Professor Christopher Millard, LLB, MA, LLM, Solicitor of the Senior Courts of England and Wales

Professor of Privacy and Information Law

Email: c.millard@qmul.ac.uk
Room Number: Lincoln's Inn Fields
Website: http://www.cloudlegal.ccls.qmul.ac.uk/

Profile
Teaching
Research
Publications
Public Engagement

Profile

Christopher Millard is Professor of Privacy and Information Law and head of the Cloud Legal Project in the Centre for Commercial Law Studies, Queen Mary University of London. He is also Co-Director of the Microsoft Cloud Computing Research Centre and is Senior Counsel to the law firm Bristows.

Christopher has over 40 years of experience in technology law, both in academia and legal practice. His first book, Legal Protection of Computer Programs and Data (Sweet & Maxwell, 1985), was one of the earliest international comparative law works in the field and he has since published widely on legal and regulatory issues relating to information technology, e-commerce, the Internet, data protection, and privacy. Since 2008 his main research focus has been cloud computing. He is editor and co-author of Cloud Computing Law (Oxford University Press, 2nd edition, 2021), is a founding editor of the International Journal of Law and IT, and is an emeritus editor of International Data Privacy Law.

Christopher is a Fellow and former Chairman of the Society for Computers & Law, a Fellow of the Royal Society of Arts, a past-President of the International Federation of Computer Law Associations, and a past-Chair of the Technology Law Committee of the International Bar Association.

Before he joined Bristows in 2008, Christopher was head of the global privacy and data protection practice at Linklaters and prior to that he was a partner at Clifford Chance. He has twice been designated Internet and eCommerce Lawyer of the Year by the International Who's Who of Business Lawyers.

In 2022, the Cloud Legal Project launched on Coursera an innovative online specialisation in Cloud Computing Law. Christopher Millard is an instructor in the weeks that cover cloud services, cloud contracts, data protection law, and international data transfers.

Postgraduate Teaching

CCLP604 Cloud Computing Law (Paris LLM)
CCLP209 EU Data Protection Law (Paris LLM)
SOLM209 EU Data Protection law (London LLM)
CCDM043 Cloud Computing law (Distance Learning LLM)

Research

Christopher Millard’s current research interests are cloud computing law and regulation, privacy and information law, and the legal implications of emerging technologies.

Research projects:

Christopher has led the Cloud Legal Project since it was established in 2009 and has been Joint Director (with Professor Jon Crowcroft of the University of Cambridge) of the Microsoft Cloud Computing Research Centre since its launch in 2014. He is also a principal investigator on the EU-funded Cloud Accountability Project - A4Cloud (2012-2016).

Publications

Books

Cloud Computing Law (Oxford University Press, 2013; 2nd edition 2021)
Data Protection Laws of the World (Sweet & Maxwell, 1998-2002)
Legal Protection of Computer Programs and Data (Carswell / Sweet & Maxwell, 1985)

Journal Editorships

Co-Editor (since launch in 1993), International Journal of Law and Information Technology (Oxford University Press)
Co-Founding Editor (2010 – 2020), International Data Privacy Law (Oxford University Press) Emeritus Editor since 2020.

Book Chapters

“Cloud Computing Demystified (Part 2): Control, Security and Risk in the Cloud”, (with Kuan Hon and Jatinder Singh). Updated book chapter, available (9 February 2022)
“Cloud Computing Demystified (Part 1): Technical and Commercial Fundamentals”, (with Kuan Hon and Jatinder Singh). Updated book chapter, available (9 February 2022)
Contributor for Articles 26-29 of the Commentary on the General Data Protection Regulation (with Dimitra Kamarinou), Bygrave, Kuner and Docksey (eds.) (Oxford University Press, 2020)
“Machine Learning with Personal Data” (with Dimitra Kamarinou and Jat Singh) in Leenes, Van Brakel, Gutwirth and De Hert (eds.), Data Protection and Privacy: The Age of Intelligent Machines, (Oxford: Hart Publishing, 2017)
“Data Privacy in the Clouds” in Graham & Dutton (eds.), Society and the Internet (Oxford University Press, 2014)
"Communications Privacy" in Walden (ed.), Telecommunications Law (4th ed., Oxford University Press, 2012)
"Copyright" in Reed (ed.), Computer Law (7th ed., Oxford University Press, 2011)
Contributor to Concise European IT Law, Buellesbach, Poullet and Prins (eds.) (2nd ed., Kluwer, 2010)
"Data Protection" in Haftke (ed.), A Practitioner's Guide to the Regulation of the Internet (2nd ed., City & Financial Publishing, 2001)
“Copyright in Cyberspace” in Strauss (ed.) New Technologies, Global Markets and Territoriality of Laws: A Challenge for Intellectual Property (AIPPI, 1998)
"Intellectual Property Aspects of Technology Transfers" (co-author) in Rubin (ed.), International Technology Transfers (Graham & Trotman / Martinus Nijhoff, 1995)
"United Kingdom" in Jongen & Meijboom (eds.), Software Protection in the EC (Kluwer, 1993)
"Data Protection" in Data Communications Handbook (CommEd Publishing, 1993)
"Contractual Issues of EDI" in Walden (ed.), EDI and the Law (Blenheim Online, 1989)

Selected Articles and Research Papers

“The New Things: Property Rights in Digital Files?”, (with Johan David Michels). The Cambridge Law Journal 2022. View the authors’ version.
“Cloud Gaming Demystified: An Introduction to the Legal Implications of Cloud-Based Video Games”, (with Mitchell Longan, Gaetano Dimita and Johan David Michels). Queen Mary School of Law Research Paper No. 369/2021, available (27 October 2021)
“Response to the Law Commission of England and Wales ‘Digital Assets – Call for Evidence’, (with Johan David Michels and Chris Reed), available (24 September 2021)
“Digital Assets: A Call to Action”, (with Johan David Michels and Sharon Hartung). Survey Report published by STEP and Queen Mary University of London, available (24 September 2021)
“Privacy in the Clouds, Revisited: An Analysis of the Privacy Policies of 40 Cloud Computing Services”, (with Felicity Turton, Dimitra Kamarinou and Johan David Michels). Queen Mary Law Research Paper No. 354/2021, available (9 April 2021)
“Contracts for Clouds, Revisited: An Analysis of the Standard Contracts for 40 Cloud Computing Services”, (with Johan David Michels and Felicity Turton). Queen Mary School of Law Legal Studies Research Paper No. 334/2020, available (15 June 2020)
“Mind the Gap: The Status of Digital Files Under Property Law”, (with Johan David Michels). Queen Mary School of Law Legal Studies Research Paper No. 317/2019, available (9 July 2019)
“Beyond the Clouds, Part 2: What Happens to the Files You Store in the Cloud When You Die?” (with Johan David Michels and Dimitra Kamarinou). Queen Mary School of Law Legal Studies Research Paper No. 316/2019, available (9 July 2019)
“Beyond the Clouds, Par 1: What Cloud Contracts Say About Who Owns and Can Access Your Content” (with Johan David Michels and Srishti Joshi). Queen Mary School of Law Legal Studies Research Paper No. 315/2019, available (14 May 2019)
“Cloud Robotics Law and Regulation”, (with Eduard Fosch Villaronga). Queen Mary School of Law Legal Studies Research Paper No. 295/2018, available (23 December 2018)
“Compliance as a Service”, (with Dimitra Kamarinou and Isabella Oldani). Queen Mary School of Law Legal Studies Research Paper No. 287/2018, available 14 November 2018)
“Accountability in the IoT: Systems, Law & Ways Forward”, (with Jatinder Singh, Chris Reed, Jennifer Cobbe and Jon Crowcroft). Computer, Vol. 51, No. 7, 2018, 54-65.
“Blockchain Demystified: A Technical and Legal Introduction to Distributed and Centralised Ledgers”, (with Jean Bacon, Johan David Michels and Jatinder Singh). Richmond Journal of Law & Technology, Vol XXB, Issue 1, 2018.
“Blockchain and Law: Incompatible Codes?”. Computer Law & Security Review Vol. 34 (2018) 843-846.
“Banking in the cloud: Part 3 – Contractual issues”, (with Kuan Hon). Computer Law & Security Review (2018, vol. 34, issue 3, 595-614)
“Banking in the cloud: Part 2 – Regulation of cloud as ‘outsourcing’”, (with Kuan Hon). Computer Law & Security Review (2018, vol. 34, issue 2, 337-357)
“Banking in the cloud: Part 1 – Banks' use of cloud services”, (with Kuan Hon). Computer Law & Security Review (2018, vol. 34, issue 1, 4-24)
“Blockchain Demystified”, (with Jean Bacon, Johan David Michels, and Jatinder Singh). Queen Mary School of Law Legal Studies Research Paper No. 268/2017, available (21 December 2017)
“Internet of Things Ecosystems: Unpacking Legal Relationships and Liabilities”, (with Kuan Hon and Jatinder Singh). 2017 IEEE International Conference on Cloud Engineering (IC2E) (286-291)
“Machine Learning with Personal Data”, (with Dimitra Kamarinou and Jatinder Singh). Queen Mary School of Law Legal Studies Research Paper No. 247/2016, available (8 November 2016) at:
“Use by Banks of Cloud Computing: An Empirical Study”, (with Kuan Hon). Queen Mary School of Law Legal Studies Research Paper No. 245/2016, available (20 October 2016)
“Privacy in the Clouds: an Empirical Study of 20 Cloud Providers’ Terms and Privacy Policies – Part 2”, (with Dimitra Kamarinou and Kuan Hon). International Data Privacy Law (2016, vol. 6, no. 3, 170-194)
“Privacy in the Clouds: an Empirical Study of 20 Cloud Providers’ Terms and Privacy Policies – Part 1”, (with Dimitra Kamarinou and Kuan Hon). International Data Privacy Law (2016, vol. 6, no. 2, 79-101)
“Policy, Legal and Regulatory Implications of a Europe-Only Cloud”, (with Kuan Hon, Jatinder Singh, Ian Walden and Jon Crowcroft). International Journal of Law and Information Technology (2016, vol. 24, 251-278)
“Data Security and Multi-Factor Authentication: Analysis of requirements under EU Law and in Selected EU Member States”, (with Elizabeth Kennedy). Computer Law & Security Review (2016, vol. 32, issue 1, 91-110)
“Twenty Legal Considerations for Clouds of Things”, (with Kuan Hon and Jatinder Singh). Queen Mary School of Law Legal Studies Research Paper No. 216/2016, available (18 January, 2016) at:
“Forced localization of cloud services: is privacy the real driver?”, IEEE Cloud Computing (March/April 2015, 10-14)
“Policy, Legal and Regulatory Implications of a Europe-Only Cloud”, (with Kuan Hon, Chris Reed, Jatinder Singh, Ian Walden and Jon Crowcroft). Queen Mary School of Law Legal Studies Research Paper, available (21 November, 2014)
“Regional Clouds: Technical Considerations”, (with Jatinder Singh, Jean Bacon, Jon Crowcroft, Anil Madhavapeddy, Thomas Pasquier and Kuan Hon). University of Cambridge Computer Laboratory Technical Report, available (November 2014)
“Deploying Medical Sensor Networks in the Cloud – Accountability Obligations from a European Perspective”, (with Karin Bernsmed and W. Kuan Hon), 2014 IEEE International Conference on Cloud Computing, available (22 April 2014)
“Cloud Accountability: The Likely Impact of the Proposed EU Data Protection Regulation”, (with W. Kuan Hon, Eleni Kosta and Dimitra Stefanatou), Queen Mary School of Law Legal Studies Research Paper No. 172/2014, Tilburg Law School Research Paper No. 07/2014, available (8 March 2014)
“Negotiating Cloud Contracts – Looking at Clouds from Both Sides Now”, (with Kuan Hon and Ian Walden), Stanford Technology Law Review 81 (January 7, 2013)
“Cloud Computing vs Traditional Outsourcing – Key Differences”, co-authored with Kuan Hon, Computers and Law, Vol 23, Issue 4, (October / November 2012).
“UK G-Cloud v1 and the impact on cloud contracts” (with Kuan Hon and Ian Walden), Communications Law (2012, vol. 17, no. 3: 78-86).
“Data Export in Cloud Computing: How can Personal Data be Transferred Outside the EEA? – The cloud of unknowing, part 4"[PDF] (with Kuan Hon), SCRIPTed (2012, vol. 9, no. 1: 25-63)
“Data Protection Jurisdiction and Cloud Computing: when are cloud users and providers subject to EU data protection law? – The cloud of unknowing, part 3” (with Kuan Hon and Julia Hörnle), International Review of Law, Computers and Technology, (2012, vol. 26, nos. 2-3: 129-164)
“Who is responsible for ‘personal data’ in cloud computing? The cloud of unknowing, part 2” (with Kuan Hon and Ian Walden), International Data Privacy Law, (2012, vol. 2, no. 1: 3-18)
“The problem of ‘personal data’ in cloud computing: what information is regulated? The cloud of unknowing, part 1” (with Kuan Hon and Ian Walden), International Data Privacy Law, (2011, vol. 1, no. 4: 211-228).
“Defining ‘personal data’ in e-social science” (with Kuan Hon), Information, Communication & Society, (2012, vol. 15, no. 1: 66-84).
“Contracts for clouds: comparison and analysis of the Terms and Conditions of cloud computing services” (with Simon Bradshaw and Ian Walden), International Journal of Law and Information Technology (2011, vol. 19, no. 3: 187-223).
“The Terms They Are A-Changin’… Watching Cloud Contracts Take Shape” (with Simon Bradshaw and Ian Walden), Brookings Institute Issues in Technology Innovation (2011, no. 7, 1-12)
“The Future of Privacy (2): what might Privacy 2.0 look like?” Data Protection Law & Policy (2008, vol.5, issue 1)
“The Future of Privacy (1): Privacy 1.0 – the need for change”, Data Protection Law & Policy (2007, vol. 4, issue 11)
“Tissue Samples and Graffiti: the Article 29 Working Party consider the meaning of personal data” (with Peter Church), Computers & Law (Aug/Sep 2007)
“Binding Corporate Rules: the way ahead clears” (with Peter Church), Data Protection Law & Policy (2005, vol. 2, issue 5)
"Data protection: the validity of employee consents" (co-author), IT Law Today (Feb 2002) [not available online]
"Four key challenges for Internet and E-commerce lawyers", Computer Law & Security Review (2000, vol.16, no. 2: 75-77)
"Data Protection and the Internet", Computers and Law (Feb/Mar 1999)
"Impact of the EU Data Protection Directive on Transborder Data Flows”, Information Security Technical Report (01/1997)
“Commercial transactions on the global information infrastructure: a European perspective" (with Robert Carolina), John Marshall Journal of Computer and Information Law (1996, vol. XIV, no. 2)
"Regulation of direct marketing", Commercial Lawyer, (Sep 1996) [not available online]
"Cyberspace and the 'no regulation' fallacy", Global Telecoms Business Yearbook 1995 [not available online]
"The Internet demystified" (co-author), Computers and Law (Dec 1994 / Jan 1995) [not available online]
"Impact of the software directive on contracts", International Computer Lawyer (Jan 1993) [not available online]
"Spectrum management: the legal implications of reform in the UK", Telecommunications Policy, (1992, vol. 16, issue 8: 657-665)
“Comments on the Proposed EC Database Directive”, World Intellectual Property Report (1992, vol. 6: 76)
“Software escrow arrangements and the Insolvency Act 1986”, Computer Law & Security Review (1989, vol. 4, issue 5: 18-20)
“Software licensing”, Computer Law & Security Review (1987, vol. 3, issue 4: 8-11)

Public Engagement

Selected organisational roles

Life Fellow: Society for Computers and Law (SCL)
Life Fellow: Royal Society of Arts (RSA)
Advisory Board Member, Centre for Law and Information Policy, Institute of Advanced Legal Studies
Member: ICC Task Force on Privacy and Protection of Personal Data / Task Force on Digital Economy
Member: Advisory Board for the Framework for Responsible Research and Innovation in ICT (2011 – 2014)
Member: UK Public-Private Forum on Identity Management (2006-8)
Co-Chair: Technology Law Committee of the International Bar Association (2002-4)
Member: OECD Steering Group on Contractual Solutions for Transborder Data Flows (2000-1)
President: International Federation of Computer Law Associations (1994-6)
Chair: Society for Computers & Law (1994-6)

News and media

Recent reviews in professional directories

“Christopher Millard is a ‘highly influential’ lawyer who is described by peers as an ‘impressive thought leader’ in the data sector.” Who’s Who Legal, 2022.
“The ‘excellent’ Christopher Millard is touted as a ‘mastermind’ with three decades of experience advising on an array of regulatory matters including data privacy and protection and cloud issues.” Who’s Who Legal, 2021
“The ‘very well respected’ Christopher Millard is ‘a brilliant mind on privacy issues, especially in relation to the cloud and the internet of things’.” Chambers and Partners, 2018
“Bristows’ … most highly rated practitioner Christopher Millard is referred to as ‘the top data protection lawyer in the country’ by a number of respondents.” Who’s Who Legal, 2017
“Christopher Millard is a highly experienced and respected figure in the world of information technology law, drawing on decades of experience working on the most complex data security matters.” Chambers and Partners, 2017
“Christopher Millard advises on the most complex and nuanced issues in information law in both contentious and non-contentious contexts.” Chambers and Partners, 2016
“Christopher Millard is a real leader in the field of IT, and is admired for his work for companies, NGOs and in academic circles regarding international data protection and privacy law.” Chambers and Partners, 2014
“Christopher Millard is a venerable figure in the IT sphere. He has a wealth of experience in the field of privacy and information law, and his advice in this regard is sought after across the academic, political and commercial spheres.” Chambers and Partners, 2013
“The deeply experienced Christopher Millard is highly recommended for his knowledge of the legal aspects of cloud computing.” Chambers and Partners, 2012

Member of the Institute of Computer and Communications Law (ICCL)

Global main menu

Areas of study

Study at Queen Mary

Experience Queen Mary

Research and Innovation

Research by faculties and centres

Collaborations and partnerships