La gestione di data e meta-data nel cloud computing: profili di proprietà intellettuale e questioni di privacy - Conference "Getting around the cloud(s) - Technical and legal issues on Cloud services”

Authors: Giulia Schneider


The paper examines the controversial issue of the legal qualification of the information stored on a cloud computing system, and the tension that is likely to arise between the intellectual property regime of protected material flowing through the cloud-platforms and the legal protection of the privacy of cloud consumers, who are more and more relying on such kind of technology as a means of distributing and accessing to protected data.

On the cloud, the conflict between the two legal schemes, and the two legal rights, appears to be much more serious than it was in the pre-digital area, given the peculiar generative nature of the information stored on the cloud: in fact, the duty to control that the usage rights gained by the end user are not violated, encourages a systematic control over the users activities, that leads to surveillance and monitoring practices by means of which the service-providers collect an enormous amount of a specific type of personal meta-data, or secondary data, directly stemming from the primary data of information protected by IP rights, and more specifically directly deriving by the use that consumers make of the accessed intellectual property data.

Three are the control points examined, related to technological protection measures arranged by the providers restricting access to protected material, secondly restricting the usage of it, and thirdly relating to self-help protection measures, assuring adequate reaction against violations of the first two protection parameters, by means of arbitrary cancellations or eventual locking out of users who are intended to create or distribute by the means of the cloud certain kinds of contents or formats.

We will at first focus on the impact of the access measures on the intellectual property regime with specific regards to the European digital copyright and the US fair use doctrine , secondly on the repercussions of the usage controls on the privacy standards.

On the one side, the arrangement of access control points enables the providers, and through the cloud providers, also the IP holders to “opt out those parts of the copyright system they dislike”[1].

Furthermore, the centralized structure of the cloud platforms and the verticalization of the digital interaction between users enable the providers to act not only as processors of the protected material, but also as controllers of the amount of personal information directly arising from it, profiling cloud-consumers on the basis of their intellectual inclinations, habits and preferences, in that what some doctrine has defined as a big database of intention.

Ultimately, through the lenses of intellectual property right’s safeguard, it becomes clear how in the cloud the right to privacy is jeopardised in the moments of monitoring and surveillance, which determine the loss of control over the personal metadata.

However, another wider significance of privacy directly related to the liberty of self-determination is shown to be affected. In fact the overprotection of works through technical protection measures, obscures the horizon of personal decisional possibilities, by extinguishing fair usages and free possibilities of developing content (collective works, derivative works).


[1] J. H. REICHMAN (a cura di), A Reverse Notice and Takedown Regime to Enable Public Interest Uses of Technically Protected Copyrighted Works, 22 Berkeley Tech. L. J. 981, 988, 995 (2007), 1023.

Keywords: Cloud computing - intellectual property rights - privacy - cloud consumers - monitoring - meta-data - technological protection measures - digital copyright - fair use doctrine - profiling