NYT cloud op-ed
July 22nd, 2009 | by jz | Published in Future of the Internet, Generativity, kindle, Web 2.0 platforms | 6 Comments
Here’s a copy of Monday’s NYT op-ed about cloud computing. The Kindle/Orwell incident broke about ten minutes before the piece closed. (The original new hook, somewhat oddly, was the announcement of the Google Chrome OS — not at all bad in itself, but a milestone on our progression from PC to cloud.)
Lost in the Cloud
Cambridge, Mass.
EARLIER this month Google announced a new operating system called Chrome. It’s meant to transform personal computers and handheld devices into single-purpose windows to the Web. This is part of a larger trend: Chrome moves us further away from running code and storing our information on our own PCs toward doing everything online — also known as in “the cloud” — using whatever device is at hand.
Many people consider this development to be as sensible and inevitable as the move from answering machines to voicemail. With your stuff in the cloud, it’s not a catastrophe to lose your laptop, any more than losing your glasses would permanently destroy your vision. In addition, as more and more of our information is gathered from and shared with others — through Facebook, MySpace or Twitter — having it all online can make a lot of sense.
The cloud, however, comes with real dangers.
Some are in plain view. If you entrust your data to others, they can let you down or outright betray you. For example, if your favorite music is rented or authorized from an online subscription service rather than freely in your custody as a compact disc or an MP3 file on your hard drive, you can lose your music if you fall behind on your payments — or if the vendor goes bankrupt or loses interest in the service. Last week Amazon apparently conveyed a publisher’s change-of-heart to owners of its Kindle e-book reader: some purchasers of Orwell’s “1984” found it removed from their devices, with nothing to show for their purchase other than a refund. (Orwell would be amused.)
Worse, data stored online has less privacy protection both in practice and under the law. A hacker recently guessed the password to the personal e-mail account of a Twitter employee, and was thus able to extract the employee’s Google password. That in turn compromised a trove of Twitter’s corporate documents stored too conveniently in the cloud. Before, the bad guys usually needed to get their hands on people’s computers to see their secrets; in today’s cloud all you need is a password.
Thanks in part to the Patriot Act, the federal government has been able to demand some details of your online activities from service providers — and not to tell you about it. There have been thousands of such requests lodged since the law was passed, and the F.B.I.’s own audits have shown that there can be plenty of overreach — perhaps wholly inadvertent — in requests like these.
The cloud can be even more dangerous abroad, as it makes it much easier for authoritarian regimes to spy on their citizens. The Chinese government has used the Chinese version of Skype instant messaging software to monitor text conversations and block undesirable words and phrases. It and other authoritarian regimes routinely monitor all Internet traffic — which, except for e-commerce and banking transactions, is rarely encrypted against prying eyes.
With a little effort and political will, we could solve these problems. Companies could be required under fair practices law to allow your data to be released back to you with just a click so that you can erase your digital footprints or simply take your business (and data) elsewhere. They could also be held to the promises they make about content sold through the cloud: If they sell you an e-book, they can’t take it back or make it less functional later. To increase security, companies that keep their data in the cloud could adopt safer Internet communications and password practices, including the use of biometrics like fingerprints to validate identity.
And some governments can be persuaded — or perhaps required by their independent judiciaries — to treat data entrusted to the cloud with the same level of privacy protection as data held personally. The Supreme Court declared in 1961 that a police search of a rented house for a whiskey still was a violation of the Fourth Amendment privacy rights of the tenant, even though the landlord had given permission for the search. Information stored in the cloud deserves similar safeguards.
But the most difficult challenge — both to grasp and to solve — of the cloud is its effect on our freedom to innovate. The crucial legacy of the personal computer is that anyone can write code for it and give or sell that code to you — and the vendors of the PC and its operating system have no more to say about it than your phone company does about which answering machine you decide to buy. Microsoft might want you to run Word and Internet Explorer, but those had better be good products or you’ll switch with a few mouse clicks to OpenOffice orFirefox.
Promoting competition is only the tip of the iceberg — there are also the thousands of applications so novel that they don’t yet compete with anything. These tend to be produced by tinkerers and hackers. Instant messaging, peer-to-peer file sharing and the Web itself all exist thanks to people out in left field, often writing for fun rather than money, who are able to tempt the rest of us to try out what they’ve done.
This freedom is at risk in the cloud, where the vendor of a platform has much more control over whether and how to let others write new software. Facebook allows outsiders to add functionality to the site but reserves the right to change that policy at any time, to charge a fee for applications, or to de-emphasize or eliminate apps that court controversy or that they simply don’t like. The iPhone’s outside apps act much more as if they’re in the cloud than on your phone: Apple can decide who gets to write code for your phone and which of those offerings will be allowed to run. The company has used this power in ways that Bill Gates never dreamed of when he was the king of Windows: Apple is reported to have censored e-book apps that contain controversial content, eliminated games with political overtones, and blocked uses for the phone that compete with the company’s products.
The market is churning through these issues. Amazon is offering a generic cloud-computing infrastructure so anyone can set up new software on a new Web site without gatekeeping by the likes of Facebook. Google’s Android platform is being used in a new generation of mobile phones with fewer restrictions on outside code. But the dynamics here are complicated. When we vest our activities and identities in one place in the cloud, it takes a lot of dissatisfaction for us to move. And many software developers who once would have been writing whatever they wanted for PCs are simply developing less adventurous, less subversive, less game-changing code under the watchful eyes of Facebook and Apple.
If the market settles into a handful of gated cloud communities whose proprietors control the availability of new code, the time may come to ensure that their platforms do not discriminate. Such a demand could take many forms, from an outright regulatory requirement to a more subtle set of incentives — tax breaks or liability relief — that nudge companies to maintain the kind of openness that earlier allowed them a level playing field on which they could lure users from competing, mighty incumbents.
We’ve only just begun to measure this problem, even as we fly directly into the cloud. That’s not a reason to turn around. But we must make sure the cloud does not hinder the creation of revolutionary software that, like the Web itself, can seem esoteric at first but utterly necessary later.
Jonathan Zittrain, a law professor at Harvard, is the author of “The Future of the Internet — And How to Stop It.”


July 22nd, 2009 at 5:16 pm (#)
While appreciate your work and love knowing there are vigilant observers like yourself critiquing the liberating and constraining aspects of new technologies, I think you’re underestimating the degree to which cloud computing technologies unleash a whole new level of creativity beyond traditional server deployments.
Wow, that was a mouthful. As someone who has deployed many services on Amazon’s AWS, Google’s App Engine, and Facebook, for the most part these platforms foster far more creativity and even subversion than more traditional methods. That’s the whole point — they let you focus on what’s new in your application rather than on the logistics of setting something up to scale. They’re podiums/microphones/stadiums on the Internet allowing you to broadcast to the world where you’d previously have to settle for your own sidewalk soapbox.
The creativity these platforms unleash is far greater than the creativity they suppress. In the case of App Engine and AWS, it’s hard to fathom just how much they unleash, as we’re just getting started along that path.
-Adam
July 24th, 2009 at 6:00 am (#)
[...] used Twitter to criticize Jonathan Zittrain for what I feel is exaggerated fear-mongering about the corporatization and impending doom of the internet. When you are always searching for what’s perfect it is [...]
July 24th, 2009 at 7:52 am (#)
I like the use of the word “copy” — this is so XXth century.
About the actual paper: I’m afraid Prof. Zittrain is confusing the idea of the cloud with its present reality, i.e. a corporate-controlled cloud. One could imagine a distributed cloud-like structure, where everyone agrees to let 80% of their hard-drive be encrypted with someone else’s files on it, in exchange of the guarantee that their files will never be deleted (thanks to multiple copies on a distributed system). It might not be as efficient as a corporate-controled one, but the technology now being developped for profit will be useful for refuseniks in less then 10 years, well they’ll need to hide something.
July 24th, 2009 at 10:53 pm (#)
Risks? Sure there are. This is new territory, not unlike the early American West: the law will prevail eventually, but at the start of occupying the new frontier added risks came with new opportunities.
I share the views of prior commenters that it’s easy to overemphasize these risks. Two reasons:
(1) When we connected our home computers to the web in the 1990′s we got access to undreamed-of resources, and we assumed new risks (still only partly mitigated via firewalls and software) that our information is vulnerable. Each new frontier, the cloud included, invites new larceny, and eventually, amended regulation and other mitigations combining mutual safety and benefit.
(2) Zvi Schreiber, CEO of G.ho.st, uses a powerful analogy: as children, we store our money in a piggy bank because it was the right combination of security, access, and accountability. As adults, we assume new risks when we move our money in the cloud. We do so for the freedom to access our money from most anywhere. If we’re willing to put our financial capital in the cloud, is it really so strange to park more of our information capital there?
To return to the Wild West analogy, not everyone moved west from settled and better-regulated territories; no one forces us to move to the cloud. We’ll go there as we feel the benefits outweigh the risks. We’ll get it wrong sometimes, as is the nature of risk, but we’ll also fix the worst of the ills, or our new western outpost becomes a ghost town…
August 2nd, 2009 at 7:14 pm (#)
[...] sure I agree with the author. On the other hand Jonathan Zittrain is making a more comprehensive argument linking this Amazon accident to questions about cloud computing as a concept. Here is also Jeff [...]
August 13th, 2009 at 3:39 am (#)
[...] hábitos, sino que será facilísimo regularlos, perseguirlos y condenarlos. ¿Lejano? Como lo señala Zittrain, el Kindle, el Google Chrome OS y el AppStore del iPhone involucran exactamente el mismo [...]