96
provide a useful overview of the capabilities and reliability of a Cloud
computing provider, not just from a technical, but also a legal point of view
(
especially in terms of data protection).
Special considerations for public tenders
Since the procurement of Cloud services falls under the EU public
procurement law public tender authorities have to choose the Cloud
provider via a formal tender procedure. When dealing with complex Cloud
services the negotiated procedure is the appropriate procedure, because
only this type of procedure allows negotiations and modifications of the
technical and contractual specifications in dialogue with the tenderers.
Standardised Cloud services on the other hand can also be procured via
open and restricted procedures.
The public tender authority may choose if the award of the public contract
should be made to the tender most economically advantageous or to the
tender with the lowest price. The award criteria must be specified in the
contract notice or contract documents and the evaluation of the tenders
must be transparent and verifiable. The assessment of the costs should be
made from a “total cost of ownership”‐viewpoint including not only the
payments to the Cloud provider but all costs connected with the Cloud
services.
In respect to the contract clauses, attention should be paid to the fact that
accepting tenders on the basis of different general terms and conditions of
the Cloud providers would cause the incomparability of the tenders.
Therefore it is necessary to define a contractual standard that on the one
hand takes the requirements of the tender authority into account, and on
the other hand is compatible with the market and allows the Cloud
providers an assessment of the risks and submission of the bids.
Risk of vendor lock‐ine "vendor lock‐in"
The first time an enterprise uses Cloud services, it will typically decide on a
single Cloud service provider. The question is whether or not the user can
change this provider later on, or if this is economically viable due to the
disproportionately high cost of the migration. In other words, if the user is
stuck with one provider (vendor lock‐in). In contrast to changing a producer
or supplier, the user may need to transfer all of the data from the previous
provider to the new one; at the same time, the user needs guarantees that
the transferred data will work perfectly and be perfectly usable throughout
the entire migration period. For this reason, considerations relating to