Salesforce.com 2014 Annual Report Download - page 17

Download and view the complete annual report

Please find page 17 of the 2014 Salesforce.com annual report below. You can navigate through the pages in the report by either clicking on the pages listed below, or by using the keyword search tool below to find specific information within the annual report.

Page out of 128

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128

Privacy concerns and laws, evolving regulation of cloud computing, cross-border data transfer
restrictions and other domestic or foreign regulations may limit the use and adoption of our solutions and
adversely affect our business.
Regulation related to the provision of services on the Internet is increasing, as federal, state and foreign
governments continue to adopt new laws and regulations addressing data privacy and the collection, processing,
storage and use of personal information. In some cases foreign data privacy laws and regulations, such as the
European Union’s Data Protection Directive, and the country-specific regulations that implement that directive,
also govern the processing of personal information. Further, laws are increasingly aimed at the use of personal
information for marketing purposes, such as the European Union’s e-Privacy Directive, and the country-specific
regulations that implement that directive. Such laws and regulations are subject to differing interpretations and
may be inconsistent among jurisdictions. These and other requirements could reduce demand for our solutions or
restrict our ability to store and process data or, in some cases, impact our ability to offer our services and
solutions in certain locations.
In addition to government activity, privacy advocacy and other industry groups have established or may
establish new self-regulatory standards that may place additional burdens on us. Our customers expect us to meet
voluntary certification or other standards established by third parties, such as TRUSTe. If we are unable to
maintain these certifications or meet these standards, it could adversely affect our ability to provide our solutions
to certain customers and could harm our business.
The costs of compliance with and other burdens imposed by laws, regulations and standards may limit the
use and adoption of our service and reduce overall demand for it, or lead to significant fines, penalties or
liabilities for any noncompliance.
Furthermore, concerns regarding data privacy may cause our customers’ customers to resist providing the
data necessary to allow our customers to use our service effectively. Even the perception that the privacy of
personal information is not satisfactorily protected or does not meet regulatory requirements could inhibit sales
of our products or services, and could limit adoption of our cloud-based solutions.
Industry-specific regulation is evolving and unfavorable industry-specific laws, regulations or
interpretive positions could harm our business.
Our customers and potential customers do business in a variety of industries, including financial services,
the public sector, healthcare and telecommunications. Regulators in certain industries have adopted and may in
the future adopt regulations or interpretive positions regarding the use of cloud computing and other outsourced
services. The costs of compliance with, and other burdens imposed by, industry-specific laws, regulations and
interpretive positions may limit customers’ use and adoption of our services and reduce overall demand for our
services. For example, some financial services regulators have imposed guidelines for use of cloud computing
services that mandate specific controls or require financial services enterprises to obtain regulatory approval prior
to outsourcing certain functions. If we are unable to comply with these guidelines or controls, or if our customers
are unable to obtain regulatory approval to use our service where required, our business may be harmed. In
addition, an inability to satisfy the standards of certain voluntary third-party certification bodies that our
customers may expect, such as an attestation of compliance with the Payment Card Industry (PCI) Data Security
Standards, may have an adverse impact on our business. If in the future we are unable to achieve or maintain
these industry-specific certifications or other requirements or standards relevant to our customers, it may harm
our business.
In some cases, industry-specific laws, regulations or interpretive positions may also apply directly to us as a
service provider. Any failure or perceived failure by us to comply with such requirements could have an adverse
impact on our business.
13