By Ismael Peña-López (@ictlogist), 17 September 2010
Main categories: Cyberlaw, governance, rights, e-Government, e-Administration, Politics, Meetings, Participation, Engagement, Use, Activism
Other tags: andrea_calderaro, ipp2010, jocelyne_tremenbert, karen_mossberger, marie_ellen_sluis
No Comments »
Digital Politics Divide: does the Digital Divide still matter?
Andrea Calderaro, European University Institute
From the Digital Divide (Norris, 2001) to the Digital Skills Divide (Van Dijk, 2009) to the Digital Participation Divide.
Wealth factor are still one of the main reasons why people use or do not use the Internet. But also there is an uneven distribution of ownership of web hosts and ownership of Internet domains [I wonder: cause or consequence?].
Concerning the political arena, there are cyber-pessimist and cyber-optimist points of view that need being bridged. The fact is that political parties are also unevenly on line depending on the country.
The reasons for that are the number of internet users, the level of democracy, and the GDP.
Unraveling Different Barriers to Technology Use: Urban Residents and Neighborhood Effects
Karen Mossberger, University of Illinois at Chicago
Uneven access to the Internet may have a negative impact in the opportunities of the people and thus drive them towards social exclusion. And living in poor neighbourhoods, having a low income or lower educational levels are reasons that explain lower access to the Internet.
When asked the citizens of Chicago why they did not had broadband at home, 30% said they were not interested, 27% cost, 9% difficulty.
Per neighbourhood, “not interested” is a reason much likely answered by whites and Asian-Americans (42%), then African-Americans (29%) and then Latinos (19%). By age, older people are more likely (30%) to say that the reason for not having broadband is “lack of skills”, the same ratio when looking at the income.
Neighbourhoods magnify these barriers to access the Internet, because they magnify cot and skill barriers for residents of areas with high concentrations of African-Americans and Latinos. There is a double burden of concentrated poverty.
Amazonian Geeks and Social Activism: An ethnographic study on the appropriation of ICTs in the Brazilian Amazon
Marie Ellen Sluis, University of Amsterdam
Instead of talking about access, talking about what means to have or not to have access: meaningful access. And the same for inclusion and meaning digital inclusion.
Projeto Puraqué is a collective of social activists using ICT as a tool for social inclusion, increasing critical knowledge on regional socio-political problems and issues. ICTs a tool rather than an end.
Examples: opening up the computre to demystify technology and enhance self-steem, raise awareness on e-waste and fostering reuse and recycling as gambiarra alternative,
The project operates in a certain framework that seeks social transformation in the long term and on a sustainability basis. It is the people who decide what is beneficial for them, and the project is a lot about the digitization of what Brazilians do most: social networking.
Indicators of the digital divide and its link with other exclusions
Jocelyne Trémenbert, Institut Telecom / Telecom Bretagne, Université Européenne de Bretagne, Marsouin
The goals of the research is to explore the polymorphism of the digital divide and its links with other forms of exclusion. Is the distance to the Internet different for different types of exclusion? Do we find within the digital divide expressions of exclusion?
Aage, gender, educational level, income, occupational category and localisation enable to predict with +70% accuracy the use of the Internet, especially the occupational category and the educational level. Non-users are often isolated people: the digital divide goes hand in hand with the social divide.
Five types (clusters) of non-users: the users to be (5%), the potential users (19%), probably / hesitants (41%), the resistants (16%), the excluded (19%).
We need new indicators of the digital divide, new elements about the specificities of some categories of non-users, and a new quantitative typology of non-users based on data on inhibitors,motivations, points of view and picturing.
Papers
Internet, Politics, Policy 2010: An Impact Assessment (2010)
By Ismael Peña-López (@ictlogist), 10 September 2010
Main categories: ICT4D, Meetings
Other tags: ipid2010, telefónica_i+d, vanessa_frias-martinez
1 Comment »
Telco Industry Research in ICTD: Telefónica R&D, mobiles and development
Vanessa Frías-Martinez
ICT4D research and private sector research in ICT4D
We have witnessed an evolution in ICT research and ICT4D research. During the 50s, there was ICT research without the ‘D’. It was mainly about governments using computers and measuring their impact. During the mid 90s, governments and NGOs began to use intensivelly ICTs to foster development; we saw the raise of telecentres, PCs and landlines and research around these topics. Lastly, in the mid 2005s, the private sector enters the arena of ICT4D research.
What are the roles of actors in ICT4D?:
- Governments: incentive packages to accelerate actors’ involvement; access to population at large and infrastructures.
- Private sector: R&D in hardware, software, services, infrastructures to innovate or adapt technology to new uses and users; access to customers base.
- NGOs & Intl. organizations, academia: access and understanding of local population and their needs.
Some examples:
- Intel PC Classmate: Intel developed a cheap laptop adapted to kids and which came with (not free) educational software also developed within the project. To provide connectivity, partnerships were established with public internet providers.
- Nokia Life Tools: C1 and C2 cheap cell phones with an adapted software that cna provide agriculture information, educational content, etc. Again, public-private partnerships are crucial to localize content, etc.
- Ineveneo analyses standard solutions in the market and does research on how to adapt them to developing countries.
- M-Pesa used the GSM mobile network to turn it into a mobile banking network.
Contributions so far:
- Hardware: adapted hardware lowering costs or setting up new specific features, etc.
- Software: adapting content in local language, new specific needs for specific users, etc.
- Content, services: new specific content and services that make full sense indeveloping countries, after analysing their needs, context, etc.
ICT4D research at Telefónica I+D
At Telefónica I+D, instead of developing new hardware or software, the focus is put on behaviour: as technology usage leaves a large trace of data behind, it is possible to perform quantitative analysis with the huge usage databases available. This quantitative analysis will come to complement many other qualitative researches that are often the ones taking place in developing countries.
In the case of Telefónica, 66% of their customers are mobile users in developing countries, thus their research will be a quantitative one and focused in mobile phones.
Telefónica stores data from each and every call, anonymized, encrypted and always with an opt-out option, so they can be used for research but very difficultly for other unfair purposes.
Data are mainly used for two main purposes:
- To improve the service, through usage analysis and pattern recognition.
- To provide policy recommendations, by combining data on mobile usage with micro- and macro-economic indicators.
There are, of course some limitations: the representativeness of the sample; the kind of usage (work, personal, etc.) of the mobile phone; the importance of plans or prices; the impact in data and pattern recognition of mobile phone sharing (though mobile sharing is not as usual in Latin America as it is in Africa); etc.
Gender and mobile phones project
Goal: to understand gender-related differences in mobile usage.
Data: behavioural variablesw (number of calls, duration, expenses), social variables (degree of the social network, weight of the contacts, frequency of communications), mobility variables (diameter of mobility, diameter of social network).
The characterization of the results showed that, in general, women (in comparison to men) make/get more out/in-coming calls, make the calls longer, expend more, and have a higher out-degree and weight of their social networks.
Causality tests proved to be less conclusive than characterizations, thus why there is a need to gather more data and define better algorithms.
Socio-economic indicators and cellphones
Goal: to understand the relationship between socio-economic indicators and the usage of mobile phones.
Own data are combined with national statistical institutes’ data.
It is possible, for instance, to know where a telephone is operated by asking the communications tower that handles the call. And this can be compared with geographical data that locates people and wealth indices. Now, we can test the relationships between wealth and telephone usage in a specific geographical area (location of usage is made through towers and not data from billing because only 10% of the users are on contract, being the rest of them users of pre-paid SIM cards).
Research question: does education level influence the SMS/voice/MMS behaviour? does socio-economic levels influence levels of usage or expense? etc.
Mobility patterns
By asking the communication towers we can tell where a phone call was made and, hence, how a calling person moved around while using their mobile phone (side note: 90% of people spent most of the time in just two places).
This can be combined and see where the social network of a person is located, what is the area of influence of a specific user, etc.
Research question: what is the impact of government epidemic alerts in the mobility of people? Can we trace through mobile phones whether people are more likely to stay at home if the government says that there is a high risk of contamination of H1N1 Flu?
The “areas of influence” were modelled during each of these three stages and changes of mobility patterns were looked for.
Results show that 80% of the population only reduced their mobility once in stage 2, but not during stage 1 (medical alert). This shows that the medical alert does not work, but that more interventional approaches (closing common infrastructures) does work, though it is also true that there is a side effect of increased mobility of people visiting other infrastructures (e.g. leisure ones).
Another research that related mobility patterns and urban planning showed that people spend much more time in (and move to) places that are along underground lines.
Discussion
Pablo Arribas: what is the influence of education in mobile phone usage and the other way round? A: It is difficult to find causality with the data available (CDR, or call data records), so we should stay at the correlation or relationship levels.
Marije Geldof: how can you trust the data that comes from third parties (i.e. national statistics institutes)? A: Normally these are official data are validated at the international level, methodologies agreed, etc.
Ugo Vallauri: is data shared or available between companies? A: companies are on their way to share it, but not yet.
Christopher Foster: will these data be publicly available? A: protocols are being set up so that researchers can be visitors at Telefónica’s research centres.
Ismael Peña-López: if Telefónica reaches a quasi-monopolistic situation in a given country, could that influence users behaviours and thus “corrupt” the data set? A: yep, perfectly possible.
Fifth Annual ICT4D Postgraduate Symposium (2010)
By Ismael Peña-López (@ictlogist), 12 July 2010
Main categories: Education & e-Learning, Information Society, Meetings
Other tags: jordi_carrasco, joyce_seitzinger, ple, ple_bcn
No Comments »
Here comes the “official” interview that Joyce Seitzinger and Jordi Carrasco did to me on Friday, 9th July 2010, during the PLE Conference.
Other videos in the set:
Other videos of mine related to the PLE Conference
PLE Conference (2010)
By Ismael Peña-López (@ictlogist), 12 July 2010
Main categories: Education & e-Learning
Other tags: jordi_adell, ple, ple_bcn
4 Comments »
Jordi Adell and I were invited to impart a keynote at the PLE Conference, taking place on July 9th, 2010. It became clear from the start that the organization did not actually want a keynote at all, but “something different”. A “something different” that looked very much like a “pros & cons” or a “good cop, bad cop” dialogue. The problem was that Jordi and I had very similar opinions on the topic that we had quickly chosen and which has produced a heated conversation when talking about Personal Learning Environments (PLEs): their relationships with institutions.
Ticked off the list a keynote and a dialogue, we came up with a game. We would present five pairs of dichotomies and will make the participants in the session to vote with their feet (à la Charles Tiebout). As some participants complained, the world is not black or white, but a richest range of grays, so to make people choose either or that option would be unfair. Yes it was, but (a) the exercise was about simplification, (b) highlighting the top values and (c) we had no room — space and time — for a continuous (vs. discrete) approach.
So, we draw a 2×2 matrix on the floor and projected the five pairs of dichotomies on a screen. People had then to physically move and place themselves in the quadrant of their choice according to their beliefs. We picture below the results of this voting with your feet. The numbers in the quadrants are just approximate, as no one even tried to really count the people in each quadrant, though they give a fair idea of the magnitudes at stake (there were circa 100 people in the room). I add to the screenshots some comments based on what I remember that Jordi and I said on the fly: they should so be attributed to both, as they were made indistinctly by one of us and I never had the sensation that we disagreed (I apologize in advance if, in the transcription, I put too much of myself in it).
1. PLEs and Institutions
- Do PLEs have a place in formal education?
- Shoud PLEs be procured institutionally or be placed outside institutions?
The first thing that is evident from the chart is that there is no agreement on whether institutions will be replaced by user-generated learning environments or, on the contrary, institutions will instead prevail but be leveraging the power of PLEs and other devices.
It is interesting to see that, despite the EduPunk momentum, the majority still believes on the power or need for institutions. Some commented that the participants were split in two: the Anglo-Saxon approach and the Latin one, being the former more pro-EduPunk and the latter more pro-institutions.
2. Openness
- The student’s digital identity must be isolated from the rest or be identified as a whole (the student has a single identity, regardless of their context)?
- The university must be an open or a closed environment?
While the previous point was definitely not about consensus, openness certainly was: no one doubted that the walls of formal education had to be torn down and that it increasingly made no sense to have an environment devoted only to learning and the rest where learning “did not happen”.
Notwithstanding, if learning happens anywhere, it does not necessarily follow that it happens anytime: though an overwhelming majority advocated also for tearing down the walls of the learner vs. professional, some voted for keeping the possibility to play a different role when you are actively learning than where you are not (at least in “active” terms).
3. The curriculum
- Who decides how the curriculum is designed: the system or the “apprentice”?
- Credit must be provided institutionally or socially (P2P)?
Unlike point 1, where institutions kept a good amount of power in providing and managing learning environments, when it comes to credit proportions swap: most people thought that the apprentice should be sovereign of their instructional design and how it will be measured and assessed.
This is definitely in line with a tacit agreement that students should lead their learning process, while teachers should accompany them through it, but walking side by side, never in front of it.
4. Barriers (I)
- The main barriers for change are institutional or individual?
- The main barriers for change are technological or pedagogical?
Concerning a first set of barriers — the usual dichotomy of education or technology — the majority pointed at the system: the problem is institutional and pedagogical.
Notwithstanding, and as it happened with EduPunk or institutionalism, the participants were mostly split between pedagogists and technologists, so it is likely that the latter were not as optimistic about technological barriers (digital divide, digital competence) than the former were.
5. Barriers (II)
- The main barriers for change are standardization (inflexibility) or atomization (chaos)?
- The main barriers for change are organizational or economical?
To reinforce the previous point, when looking at flexibility vs. resources and organization, the choices again are clear, even clearer than before, putting the educational system in the eye of the hurricane.
Conclusions?
Taken as a whole and not pair by pair, we noted that we could group the five dichotomies in two sets. On the one hand, we could take PLEs (1) and the Curriculum (3). As we have already set, these seem to show (show in the sense of the participants’ perceptions, of course!) that the trend is an increasing movement from institutions towards the student, a shift of the responsibility of one’s learning from schools to students that have not only to learn, but to learn what they have to learn, to learn to learn.
To help them in this endeavour, institutions have an important role as guides (not leaders) that have to trespass their own walls and enter the environments (in plural) where learning actually takes place, which increasingly is outside of the framework of formality.
In fact, this seems to be answering at the WHAT question: what is learning in the digital era?
The rest of pairs (Openness and the Barriers) seem to be pointing at the HOW question: how should learning be carried on in the digital era?. The answer seems to be open and flexible institutions, new educational systems and methodologies and a dire organizational change.
It is a little bit worrying that a hundred educators, deeply committed with the evolution of education and knowledgeable on instructional technology, despite their different and personal approaches, they all got together at pointing at the educational system — read: educational policies — as the problem of education. Any politician in da haus?
Debate
After the exercise we went on with a lively debate amongst all the attendants. Here come some random notes that I took on the fly and that were being beamed as I took them:
- Cyberinfrastructures should be used to leverage change, a change that should not only be in technology but also and especially inn attitudes.
- Are there enough resources to PLE-ize your discipline? Is everything PLE-izable? That is, is the PLE something that can be universally used in any discipline and environment?
- Teamwork as a pre-condition to PLE-ing: there is no (useful) PLE if it is not based in a framework of sharing and working as a community with a common goal.
- PLEs are bottom-up strategies: they originate in the bottom, but should target the upper spheres (i.e. Institutions). In this sense PLEs are not only a working tool, but a tool for change.
- PLEs are personal devices: we need to embed institutions, institutional aspects, and participation within our PLEs. In other words, institutions have to step into PLEs and these have their share of institutions. To do so, notwithstanding, institutions must be PLE-able, they have to rethink themselves, be more flexible, more open, and adapt to the new learning realities.
- PLEs as personal constructs vs. commodities: in our bridging institutions and individual learners through PLEs, do we incur in the risk of commoditizing personal learning environments and making of them extensions or tentacles of the all-eating institution?
- PLEs not to de-school society, but for un-schooled people. Or, better said, the stress the inclusion factor of PLEs as a way to bring education at reach of everyone: where institutions cannot reach, PLEs will.
- Institutions build the walls of libraries, PLEs fill them with books. PLEs have to go hand in hand with the structure, surround it, fill in the voids, enrich the always cold but needed concrete columns where a society lies upon.
Slides of the presentation
(just translated and put nicely)
PLE Conference (2010)
By Ismael Peña-López (@ictlogist), 08 July 2010
Main categories: e-Government, e-Administration, Politics, Information Society, Meetings
Other tags: albert_batlle, cloud_computing, evgeny_morozov, idp, idp2010
No Comments »
Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.
Citizen Participation in the Cloud
Chairs: Ismael Peña-López
Citizen participation in the Cloud: risk of storm
Albert Batlle, Open University of Catalonia.
The situation we are in is a context of crisis of political legitimacy. This means much less political participation in general and, more specifically, protest voting, young people voting less, decreasing levels of affiliation to parties or other civic organizations, etc.
On the other hand, we see the explosion of the Information Society and of the Web 2.0, “participative” by definition. ICTs are adopted by political organizations in the fields of eGovernment — to provide public services for the citizen — and eDemocracy — to enhance and foster participation.
Two different perspectives in the crossroads between political disaffection and the Information Society:
- Cyberoptimism: ICTs will lead to a mobilization effect. More people will participate because participation costs are lower, there is much more information than before, etc.
- Cyberpessimism: ICTs will lead to new elites because of the digital divide. The existing differences between the ones that participated and the ones that didn’t are broadened.
- Realists: we need more empirical studies (and to avoid technological determinism).
We have new technologies for citizen participation but, what tools for what uses? A research for the Barcelona county council.
After a survey within the Barcelona municipalities, we can state:
- There are different participation activities depending on whether the communication is horizontal or vertical.
- There are topics more prone to intensively use ICTs: urban planning, youngsters, education and equality, elder people, sustainability.
- Not organized citizens, resources, transversal coordination are variables that are usually identified as barriers not overcome; while training, innovation, agenda, associations or political agreement are usually identified as goals reached through ICT-enhanced participation.
The study then goes on to analyze tools and applications and how they fit in the participation process:
- Directionality, qualitative: unidirectional, bidirectional, hybrid
- Directionality, quantitative: one-to-one, one-to-many, many to many.
- Competences: basic, advanced, expert.
- Applications: type of tool, cost, hosting, “mashability”.
Participation moments:
- Mobilization: information about the participation process and the goals to be achieved.
- Development: putting into practice the participation project.
- Closing: stating the decision being made.
- Follow up: monitoring and assessment of the decision reached.
A first analysis of 19 international cases, we see that most tools have a one-to-many directionality, are bidirectional, and are mainly used in the mobilization moment. User registration and the data they have to provide is an important issue and must be decided in advance, as happens with deciding the goals and functioning of the process, which includes defining and identifying the role of the online facilitator. Free software is usually the option chosen, and accessibility (in a broad sense) is normally taken into account.
We find two different models. Even if models are not “pure”, we can see opposite approaches: Initiatives aimed at community building, characterized by being open, relational, fostering engagement, using free tools and aiming at a networked participation, with a facilitator that engages in a bidirectional conversation. And policy oriented initiatives, characterized by being more formal (or formalized), focussing at decision-taking and representation, using own platforms and more “traditional” participation means, with a facilitator that guides and information that flows asymmetrically and unidirectionally.
Cloud computing is both an opportunity and a challenge. On the one hand, there are legal hazards that need being solved, but that also disclose some interesting spaces. Indeed, the new a-institutional logic is disruptive but also provides new ways of learning, as the public and private spheres intersect one to each other and get confused (want it or not) one with each other. It is a response to the de-legitimation of political institutions, but it is also a reassurance that citizens do care about public affairs: the crisis is in the institutions, not in participation itself.
Bernard Woolley: “Well, yes, Sir…I mean, it [open government] is the Minister’s policy after all.”
Sir Arnold: “My dear boy, it is a contradiction in terms: you can be open or you can have government.”
(from Yes Minister, 1980)
Evgeny Morozov, Georgetown University’s E. A. Walsh School of Foreign Service.
Decisions made at the technological level in Western economies/businesses will affect how cyberactivism takes place… all over the world. What Google, Twitter or Facebook decides impacts citizen action everywhere.
There is much effort on building social capital online, uploading content, gathering people in a group, and this effort relies on a potential arbitrary decision by the owner of the online platform, who serves who knows whose will. Groups in social networking sites disappear every day without previous notice and most times without an explicit and clear reason for it.
But regulating these corporations is often seen as a barrier to democratize more quickly less democratic countries. You don’t want to “spoil” a Web 2.0 application if it is seldom used to raise protests against non-democratic regimes, or used on human emergencies, etc.
But outside of Western countries, most applications are owned and run by local companies that have less freedom of choice than in other places of the World. If the Chinese or Russian or Iranian governments ask for user personal data to these companies, they have little chances not to deliver them. This makes datamining by governments very easy and very effective to locate and identify dissidents.
Besides direct extortion to companies, governments can directly monitor and put up several kinds of citizen surveillance, including entering an individual’s computer because the government infiltrated the computer with a trojan or any other kind of spy-software. Of all, the major problem is not even being aware of that manipulation. Same applies to web servers, of course.
On the legal side, governments or several lobbies have the power to manipulate content online, by crowding out conversations. If this is a trivial debate, then the influence of the strong part has no major impact. But if that is a pre-election debate, it can lead to indirect tampering and not-really-legitimate democratic participation.
And doing all that is not very difficult: custom police can (actually do) google people and see what comes up in the search results, scan their Facebook profiles, see who a specific person is related to and, according to that, decide to decline a visa request.
Besides governments, authors that we would not consider very “democratic” (e.g. fascist movements) are doing impressive things online in social networking sites, mashups, etc. So, Web 2.0 and cloud computing tools are double-edged swords and both serve noble and evil purposes and goals, like e.g. mapping where ethnics minorities are mashing up rich public data with map applications either to avoid or to attack them.
There is a dynamic that the Internet brings and that might makes us stop and think whether we like it or not: is a shift towards full openness a good thing? is a shift towards direct democracy a good thing too?
Discussion
Ana Sofía Cardenal: can you provide more information about the survey you talked about? Batlle: the survey was made in 112 cities (more than 10,000h less Barcelona). 81% answered the survey explaining use of ICT in participation initiatives.
Ana Sofía Cardenal: why nationalist movements are more present online than liberal ones? Morozov: the short answer is that hate travels more faster than hope online
. But it might be more about phobia rather than nationalism. On the other hand, the Internet has no borders and allows for birds of the same flock to cluster around online spaces rather than having to stick to their artificial national myths.
Ismael Peña-López: data havens yes or no? protection or impunity? Morozov: One the one hand, governments should not support law circumvention tools (like TOR), basically because they are massively used by criminals, or by people whose purpose is not very clear and its justification varies depends on your approach. Regarding Wikileaks, the problem is that once a hot file is out, it is difficult to block, and the more you try to block it, the more it is disseminated (the Streisand effect). Something should be done, yes, but it is not clear what.
Ronald Leenes: It is also true that governments also use tools that activists use for security reasons, so they should at least allow for these tools to develop and even be funded. Morozov: right, but you cannot be pushing for the rule of law and with the other hand allowing the proliferation of tools that are clearly used to break the rule of law. Leenes: this apply to many technologies!
Jordi Vilanova: We’re talking about social networking sites as being run by corporations, but it is likely that in the future we find SNS being ruled by foundations or non-governmental organizations. So, there still is some room for Web 2.0 applications being “safely” used by individuals. A second comment is that we are looking at non-democratic regimes but, in the meanwhile, so-called liberal democracies are trimming citizen rights with the excuse of security and so. So we should be more concerned about these hypocrite countries. Morozov: it is true that foundations can run their own SNS, but the thing is that most times is not about the tool, but about audience and critical mass, and this audience is in private corporations’ platforms, and this will be difficult to change. And regarding transparency, transparency has to come with footnotes
to avoid misleads.
See also
6th Internet, Law and Politics Conference (2010)
By Ismael Peña-López (@ictlogist), 07 July 2010
Main categories: Cyberlaw, governance, rights, Information Society, Meetings
Other tags: cloud_computing, idp, idp2010, ronald_leenes
1 Comment »
Notes from the 6th Internet, Law and Politics Conference: Cloud Computing: Law and Politics in the Cloud, organized by the Open University of Catalonia, School of Law and Political Science, and held in Barcelona, Spain, on July 7th and 8th, 2010. More notes on this event: idp2010.
Opening: Pere Fabra, Agustí Cerrillo
Privacy in the Cloud, a Misty Topic?
Ronald Leenes, Universiteit van Tilburg
An introduction to Cloud Computing
What is the relationship between Cloud computing, Grid computing, service oriented architecture (SOA) and Web 2.0?
Increasingly, data and applications are stored and/or run on a web server that hosts what usually was on your local machine. The web browser becomes the usual platform. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources.
If we talk about “resources”, the definition becomes broader, as we can also speak about computing power or computing time. And these resources are shared by many users, instead of having a dedicated machine. This provide rapid elasticity that allows for easy and quick scaling (up or down).
Models
- Software as a Service (Saas): e.g. webmail, online office applications; etc.
- Platform as a Service (Paas): e.g. Amazon AWS platform;
- Infrastructure as a Service (IaaS): all the power you might have in our PC, in the cloud.
Advantages
- Price: many cloud services are reee.
- Reliability: redundancy of services and scalability makes the system more stable.
- Accessibility: your services, everywhere.
- No piracy.
- Multiple business models: fees, ads, etc.
- Always current version of the software, no needs to update.
Privacy and security issues
Privacy: bodily integrity, data protection, inviolability of the home, secrecy of communications. The later two are specially relevant for cloud computing.
Data protection goals aim at facilitating the free flow of information while providing a minimum level of data protection. Data aspects: confidentiality, integrity, availability. The three of them are (more or less) under control while data are stored in a PC. In the cloud it is certainly less so.
The first thing to state is that, in the cloud, you don’t know where your data exactly are. Indeed, those date are interlinkable by other services, which make them even more ubiquitous while difficult to locate.
Second is that, in “physical” life, one’s identity is made up of different and partial identities of one self. There is a certain control to segregate audiences according to what they can see of me. Not in the cloud. To a large extent, we’re evolving toward a world where you are who Google says that you are
(JD Lassica).
As data travel from my browser (and through the Internet) to a cloud service, anyone can potentially intercept your travelling data. The way to avoid this is use encryption (HTTPS) but cloud services do not usually have the incentive to (unlike banks, that are liable for data loss or money stealing) and do have incentives not to (HTTPS requires much more server power and time to encrypt and decrypt, thus making it more expensive at the aggregate level).
Regulation
Personal data: data that can lead to identification of a person (data subject). Thus, personal data can be taken very broadly as even an e-mail message can lead to identifiable individuals. A processor is a body that processes personal data. A data controller holds or stores personal data.
The DPD is applicable when the data controller is within the European Union jurisdiction, regardless of where the data processor is.
Thus, if Google just provides a platform where the user processes their data, then Google is not a controller, but a processor, which means it is being affected differently by the (European) law. But if data, after being processed, are stored in Google’s servers, then Google becomes a controller. So, cloud service providers can switch between data controlling and data processing or both at a time, with legal consequences.
DPD principles: transparency, legitimate purpose and proportionality.
Discussion
Jordi Vilanova: are there any legal differences in privacy between individuals and institutions? A: legally, in strict sense it only applies to individuals. In the case of companies, we would be talking about intellectual property, trade secrets, etc.
Mònica Vilasau: to balance unequal distribution of bargaining power between service providers and users, what should be done? More regulation? Better contracts? Is the data protection directive enough for cloud computing? A: Contracts should suffice, as they are a very powerful tool. The difference is that in the EU privacy is a public good that needs to be protected, so the law will always be above any contract; while in the US privacy is something that can be bargained between contractors. The DPD is not enough for cloud computing, because its purpose was to regulate over the data controller, a very identifiable agent at a time (e.g. a hospital having data of you). But now, who is a data controller or a processor is very difficult to identify.
Q: Is one of the problems that cloud services are based in the US? A: Yes, of course, if data controllers, processors and subjects were in the same jurisdiction that would make things much easier.
Mònica Vilasau: what about cookies? A: if you accept cookies, you get less of your privay. If you do not, the service provider is no more a data controller (it is not storing data from you, because you refused the cookie) and then you are no more under the DPD. This is an ironic dichotomy.
See also
6th Internet, Law and Politics Conference (2010)