Monthly Archives: January 2012

Please Turn Off Your Electronics, Unless You’re the Captain…

by January 9, 2012
on iPad 1 comment read more

We have all seen the airline crew approaching the gate, with the captain and co-pilot rolling a rather large lunchbox behind them. In that box, are some 20+ pounds of paper. That “lunchbox” has maps, checklists, procedures and some electronics that both need to refer to during the flight. Combined, the cockpit will have an additional 40-50 pounds of paper, depending on the aircraft being flown and the airlines. And like anything else on a plane, it costs fuel to fly all this paperwork every time the pilots are in flight. It is estimated this cost is between 250,000 and 500,000 per annum – adding to the cost of the flight. Annully, this cost is easily in the millions.

Since June, American Airlines had been testing the use of the iPad and iPad 2 on flights out of Los Angeles and has recently received FAA approval for implementing the use of both iPads on all its flights. The FAA has not authorized any of the other airlines for any testing nor for implementing the iPad on their flights. Probably a good thing as this is new territory for the aviation industry – just as much as the electronic avionics were when Garmin started making them in 1991. It was another 10 years before planes were sold with a complete array of electronic avionics.

Needless to say there will be certain functional and technical specifications that will have to be met with each iPad used by the airlines. Like, perhaps, a fully charged battery would be good – but that would limit the use of the Pad on continental flights as intercontinental can be 6, 7, 8 or more hours. Though Apple claims 10 hours for battery life, we know what will happen if a plan ends up on the tarmac for 3 or more hours. So there are many details to be considered.

The FAA did stipulate that the paper is not disappearing yet. The American Airline pilots can use the iPad but MUST have the usual paper with them. What about you? How do you feel about the iPad being used in the cockpit? Would you trust your life – and 300 others in the plane – to the iPad? Let us know!

Is The Rate of Change in Technology Initiating Legal Concerns?

by January 4, 2012
on Cloud no comments read more

With the rate of change in technology, legal concerns are building up everywhere. Both cannot keep pace with how fast things are suddenly happening. And given Moore’s Law, this pace is not about to slow down either — which also means there are going to be some headaches as well as opportunities in dealing with the legal circles.

No matter how fast anything changes there are some constants that must be taken into account. As cloud computing gets its name from the fact that everything you do seems to be available anywhere, then where is your data really located? How is it being stored? Who is responsible for its security? Laws are usually based upon entities and/or sovereignties and it creates boundaries in which the protection of the law is supposed to be applied. Given the nature of cloud computing then, a key question about cloud computing remains unresolved in the law books as well the courts. Questions as to which law applies to your organization’s data in the cloud are basically simple: The law as applied to where you are located? The law as applied to where your data is located? Or the law where the data subject is located? The answers, however, are not simple. Especially if you have cloud services in other countries, international consensus on this issue has not yet been tested.

As most contracts provide which laws under which any disputes could be resolved, and the location of the court where such disputes could be heard, it’s essential for a cloud-computing contract to identify the geographic region within which the data centers hosting your data, and potentially the headquarters of the cloud provider, may be located, and to address the cloud provider’s obligations to keep your data in those regions. Otherwise, the overlaps and potential conflicts between the possible governing laws could make legal and data access compliance impossible.

As risk management focuses on retaining some measure of control, your contract with the cloud provider should require the cloud provider to notify you regarding its receipt of any 3rd party request to access your data. Be sure to specify the time frame within which such notice should be provided. And make it paramount that in ALL cases notice should be given ahead of granting access to any of your organization’s data. Also, make your cloud provider to make an obligation to limit the disclosure of your data to the extent legally possible, and to cooperate with your efforts to appropriately manage the release of any data.

Most of this can be performed proactively by a due diligence investigations of the cloud provider’s standard practices and procedures. These will reveal that it has a policy in place that meets your data access requirements, and you should codify this in the contract, and include a copy of that policy as an attachment.

Credit is due to Thomas Trappler for sharing much of this information. Thomas is the director of software licensing at the University of California, Los Angeles, and a nationally recognized expert, consultant and published author in cloud computing risk mitigation via contract negotiation and vendor. He offers several guides to cloud computing contracts.