Issue link: https://epubs.iltanet.org/i/45522
"The provider should agree to limit human encounters with your raw (unencrypted) data." 7. What do the terms say? Reviewing and understanding the agreements you enter into with a cloud provider, including the terms of service (ToS), privacy policy and service level agreement, is a critical component of the due diligence process. The ToS and privacy policy will outline both the provider's responsibilities to you as a user and your responsibilities to the provider. Any behaviors the provider could consider to be abusive or grounds for suspension or termination will be outlined in the ToS. The ToS will also outline any warranties, or lack thereof, and, in conjunction with the SLA, will define 24 Risky Business ILTA White Paper what liability the provider will undertake should it fail to fulfill its duties in providing the service. The privacy policy should clearly state that you, not the provider, retain ownership of all data stored with the cloud provider. Furthermore, the cloud provider should make it clear your data will not be used for any purpose outside of your direct use of the application. The ToS and privacy policy should also outline which third parties can be used by the cloud computing provider. Finally, your cloud computing provider should be transparent and offer users notification and the opportunity to address any data demand from the government whenever it is not prohibited from doing so by applicable law.