Posts Tagged ‘Cloud computing’

Announcing: The Internet of Things

For those of us who believe that technology is a foundation for all industry – a horizontal feature, not a vertical – the recent interest in The Internet of Things is particularly vindicating.  The Internet of Things or “IoT” for short describes the larger network that is created by the inter-connection of  the traditional Internet and items you use everyday in the offline world.  IoT was mostly relegated to geek speak when it was first coined by a virtual team of RFID technology researchers in 1999, but lately it’s been experiencing a resurgence – as a pithy way to define the interconnected network of online and offline worlds, especially when the scenario involves RFID chips embedded in everyday items, allowing them to “talk” to the Internet.  Real world application? A user can communicate and control an RFID-enabled item – a car or kitchen appliance for example, using their computer or mobile phone.  This is the idea behind some of those really helpful mobile apps – like the one that turns your phone into a remote oven control.

At the moment, the IoT is really just a concept that is being researched and beta’ed. A recent presentation by Don Caprio of McKenna Aldridge suggests that in a decade the picture will be very different, and there will be billions of devices connected to the Internet worldwide.  In the US, the impact will be significant; Caprio estimates that each American will own at least 50 internet-enabled items, most of which will be “tagged” to that specific users.  Currently, the Internet could not handle this volume of web-enabled device traffic.  For IoT to progress from vision to reality, there must be “widespread deployment” of the next version of internet protocol – IP v.6 – which will allow for billions of additional, unique IP addresses.   This will involve considerable investment by the private sector – investment that probably won’t happen until regulators decide how to approach the big policy issues implicated by the IoT’s expansion – interoperability, data flows across jurisdiction, copyright, and of course, privacThis probably sounds familiar –  the scenario is similar to the current discussions around what should constitute effective regulation of cloud computing.

The implications for marketers and retailers are enormous.  The persistent harvesting of data at all points of customer contact – website, RFID-enabled device and retail stores – will help online marketers develop comprehensive customer profiles that will be worth their weight in gold to advertisers.  Retailers are already aware of the possibilities; Macy’s and Best Buy recently signed development deals for mobile, location-based applications that would “enhance the brick and mortar experience” by providing access to discounts and other promotions to offline shoppers.

But the privacy concerns posed by the IoT are enormous too.  A recent New York Times article discussed the probability of “online redlining” – where products and services are offered to some, but not all customers, based on usage data and statistical predictions.  Another recent article talks about how retailers use data to track spending habits – truly, the era of big brother surveillance in retail has already arrived.  These are just two examples of where the connection between online and offline worlds could result in more consumer harms than benefit.

Regulators are starting to awake to the connection.  Last week, Neelie Kroes, Commissioner for the EU’s Digital Agenda, spoke publicly about how an IoT might unfold and what policies would advance its development.  Her remarks followed on the recent announcements of  the EU’s Digital Agenda – which include increasing R&D for the relevant technologies that support advanced Internet deployment and adoption and increasing user trust in broadband technologies.  I have yet to see the IoT referenced publicly by a US regulator (I don’t recall it being raised in the recent FTC privacy workshops – but correct me if I’m wrong).  The issue is addressed to some degree in the discussion draft of federal privacy legislation that’s currently being circulated by Congressmen Rick Boucher and Cliff Stearns; the bill’s requirements apply equally to online and offline activities, and requires an explicit user “opt-in” before using location-based information for ad-targeting.

If anything, the IoT and the myriad privacy concerns raised by tracking an individuals use of everyday items are a helpful reminder that privacy concerns are not limited to the online world alone.   Indeed, if we want users to trust in this growing network of online and offline systems, then regulators must start treating the IoT as part of the Internet as a whole. And while online-specific issues – most prominently data privacy and security – have shaped much of the discussion around what constitutes adequate “information” privacy, it’s likely that offline issues will begin to influence the discussion.  As Jennifer Barrett of Acxiom, one of the nation’s largest data brokers, recently stated “the clear distinction that we had a number of years ago between online and offline [marketing methods] is blurring.”

What’s next? Perhaps we’ll look to Commissioner Kroes for the last word.  When asked whether she had a specific plan to support the IoT, Kroes borrowed another term – this time from Spanish author Antonio Machado – saying simply:  “”We have no road. We make the road by walking.”  I think that’s code for more discussions, more workshops, and definitely more speeches on the topic.


Law & Policy in the Cloud: A Murky Forecast

March 15, 2010 1 comment

Tomorrow, the FCC will announce its broadband plan, designed to catapult the United States into a fully wired (or wireless) society.  If successfully executed, the plan will created millions of well paying jobs – in infrastructure, and in services to support a new online ecosystem.  Information and data reaped from broadband activities will continue to transform products and services.  In about a decade, broadband – not the telephone – will serve as the communications backbone of our nation.

To achieve this goal however, we need to have laws and regulations that dictate how broadband is built, accessed and delivered.  Surprisingly, the FCC’s jurisdiction to regulate broadband is in question – and a final determination on this answer could take years, possibly decades of litigation.  In addition, there is continued regulatory uncertainty around the use of the data that is intended to flow across these vast broadband networks – particularly data that is stored away from the user’s desktop and in the cloud.

Indeed, the current state of law and policy – particularly as it relates to cloud computing – is definitely murky.  That was the consensus of most experts at a terrific conference hosted last Friday by Berkeley’s Center for Law & Technology entitled Emerging Law & Policy Issues in Cloud Computing. A threshold question, echoed by both Rich Sauer of Microsoft and Michele Dennedy of Sun, is which jurisdiction’s laws should apply to data stored in the cloud.

The inherent, “multi-tenant resourcing” nature of cloud computing provides the incredible efficiency gains that are driving business to the cloud today.  It also means that your data may be stored and transacted on a US server – or a server located outside of the US.  It’s hard to know exactly where the data is at any given moment. This poses some definite problems, particularly when you consider the divergent nature of the global laws governing data privacy and security.

Earlier this month, for instance, the German constitutional court struck down a 2008 law that required retention of certain information for law enforcement purposes (including the deterrence of terrorism) on the basis that it conflicted with Germany’s Constitution.  As Professor Thomas Fetzer of the University of Mannheim explained, the concept of human dignity is paramount under the German Constitution and trumps all other laws (including that of the European Union or other European countries). Under this formulation, an individual must be able to control his or her data at all times.  On the other end of the spectrum there’s China, which has warned of “consequences” for Google or any other company that does not filter search data.

Choice and transparency have emerged as two best practices for cloud companies. As companies encourage users to store their most valuable data – medical, financial, etc. – in the cloud, the choice of where that data sits will become even more important for jurisdictional purposes.  But as we also know, consumers today have limited knowledge about what data is being gathered about them and how that data is being used.  It’s hard to exercise choice when you don’t know what it exactly it is that you are choosing.

So what’s the next step for cloud companies that want to stay competitive in this space but also not run afoul of laws and regulations?  I think there are at least two opportunities that companies should be supporting:

Opportunity #1: Educate your Consumer

Since most consumers don’t know how data about them is collected, manipulated and stored, there appears to be a great opportunity for companies and regulators to join forces and resources to educate consumers about the issue.  The recent German action alluded to above, was brought – not by a competitor – but by a class of over 35,000 German consumers.  Unless consumers understand the benefits of how data can transform our commercial, personal and human experiences, it will be hard for cloud companies to press for relaxed regulations on data privacy and security issues.  An upcoming opportunity may present itself in the “digital literacy corps” that will be proposed in the FCC’s Broadband Plan tomorrow.

Opportunity #2: Advocate for Baseline Guidance

It’s clear that there are wide gaps between US laws and the laws of other nations when it comes to cloud computing.  That said, there appear to be some common principles – gleaned from the EU Data Privacy Protection Act and certain FTC guidances for example – that could define how companies provide notice to consumers, regardless of which jurisdiction in which they sit. In fact, the FTC could set up an advisory process – similar to what is already seen under the Children’s Online Protection Act, to provide a safe harbor and incentives for companies that put resources into this type of activity.

The cloud is definitely here to stay and it’s likely that the laws of the physical world will continue to struggle with its non-physical contours.  Remaining competitive in the cloud is important for any company doing business today – particularly as web technologies transform traditional industries.  Regulatory considerations are an important part of that competitive matrix.  Also important is being upfront with consumers about what type of data is being gathered and how it will be used.  It’s a great opportunity – to shape perceptions about an important computing trend that is transforming our lives, while also advocating for the types of laws and regulations that will preserve the innovation that continues to be a hallmark of the cloud space.

What could be more clear?

Categories: Uncategorized Tags: , ,

Cloud for the government, by the government (with video).

September 15, 2009 Leave a comment

Launched today, the federal government’s cloud solution – – is designed to help government agencies harness the flexibility, scalability and innovation provided by cloud services.  Even if you aren’t a federal agency looking to purchase apps online, the site is worth visiting to understand the approach of the Obama White House to cloud technologies.  The explanatory video illustrating the benefits of cloud computing is brilliant – with a different background theme, it could be mistaken for one of the more instructive episodes of Schoolhouse Rock.  Most importantly, the video clearly spells out how the Obama White House defines cloud technologies while highlighting its benefit for government: scalability (pay as you go), ease of implementation, reliable service with 24/7 support, freed up resources and of course, environmental sustainability.

Plus, opens up the market for smaller, innovative companies to market their applications to government clients.  This is significant when you consider that the government currently spends $75 billion annually on IT. Portions of the site have yet to be populated – you cannot yet store data or host proprietary web applications through GSA’s Cloud IT services (but these offerings are coming soon).  What you can do – as a federal or affiliated state agency is purchase applications through existing GSA contractors, including offerings from Google and  Also featured – in the site’s specially designated “social media apps” section are links to numerous free applications that are being offered directly by companies like Blip TV, Socrata, and Slide Share.

Also interesting is how well the site works towards the goal of centralizing purchasing and research of IT services across federal agencies.  As federal CIO Vivek Kundra said today, “[I]n these tough economic times, the federal government must buy smarter.”  Centralizing purchases is standard business practice in large corporations and organizations, but amazingly, yet to be adopted by the federal government.  I wish them well in this noble endeavor.  For more, read Kundra’s blog post at, which includes some insights on how the White House plans to approach the important and unresolved subject of privacy and security in the cloud.