we do not to perform any backups, including software;
we have no more storage limitations, adding more storage room is quick and easy;
ubiquity, all services are available from anywhere.
Some problems with cloud computing that media repeat over time:
Closed applications that are difficult to expand or modify: you cannot change (add features, customize, etc.) Google Documents easily
Availability outsourced: to access a single Google Document we rely on our PC, our web browser, our Internet provider, Google, the government regulation (e.g. you depend on the Chinese government to allow Google to operate in China), etc.
But, where are our data? Where is our privacy? Most of our data/privacy is on Google, Microsoft and Amazon, the later the biggest provider of cloud platforms.
Indeed, some service providers cannot only access our data, but do have control over our devices:
What happened with Amazon’s Kindle and the novel “1984” affair: erased a novel from all books, got sued (and lost), but doubled their sales of Kindles.
Facebook will retain ownership of your photos: huge claims for intellectual property and privacy, but Facebook users in Spain almost tripled during the “scandal”.
The case of the accountability service that showed that no one reads the terms of service.
All in all: people do not read the terms of service and accept whatever terms. But the thing is that most service providers require this free access to data to be able to let data to third parties, the basis of the business plan.
Open Cloud Computing / Open Cloud Compliant: the services are in the cloud, but the user can choose where the data will be stored. At least, this allows for the user to know where their data are. It also avoids conflicts of interest: the one that provides the service is not the same that provides the infrastructure: the service provider will ensure that data are safe, and the infrastructures provider will ensure that the infrastructure supports the service.
We should then differentiate between infrastructure cloud computing and services cloud computing. Open cloud computing means that these are separate and there’s a possibility of choice, and closed means that they all come together with a single provider: in this case, privacy risks arise.
The average user prefers ‘easy’ to ‘nice’, even if ‘easy’ means ‘ugly’. This creates de facto standards. People prefer applications to be fast and easy, even if it is less powerful or less nice.
About eyeOS
eyeOS is an open-source browser based web desktop, which means that it acts as a framework that, once the user is logged in, logs the user to whatever application runs on this desktop. Thus, the user does not need to remember where the applications are (what third parties’ services) and how to log in them.
(NOTE: here comes an interesting discussion about institutional and individual uses of open cloud services, the free software community, etc.)
Privacy in the Cloud, a Misty Topic? Ronald Leenes, Universiteit van Tilburg
An introduction to Cloud Computing
What is the relationship between Cloud computing, Grid computing, service oriented architecture (SOA) and Web 2.0?
Increasingly, data and applications are stored and/or run on a web server that hosts what usually was on your local machine. The web browser becomes the usual platform. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources.
If we talk about “resources”, the definition becomes broader, as we can also speak about computing power or computing time. And these resources are shared by many users, instead of having a dedicated machine. This provide rapid elasticity that allows for easy and quick scaling (up or down).
Models
Software as a Service (Saas): e.g. webmail, online office applications; etc.
Platform as a Service (Paas): e.g. Amazon AWS platform;
Infrastructure as a Service (IaaS): all the power you might have in our PC, in the cloud.
Advantages
Price: many cloud services are reee.
Reliability: redundancy of services and scalability makes the system more stable.
Accessibility: your services, everywhere.
No piracy.
Multiple business models: fees, ads, etc.
Always current version of the software, no needs to update.
Privacy and security issues
Privacy: bodily integrity, data protection, inviolability of the home, secrecy of communications. The later two are specially relevant for cloud computing.
Data protection goals aim at facilitating the free flow of information while providing a minimum level of data protection. Data aspects: confidentiality, integrity, availability. The three of them are (more or less) under control while data are stored in a PC. In the cloud it is certainly less so.
The first thing to state is that, in the cloud, you don’t know where your data exactly are. Indeed, those date are interlinkable by other services, which make them even more ubiquitous while difficult to locate.
Second is that, in “physical” life, one’s identity is made up of different and partial identities of one self. There is a certain control to segregate audiences according to what they can see of me. Not in the cloud. To a large extent, we’re evolving toward a world where you are who Google says that you are (JD Lassica).
As data travel from my browser (and through the Internet) to a cloud service, anyone can potentially intercept your travelling data. The way to avoid this is use encryption (HTTPS) but cloud services do not usually have the incentive to (unlike banks, that are liable for data loss or money stealing) and do have incentives not to (HTTPS requires much more server power and time to encrypt and decrypt, thus making it more expensive at the aggregate level).
Personal data: data that can lead to identification of a person (data subject). Thus, personal data can be taken very broadly as even an e-mail message can lead to identifiable individuals. A processor is a body that processes personal data. A data controller holds or stores personal data.
The DPD is applicable when the data controller is within the European Union jurisdiction, regardless of where the data processor is.
Thus, if Google just provides a platform where the user processes their data, then Google is not a controller, but a processor, which means it is being affected differently by the (European) law. But if data, after being processed, are stored in Google’s servers, then Google becomes a controller. So, cloud service providers can switch between data controlling and data processing or both at a time, with legal consequences.
DPD principles: transparency, legitimate purpose and proportionality.
Discussion
Jordi Vilanova: are there any legal differences in privacy between individuals and institutions? A: legally, in strict sense it only applies to individuals. In the case of companies, we would be talking about intellectual property, trade secrets, etc.
Mònica Vilasau: to balance unequal distribution of bargaining power between service providers and users, what should be done? More regulation? Better contracts? Is the data protection directive enough for cloud computing? A: Contracts should suffice, as they are a very powerful tool. The difference is that in the EU privacy is a public good that needs to be protected, so the law will always be above any contract; while in the US privacy is something that can be bargained between contractors. The DPD is not enough for cloud computing, because its purpose was to regulate over the data controller, a very identifiable agent at a time (e.g. a hospital having data of you). But now, who is a data controller or a processor is very difficult to identify.
Q: Is one of the problems that cloud services are based in the US? A: Yes, of course, if data controllers, processors and subjects were in the same jurisdiction that would make things much easier.
Mònica Vilasau: what about cookies? A: if you accept cookies, you get less of your privay. If you do not, the service provider is no more a data controller (it is not storing data from you, because you refused the cookie) and then you are no more under the DPD. This is an ironic dichotomy.
I am proud to announce the 6th Internet, Law and Politics Conference, this time dealing about Cloud Computing and the challenges it poses in the fields of Law and Politicals.
The event will take place in Barcelona, Spain, the 7th and 8th July, 2010. There will be translation in Spanish, Catalan and English and registration is open and free.
Programme
Wednesday 7 July 2010
8.30 am
Accreditations
9.00 am
Welcome
Pere Fabra, UOC Vice President for Academic Organisation and Faculty.
Agustí Cerrillo, Director of the UOC’s Law and Political Science department.
9.30 am
Keynote speech: Privacy in the Cloud, a Misty Topic?
Ronald Leenes, professor, Tilburg University. Moderator: Mònica Vilasau, UOC.
10.30 am
Coffee break
11.00 am
Myths and Realities of Cloud Computing
EyeOS.
Moderator: Ismael Peña (UOC).
12.00 pm
Round table: Key Legal Aspects for Putting your Business in the Cloud.
Xavier Ribas, lawyer, Landwell Global.
Manel Martínez Ribas, lawyer, ID-LawPartners.
Ramon Miralles, Coordinator of Information Security and Auditing, Catalan Data Protection Agency.
Moderator: Miquel Peguera, UOC.
2.00 pm
Lunch
4.00 pm
Round table: Cloud Computing: A New Dimension in Teleworking?
Javier Thibault Aranda, professor at the Complutense University of Madrid.
Carmen Pérez Sánchez, IN3 researcher, UOC.
Javier Llinares, Managing Director, Autoritas Consulting.
Moderator: Ignasi Beltrán UOC.
6.00 pm
Conclusions from the first day.
Karma Peiró, Participation Manager, 3cat24.cat.
Thursday, 8 July 2010
9.30 am
Keynote speech: The Cloud’s Shadow: The State of Freedom on the Net
Karin Deutsch Karlekar, Senior Researcher and Managing Editor, Freedom of the Press Index, Freedom House.
10.30 am
Coffee break
11.00 am
From Electronic Administration to Cloud Administration
Discussion with:
Nagore de los Ríos, Director of Open Government and Internet Communication, Basque government.
Joan Olivares, Managing Director of Catalonia’s Open Electronic Administration Consortium.
Moderator: Agustí Cerrillo, UOC.
12.30 pm
Round table: Cyber-crime prosecution
Rubèn Mora, head of Technologies of Information Security Department, Mossos d’Esquadra.
Francisco Hernández Guerrero, Prosecutor, Andalusia.
2.00 pm
Lunch
4.00 pm
Round table: Citizen Participation in the Cloud: Risk of Showers?
Evgeny Morozov. Yahoo! fellow, Georgetown University’s E. A. Walsh School of Foreign Service.
I have been accepted two communications which I am presenting tomorrow within the track Organizations and institutions before the digital divide: model development and good practices. The two communications will be both presented during the event and published in the respective proceedings, and they belong to the research I did for my PhD Thesis. The materials for the presentation and the full text of the communications, in Spanish, follow below. For other materials related to my PhD Thesis, please browse the phd tag (http:/ictlogy.net/tag/phd).
Hacia un modelo integral de la Economía Digital
[Towards a comprehensive model of the Digital Economy]
Two major questions today: what will we do? how will we stay safe?
Innovation come not by using specific technology or platforms but on the effective uses we put into them.
The safety issue seems not to be approachable by the Law alone, being self-regulation and self-commitment a good share of it, and collaboration and co-operation another good share of it.
In a time of crisis, the international community turns its attention to the Information Society. But this is not about hardware, but about organizational change, institutional change. A major planning has to take place to deal with focal issues like e-commerce, network safety or e-Administration.
We’d do well to learn from sub-national or even local successes in open data initiatives, or data sharing initiatives. And what a different it makes to move from the “e-” Government to the “o-” Government.
And open data might be a necessary step to change not only government but also democracy and politics, to enable citizen participation and engagement.
We’re seeing times where political crisis and financial crisis is accompanied by a demand for transparency, openness, open data, etc. And it looks like broadly demanded political reforms could move towards this direction.
This is, for instance, how Politics 2.0 evolve from Politicians 2.0 towards Political Spaces 2.0.
Politics 2.0 can be presented as a virtuous circle, where everybody is part of that circle, and where the sense of “small” (as in a small issue) can have a brand new meaning (and not be small or irrelevant at all).
Will, hence, the unconventional ways of doing politics become the conventional or mainstream ones? Do we want that?
What is the right agenda? Does a creative use of public information (initially well intended) have bad consequences?
Next steps?
W3C Access to Government interest group
Pulic Services 2.0 declaration
From “come back tomorrow” to “come back next year”?
Political participation and Social Networking Sites Chaired by Ana Sofía Cardenal
Marta Cantijoch, Assistant Professor at the Political Science Department of the Universitat Autonoma de Barcelona, PolNet research group.
The distinction amongst citizens is not only between people that participate and that do not participate, but also in how they participate when they do, distinguishing between conventional or unconventional political participation (Political Action Study, 1979), or representational and extra-representational participation (Teorell, Torcal and Montero, 2007): e.g. go to demonstrations, follow calls to boycott products or actions, etc. The latter group is acting outside institutions, thus his political action is not only about a specific position but forms also matter and are plenty of meaning.
In general, we’re seeing a change of attitude where conventional engagement is decreasing (i.e. less people being partisans in a political party) while unconventional politics are increasing. One of the reasons being dissatisfaction towards performance of representative democracy.
Combination of attitudes:
Disaffected citizens: dissatisfaction + low involvement = apathy, non, participation
Social networking sites provide both a qualitative and a quantitative change: higher amount of available information combined with a higher diversity of discourses; contacts and exchanges in horizontals processes (citizen to citizen) made possible while the control of communication stays in the users’ hands; interactivity.
Social networking sites also represent an open gate towards unsolicited, though relevant, information that affects your peers, or your weak ties, but that (positively) reshapes one’s own context.
Consequences:
Tools for citizen empowerment: processes of communication are citizen-initiated (vs. elite directed)
Reinforcement / promotion of attitudinal change: non-hierarchical communication processes
Impact on critical citizens but also on institutionalized profiles
Internet use fosters unconventional forms of participation, a hypothesis verified for the Spanish case.
New opportunity for formal institutions to reconnect to the public, to try and bring them back to the representative democracy arena. This will of course require an adaptation to web 2.0 technologies in the exchanges with the citizens: abandoning the top-down logic, certain degree of decentralization, and higher granularity of participation.
Nobody knows more than everyone together José Antonio Donaire, Member of the Catalan Parliament, Catalan Socialist Party.
Politics 2.0 is not ICT-enhanced politics, or e-Politics. It’s a change of paradigm enabled by a technological change.
Change of paradigm:
The crisis of the autoritas, in the case of representative democracy, the crisis of parties, where a minority sets the general agenda in contradiction with a supposed representative democracy. The change should be towards deliberative democracy, the collective intelligence, collaborative work. The more people debate on a subject, the lower the margin of error. But not only to decrease errors: the deliberative process is a goal in itself. Deliberative democracy negates the autoritas and brings the wisdom back to the collective.
Adaptation from politics to policies, from the big politics to the policies of shades and the small details.
The appearance of complexity, where the same person can have different opinions that not necessarily match the traditional division of left-wing, right-wing or a specific ideology. Multiple identities have to be acknowledged and hence spaces for contact need to be enabled.
How to put this into practice? Different models that can be understood as progressive stages:
Politicians 2.0: the members of the Parliament, etc. have twitter or Facebook accounts, write on their blogs, etc. This provides transparency, interaction, a first person communication (despite the vertical discourse of the party), proximity. Politicians 2.0 are, nevertheless, a necessary but not sufficient step towards Politics 2.0
Political means 2.0, that enable participation, the collective intelligence, managing the complex, rewarding or recognising meritocracy. A wiki, for instance, can allow most of these aspects. The network also generates autoritas, but it is a well deserved autoritas. The Catalan Parlament 2.0 could be an example of this.
Politicized means 2.0, that enable the exchange of ideas, community building and creation of communities, cyberactivism, against particracy. The pros is that people debate seriously, the cons is that they might lead to quasi-parties.
Political spaces 2.0: gathering spaces, dialogue and exchange, complex identities, against particracy.
A distinction between direct democracy and deliberative democracy. The Net to directly decide can lead to dangerous outcomes or problems as the NIMBY, lobbying or even taking the whole system as a joke (e.g. the Spanish “efecto Chikilicuatre”, where Spaniards chose a stand-up comedy actor to represent Spain at Eurovision).
But politics will be 2.0 or won’t be.
Ricard Espelt, Copons Town Councillor, in charge of Economic Promotion, New Technologies and Communication.
In a small town like Copons, problems are small but real ones, and the traditional solution would be that the citizen would shift the problem towards the city council, which might or might not solve the problem, given their limited resources.
Copons 2.0 aims at bringing the citizen back in the equation.
Problems should be able to be rephrased as alternatives, opportunities, requirements… In any case, a problem should be an excuse for a debate, for an encounter within the town and within citizens themselves.
The Administration is seen as a resource, but its limits are properly framed and known by everyone.
And the citizen is, again, no more a “whiner” but someone who can also contribute with solutions, or contributing to “the” solution.
Social networking sites put all these things together, making possible sharing, deliberation, participation, etc.
Far from corporativism, Copons opted for universal and socialized tools, in the cloud, for free: WordPress, Facebook, Flickr, etc. and everything licensed with Creative Commons. Notwithstanding, opinions were only accepted if backed with a real digital profile, even if they were popular or widely accepted.
Surprisingly, online administrative processes have been the less popular, being participative tools the most used. The major: There’s no opposition: it is the citizens who are watching us. Working on the net and in such a framework, the administration has to be transparent and the citizens ask for highest degrees of accountability, responsibility, etc.
What happens with the digital divide? Wifi areas and digital literacy workshops were created to help the laggards catch up with the rest. Training is made on a peer-to-peer basis, where initiated volunteers help their neighbours. Now, more people have digital profiles, there’s more broadband penetration, offline debate has been enriched and enhanced by online debate, people self-organize. A good pro: everybody knows who their representatives are and viceversa.
The Copons 2.0 project has been able to deal with quite complex problems, problems that came from a long tail of approaches, that gathered all the relevant agents (known and unknown) affected by the problem, etc. And sometimes, the identified solutions belonged not to the Government sphere, but to a shared set of responsibilities/responsibles. But, as monitoring is constant, solutions are temporal and they quickly enter a process of constant improvement… as in a permanent beta.
Q&A
Franck Dumortier: Where are the limits of conventional and unconventional? How is your digital identity affected by you participation conventionally or unconventionally? (e.g. a demonstration that ends up with you on jail because of some uncontrolled riots)
Ismael Peña-López: the impact of SNS on critical and institutionalized citizens, is it the same one? Is it more “2.0” in the case of critical/grassroots and more “1.0” in the case of institutionalized/top-down? José Antonio Donaire: we’ll most probably be seeing Politics 2.0 made up of the 4 stages mentioned below. On the other hand, it not about web 2.0 tools, or web 2.0 tools used the 1.0 or the 2.0 way, but whether there is a deliberative process, however it takes place. Marta Cantijoch: Agreed, it’s not about technology but processes and philosophy, a participatory one, despite whether it is made with web 1.0 or 2.0 applications.
Ismael Peña-López: does Politics 2.0 require a lot more effort/work or can it be mainstreamed in every day’s politics? Ricard Espelt: more than a matter of workload, is a matter of attitude, whether one wants to engage with the citizenry or wants to be pro-active in politics, or just sit on the City Council.
Q: How does participatory politics fit with a party system, closed, not really representative, power centred, top-down managed, etc.? Why should I speak with a politician, interact with them, if they are wired to/by the party? José Antonio Donaire: I’m absolutely for open lists in elections. But, but this radically change the scenario? It might make the individual politician more responsible, but the change of paradigm goes way beyond that. A representative system is efficient, but it does not necessarily require that it is the party/government who decides both the agenda and the results of the agenda setting. There is an urgent need to recover the debate, the collective finding of the truth, the enlightenment.
Albert Batlle: What happens with the profile of satisfied citizen but not active/engaged? Marta Cantijoch: this profile perfectly fits within the Institutionalized group.
Albert Batlle: How do we scale up the Copons 2.0 model? For instance, from the local to the national or the international level. How do we reach consensus there? Ricard Espelt: We have a low sense of the common good and of the community. The problem of scalability is most probably not a matter of size, but of consensus. Big participatory projects do not work not because they are big, but because they are top-down. José Antonio Donaire: Maybe what works is common interest. If Copons 2.0 works it might be because the small town is thematically coherent. We thus can build bigger communities that, notwithstanding, have a common thematic core. And the politician should have channels so that they can practice an active hearing, a way to gather knowledge in which to base their decisions.
Q: (to José Antonio Donaire) Why should a politician want to end up politics? What does it mean ending up conventional politics? How would you then become a Member of Parliament? A: I am aware that representative politics works, but it is a fragile one, and there’s evidence of disaffection and of loss of sense of community. When talking about politics outside politics, this means not without politics, but outside of (or without) conventional politics. The idea is not throwing politicians away, but working with the citizens to set up the agenda, to decide what’s to be decided, etc.
Mònica Vilasau: How do we connect engagement and a call for participation with results? How not to deceive people? Is it easier in smaller places? Are outcomes easier to achieve at smaller scales? José Antonio Donaire: It’s better a citizen association building up a website and imagining what they’d like, than the City Council asking for ideas. A good example could be Las 1001 Ideas.
Ana Sofía Cardenal: For a deliberative democracy, we need a genuine motivation. But there are demagogues that want to manipulate the public arena. What to do with them? José Antonio Donaire: On the Net, reputation is very transparent. In a network of people it is more difficult to be cynical.
, 175 KB)
