Cloud Law- Can it be Engineered? By Ray Garcia

Cloud Law – What is it?

Cloud law may be defined as the application of ethical principles using verifiable semantics to achieve the formation and execution of fair and economical processes to govern technology mediated social communications where those processes may act on behalf of the participants on systems for which they may not own or have full control of. Cloud law extends Internet or Cyber Law beyond questions of Intellectual Property concerns, Privacy, Identity or Data Ownership, and includes the challenges to jurisdiction and sovereignty, legal precedents (common and civil laws) from the physical world that have no analog in the virtual space, legal interpretation of statues, access to evidence and chain of custody, forensics, implied digital contracts, fluidity of language and its ambiguity as used on the Net, and the very notion of why and how laws are formed and who they serve.

Lawyers on the Cloud

Given the integrated communications that the Cloud enables it may be necessary for lawyers to use the Cloud and craft the legal structures before establishing the laws that govern the use of the Cloud. This would be closers to how the Cloud is evolving, as a self-organizing distributed complex adaptive system. The Cloud is adopting technology quickly to gain capability in support of the massive network and computational scale it requires. The legal system has thus far lagged the developments of the Cloud and when engaged have resorted to applying existing laws to new circumstances which may not of been appropriate or effective. The Music Industry’s reluctant transformation, due to file sharing taking hold on the Cloud, is a well known example. This example may not have the worst consequences relative to what may occur once large segments of the population are easily tracked on the Cloud without representation or legal recourse. The US legislative and judicial systems may lack adequate experience with this rapid adoption of technology that is quickly pervading every segment of society and commerce. If the legal profession were the early adopters of Cloud Computing would the laws be crafted prior to the mass participation of its appeal and utility?

Accessibility of the Law for all

Lawyers have increasingly become dependent on technology and the Cloud. Graduating lawyers are required to know as much about legal research using Lexis/Nexus and WestLaw as they are to know about using a law library. Not using one of the commercially controlled sources for legal research can disadvantage a litigation case and subject it to negligence claims. Yet much of the information provided by the two major legal information providers are in the public domain but not readily available on the Cloud. Accessibility of the law for all that maintains it credibility and is economical may be one of the challenges for Cloud Law. If Google is attempting to make freely available all information and books regardless of quality, credibility, or authority, what implications does that have for the practice of law? Do citizens have the right to have free access to all the laws that govern them and the publically available cases that set the precedents for which the laws are judged? When will lawyers start a wikiLaw for lawyers by lawyers in support of Cloud Law? What new learning and research processes are required of Lawyer’s in support of crafting Cloud Law and how would these laws be tested and made valid in practice?

Computational Law

In the near future it may be feasible to automate legal reasoning using formal representations of the laws that apply to technology mediated communications on the Cloud. Such computational law processing would use advances in artificial intelligence and machine learning on semantic networks. This would be an evolution of what has previously been attempted with digital contracts using Internet Trading Exchanges. Cloud Law may need to address the legal gaps that remain while leveraging the advances in computation to seize the opportunity to automate legal compliance within the Cloud. A number of challenging research areas in computation need further development in Specification Languages, Ontology, Abstract State Machines, Petri Nets/Workflow Nets, Temporal Logic, Process and Event Algebra of Communicating Systems, Prepositional Logic and Inference. As these research areas emerge as capabilities on the Cloud, lawyers may need to become versed in computational law to craft the laws that function on the Cloud. In the future the laws may be embedded into the Cloud and act as constraints on the activities therefore become integral the systems dynamic.

Engineering Cloud Law

The notion that Cloud Law may require the embedding of encoded computational law subjects it to the challenges of expressing the law within software engineering process. Software has some distinct characteristics that make it unlike other engineering practices and may be more like attempting to apply the law against a structural and process legal system. Cloud Law embedded into the system may require the following engineering principles:

Predictable Outcomes – application of the law has no unintended negative consequences and can be modeled against the actors. The application of the law produces consistent outcomes given similar circumstances

Tolerance – applying the law even with varying interpretations produces outcomes within certain acceptable ranges or metrics.

Risk Management – enforcing the law must be easy, systems should not allow for easily breaking the law without clear intentions to do so. Once broken it should be immediately detected. Risk of breaking the law should not create large scale risk to people on the Cloud.

Separation of Concerns – laws should be applicable regardless of specifics of the Cloud technology implementation.

Reconciliation of Conflicts – laws should recognize all actors and motivations and capabilities or lack of and how these interact within constraints and forces to produce and consume Cloud artifacts.

Adaptation – Law needs to facilitate complex adaptive systems and have mechanisms for appropriate changes in response to obsolescence or the laws may also initiate or facilitate a change in the system dynamic.

Ease of Judgment – Law should be easy to negotiate and judge and by extension easy to learn and teach to all actors in the system. The laws should be easy to understand, implement, and enforce by those being governed. They should be desirous to adhere to by all and not following the laws should be readily apparent and easily corrected.

Formal verification of software is not a widely adopted practice and therefore software systems tend to be incomplete and error prone. Even when the system performs reliably often this is due to the fault tolerance and redundancies created to overcome the inherent lack of verification. Cloud Law would operate on large scale concurrent systems with autonomous processes that are highly distributed. What happens when systems predict and act on behalf of actors based on machine learning algorithms and make inference that cause it to behave inappropriately or illegally? Amazon’s recommendation engine has on occasion suggested offensive products relative to a search term where no human intervention was present nor could anyone anticipate such occurrence. When autonomous multi-agents are the norm what Cloud Laws and mechanisms will govern this? Given the lack of formal verification in both the software and the law and the inability to predetermine all possible behavior of a Cloud acting under its own agency how will the law be applied? This is not an act of nature but and act of an artificial system.

The development of Cloud Law may have constraints that are closely aligned with the limitations of software engineering and therefore these two professions will need to converge in joint research to overcome those obstacles. Lawyers will need to learn computational thinking and Software Engineers may need to understand the principles of jurisprudence. Until this happens it is likely that Cloud Law will remain a disembodied application of existing legal practices onto a medium that is evolving rapidly and not completely deterministic in its system dynamic. If Cloud Law is to be an enabling endeavors it will need to race ahead and charter the legal grounds to facilitate continuous innovation and novel uses of Cloud Computing by society and commerce. Equally if technology innovation wants to avoid being constraint by future regulation then research is needed to understand how Law and Computation can fuse into solutions that embody the policy into the systems.


Riehle, R., An engineering context of software engineering, Ph.D. Thesis 2008.

Denning, P., Riehle, R., Is Software engineering engineering?, Commun. ACM 52, 3 (March 2009), 24 – 28


Computational Law at Stanford Logic Group
AI and the Law…

Conference on Artificial Intelligence and the Law

Tags: , ,

One Response to “Cloud Law- Can it be Engineered? By Ray Garcia”

  1. The conundrum in my view is that the two communities are so divergent in their “traditional” (read: socially expected) modes that it will take a series of summits to even define terms. This is worthwhile work, however, and can itself utilize the cloud.

    Case in point: My own fumble-bumble discussion of “law as code” can be found here. The much more provocative and useful response this elicited from John Metta, programmer par excellence, gave me great hope.

    This is brilliant. Can’t believe I’m the first to comment.