While cloud robotics provides greater efficiency, capability, scalability, and reliability, the legal concerns associated with it are of the higher-order since it involves cloud computing and robotics, which lacks clarity and comprehensive legal framework. The application of existing regulations for cloud computing and robots is also not straightforward because of the multidimensional characteristics of cloud robotics. Since cloud networked robots can transfer risk from and to tangible-intangible worlds, they pose more significant challenges, including inter alia diverse legal obligations, data security, and protection compliance. This paper discusses the data protection issues in cloud robotics, starting with examining the controller and processor's role and then, exploring critical legal problems concerning transparency and data security in a cloud robotic ecosystem. Identifying the controller and processor, which is essential to address the transparency and security issues, is not easy though not impossible. Mapping precise communications between the robots and the cloud, making the decisions of robots and AI comprehensible, incorporating predictability into the behaviour of robots, introducing verifiable security protocols, and above all, having robust organizational safeguards, can help to address transparency and security issues in cloud robot legal framework.