While some of us may still be bemused by what all the talk of cloud computing actually means, plenty of us are using it - be it via social networking, webmail or web searching - whether we know it or not.

Put simply, cloud computing involves buying IT services similar to the way in which we buy electricity. So instead of owning the power stations and generators ourselves, we allow somebody else to manage the facilities and purchase the power as we need it.

For small start-ups and even certain large corporations, cloud computing is a simple solution to "elasticising" computer resources and avoiding the wastage of such services - particularly during down time, such as overnight, when the resources can be allocated to another part of the world.

The need to harness elastic resources is certainly raising the profile of cloud computing as an option for organisations, but legally, cloud computing is still evolving. Contracts are still being determined between vendors and customers, cross-border legislation is still being discussed and customers are still seeking assurances on data security.

But just last week, our region came one step closer to a regional response to cloud computing through the launch of an Asia Pacific working party that aims to provide policy advice regarding the legalities, regulatory harmonisation and risk assessment of cloud computing.

And one Australian lawyer, Mark Vincent from Truman Hoyle, has joined the party to provide an Australian legal perspective.

Speaking with Lawyers Weekly before flying to Hong Kong to join the working party, and also to deliver a session on the legal issues surrounding cloud computing, at the DC Strategics Conference & Expo, Vincent said that for the Asia Pacific region, an initial ambition would be to deliver a harmonised approach to cloud computing.

"There is work already underway, particularly through APEC, around harmonisation of data protection and there have been a number of agreements reached at the APEC level that recognise the importance of having common regulatory approaches," said Vincent.

Given that the software and data surrounding cloud computing services are usually located overseas - raising a number of issues surrounding privacy and data sovereignty - such harmonisation would help ease some of the concerns organisations still retain about cloud computing.

"The underlying agreements reached between APEC countries show an appreciation that some common standards and common approaches are going to be necessary to facilitate electronic commerce and in particular, cloud computing applications," said Vincent.

"In some cases that may be as simple as developing privacy policies that allow data to be held offshore."

Meanwhile, contracts are still evolving between vendors and customers as organisations work out their legal requirements surrounding areas such as privacy and document retention.

That means there's an area of law surrounding cloud computing that may just boom in the future. It will be an area that crosses multiple practice areas - including privacy, IP and IT - and reap rewards for those lawyers who can gain the necessary skills.

"I've been trying to carve out a niche for a number of years on cloud computing. It seems that even regionally there're not a lot of lawyers putting up their hands," said Vincent.

That may come down to the fast pace of change that surrounds cloud computing, and the fact that it cannot simply be addressed by lawyers with IT specialty skills alone.

"Sometimes, the specialties in privacy and IT and other issues don't coincide within the same legal departments," said Vincent.