(Not Quite) Antitrust Articles Bundesverdienstkreuz Business Church of IPR Conference DFD DRM EIU EU FAQ Federal Cross of Merit Fellowship Free Software FSF FSFE FTF Fun GNU GPL Hardware Hypes Idiocies IGF Innovation Interoperability KDE Kolab Kolab Systems Kontact Microsoft ODBA Open Standards Politics Switzerland SWPAT Travel UN Vista WIPO WSIS

RSS What I’m doing…

  • greve: @gbraad It gets even better. MindMirror is another application for the same goal, starting from a different point: http://is.gd/Q8BbKN 29. July, 2011
  • greve: @gbraad The #Zanshin that @hook and I are discussing is http://is.gd/1qIrES, does #GTD for !KDE #Kontact, something I've been sorely missing 28. July, 2011
  • greve: @hook I think we urgently need #Fedora packages of #Zanshin. Any takers? ;) 28. July, 2011
  • greve: @aseigo Would love to celebrate !KDE 4.7 tonight in #Zürich like we did 4.3 - but we're still in #Sofia. But you must have a beer for us! 28. July, 2011
  • greve: Very interesting public debate on IT procurement in the UK: http://is.gd/MF9odW http://bbc.in/om6ZvW http://is.gd/G0s0FI (via @Mark_Antony) 28. July, 2011
  • greve: "Flash your boobs for Putin and win an iPad" or "Apple, the oppressors choice since 1984" http://is.gd/uccDzA 28. July, 2011
  • greve: It would be easy to just see this country as filled with grumpy Bulgarians. But there is so much beauty in the detail... #Bulgaria 26. July, 2011
  • greve: Swiss government procures #Microsoft Enterprise Agreement 2012-2014 http://ow.ly/5NzKK #ProductNameGalore #parldigi (by @maemst) 26. July, 2011

Freedom in the “cloud”?

It’s come to the point that I was asked to explain what I consider necessary prerequisites for an open, free, sustainable approach towards what is often called “The Cloud” or also “Software as a Service” (SaaS).

To be honest, it took some time for me to make up my mind on the matter, and I considered many of the inputs that I’ve seen so far, in particular the Franklin Street Statement on Freedom and Network Services to be good enough for some time.

Clearly I’m sympathetic to the fundamental ideas behind Diaspora, ownCloud and so on. In fact, I myself am currently dedicating my life to the creation of a solution that should empower users to take control over some of their most central data – email, calendar, address books, tasks, see “The Kolab Story” – and thus to provide one puzzle piece to this picture.

So yes, I have developed an opinion by now and obviously I see attempts at “openwashing” such as “Open Surface” by Microsoft to be falling dramatically short on several accounts.

So what do I think constitutes a socially acceptable and sustainable approach to “Cloud Computing” or “SaaS”?

I think it may be simpler than what I initially thought. There are two primary points that now seem most relevant to me:

Right to restrict

Users must be able to restrict access to their own data, especially by their service provider. Participating in social networks, or enjoying the convenience of having your data available at all times should never have to come at the price of giving up privacy. So users must be given a choice to restrict access to their data as much as they consider necessary or desirable, from fellow users, and their provider. Similarly, they should never lose the right in their data simply because they use a certain service.

Freedom to leave, but not lose

Users must be able to switch between providers, or even to host their own data, if they so choose. And they must be able to do so without losing their network.

They should still enjoy the same level of interconnectivity and not be penalized for having switched providers in the form of having to convince all their contacts and friends to switch, as well.

Software such as StatusNet which is powering Identi.ca allows to set up your own instance – this is a step in the right direction.

From these follow a couple of necessary conclusions to get to this point:

Free Software necessary, but not sufficient

Free Software is a necessary, but not a sufficient condition. Without the software being Free Software, the Freedom to leave, but not lose is exceedingly hard to implement. So in my view the GNU Affero General Public License (AGPL) is strongly preferred, followed by the GNU General Public License (GPL) Version 3, but ultimately any Free Software license will do. Implicitly therefore I am also not adverse to allowing companies to differentiate themselves to some level on code, as long as that does not violate the principles above.

Decentralized & Federated

In order to allow switching without losing the network, any software in this context should be designed federated and decentralized, based on protocols that allow such interconnectivity as well as re-discovering users that have moved.

Open Standards

In order to facilitate the connection of services and providers, as well as allow for innovation and differentiation, a certain level of freedom to experiment is necessary. So software and services should provide truly Open Standards with ongoing interoperability work through plug-fests and automated test suites which give some indication on how well which services actually interoperate.

Transparent Privacy Policies

In order to have control over data, users first need to understand what they are (or are not) allowing the provider to do, which is typically not the case. Most users have never read the 20 page privacy statements which are written in ways that make telephone books seem an entertaining read. So we need a way to simplify this.

A set of standardized privacy policies, maybe with a simple visualization approach similar to what Creative Commons came up with, would be a very useful step forward here.

No change of policy without explicit consent

And naturally it should be illegal to change privacy policies on users without their explicit consent. They need to know what is changing, and how, and what will be the resulting level of privacy they enjoy – in the same clear, transparent and understandable manner.

Because much of this is fuzzy in the sense of being open to interpretation and evaluation, these will require monitoring, either through existing consumer protection bodies, through antitrust or standardisation groups, an existing or new NGO dedicated to this work, or something else. Off the top of my head I cannot think of a body that has both the mandate and competency to fulfil such a task.

So while I have some ideas, I obviously still don’t have all the answers.

Share this post:
  • Slashdot
  • Digg
  • del.icio.us
  • Identi.ca
  • StumbleUpon
  • Technorati
  • LinkedIn
  • Facebook
  • Google Bookmarks
  • Ping.fm
  • Reddit
  • TwitThis
  • BlogMemes
  • De.lirio.us
  • Furl
  • MySpace
  • Sphinn
  • Mixx
  • Blogosphere News

4 comments to Freedom in the “cloud”?

  • [...] is often called ‘The Cloud,’ or also ‘Software as a Service.’ He gives 7 ingredients that are necessary for freedom in the cloud. For example, ‘it should be illegal to change privacy policies on users without their [...]

  • Bjarni Rúnar

    Good thoughts all around. :-)

    Regarding transparent privacy policies, you might be interested in
    this: http://www.azarask.in/blog/post/privacy-icons/

    One minor quibble: I think that requiring consent before a policy change is perhaps an unreasonable burden. Would not requiring a reasonable notification period (e.g. a months notice) combined with the freedom to leave be sufficient?

  • evanh

    I know it’s common enough to maintain existing customer plans for those still using said plans while not offering it to new subscribers. Even to the point of not even notifying existing customers that there is newer options available.

  • evanh

    To put it mildly, anything short of a consent is an abuse of power.

Leave a Reply




You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>