we do not to perform any backups, including software;
we have no more storage limitations, adding more storage room is quick and easy;
ubiquity, all services are available from anywhere.
Some problems with cloud computing that media repeat over time:
Closed applications that are difficult to expand or modify: you cannot change (add features, customize, etc.) Google Documents easily
Availability outsourced: to access a single Google Document we rely on our PC, our web browser, our Internet provider, Google, the government regulation (e.g. you depend on the Chinese government to allow Google to operate in China), etc.
But, where are our data? Where is our privacy? Most of our data/privacy is on Google, Microsoft and Amazon, the later the biggest provider of cloud platforms.
Indeed, some service providers cannot only access our data, but do have control over our devices:
What happened with Amazon’s Kindle and the novel “1984” affair: erased a novel from all books, got sued (and lost), but doubled their sales of Kindles.
Facebook will retain ownership of your photos: huge claims for intellectual property and privacy, but Facebook users in Spain almost tripled during the “scandal”.
The case of the accountability service that showed that no one reads the terms of service.
All in all: people do not read the terms of service and accept whatever terms. But the thing is that most service providers require this free access to data to be able to let data to third parties, the basis of the business plan.
Open Cloud Computing / Open Cloud Compliant: the services are in the cloud, but the user can choose where the data will be stored. At least, this allows for the user to know where their data are. It also avoids conflicts of interest: the one that provides the service is not the same that provides the infrastructure: the service provider will ensure that data are safe, and the infrastructures provider will ensure that the infrastructure supports the service.
We should then differentiate between infrastructure cloud computing and services cloud computing. Open cloud computing means that these are separate and there’s a possibility of choice, and closed means that they all come together with a single provider: in this case, privacy risks arise.
The average user prefers ‘easy’ to ‘nice’, even if ‘easy’ means ‘ugly’. This creates de facto standards. People prefer applications to be fast and easy, even if it is less powerful or less nice.
About eyeOS
eyeOS is an open-source browser based web desktop, which means that it acts as a framework that, once the user is logged in, logs the user to whatever application runs on this desktop. Thus, the user does not need to remember where the applications are (what third parties’ services) and how to log in them.
(NOTE: here comes an interesting discussion about institutional and individual uses of open cloud services, the free software community, etc.)
Privacy in the Cloud, a Misty Topic? Ronald Leenes, Universiteit van Tilburg
An introduction to Cloud Computing
What is the relationship between Cloud computing, Grid computing, service oriented architecture (SOA) and Web 2.0?
Increasingly, data and applications are stored and/or run on a web server that hosts what usually was on your local machine. The web browser becomes the usual platform. Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources.
If we talk about “resources”, the definition becomes broader, as we can also speak about computing power or computing time. And these resources are shared by many users, instead of having a dedicated machine. This provide rapid elasticity that allows for easy and quick scaling (up or down).
Models
Software as a Service (Saas): e.g. webmail, online office applications; etc.
Platform as a Service (Paas): e.g. Amazon AWS platform;
Infrastructure as a Service (IaaS): all the power you might have in our PC, in the cloud.
Advantages
Price: many cloud services are reee.
Reliability: redundancy of services and scalability makes the system more stable.
Accessibility: your services, everywhere.
No piracy.
Multiple business models: fees, ads, etc.
Always current version of the software, no needs to update.
Privacy and security issues
Privacy: bodily integrity, data protection, inviolability of the home, secrecy of communications. The later two are specially relevant for cloud computing.
Data protection goals aim at facilitating the free flow of information while providing a minimum level of data protection. Data aspects: confidentiality, integrity, availability. The three of them are (more or less) under control while data are stored in a PC. In the cloud it is certainly less so.
The first thing to state is that, in the cloud, you don’t know where your data exactly are. Indeed, those date are interlinkable by other services, which make them even more ubiquitous while difficult to locate.
Second is that, in “physical” life, one’s identity is made up of different and partial identities of one self. There is a certain control to segregate audiences according to what they can see of me. Not in the cloud. To a large extent, we’re evolving toward a world where you are who Google says that you are (JD Lassica).
As data travel from my browser (and through the Internet) to a cloud service, anyone can potentially intercept your travelling data. The way to avoid this is use encryption (HTTPS) but cloud services do not usually have the incentive to (unlike banks, that are liable for data loss or money stealing) and do have incentives not to (HTTPS requires much more server power and time to encrypt and decrypt, thus making it more expensive at the aggregate level).
Personal data: data that can lead to identification of a person (data subject). Thus, personal data can be taken very broadly as even an e-mail message can lead to identifiable individuals. A processor is a body that processes personal data. A data controller holds or stores personal data.
The DPD is applicable when the data controller is within the European Union jurisdiction, regardless of where the data processor is.
Thus, if Google just provides a platform where the user processes their data, then Google is not a controller, but a processor, which means it is being affected differently by the (European) law. But if data, after being processed, are stored in Google’s servers, then Google becomes a controller. So, cloud service providers can switch between data controlling and data processing or both at a time, with legal consequences.
DPD principles: transparency, legitimate purpose and proportionality.
Discussion
Jordi Vilanova: are there any legal differences in privacy between individuals and institutions? A: legally, in strict sense it only applies to individuals. In the case of companies, we would be talking about intellectual property, trade secrets, etc.
Mònica Vilasau: to balance unequal distribution of bargaining power between service providers and users, what should be done? More regulation? Better contracts? Is the data protection directive enough for cloud computing? A: Contracts should suffice, as they are a very powerful tool. The difference is that in the EU privacy is a public good that needs to be protected, so the law will always be above any contract; while in the US privacy is something that can be bargained between contractors. The DPD is not enough for cloud computing, because its purpose was to regulate over the data controller, a very identifiable agent at a time (e.g. a hospital having data of you). But now, who is a data controller or a processor is very difficult to identify.
Q: Is one of the problems that cloud services are based in the US? A: Yes, of course, if data controllers, processors and subjects were in the same jurisdiction that would make things much easier.
Mònica Vilasau: what about cookies? A: if you accept cookies, you get less of your privay. If you do not, the service provider is no more a data controller (it is not storing data from you, because you refused the cookie) and then you are no more under the DPD. This is an ironic dichotomy.
Education, at any level, is far from being perfect. And the coming of age of digital technologies have, at least, (a) made much more evident the weaknesses of the actual education system, (b) shed some light on the possible solutions and (c) provided some tools that can be applied to achieve those solutions.
An example of the former can be (a) paper handbooks are very expensive, become obsolete very quickly and their content is imposed by publishers; (b) shifting from paper to bytes could solve the three issues and (c) the solution can come in the form of digital educational resources, managed with wikis or collaborative documents and licensed with open licenses.
The digital light has certainly covered all education-related topics and suggested vast ways of improvement. Some of them are (or seem to be) as crystal clear that we feel the urge to rush the improvements and we end up not understanding how will the system still stick together a year longer. Like night owls, we even get so dazzled how could anyone build such an educational system that is, according to some of my last readings, impersonal, inflexible, one-size-fits-all, not engaging, boring, expensive, old-fashioned, reactionary, etc. In one word: industrial.
While we all find stupid people every now and then — surely in front of our bathroom’s mirrors, that’s a fact — it is hard to believe that modern universities and schools have been designed and ruled for 250 years exclusively from ignorance, idiocy or, in the best cases, from aspirations to control people — like many suggest today.
A little bit of Economic History
The history of humanity (or at least a part of it, I’d dare say) is that of achieving higher levels of productivity through efficiency, and as an outcome to that, more quality of life and diversification of human activities due to more people being freed from other (more basic) activities.
Taming led to farming, and farming freed some members of the tribe from the need to go hunting, that could now improve their homes, treat fur to protect them from the weather, etc.
If some people can today devote their lives to activities not strictly related to survival (artists, most scientists, sports, fashion, etc.) is partly because we only need from 5% to 20% of the total workers to work in agriculture to sustain the world (that’s a very rough average, but the point is made).
Reversely, if we want everybody to dress up with the latest trends, we have to shift from hand seaming and knitting to individual loom weaving, and from individual loom weaving to massive, industrial ways of looming, cutting, seaming, boxing and delivering.
Baumol’s cost disease
During the 60s, William Baumol theorized about efficiency and cost in the arts sector coming up with what has been called Baumol’s cost disease. He and William G. Bowen described that, while you can make a craftsman shift from artisan seaming to industrial weaving, it will always take four people to play a string quartet (that’s the marvel of a quartet, mind you!).
We are then to witness how the human labour costs of producing a pair of socks will drop from the cost of some hours (when hand-knitted) to some seconds (when their production is industrialized). A Baroque quartet will, notwithstanding, remain in a fixed figure (and its cost) of four people playing for just and always the same time.
One of the results is that economic activities that can apply labour-saving technologies will increasingly be relatively cheaper than the ones that cannot. In other words, in the 1st century a pair of socks would cost as much as a ticket for the gladiators (I’m guessing here), while in the 21st you could not wear to a concert all the socks you bought for the same money that your ticket cost. A side effect of that is that less “human-efficient” activities push their wages up: while some can make thousands of socks a day, others can only perform a couple of concerts in an afternoon.
There are not many solutions to this “disease”, and the most usual are to increase prices (in relative terms, of course) or to decrease quality (the quartet played without the bass, or the symphony with just a couple of violins and no clarinets).
The industrialization of education
The education suffers Baumol’s disease, and the solutions so far have been both the aforementioned: to increase registration fees and to decrease quality by lowering the ratio teachers/student. In other words, education has been increasingly industrialized to look more like socks production than playing a string quartet. This is an undeniably truth.
But let us not only take a look at the what but at the why or, even more, at the what for.
Unlike opera, that almost everywhere remains very expensive and many times also classy, education is absolutely cheap and definitely popular, especially in Europe, where schools and universities are public or publicly funded. (In Europe again) quality schools and universities are the norm, with just very few of them standing out at the top, and another few lagging off at the bottom.
It is not out of idiocy or stupidity or stubbornness, then, that educational institutions where made the way they are, but to achieve some general purpose goals. And it is just because of that that the system is given oxygen, because the goal is worth a little trade off between individual quality and social equity. Universities and schools might not be as good as we’d like them to, but they are undoubtedly fair.
As Neil Selwyn puts it, we sometimes forget that education is not only about individuals, but about the society.
That said, of course is not only legit but necessary to aim at a transformation and improvement of education. And especially when brand new shiny tools appear that offer so much possibilities. And especially when these same brand new shiny tools are transforming all aspects of our lives whether we like it or not. But… just do not let us look back in anger.
I am proud to announce the 6th Internet, Law and Politics Conference, this time dealing about Cloud Computing and the challenges it poses in the fields of Law and Politicals.
The event will take place in Barcelona, Spain, the 7th and 8th July, 2010. There will be translation in Spanish, Catalan and English and registration is open and free.
Programme
Wednesday 7 July 2010
8.30 am
Accreditations
9.00 am
Welcome
Pere Fabra, UOC Vice President for Academic Organisation and Faculty.
Agustí Cerrillo, Director of the UOC’s Law and Political Science department.
9.30 am
Keynote speech: Privacy in the Cloud, a Misty Topic?
Ronald Leenes, professor, Tilburg University. Moderator: Mònica Vilasau, UOC.
10.30 am
Coffee break
11.00 am
Myths and Realities of Cloud Computing
EyeOS.
Moderator: Ismael Peña (UOC).
12.00 pm
Round table: Key Legal Aspects for Putting your Business in the Cloud.
Xavier Ribas, lawyer, Landwell Global.
Manel Martínez Ribas, lawyer, ID-LawPartners.
Ramon Miralles, Coordinator of Information Security and Auditing, Catalan Data Protection Agency.
Moderator: Miquel Peguera, UOC.
2.00 pm
Lunch
4.00 pm
Round table: Cloud Computing: A New Dimension in Teleworking?
Javier Thibault Aranda, professor at the Complutense University of Madrid.
Carmen Pérez Sánchez, IN3 researcher, UOC.
Javier Llinares, Managing Director, Autoritas Consulting.
Moderator: Ignasi Beltrán UOC.
6.00 pm
Conclusions from the first day.
Karma Peiró, Participation Manager, 3cat24.cat.
Thursday, 8 July 2010
9.30 am
Keynote speech: The Cloud’s Shadow: The State of Freedom on the Net
Karin Deutsch Karlekar, Senior Researcher and Managing Editor, Freedom of the Press Index, Freedom House.
10.30 am
Coffee break
11.00 am
From Electronic Administration to Cloud Administration
Discussion with:
Nagore de los Ríos, Director of Open Government and Internet Communication, Basque government.
Joan Olivares, Managing Director of Catalonia’s Open Electronic Administration Consortium.
Moderator: Agustí Cerrillo, UOC.
12.30 pm
Round table: Cyber-crime prosecution
Rubèn Mora, head of Technologies of Information Security Department, Mossos d’Esquadra.
Francisco Hernández Guerrero, Prosecutor, Andalusia.
2.00 pm
Lunch
4.00 pm
Round table: Citizen Participation in the Cloud: Risk of Showers?
Evgeny Morozov. Yahoo! fellow, Georgetown University’s E. A. Walsh School of Foreign Service.
That was certainly a difficult speech, likely one of the most difficult ones, as the audience was quite Internet-savvy — they’ve been attending and/or organizing activities in the telecentre for years — and, on the other hand, not eager to listen to reality-distant theories.
Thus, I came in with the sole idea of reassuring and bringing some confidence to people that are increasingly using the Internet while still fighting against their — most of the times well founded — reluctances. In this train of though, my points were:
The Internet is not a geek thing;
being online will not disconnect you from other people but, on the contrary, will extend your social network;
there is not an Internet or a social networking site, but plenty of them, depending on how you use and combine the zillion useful applications that are out there for you to benefit from them.
I made up an “Aunt Marjorie” and explained how she spends a simple day: wakes up and reads the papers, goes to the bank, to the doctor’s, etc. Most examples are framed in Spanish, but can easily be extrapolated to many other contexts.
Pros:
Multiple and plural sources of information;
e-commerce and e-banking;
e-administration;
and e-health;
online communities of interest;
e-learning;
specialized or vertical social networking sites;
when online extends to offline, and the online extension of traditional communites;
e-participation, e-democracy;
cyberactivism;
multipurpose, horizontal, leisure or personal social networking sites.
Cons:
Information overload;
echo chambers;
new media literacies;
phishing, pharming and other similar types of cybercrime;
new information literacies;
privacy;
security;
identity.
I want to very sincerely thank Elvira Mora and Fadwa El Harrak for their kind invitation and confidence :)
Wikimedia is about the community, about volunteering. Since the project kicked off in 2001, there have been created 13 million articles in 271 languagesw, 17 million pages, 325 million edits, 330 million visits monthly, 100,000 active contributors (edit 5 times a month at least), over 50 books published on the Wikimedia phenomena, etc. All coordinated by the 27 world chapters of the Wikimedia Foundation, though with only 35 employees.
If we look not at what’s in there, but what people is looking for (visits to the website), some Wikipedias may already be shifting from encyclopedic core to more topical and current events content. On the contrary, though, 1/3 of the hits of the Spanish Wikipedia deals with science and technology content.
Besides current events or news, local content is increasingly searched for. There is also an increase of geotagged content on Wikipedia, thus the interest in local content. As anecdote, it can be said that the second Wikipedia ever created was the Catalan Viquipèdia.
Management model
Provide physical home (servers)
Basic rules
Leave the community work and grow on its own
Power shift to the citizen
Technology: insfrastructure, tools, open source
Cultural Movement: free culture (Linux, Apache), free knowledge
License structure: GNU FDL, Creative Commons (CC-BY-SA)
All in all, the question was that anyone could contribute and the result would be open to everyone.
How do we take care of the community: transparency, trust, thankfulness, respect, responsiveness.
Business Model
Servant-leaders achieve results for their organizations by giving priority attention to the needs of their colleagues and those they serve. Collaboration, communication, culture.
Create a platform, let other people build (i.e. Mediawiki). It happens everywhere: Google, Apple, Amazon, FaceBook, etc. This also applies to Education, as everyone has something to bring on the table. You have to figure out how to make people that know be involved in the process.
Small “workforce” that can adapt to market changes very quickly, plus a virtual larger “workforce”, using the community as research and development.
You have to figure out what you’re good at, and forget about controlling the whole value change. Do not try and do everything. Networks form to address needs: you have to figure out where you fill into that.
Discussion
Ismael Peña-López: would your model be different were the Wikimedia Foundation be Wikimedia “for profit” Corporation? It depends on your project, as everyone is different and there is not a unique model, but leveraging the community might still apply. You definitely have to focus in your goal and where you can contribute best to achieve it. If you’re running a talent based project, you definitely have to share some of the wealth in it. Talent goes where it is appreciated most.
Q: Is it a must to have a professional core? A: It really depends on what you want to achieve. There is definitely not “a” model.
Silvia Bravo: where do we start from? A: Figure out what your goals are and find who’s your champion. Once the project is started, things become easier, but the difficult thing is to start up the project, and the role of the champion is crucial here. Then, you need to create something that people can build things on top of. Make sure you have a clear goal, find out what tools will you be needing and get a champion to promote the project.
Q: how do you deal with security hazards/attacks? A: It is very important to have a clear and shared framework (linked to your goals) that everybody can relate to. And the system works the same way.
Q: what’s the physical structure like? A: only 20 servers [guess I got that right], as most information is only text. But the challenge is how to keep up with changes and still being able to bring the relevant information, which increasingly comes in rich media (photo, sound, video, etc.). That’s why Wikimedia Foundation engages in partnerships with the corporate sector to be ahead of the future.
Llorenç Valverde: how do we engage the community, and invite everyone to add value? A: Culture is the biggest problem. The way collaboration and sharing ideas happens varies a lot depending on the culture, understanding culture not only at the country level, but also at the company level. E.g. if you’re a newcomer to a firm, you might have brilliant ideas but you might not be (self)legitimate to share them openly. Culture is doubtless the toughest part of all.
Llorenç Valverde: so the starting point is to share information within the organization? A: Certainly. Add everybody in the process.
