Clive Gringras of Olswang LLP provides a brief history of cloud computing and explains its modern day impact on how companies store data and metadata, and the principal role lawyers will play in overseeing user information security and innovative service level agreements.
To appreciate why the “cloud” is the future of computing, one must understand a law of economics coined in 1890 and learn what happened around the same time at 57 Holborn Viaduct in London, England.
In 1890, Alfred Marshall finished a decade’s work. His eight-volume Principles of Economics was finally ready. Those who read the fourth volume were introduced, for the first time, to the concept of “economies of scale”. Marshall’s analysis, then novel, was that in some trades “in which a man gains no very great new economies by increasing the scale of his production, it often happens that a business remains of about the same size for many years, if not for many generations.” These could be contrasted with trades
“in which a large business can command very important advantages, which are beyond the reach of a small business. A new man, working his way up in such a trade, has to set his energy and flexibility, his industry and care for small details, against the broader economies of his rivals with their larger capital, their higher specialization of machinery and labour, and their larger trade connection. If then he can double his production, and sell at anything like his old rate, he will have more than doubled his profits. This will raise his credit with bankers and other shrewd lenders; and will enable him to increase his business further, and to attain yet further economies, and yet higher profits: and this again will increase his business and so on. It seems at first that no point is marked out at which he need stop.”
In other words, there are some trades – some businesses – that are better when bigger. They deliver a better service than lots of smaller businesses. They can deliver the same or higher quality at a lower cost than those smaller businesses.
At the same time as Marshall was at Cambridge University writing his economics treatise, Lord William Armstrong, the founder of Newcastle University, was “lounging idly about, watching an old water-mill” when it occurred to him how powerful the water would be if “concentrated in one column”. Harnessing this power led Armstrong to build the world’s first hydroelectric power station. In 1878, it lit one lamp in the gallery of Cragside House in Northumberland. Word spread. Other houses and offices, where near flowing water, started to copy Armstrong’s innovation. Each house or office would build their own energy collection system and install their own dynamo, draping wires throughout the house to the one or two lamps that their production could illuminate.
It did not stop there, as we know. Thomas Edison took these small installations to their next level. In 1882 Edison installed Europe’s first public power station – right in the middle of London – at 57 Holborn Viaduct. This lit over a thousand lights across homes and offices. Marshall’s economies of scale were working their magic with electricity.
As Marshall wrote: “It seems at first that no point is marked out at which [man] need stop.” China has the best illustration of there being no need to stop. In July 2012, the China Three Gorges hydroelectric power plant finally opened after a 10-year construction project involving tens of thousands of workers and billions of dollars of investment. This hydroelectric plant is considered to be the world’s largest. Unlike Armstrong’s gentle water-mill, Three Gorges uses the force of 370 miles of water plummeting over a one-mile dam to generate its power. Enough power to serve over one-tenth of the UK’s entire needs.
In 100 years we have moved from hundreds of small, individual, homes generating their own power to having a collection of massive power stations each generating energy for consumption by billions of people. With electricity, bigger simply is better. It’s easier to maintain, regulate and police one large station than thousands of little ones. Because the marginal costs decrease with the size of the plant, the costs to consumers can fall even as security and efficiency advances are made by its owner.
Cloud computing is now where electricity was in 1890. There are homes and offices across the world each protecting and supporting their own data storage device. Hundreds of millions of television set-top boxes and video recorders purr quietly in homes across the world – each hosting gigabytes of storage. The more sophisticated homes (our equivalent of Lord Armstrong’s Cragshead House) have network-attached storage drives – portforwarding through their owners’ routers to allow access across the internet. There are also the Holborn Viaducts of this digital era trying to persuade these homes and offices to stop supporting their own storage and buy it, like they do with electricity, from a supplier. Amazon, Google and Microsoft provide remote storage and processing power – “cloud computing” – mainly to enterprises. Add Apple’s iCloud to that trio and you have the four largest suppliers of cloud computing to consumers – music, video, photos and documents can all be stored remotely.
Microsoft announced in February 2012 that it is expanding its Irish data centre to 415,000 square feet of servers. That’s over five football pitches of data storage. But it will only need 50-70 people to support and run the whole operation. Count how many technicians work to support the in-house servers that operate your firm or your client’s computing. Forget jargon and technology. It’s the unchallenged law of the economies of scale that will drive the costs down of Microsoft’s Azure and Amazon’s Elastic Compute Cloud (EC2) whilst driving up the relative costs of keeping one’s own servers in the “IT room”.
But just as Holborn Viaduct faced regulation from the Electricity Act of 1884, so our regulators have their eyes on cloud computing. Then it was about electricity cables passing local authority borders; this time it is about data passing out of a country’s borders. The draft Data Protection Regulation is concerned with personal data passing outside of the EU’s borders into regimes that do not provide adequate protection for that data. If one was to read the many articles about cloud computing one might come away thinking that personal data is the only dataset sitting in the cloud. This is not true, and we will increasingly see cloud services powering all the computing tasks and processing all the data that we currently have on-premise. Lawyers will need more than a good knowledge of data protection alone to advise on cloud deals.
Just as most businesses cannot function without computers, as their computing power is moved to the cloud, they will become more concerned with the service levels that their cloud providers deliver. Power cuts are a very rare occurrence, and users of cloud services are equally demanding similar “rare occurrences” of downtime for their cloud computing services. Cloud providers that merely provide “as is” uptime guarantees rather than the “four nines” type of guarantees will find themselves sidelined for business-critical services. As with the electricity market, competition for cloud services is intense and providers will compete not only on price but also on service availability. Lawyers will need to understand how to negotiate these sorts of service level agreements and be wise to providers’ definitions of downtime that exclude certain times of the day or periods under a certain duration.
The legal profession will also need to be ready for the free movement of data between cloud providers. Just as any appliance will work when it is plugged in, regardless of the electricity supplier, and just as the debate between AC, DC and voltages is over, so customers of cloud services expect their data to be portable. The providers that will earn respect from customers are those that have the confidence to allow the customer’s data to be exported after termination. And the data that the customer has access to should be not merely the data they uploaded but also the metadata that the cloud’s servers also host.
Security is another area where customers have high expectations. Competition between cloud providers should drive up the levels of security being offered to cloud customers. Users of cloud services have to trust that a cloud provider is treating their data with high standards of care. Standards like ISO/IEC 27001:2005 should become the norm, and customers will be insisting that these meet the physical, logical, process and management controls as a minimum.
It’s the century-old law of economies of scale that will drive cloud computing deeper into our homes and offices.