Beginning Next Week: InsideCounsel will become part of Corporate Counsel. Bringing these two industry-leading websites together will now give you comprehensive coverage of the full spectrum of issues affecting today's General Counsel at companies of all sizes. You will continue to receive expert analysis on key issues including corporate litigation, labor developments, tech initiatives and intellectual property, as well as Women, Influence & Power in Law (WIPL) professional development content. Plus we'll be serving all ALM legal publications from one interconnected platform, powered by, giving you easy access to additional relevant content from other InsideCounsel sister publications.

To prevent a disruption in service, you will be automatically redirected to the new site next week. Thank you for being a valued InsideCounsel reader!


How to deal with data stuck in the cloud

The coming cloud computing compliance crisis

Companies are increasingly embracing cloud computing, storing their email, files and other electronic information in a cloud storage service provider’s data center accessible via the Internet. While cloud computing can make the IT organization’s life easier, the lack of effective information governance controls in the cloud foretell a coming crisis.

Cloud computing is the hot, new trend in IT because it reduces capital expenditures, is charged “per the drink” based on the amount of data stored and releases the IT staff from the headaches of securing and backing up data. The cloud computing market is expected to reach $150 billion by next year. There are real, measurable benefits for some organizations to move their data to the cloud.

Yet beneath this silver lining may be a dark cloud. Many companies, such as these, are discovering after the fact that with some cloud solutions, information governance is lacking or non-existent:

  • One West Coast manufacturing company’s IT organization contracted with cloud vendor to host and store the company’s email. IT negotiated—without consulting the legal or compliance departments—for the cloud provider to retain all email for two years. One year and 11 months into the contract, IT announced the imminent, automatic email deletion, per the negotiated agreement. However, there was one slight problem: The company was involved in more than 50 active litigation matters, and some of the email in the cloud subject to deletion had the potential to be relevant to this ongoing litigation. Furthermore, there was no effective way to easily search the emails, or selectively retrieve emails from particular individuals. Rather, the entire email corpus had to be exported before it could be searched, which was a slow and expensive process.  
  • When the U.S. Justice Department shut down the online file storage company Megaupload for alleged criminal activity, it also shutdown access for thousands of other legitimate and legal users. There is a similar lack of precision when investigators subpoena data—they often seek all of the content on a system, and there is little effort to ferret out to whom certain data belongs. The physical analogy is if police were to search all lockers in a rented storage facility not just the one targeted by a search  warrant. In a comment to the Wall Street Journal, Julie Samuels, a staff attorney with the San Francisco-based digital-rights firm Electronic Frontier Foundation, said she was "concerned about the users who had no due process, and no notice—and no access to their data."

Cloud computing does hold the promise of lower costs, better service levels and easier management. Yet organizations are well advised to consider their information governance requirements before jumping right into a cloud.

author image

Mark Diamond

Mark Diamond, Founder & CEO of Contoural, Inc., is a regular contributor to Inside Counsel on Litigation Readiness and Records Information Management. You can e-mail...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.