Cloud computing, a computer networking model that gives users on-demand access to shared software applications and data storage,  is becoming increasingly popular among businesses and individuals. For example, if you use Google’s Gmail for your email and calendaring, or Snapfish for your online photo sharing and storage; or if your business remotely stores data with a third-party server provider like Salesforce, or uses Windows Azure to create and host web applications and services, you are already “floating in a cloud.” To provide guidance to those companies working within a cloud – *2 or those considering utilizing cloud computing – this article surveys U.S. cases that have direct, substantive implications for cloud users. These cases implicate issues of personal jurisdiction, privacy rights, e-discovery, and copyright infringement. We also take a brief look at the newest case on the cloud computing horizon, Google v. The United States.
Earlier this year in the Quon case, we learned that if you’re sending personal messages via your company-issued PDA or cell phone, you do not have any right to privacy. It’s their phone. Interestingly, this case from March 2010 (decided prior to Quon) held that
…an employee had a legitimate expectation of privacy in e-mail communications that she sent to her attorney through her personal web-based e-mail account using her employer’s laptop computer. The decision in Stengart results from an employer’s failure to provide adequate warning to its employees in an electronic communications policy that personal e-mails may be recovered—and read—if they are sent through the employer’s electronic system. Stengart teaches the importance of providing employees with clear notice that their privacy rights are limited in the workplace.
Another reference to a discussion about this case can be found here. The “fine print” and learning point is that if employers have a clearly defined policy regarding privacy rights in the workplace, then those rights can be limited.