Out-Law / Your Daily Need-To-Know

Standardisation guidelines for cloud computing service level agreements developed by industry

Out-Law News | 30 Jun 2014 | 10:15 am | 1 min. read

New industry-developed standardisation guidelines for cloud computing service level agreements (SLAs) between cloud providers and cloud service customers are to be trialled by the European Commission.

Representatives from companies including Amazon, Google, IBM, Microsoft, SAP and Salesforce helped develop the guidelines (41-page / 585KB PDF) within a sub-group of the Cloud Select Industry Group (CSIG). CSIG was set up by the Commission with the aim of developing standardised cloud computing contract terms that could be used by businesses hoping to enter into outsourcing agreements with cloud providers.

The guidelines contain broad recommendations for businesses about what they should seek to have in place when entering into SLAs with cloud providers. The guidelines address a number of different contractual and legal issues, including the measures businesses need to consider to ensure compliance with EU data protection rules when cloud providers will be involved with processing personal data under the terms of their contract with those companies.

The Commission said that it would test the guidelines with cloud users, particularly small businesses, with a view to their possible inclusion in future within a new international standard on SLAs for cloud computing currently being worked on within the structures of the International Organisation for Standardisation (ISO).

Businesses often put in place SLAs with organisations with which they seek to obtain services from. The agreements generally define the nature of the service being provided and often set minimum service level standards that providers must achieve under the terms of the contract.

In a letter to EU Commissioners Neelie Kroes and Viviane Reding (2-page / 885KB PDF), the CSIG subgroup on SLAs said that "standardising aspects of SLAs will improve the clarity and increase the understanding of SLAs for cloud services in the market, in particular by highlighting and providing information on the concepts usually covered by SLAs and related documents, in addition to information which can be obtained from certification schemes".

Kroes said that the proposals submitted by the CSIG subgroup represented the first time that "cloud suppliers have agreed on common guidelines for service level agreements" and said that the guidelines stand to benefit small businesses in particular.

Reding said the guidelines "will help generate trust in innovative computing solutions and help EU citizens save money".

"More trust means more revenue for companies in Europe's digital single market," Reding said. "This is the same spirit as the EU data protection reform which aims at boosting trust. A competitive digital single market needs high standards of data protection. EU consumers and small firms want safe and fair contract terms."