All too often in publications we hear of the desire of the US administration to move towards the use of Cloud technologies, with obvious references to Google. However, in Europe there is also ‘some’ activity in this direction. Actually, from the feedback we have been getting from the Public Sector here in Germany, and also from the European Institutions, such as the European Commission, Cloud is firmly on the agenda.
From the European Commission, there are many working groups supported by academia looking into the Cloud phenomenon. There is an excellent document they have produced that can be downloaded outlining the state of play. One of the areas that the Commission has picked up on really well I feel is the idea of preservation of individual rights and privacy where Neelie Kroes, the European Commission Vice-President for the Digital Agenda, clearly states that:
“Cloud computing is more than simply a technical challenge. By putting our personal data on remote servers, we risk losing control over that data. Because the right to the protection of personal data is a fundamental right in the EU, this demands several actions. Fundamentally, the Commission believes that we need further research to enhance the security features of these technologies. And indeed we are funding such research at European level – which looks at "privacy-by-design" and "privacy-enhancing technologies". “
With such a public privacy agenda in mind, the Public Sector has an instrumental role to play in evolving the state of play of the Cloud paradigm on a global scale.
Indeed groups like ENISA, the European Network and Information Security Agency are tackling such themes head-on by collaborating with the private sector to determine best practices.
Across Europe, the Commission tries to create concensus, and in doing so, takes considerable time to reach a conclusion that can be acted upon. However, with their vast resources, things can be made to move quicker in Cloud adoption - when they are finally ready. At the local country level, there are also some clear statements being made. For example the German state of Schleswig-Holstein notes the following:
Applicable law issues
- The legal basis for cloud computing and related processor and controller issues
- Problems associated with the possibility of third-party access
- The minimum requirements for data processor relationships and service provider contracts under the new German data protection law
- Technical and organizational security measures
- The legal landscape for clouds located outside the European Union
“Clouds located outside the European Union are per se unlawful, even if the EU Commission has issued an adequacy decision in favor of the foreign country in question (for example, Switzerland, Canada or Argentina). “
Strong words indeed!
Well it is not all doom and gloom. The mere fact that Cloud is recognized, and being seriously examined at this level of the ether, is encouraging in that future implementations of Clouds for the Public Sector – essentially you and I and the other citizens of the land/zone concerned – will take this level of personal privacy very seriously.
The Public Sector I believe has a serious role to play in enabling Cloud technologies to safely pervade the everyday fabric of society. I am talking about the citizen’s interactions with the State. The idea that we still need to troop off to some bricks-and-mortar building to show our papers, and in return we get..you guessed..another piece of paper - sounds crazy right? The ability of the individual to be able to instantly browse their data records held by all the areas of Government would surely be interesting to you and I.
However, it goes further. The ability to securely interact with your data when visiting say a doctor, and ensuring that whatever doctor you go to, the latest medical details in your file are available when you, and you alone, provide the ‘key’ to that data. The Doctor also needs to provide a 'key' indicating that he/she is a registered Doctor that is allowed to look at patient records with the patients consent.
By linking information at least within the various administrations and instituting the various regimes necessary for highly efficient IT operations, the taxpayer is already being better served. When you get down and think over the processes and linkage points that a citizen has with various Public Sector departments, and the actual need for physical transfer of bits of paper being eliminated, that is a service that should be strived for.
I agree that there are security concerns, but there are also security solutions for protecting data. Everyday, I use a biometric device to login to my laptop, or with an additional RSA SecurID two-factor token key create a secure encrypted connection to the corporate network.
This is used throughout the IT industry (including Public Sector). So why can the everyday consumer not have access to such tokens? Why not be able to combine this with biometric device and provide an ultra-secure link for the citizen to their data with the Public Sector? The technology is there today!
Even the DHL delivery service uses a tablet device to take a signature electronically as receipt of delivery! We, the citizen, don't think twice about that!
User Experience teams, designers of web systems such as at EMC Consulting, and indeed the Private Sector as a whole, can be instrumental to rapidly getting the Cloud infrastructure built and running. The Public Sector always strives for the perfect solution, hence the long deliberations. However, “to err is human; perfection is divinity”, and so the current state of the art can be directly used. We learn along the way, and we evolve!
The Public Sector building out such infrastructures for their citizens, the people they are supposed to serve, provide a valuable jumpstart to citizens to get to use the Cloud, have access to services easily, get near-instant results and generally get in touch with their Cloud roots.
Such a contribution would be akin to the giant strides that road, rail and indeed telephone networks have made in closing that last-mile loop to the consumers and providing universal mobility. The eCommission/eGovernment initiatives and the huge cost reduction programmes underway everywhere would be well served by the Cloud. Public Sector Cloud-enabled services supporting eGovernment, Academia and the Public Health sectors (to name a few) would be radically transformed.
Luckily, there is ongoing dialogue. However the reluctance to move forward and the fear of data security being breached which is just as real in the physical world, can be dealt with.
Small service focused initiatives that can be comfortably moved into the Public Sector Cloud would allow moving up the learning curve.
Indeed, here in Berlin, Germany, we have the old Tempelhof airport, the site of the Berlin Airlift, with its atypical period architecture sitting abandoned. The Cloud could even drive inner city rejuvenation schemes and green initiatives.
Why not transform a small part of this mainly unused airport into a Cloud infrastructure that would buttress the City of Berlin (what I like to call CIT – City IT) and indeed reinforce the heart of government itself. This could be funded jointly by Public-Private sectors. That would be an effective use of tax payers money - instead of building a new datacenter someplace else.
Every major city has some abandoned part that is simply looking for a lease of life. Containerized, pre-assembled Cloud infrastructure units could literally be rolled in and up and running in days. There are so many people looking for secure places to put their data assets, that there would be instant demand.
Backups could be kept there, and only you with your biometric enabled two-factor authentication ‘key’ would be able to access this over the excellent last-mile infrastructure to your home or on the move from anywhere in the world. If this is not allowed, then policies can be set that prevent data going to a specific IP address.
SMB could also, as part of a state run scheme promoting and helping business get on their feet, use this infrastructure, and when stable, also have the choice of moving the data to a public cloud provider or indeed even locally if desired. Setup a business' IT needs in seconds and massively reduce the cost of entrepreneurship!
All this points to the instrumental role that the Public Sector, and their ‘CIOs’ have for transforming the information-centric relationship they have with their citizens – their customers! Set the agenda, drive the information centric future that lies at the heart of a healthy social and economic Europe!