (2011) 19 International Journal of Law and Information Technology 243Google Scholar
Svantesson, D., ‘A New Jurisprudential Framework for Jurisdiction: Beyond the Harvard Draft’ (2015) 109 AJIL Unbound 69Google Scholar
Svantesson, D., ‘Article 4 (1)(a)“Establishment of the Controller” in EU Data Privacy Law – Time to Rein in This Expanding Concept?’ (2016) 6 International Data Privacy Law 210Google Scholar
Svantesson, D., ‘Data Protection in Cloud Computing – The Swedish Perspective’ (2012) 28 Computer Law & Security Review 476Google Scholar
Svantesson, D., ‘Extraterritoriality and Targeting in EU Data Privacy Law: The Weak Spot Undermining the Regulation’ (2015) 5 International Data Privacy Law 226Google Scholar
Svantesson, D., ‘Jurisdictional Issues and the Internet – A Brief Overview 2.0’ (2018) 34 Computer Law and Security Review 715Google Scholar
Svantesson, D., ‘The Hypocritical Hype about ‘Hypothesis’: Why Legal Research Needs to Shed This Relic’ (2014) 39 Alternative Law Journal 259Google Scholar
Svantesson, D. and Gerry, F., ‘Access to Extraterritorial Evidence: The Microsoft Cloud Case and Beyond’ (2015) 31 Computer Law & Security Review 478Google Scholar
Svantesson, D. and van Zwieten, L., ‘Law Enforcement Access to Evidence via Direct Contact with Cloud Providers – Identifying the Contours of a Solution’ (2016) 32 Computer Law & Security Review 671Google Scholar
Tene, O., ‘Privacy Law’s Midlife Crisis: A Critical Assessment of the Second Wave of Global Privacy Laws. The Second Wave of Global Privacy Protection’ (2013) 74 Ohio State Law Journal 1217Google Scholar
Terry, N., ‘Regulatory Disruption and Arbitrage in Health-Care Data Protection’ (2017) 17 Yale Journal of Health Policy, Law, and Ethics 207Google Scholar
Thomas, R. III, ‘A Primer for Negotiating Subcontracts for High-Tech Small Businesses’ (2005) 52 Federal Lawyer 22Google Scholar
Vanberg, A. and Ünver, M. B., ‘The Right to Data Portability in the GDPR and EU Competition Law: Odd Couple or Dynamic Duo?’ (2017) 8 European Journal of Law and Technology 1Google Scholar
Veale, M., Binns, R., and Ausloos, J., ‘When Data Protection by Design and Data Subject Rights Clash’ (2018) 8 International Data Privacy Law 105Google Scholar
Ward, B. and Sipior, J. C., ‘The Internet Jurisdiction Risk of Cloud Computing’ (2010) 27 Information Systems Management 334Google Scholar
Warren, S. and Brandeis, L. D., ‘The Right to Privacy’ (1890) 4 Harvard Law Review 193Google Scholar
Wauters, E., Lievens, E., and Valcke, P., ‘Towards a Better Protection of Social Media Users: A Legal Perspective on the Terms of Use of Social Networking Sites’ (2014) 22 International Journal of Law and Information Technology 254Google Scholar
Weber, R. H. and Staiger, D., ‘Cloud Computing: A Cluster of Complex Liability Issues’ (2014) 20 European Journal of Current Legal Issues 1Google Scholar
Werbach, K., ‘The Network Utility’ (2011) 60 Duke Law Journal 1761Google Scholar
Westmoreland, K. and Kent, G., ‘International Law Enforcement Access to User Data: A Survival Guide and Call for Action’ (2015) 13 Canadian Journal of Law and Technology 225Google Scholar
Wolters, P. T. J., ‘The Security of Personal Data under the GDPR: A Harmonized Duty or a Shared Responsibility?’ (2017) 7 International Data Privacy Law 165Google Scholar
Woods, A., ‘Against Data Exceptionalism’ (2016) 68 Stanford Law Review 729Google Scholar
Yoo, C. S., ‘The Changing Patterns of Internet Usage’ (2010) 63 Federal Communications Law Journal 67, 83Google Scholar
Zanfir, G., ‘The Right to Data Portability in the Context of the EU Data Protection Reform’ (2012) 2(3) International Data Privacy Law 149Google Scholar
Zons, J., ‘The Minefield of Back-to-Back Subcontracts’ (2010) 11 Construction Law International 1Google Scholar
Zuckerman, M., ‘The Offshoring of American Government’ (2008) 94 Cornell Law Review 165Google Scholar
Abramatic, J. F. and others, ‘Privacy Bridges: EU and US Privacy Experts in Search of Transatlantic Privacy Solutions’ (2015) https://privacybridges.mit.edu/sites/default/files/documents/PrivacyBridges-FINAL.pdfGoogle Scholar
Armbrust, M. and others, ‘Above the Clouds: A Berkeley View of Cloud Computing’ Technical Report No UCB/EECS-2009-28 (2009) 16 www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.htmlGoogle Scholar
Badger, L. and others, ‘Cloud Computing Synopsis and Recommendations’ National Institute of Standards and Technology (2012) https://csrc.nist.gov/publications/detail/sp/800-146/finalGoogle Scholar
Badger, L. and others, ‘US Government Cloud Computing Technology Roadmap Volume II Release 1.0 (Draft)’ (NIST Technology 2011) www.nist.gov/sites/default/files/documents/itl/cloud/SP_500_293_volumeII.pdfGoogle Scholar
Badger, L. and others, ‘US Government Cloud Computing Technology Roadmap’ Volume I & II: High-Priority Requirements to Further USG Agency Cloud Computing Adoption, vol. II (2014) https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.500-293.pdfGoogle Scholar
Bignami, F., ‘The US Legal System on Data Protection in the Field of Law Enforcement. Safeguards, Rights and Remedies for EU Citizens’ Study for the LIBE Committee (2015)Google Scholar
Brito, M., ‘Cloud Computing, Multi-Sourcing Create New Challenges in Outsourcing’ West Law number 1600655 Aspatore (2014) 1Google Scholar
Burns, P. and Karlyn, M., ‘What Companies Need to Know About Outsourcing Contracts’ WL 1600656 Aspatore (2014) 1Google Scholar
Butterworth, G. and others, ‘Outsourcing in Europe: An In-Depth Review of Drivers, Risks and Trends in the European Outsourcing Market’ Report/Publication Ernst & Young (2013) 1. www.ey.com/Publication/vwLUAssets/Outsourcing_in_Europe_2013/$FILE/EY-outsourcing-survey.pdfGoogle Scholar
Cafaggi, F., Renda, A., and Schmidt, R., ‘Transnational Private Regulation’ in International Regulatory Co-operation: Case Studies, Vol 3 Transnational Private Regulation and Water Management (OECD 2013) http://dx.doi.org/10.1787/9789264200524-3-enGoogle Scholar
Catteddu, D., ‘Security & Resilience in Governmental Clouds - Making an Informed Decision’ ENISA (2011)Google Scholar
Cavoukian, A., ʻPrivacy by Design: The 7 Foundational Principles’ Information & Privacy Commissioner, Ontario, Canada (2011) https://iab.org/wp-content/IAB-uploads/2011/03/fred_carter.pdfGoogle Scholar
Chief Information Officers and others, ‘Creating Effective Cloud Computing Contracts for the Federal Government Best Practices for Acquiring IT as a Service’ US Federal Cloud Compliance Committee (2012) https://s3.amazonaws.com/sitesusa/wp-content/uploads/sites/1151/2016/10/cloudbestpractices.pdfGoogle Scholar
CoE, Cybercrime Convention Committee (T-CY), ‘Criminal Justice Access to Electronic Evidence in the Cloud: Recommendations for Consideration by the T-CY’ Final Report of the T-CY Cloud Evidence Group (2016) www.coe.int/en/web/cybercrime/cegGoogle Scholar
Commission, ‘Comparative Study on Cloud Computing Contracts’ Directorate-General for Justice and Consumers (European Commission) (2015) https://publications.europa.eu/en/publication-detail/-/publication/40148ba1-1784-4d1a-bb64-334ac3df22c7Google Scholar
Conrad, I. and others, ‘Cloud Computing Contracts – Discussion Paper on Subcontracting’ EU Expert Group on Cloud Computing Contracts (2014) https://ec.europa.eu/info/business-economy-euro/doing-business-eu/contract-rules/cloud-computing/expert-group-cloud-computing-contracts_enGoogle Scholar
Consumer Financial Protection Bureau, Office of the Inspector General, ‘Audit of the CFPB’s Acquisition and Contract Management of Select Cloud Computing Services’ Audit Report 2014-IT-C-016 (2014) https://oig.federalreserve.gov/reports/cfpb-cloud-computing-services-sep2014.pdfGoogle Scholar
Council of the Inspectors General on Integrity and Efficiency (CIGIE), ‘The Council of the Inspectors General on Integrity and Efficiency’s Cloud Computing Initiative’ (2014)Google Scholar
Danish Agency for Digitization and Kammeradvokaten, ‘Cloud Computing and the Legal Framework – Guidance on Legislative Requirement and the Contractual Environment Related to Cloud Computing’ (2012)Google Scholar
Davies, R., ‘Cloud Computing: An Overview of Economic and Policy Issues’ European Parliamentary Research Service (2016) www.europarl.europa.eu/thinktank/en/document.html?reference=EPRS_IDA(2016)583786Google Scholar
Defense Information Systems Agency, ‘Department of Defense (DoD) Cloud Computing Security Requirements Guide Version 1 Release 1’ Report DoD Cloud Computing SRG v1r1 (2015) https://info.publicintelligence.net/DoD-CloudSecurity.pdfGoogle Scholar
Dekker, M. and Liveri, D., ‘Cloud Security Guide for SMEs: Cloud Computing Security Risks and Opportunities for SMEs’ (2015) www.enisa.europa.eu/activities/Resilience-and-CIIP/cloud-computing/security-for-smes/cloud-security-guide-for-smesGoogle Scholar
Department of Defense, Inspector General, ‘DoD Cloud Computing Strategy Needs Implementation Plan and Detailed Waiver Process’ Report No DODIG-2015-045 (2014) 23 www.dtic.mil/dtic/tr/fulltext/u2/a613689.pdfGoogle Scholar
De Silva, S., ‘Liability Discussion Paper’ EC Expert Group on Cloud Computing Contracts (9 April 2014) https://ec.europa.eu/info/business-economy-euro/doing-business-eu/contract-rules/cloud-computing/expert-group-cloud-computing-contracts_enGoogle Scholar
Directorate-General for Communications Networks European Commission, Content and Technology, ‘Analysis of Cloud Best Practices and Pilots for the Public Sector - Final Report SMART: 2012/0069’ (2013) https://ec.europa.eu/digital-single-market/en/news/analysis-cloud-best-practices-and-pilots-public-sectorGoogle Scholar
Environmental Protection Agency, Office of the Inspector General, ‘Cloud Oversight Resulted in Unsubstantiated and Missed Opportunities for Savings, Unused and Undelivered Services, and Incomplete Policies’ Report No 14-P-0332 (2014) www.epa.gov/sites/production/files/2015-09/documents/20140815-14-p-0332.pdfGoogle Scholar
Environmental Protection Agency, Office of Inspector General, ‘EPA Is Not Fully Aware of the Extent of Its Use of Cloud Computing Technologies’ Report No 14-P0323 (2014) www.epa.gov/office-inspector-general/report-epa-not-fully-aware-extent-its-use-cloud-computing-technologiesGoogle Scholar
Environmental Protection Agency, Office of Inspector General, ‘EPA Needs to Improve the Recognition and Administration of Cloud Services for the Office of Water’s Permit Management Oversight System’ Report No 15-P-0295 (24 September 2015) www.epa.gov/sites/production/files/2015-09/documents/20150924-15-p-0295.pdfGoogle Scholar
European Banking Authority, ‘Recommendations on Outsourcing to Cloud Service Providers’ EBA/REC/2017/03 (2017) https://eba.europa.eu/regulation-and-policy/internal-governance/recommendations-on-outsourcing-to-cloud-service-providersGoogle Scholar
European Commission, ‘A Digital Single Market Strategy for Europe’ COM (2015) 192 finalGoogle Scholar
European Commission, ‘“Analysis of Cloud Best Practices and Pilots for the Public Sector” and “Annex to the Final Report: Country Files”’ A study prepared for the European Commission DG Communications Networks, Content & Technology (13 November 2013) https://ec.europa.eu/digital-single-market/en/news/analysis-cloud-best-practices-and-pilots-public-sectorGoogle Scholar
European Commission, ‘Certification Schemes for Cloud Computing’ Final Report – Study (2014) https://publications.europa.eu/en/publication-detail/-/publication/a30d111d-df3f-4aa0-b816-9f515c2f6f85Google Scholar
European Commission, ‘Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions. Unleashing the Potential of Cloud Computing in Europe’ (2012) https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A52012DC0529Google Scholar
European Commission, ‘Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions European Cloud Initiative – Building a competitive data and knowledge economy in Europe’ COM (2016) 178 final https://ec.europa.eu/digital-single-market/en/news/communication-european-cloud-initiative-building-competitive-data-and-knowledge-economy-europeGoogle Scholar
European Commission, ‘Communication from the Commission to the European Parliament, the Council and the European Economic and Social Committee: Digital Contracts for Europe - Unleashing the Potential of E-commerce’ COM (2015) 633Google Scholar
European Commission, ‘Comparative Study on Cloud Computing Contracts’ Annex 1: Country Report Overview Work Package 1’ (2015) https://publications.europa.eu/en/publication-detail/-/publication/c854e3e9-8f7a-4a38-b811-46e799747858/language-enGoogle Scholar
European Commission, ‘Comparative Study on Cloud Computing Contracts’ Final Report - Annex 2: Methodology and Sample Country Selection Work Package 2’ (2015) https://publications.europa.eu/en/publication-detail/-/publication/40148ba1-1784-4d1a-bb64-334ac3df22c7Google Scholar
European Commission, ‘Comparative Study on Cloud Computing Contracts’ Final Report - Annex 3: Template Questionnaire with Information Note Used to Gather Input for Work Package 3’ (2015) https://publications.europa.eu/en/publication-detail/-/publication/40148ba1-1784-4d1a-bb64-334ac3df22c7Google Scholar
European Commission, ‘Comparative Study on Cloud Computing Contracts’ Annex 4: Comparative Study on Cloud Computing Contracts: Final Report - Annex 4: Country Report Overview Work Package 3’ (2015) https://publications.europa.eu/en/publication-detail/-/publication/13f8fb54-f159-4ff1-ba72-a8478a33a072/language-enGoogle Scholar
European Commission, ‘Content and Technology Unit E2 – Software and Services, Cloud Computing Service Level Agreements: Exploitation of Research Results’ (2013) https://ec.europa.eu/digital-agenda/en/news/cloud-computing-service-level-agreements-exploitation-research-resultsGoogle Scholar
European Commission, ‘Facilitating Cross-Border Data Flow in the Digital Single Market: Study on Data Location Restrictions’ SMART 2015/0054 (2017)Google Scholar
European Commission, ‘Measuring the Economic Impact of Cloud Computing in Europe: Study Report’ (10 January 2016) https://ec.europa.eu/digital-single-market/en/news/measuring-economic-impact-cloud-computing-europeGoogle Scholar
European Commission, ‘Report from the Commission to the European Parliament and the Council on the First Annual Review of the Functioning of the EU–U.S. Privacy Shield’ COM (2017) 611 finalGoogle Scholar
European Commission, ‘Standards Terms and Performance Criteria in Service Level Agreements for Cloud Computing Services’ SMART 2013/0039 Final Report (2015)Google Scholar
European Commission, ‘What is VAT?’ Taxation and Customs Unit http://ec.europa.eu/taxation_customs/business/vat/what-is-vat_enGoogle Scholar
European Commission Directorate-General for Communications Networks European Commission, Content and Technology, ‘Analysis of Cloud Best Practices and Pilots for the Public Sector – Final Report’ (2012) https://ec.europa.eu/digital-single-market/en/news/analysis-cloud-best-practices-and-pilots-public-sectorGoogle Scholar
European Parliament, ‘Fighting Cyber Crime and Protecting Privacy in the Cloud’ Committee on Civil Liberties, Justice and Home Affairs (2012) www.europarl.europa.eu/thinktank/en/document.html?reference=IPOL-LIBE_ET%282012%29462509Google Scholar
European Telecommunications Standards Institute, ‘Cloud Standards Coordination Final Report’ (November 2013) www.etsi.org/images/files/Events/2013/2013_CSC_Delivery_WS/CSC-Final_report-013-CSC_Final_report_v1_0_PDF_format-.PDFGoogle Scholar
European Union Agency for Network and Information Security, ‘Critical Cloud Computing: A CIIP Perspective on Cloud Computing Services Version 1.0’ (2012) www.enisa.europa.eu/publications/critical-cloud-computingGoogle Scholar
European Union Agency for Network and Information Security, ‘Good Practice Guide for Securely Deploying Governmental Clouds’ (2013) www.enisa.europa.eu/publications/good-practice-guide-for-securely-deploying-governmental-cloudsGoogle Scholar
European Union Agency for Network and Information Security, ‘Procure Secure: A Guide to Monitoring of Security Service Levels in Cloud Contracts’ (2 April 2012) www.enisa.europa.eu/publications/procure-secure-a-guide-to-monitoring-of-security-service-levels-in-cloud-contractsGoogle Scholar
European Union Agency for Network and Information Security, ‘Security & Resilience in Governmental Clouds – Making an Informed Decision’ (2016) www.enisa.europa.eu/publications/security-and-resilience-in-governmental-cloudsGoogle Scholar
European Union Agency for Network and Information Security, ‘Survey and Analysis of Security Parameters in Cloud SLAs Across the European Public Sector’ Final Report (2011) www.enisa.europa.eu/publications/survey-and-analysis-of-security-parameters-in-cloud-slas-across-the-european-public-sectorGoogle Scholar
Federal Trade Commission, ‘A Brief Overview of the Federal Trade Commission’s Investigative and Law Enforcement Authority’ (2008) Appendix A www.ftc.gov/about-ftc/what-we-do/enforcement-authorityGoogle Scholar
FedRAMP PMO, ‘Tips and Cues’ Report (January 2018) www.fedramp.gov/assets/resources/documents/FedRAMP_Tips_and_Cues.pdfGoogle Scholar
Figliola, P. and Fischer, E. A., ‘Overview and Issues for Implementation of the Federal Cloud Computing Initiative: Implications for Federal Information Technology Reform Management’ (20 January 2015) www.fas.org/sgp/crs/misc/R42887.pdfGoogle Scholar
Forgó, N., Nwankwo, I., and Pfeiffenbring, J., ‘Cloud Legal Guidelines: Final Report’ Optimis EU FP7 Project (2013)Google Scholar
Friedman, G., ‘Department of Energy (DoE) Office of Inspector General, Office of Audits and Inspections, Audit Report: The Department of Energy’s Management of Cloud Computing Activities’ (2014)Google Scholar
Føyen Torkildsen AS, ‘Utredning av Juridiske Forhold ved Bruk av Nettsky i Kommunal Sektor – En Mulighetsstudie’ [Report on the Legal Aspects of Cloud Computing in the Municipal Sector: A Feasibility Study] Norwegian Association of Local and Regional Authorities R&D Project No 144008 (2015) www.ks.no/globalassets/endelig-rapport-om-bruk-av-skytjenester-i-kommunal-sektor.pdfGoogle Scholar
Gasser, U., ‘Cloud Innovation and the Law: Issues, Approaches, and Interplay’ Berkman Center Research Publication (No. 2014-7) (2014) https://dash.harvard.edu/handle/1/16460372Google Scholar
Government Accountability Office, ‘Cloud Computing: Additional Opportunities and Savings Need to Be Pursued’ GAO-14-753 (2014) www.gao.gov/products/GAO-14-753Google Scholar
Government Accountability Office, ‘Cloud Computing: Agencies Need to Incorporate Key Practices to Ensure Effective Performance’ GAO-16-325 (2016) www.gao.gov/products/GAO-16-325Google Scholar
Government Accountability Office, ‘Information Technology Reform: Progress Made but Future Cloud Computing Efforts Should Be Better Planned’ GAO-12-756 (2012) www.gao.gov/assets/600/592249.pdfGoogle Scholar
Hustinx, P., ‘Opinion of the European Data Protection Supervisor on the Commission’s Communication on “Unleashing the Potential of Cloud Computing in Europe”’ (2012) https://edps.europa.eu/sites/edp/files/publication/12-11-16_cloud_computing_en.pdfGoogle Scholar
Jansen, W. and Grance, T., ‘Guidelines on Security and Privacy in Public Cloud Computing’ SP 800-144 (2011) https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdfGoogle Scholar
Kemp, R., ‘Seeding the Global Public Sector Cloud: Part II – The UK’s Approach as Pathfinder for Other Countries’ (2015) www.kempitlaw.com/seeding-the-global-public-sector-cloud-data-classification-security-frameworks-and-international-standards/Google Scholar
Kundra, V., ‘Office of E-Government and Information Technology, Federal Cloud Computing Strategy’ (2011) https://obamawhitehouse.archives.gov/sites/default/files/omb/assets/egov_docs/federal-cloud-computing-strategy.pdfGoogle Scholar
Liu, F. and others, ‘NIST Cloud Computing Reference Architecture’ NIST Special Publication 500-292 (2011) www.nist.gov/publications/nist-cloud-computing-reference-architectureGoogle Scholar
Liu, F. and others, ‘NIST Cloud Computing Standards Roadmap’ NIST Special Publication 500‐291 (2011)Google Scholar
Liveri, D. and Dekker, M. A. C., ‘Security Framework for Governmental Clouds: All Steps from Design to Deployment’ ENISA (2015) 3 www.enisa.europa.eu/publications/security-framework-for-governmental-cloudsGoogle Scholar
Maconick, E., ‘Climate Change: Cloud Sourcing as the New Normal for IT Outsourcing Transactions’ WL 1600650 Aspatore (2014) 8: 2Google Scholar
Maxwell, W. and Wolf, C., ‘A Global Reality: Governmental Access to Data in the Cloud: A Comparative Analysis of Ten International Jurisdictions’ White Paper (2012) www.hldataprotection.com/uploads/file/Revised%20Government%20Access%20to%20Cloud%20Data%20Paper%20(18%20July%2012).pdfGoogle Scholar
McCallister, E., Grance, T., and Scarfone, K. A., ‘Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)’ NIST Special Publication 800-122 (2010)Google Scholar
Mell, P. and Grance, T., ‘The NIST Definition of Cloud Computing’ NIST Special Publication 800-145 (2011) https://csrc.nist.gov/publications/detail/sp/800-145/finalGoogle Scholar
Nagel, T., ‘Structuring Multi-Supplier IT Environments’ WL 1600651 Aspatore (2014) 1Google Scholar
NASA Office of Inspector General, ‘NASA’s Progress in Adopting Cloud-Computing Technologies’ (29 July 2013) https://oig.nasa.gov/docs/IG-13-021.pdfGoogle Scholar
NIST Joint Task Force Transformation Initiative, ‘Security and Privacy Controls for Federal Information Systems and Organizations’ NIST Special Publication 800-53 (2011)Google Scholar
Norwegian Ministry of Local Government and Modernisation, ‘Cloud Computing Strategy for Norway’ Publication Number H-2365 E (2016) www.regjeringen.no/en/dokumenter/cloud-computing-strategy-for-norway/id2484403/Google Scholar
NTT Communications Report, ‘NSA After-Shocks: How Snowden Has Changed ICT Decision-Makers’ Approach to the Cloud’ (2013) http://nsaaftershocks.com/wp-content/themes/nsa/images/NTTC_Report_WEB.pdfGoogle Scholar
OECD, ‘Cloud Computing: The Concept, Impacts and the Role of Government Policy’ (OECD 2014) http://dx.doi.org/10.1787/5jxzf4lcc7f5-enGoogle Scholar
Office of Inspector General USDA, ‘Audit Report 50501-0005-12: USDA’s Implementation of Cloud Computing Services’ (2014) www.usda.gov/oig/webdocs/50501-0005-12.pdfGoogle Scholar
Petroleumstilsynet [Petroleum Safety Authority], ‘Uriktige påstander om IKT-tilsyn i NRK’ [Incorrect Claims on ICT Supervision at NRK] (2016) www.ptil.no/nyheter/uriktige-pastander-om-ikt-tilsyn-i-nrk-article12392-702.htmlGoogle Scholar
PICSE, ‘Procurement Innovation for Cloud Services in Europe: D3.1 Procurement Barriers Report’ N:644014 (2015) www.picse.eu/publications/deliverables/d31-procurement-barriers-reportGoogle Scholar
PICSE, ‘Procuring Cloud Services Today: Experiences and Lessons Learned from the Public Sector’ (2016) www.picse.eu/sites/default/files/Procuring%20cloud%20services%20today_22072015.pdfGoogle Scholar
Powner, D. and United States Government Accountability Office, ‘Information Technology: Federal Agencies Need to Address Aging Legacy Systems’ Report GAO-16-696T (25 May 2016) www.gao.gov/assets/680/677454.pdfGoogle Scholar
PricewaterhouseCoopers, ‘Pulse Survey: US Companies Ramping up General Data Protection Regulation (GDPR) Budgets’ (2017) www.pwc.com/us/en/services/consulting/library/general-data-protection-regulation-gdpr-budgets.htmlGoogle Scholar
Procurement Innovation for Cloud Services in Europe (PICSE), ‘PICSE – Procurement Innovation for Cloud Services in Europe: D3.2 Procurement Best Practices Report’ EU Project H2020-ICT-2014-1 (2016) www.picse.eu/publications/deliverables/d32-procurement-best-practices-reportGoogle Scholar
Rauhofer, J. and Bowden, C., ‘Protecting Their Own: Fundamental Rights Implications for EU Data Sovereignty in the Cloud’ Edinburgh School of Law Research Paper No 2013/28 (2013) www.research.ed.ac.uk/portal/files/13528951/Rauhofer_Protecting_their_own.pdfGoogle Scholar
Reuters Staff, ‘Statoil Moves Key IT Tasks from India Back to Norway’ Reuters (30 June 2017) www.reuters.com/article/statoil-norway-cyber-idUSL8N1JR41EGoogle Scholar
Sanner, J. ‘Cloud Computing Strategy for Norway’ Norwegian Ministry of Local Government and Modernisation, Publication Number: H-2365 E (2016). www.regjeringen.no/en/dokumenter/cloud-computing-strategy-for-norway/id2484403/Google Scholar
SLALOM, ‘Final Legal Terms for Adoption D2.2’ SLALOM Legal Model Terms (2016) EU Project http://slalom-project.eu/node/176Google Scholar
Trans Lex, ‘No. IV.1.2 - Sanctity of Contracts’ www.trans-lex.org/919000Google Scholar
UK Crown Commercial Service, ‘G-Cloud 9 Framework: Overview and Buyers Guide’ (2017) www.gov.uk/guidance/g-cloud-buyers-guideGoogle Scholar
UK Crown Commercial Service, ‘Procurement Policy Note – Changes to Data Protection Legislation & General Data Protection Regulation’ Action Note PPN 03/17 (2017) www.gov.uk/government/publications/procurement-policy-note-0218-changes-to-data-protection-legislation-general-data-protection-regulationGoogle Scholar
UK Crown Commercial Service, ‘The Total Value of Sales through the G-Cloud Framework’ (2017) www.gov.uk/government/statistical-data-sets/g-cloud-framework-sales-up-to-31-july-2017Google Scholar
UK Government Digital Service, ‘Government Cloud First Policy’ (3 February 2017) www.gov.uk/guidance/government-cloud-first-policy#consider-cloud-solutions-before-alternativesGoogle Scholar
UK Government Digital Service, ‘Guidance: Make Privacy Integral’ (6 November 2017) www.gov.uk/guidance/make-privacy-integralGoogle Scholar
UK Government Digital Service, ‘Guidance: Terms and Conditions of Digital Marketplace Frameworks’ (18 April 2016) www.gov.uk/guidance/terms-and-conditions-of-digital-marketplace-frameworksGoogle Scholar
United States Department of Agriculture, Office of Inspector General, ‘USDA’s Implementation of Cloud Computing Services’ Audit Report 50501-0005-12 (2014) www.usda.gov/oig/webdocs/50501-0005-12.pdfGoogle Scholar
United States Department of State, ‘7 Foreign Affairs Manual’ (2013) https://fam.state.gov/fam/07fam/07fam0960.htmlGoogle Scholar
United States Postal Service, ‘Cloud Security’ (2015) https://about.usps.com/handbooks/as805h/welcome.htmGoogle Scholar
VanRoekel, S., ‘Security Authorization of Information Systems in Cloud Computing Environments’ Office of Management and Budget (8 December 2011)Google Scholar
Venturini, J. and others, ‘Terms of Service and Human Rights: An Analysis of Online Platform Contracts’ Study/Report (Editora Revan 2016) http://bibliotecadigital.fgv.br/dspace/handle/10438/18231Google Scholar
Vincent, M., ‘Cloud Computing Contracts White Paper: A Survey of Terms and Conditions’ White Paper (2011) www.ficpi.org.au/articles/White_Paper_June2011.pdfGoogle Scholar
Wyld, D., ‘Moving to the Cloud: An Introduction to Cloud Computing in Government’ 33 IBM Center for the Business of Government (2009) www.businessofgovernment.org/sites/default/files/CloudComputingReport.pdfGoogle Scholar
Zevin, S., ‘Standards for Security Categorization of Federal Information and Information Systems’ US Department of Commerce, FIPS Publication 199 (2004) https://citadel-information.com/wp-content/uploads/2012/08/FIPS-PUB-199-final.pdfGoogle Scholar
Aitoro, J., ‘The Mysterious Bankruptcy Case of Global Computer Enterprises’ Washington Business Journal (12 September 2014) www.bizjournals.com/washington/blog/fedbiz_daily/2014/09/the-mysterious-bankruptcy-case-of-government.htmlGoogle Scholar
Boal, E., ‘Fun with Processor Clauses’ Society for Computers and Law (SCL) (2018) www.scl.org/articles/10117-fun-with-processor-clausesGoogle Scholar
Brodkin, J., ‘Google Apps Not Cutting It for LA’s Finest’ Wired Online (20 October 2011) www.wired.com/2011/10/google-apps-los-angeles-police/Google Scholar
Drape, J., ‘Cloud Computing Takes the Preakness, Ending Always Dreaming’s Crown Hopes’ New York Times Online (20 May 2017) www.nytimes.com/2017/05/20/sports/horse-racing/Cloud-computing-wins-preakness-stakes-always-dreaming.htmlGoogle Scholar
Gibbs, S., ‘Typo Blamed for Amazon’s Internet-Crippling Outage’ The Guardian (3 March 2017) www.theguardian.com/technology/2017/mar/03/typo-blamed-amazon-web-services-internet-outageGoogle Scholar
Henley, J., ‘Sweden Scrambles to Tighten Data Security as Scandal Claims Two Ministers’ The Guardian (1 August 2017) www.theguardian.com/technology/2017/aug/01/sweden-scrambles-to-tighten-data-security-as-scandal-claims-two-ministersGoogle Scholar
Hersher, R., ‘Amazon and the $150 Million Typo’ National Public Radio Online www.npr.org/sections/thetwo-way/2017/03/03/518322734/amazon-and-the-150-million-typoGoogle Scholar
Hills, H., ‘Key Error in India Halted Production at Mongstad’ Norway Today Online (28 October 2016) http://norwaytoday.info/finance/key-error-india-halted-production-mongstad/Google Scholar
Jørgenrud, M., ‘Her er brevet som forbyr Google Apps’ [Here is the Letter Prohibiting Google Apps] (24 January 2012) www.digi.no/887985/her-er-brevet-som-forbyr-google-appsGoogle Scholar
Konkel, F., ‘The Details about the CIA’s Deal with Amazon $600 Million Computing Cloud Built by an Outside Company is a “Radical Departure” for the Risk-Averse Intelligence Community’ The Atlantic (17 July 2014) www.theatlantic.com/technology/archive/2014/07/the-details-about-the-cias-deal-with-amazon/374632/Google Scholar
Lauchlan, S., ‘G-Cloud’s “Biggest Single Barrier” – Two Year Contracts in a World of 13 Year Outsourcing Deals’ Diginomica (26 April 2016) https://government.diginomica.com/2016/04/26/g-clouds-biggest-single-barrier-two-year-contracts-in-a-world-of-13-year-outsourcing-deals/Google Scholar
Mazmanian, A., ‘Cloud Contractor to Pay US $9M to Settle False Claims Charges’ Washington Tech (8 May 2015) http://washingtontechnology.com/articles/2015/05/08/gce-false-claims.aspxGoogle Scholar
Metz, C., ‘The Epic Story of Dropbox’s Exodus from the Amazon Cloud Empire’ Wired Business Online (14 March 2016) www.wired.com/2016/03/epicGoogle Scholar
Miller, J., ‘Inside the Reporter’s Notebook: Labor Pinched by Poor Cloud Contracting; Financial Shared Services Progresses’ Fed News Radio (9 December 2013) www.federalnewsradio.com/?nid=533&sid=3521104Google Scholar
Pepper, D., ‘Ignoring That Harmless Looking “Force Majeure” Clause in Your Cloud Services Provider Agreement?’ CLOUDAVE (15 April 2013) www.cloudave.com/27723/ignoring-that-harmless-looking-force-majeure-clause-in-your-cloud-services-provider-agreement/Google Scholar
Perkins, B., ‘Lessons to be Learned from a Project Nightmare’ Computerworld (11 March 2015) www.computerworld.com/article/2895066/lessons-to-be-learned-from-a-project-nightmare.htmlGoogle Scholar
Remen, A. and Tomter, L., ‘Tastefeilen Som Stoppet Statoil’ [The Typo That Stopped Statoil] NRK (28 October 2016) www.nrk.no/norge/xl/tastefeilen-som-stoppet-statoil-1.13174013Google Scholar
Richards, T., ‘The G-Cloud Security Approach’ Accreditation (9 June 2014) https://digitalmarketplace.blog.gov.uk/2014/06/09/the-G-Cloud-security-approach/Google Scholar
Shah, S., ‘Director Who Outsourced Swedish Government Database to the Cloud, Where Critical Data Was Compromised, Fined Just £6,500’ Computing (24 July 2017) www.computing.co.uk/ctg/news/3014334/director-who-outsourced-swedish-government-database-to-the-cloud-where-critical-data-was-compromised-fined-just-gbp6-500Google Scholar
Shein, E., ‘CASB Market Poised for Channel Growth’ Tech Target Blog (July 2016) https://searchitchannel.techtarget.com/feature/CASB-market-poised-for-channel-growthGoogle Scholar
Tomter, L. and Remen, A. C., ‘Datatilsynet Fant Lovbrudd: Millionbøter Etter outsourcing av Sykehus-IT’ [The Norwegian Data Protection Authority Found a Violation of the Law: Million NOK Fine for the Outsourcing of Hospital IT] NRK (27 October 2017) www.nrk.no/norge/millionboter-etter-outsourcing-av-sykehus-it-1.13751516Google Scholar
Tomter, L. and Remen, A. C., ‘Globalisering på norsk: Vipps-indere på overtid og en tastefeil på Mongstad: Metode-rapport til SKUP 2017 fra NRK Nyheter’ [Globalisation in Norwegian: Vipps Indian employees working overtime and a typo at Mongstad: Methodology Report for Scoop prise 2917] (2017) http://skup-norge.no/wp-content/uploads/2017/03/metoderapport-globalisering-pn-norsk.pdfGoogle Scholar
Vijayan, J., ‘Plans to Migrate LAPD to Google’s Cloud Apps Dropped: Service is Incompatible with FBI’s Security Requirements, City Says’ Computerworld (22 December 2011) www.computerworld.com/article/2500649/cloud-computing/plans-to-migrate-lapd-to-google-s-cloud-apps-dropped.htmlGoogle Scholar
Walsh, B., ‘Your Data is Dirty: The Carbon Price of Cloud Computing’ Time Online (2 April 2014) http://time.com/46777/your-data-is-dirty-the-carbon-price-of-cloud-computing/Google Scholar
Battelle Energy Alliance, LLC, and DoE, ‘General Provisions for Commercial Items/Services’ Applicable to Contract No 00109064 (29 August 2011)Google Scholar
Battelle Energy Alliance (BEA) and Unisys Corporation, ‘Contract for Unisys Corporation to Furnish Messaging Replacement SOW’ Contract No 00109064 (US Gov’t No DE-AC07-05ID14517) (2 September 2011)Google Scholar
British Library and Bravo Solutions UK Ltd, Ref # FIN 8895 (10 February 2014)Google Scholar
Difi, ‘Driftsavtalen (SSA-D)’ [Operational Services Contract] (2018) www.anskaffelser.no/verktoy/kontrakter-og-avtaler/kjopsavtalen-ssa-kGoogle Scholar
Difi, ‘Avtale om løpende tjenestekjøp (SSA-L)’ [Agreement Concerning Ongoing Purchases of Services via the Internet] (2018) www.anskaffelser.no/verktoy/avtale-om-lopende-tjenestekjop-ssa-lGoogle Scholar
Direktoratet for forvaltning og ikt (Difi) [The Norwegian Agency for Public Management and eGovernment], ‘Kjøpsavtalen (SSA-K)’ [IT Sales and Purchase Agreement] (2018) www.anskaffelser.no/verktoy/kontrakter-og-avtaler/kjopsavtalen-ssa-kGoogle Scholar
EPA and AVANTI Corporation, Contract #EP-BPA-12-C-0010 (24 January 2012) Task 4Google Scholar
FAA and Computer Sciences Corp., Contract DTFACT-15-D-0003 1-81 (26 August 2015)Google Scholar
FAA Cloud Services DTFACT-15-D-00003, Attachment J-1 Cloud Computing Services Description 1-40 (21 August 2015)Google Scholar
Financial Conduct Authority (FCA), ‘FG16/5: Guidance for Firms Outsourcing to the “Cloud” and Other Third Party IT Services’ (2016) www.fca.org.uk/publications/finalised-guidance/fg16-5-guidance-firms-outsourcing-cloud-and-other-third-party-itGoogle Scholar
General Services Administration (GSA), ‘FedRAMP Control Specific Contract Clauses: Version 2.0’ (6 June 2014)Google Scholar
Google Inc and Battelle Energy Alliance, ‘Google Apps for Government and Postini via Reseller Agreement, “BEA-DOE Contract” US Gov’t No DE-AC07-05ID14517’ (25 August 2011)Google Scholar
Idaho National Laboratory, ‘Infrastructure as a Service Statement of Work (SOW)’ Document ID: SOW-10558, 1–13 (26 October 2012)Google Scholar
Idaho National Laboratory, ‘Messaging Replacement Statement of Work (SOW)’ Document ID: SOW-9406, 1–28 (26 March 2015)Google Scholar
Joint Enterprise Defense Infrastructure (JEDI) for Use by the US Military, ‘JEDI Cloud Request for Proposal (RFP)’ Solicitation Number: HQ003418R0077_JEDI_CLOUD_RFP (2018) www.fbo.gov/index?s=opportunity&mode=form&tab=core&id=38bd3e33414337cdc805c21004d85477&_cview=0Google Scholar
NASA and eTouch Systems Corp., Contract Number NNH05CC35D, 2.2.4 (2005)Google Scholar
Norwegian Agency for Public Management and eGovernment (Difi), ‘Avtale om løpende tjenestekjøp (SSA-L)’ [Agreement Concerning Ongoing Purchase of Services via the Internet (SSA-L)] (2018) www.anskaffelser.no/verktoy/avtale-om-lopende-tjenestekjop-ssa-lGoogle Scholar
Police and Crime Commissioner for Avon & Somerset and Iken Business Limited, ‘Relating to the Provision of G-Cloud Services’ (Call-Off Terms, 17 March 2014)Google Scholar
Sprint II Model Contract (Framework Agreement) Thames Valley Police Authority and Specialist Computing Services, ‘Contract Relating to the Provision of IT Products and Services VISAV Ltd (Model Contract v 1.00)’ (2012)Google Scholar
UK G-Cloud Framework 9, ‘Framework Contract’ (8 May 2017)Google Scholar
UK G-Cloud Framework 9, ‘Call-Off Contract’ (8 May 2017)Google Scholar
UK G-Cloud Framework 12, ‘Framework Agreement’ RM1557.12 (19 October 2020)Google Scholar
UK G-Cloud Framework 12, ‘Call-Off Contract’ RM1557.12 (19 October 2020)Google Scholar
US Department of the Treasury on Behalf of the Consumer Financial Protection Bureau (CFPB) and Deloitte Consulting LLP, Contract No TDP-CFP-12-C-0008 (23 May 2012)Google Scholar
USPS and Autonomy Inc, Contract No 1BITSV-11-B-1007 (30 June 2011)Google Scholar
USPS and Autonomy Inc, Statement of Work (SOW) for Contract No 1BITSV-11-B-1007 (21 September 2010)Google Scholar
USPS and THISMOMENT Inc, Contract #2BTCON-13-B-0075 (30 September 2013)Google Scholar
CISPE’s Self-Declaration EU GDPR Code of Conduct: https://cispe.cloud/code-of-conduct/Google Scholar
Cloud Security Alliance’s Security, Trust and Assurance Registry: https://cloudsecurityalliance.org/star/#_overviewGoogle Scholar
EuroCloud Star Audit Certification: www.eurocloud.orgGoogle Scholar
Google, ‘Service Organization Controls (SOC) 3 Report on the Google Cloud Platform System Relevant to Security, Availability, Processing Integrity, and Confidentiality for the Period 1 May 2016 to 30 April 2017’: https://cloud.google.com/files/GCP_SOC3_2017.pdfGoogle Scholar
ISO Standards Catalogue for Cloud Computing: www.iso.org/ics/35.210/x/; www.ssae-16.com/Google Scholar
New Zealand Cloud Computing Code of Practice: https://cloudcode.nz/AboutGoogle Scholar
Amazon Web Services, ‘Compliance Programs’ https://aws.amazon.com/compliance/programs/Google Scholar
FedRAMP, ‘Program Overview’ www.fedramp.gov/aboutus/about/Google Scholar
National Information Standards Organization, ‘Understanding Metadata’ (2004) www.niso.org/publications/press/UnderstandingMetadata.pdfGoogle Scholar
Marinho Martins de Castro, C., ‘On the Regulation of Cloud Computing Contracts’ (Unpublished PhD thesis, Universidade Federal De Pernambuco Centro De Informática 2014) https://repositorio.ufpe.br/bitstream/123456789/12060/1/TESE%20Clarice%20Marinho%20de%20Castro.pdfGoogle Scholar
Tapanelli, P., ‘Cloud Computing Contracts’ (PhD thesis 2014). Unpublished PhD on file with author.Google Scholar

Save book to Kindle

To save this book to your Kindle, first ensure no-reply@cambridge.org is added to your Approved Personal Document E-mail List under your Personal Document Settings on the Manage Your Content and Devices page of your Amazon account. Then enter the ‘name’ part of your Kindle email address below. Find out more about saving to your Kindle.

Note you can select to save to either the @free.kindle.com or @kindle.com variations. ‘@free.kindle.com’ emails are free but can only be saved to your device when it is connected to wi-fi. ‘@kindle.com’ emails can be delivered even when you are not connected to wi-fi, but note that service fees apply.

Find out more about the Kindle Personal Document Service.

  • References
  • Kevin McGillivray
  • Book: Government Cloud Procurement
  • Online publication: 10 December 2021
  • Chapter DOI: https://doi.org/10.1017/9781108942485.010
Available formats
×

Save book to Dropbox

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Dropbox.

  • References
  • Kevin McGillivray
  • Book: Government Cloud Procurement
  • Online publication: 10 December 2021
  • Chapter DOI: https://doi.org/10.1017/9781108942485.010
Available formats
×

Save book to Google Drive

To save content items to your account, please confirm that you agree to abide by our usage policies. If this is the first time you use this feature, you will be asked to authorise Cambridge Core to connect with your account. Find out more about saving content to Google Drive.

  • References
  • Kevin McGillivray
  • Book: Government Cloud Procurement
  • Online publication: 10 December 2021
  • Chapter DOI: https://doi.org/10.1017/9781108942485.010
Available formats
×