In his post about Amazon & Wikileaks, Krishnan’s position was that Amazon kicking out Wikileaks without a fair legal due process was in fact damaging for those of us who are proponents of the (public) cloud. Krishnan and I were debating this issue last night over Twitter. I disagreed with Krishnan, so I wanted to offer my (opposite) point of view here.
First, some facts we can -hopefully- all agree with:
- Amazon might very well have the right to kick customers from the services as they see fit. I didn’t go over Amazon’s TOS myself and I’m not a lawer, but let’s assume for now that they have the right to do that as that’s one of the things good lawyers will typically insist of.
- Wikileaks has done something that is very controversial and polarizing
- Wikileaks (or their founder, Julian Assange) are being publicly accused by the government of doing something wrong.
- Wikileaks / Assange have NOT been formally accused NOR convicted of any crime (aside from that Swedish matter, but that’s a different story)
Again, this conversation has nothing to do with Wikileaks’ actions – nor with their legality or morality. And it has nothing to do with Amazon’s legal right to kick them out. The point is: will this action have a long-term positive or negative effect on public clouds?
I ‘d argue that in the long-term, this sets a good precedent that will, in the long-run, have a positive impact on public clouds. Why?
Let’s take a look at the scenarios/reasons that might have prompted this action from Amazon:
- Amazon was pressured by the US government to kick Wikileaks out. That speculation was particularly fueled because Sen. Joe Lieberman was the one making this announcement. And well… let’s face it… typically the government is the last one to get on the technology bandwagon. So they only knew about this because…
- Amazon kicked out Wikileaks because of the “political mood in the country”. This is the theory that Krishnan was offering – or basing his post on. The theory goes that Amazon was afraid of being associated with someone so controversial that they decided to kick them out.
- Amazon got rid of Wikileaks for fears of network performance, volume or because the people who launched the DOS attacks might follow them to Amazon’s infrastructures.
Those are the main 3 theories for why Amazon took this action.
Now… could this be bad for cloud vendors in general? Would enterprise customers get SO afraid of putting their data and their online business continuity in the hands of a third party vendor because of the possibility the vendor might take an action similar to Amazon’s? I say no, and here’s why:
If you run a business that the government hates SO much. Then well… you’re better off keeping your data in-house. And out of the country for that matter. For the most part, 99% of the businesses out there are not afraid of pissing the government. Pay your taxes, follow the laws and regulations and you are on the safe side. That’s not to say there are no shenanigans out there. But the US is a pretty good democracy with checks and balances. If you’re in Venezuela, then yeah, you have reason to fear the government. So I don’t think ANY business out there would be thinking: “gee, the feds are out to get me!”. So that takes care of the first scenario.
The second scenario has to do with the political mood. Is your business THAT controversial? Let me make an analogy here. Let’s say you run a bookshop in a mall (or a coffee shop, or whatever). And your landlord rents the store next to you to a strip club. Now, don’t get ahead of ourselves: Strips clubs are legal. So, what do you do? Is that going to hurt your business? Sure. That’s going to hurt the entire strip mall. Now, there’s no “due process” that will save you from that hell. Well, it is the exact same thing with Amazon. I’d say they are just looking for the entire well being of the tenants in their virtual strip mall. If what you do as a business is “mainstream”, then you have nothing to worry about when going to a public cloud.
Lastly, if Amazon got rid of Wikileaks for fear of network performance or attacks… then again, Amazon’s OTHER customers are the ones who benefit by NOT having Wikileaks on the same infrastructure. Let’s go back to my mall example… if one store is gobbling up all the parking spaces – and that foot traffic is not spilling over to the other stores – then all the other tenants loose.
So if I’m a business that is not doing dark/borderline stuff, this whole episode should make me feel more confident in Amazon / public clouds – because they are looking out for me against these external threats I’ve got no control off. And well, if you are a business doing something… let’s just say “different” (whether illegal or not!) then you’ve got bigger things to worry about than who you are going to host your site with.
Lastly, Krishnan also brought another good point over Twitter, which I don’t think got reflected in his post: Where do you draw the line? What prevents you cloud provider from kicking off your dog-grooming site just because the owner happens to be a cat person? It’s a silly example, I know… but I choose that on purpose to illustrate what’d happen if vendors took such “arbitrary” decisions. What prevents them? The market! The market prevents it. Because it’s a free market. There are tons of choices. So companies would be foolish to go that route. But if they do, there would be other choice.
Now, the key here is the word “market”. If Amazon had a de-facto monopoly on cloud services, then my position on this whole issue would be very different… because they would be acting as censors. And that’s a whole different ballgame.
So this whole episode really means nothing for the trust companies can have on cloud computing vendors. Are there going to be some people upset about it that they will no longer want to do business with Amazon? Sure! Are there going to be people who would have not done business with Amazon as long as they were hosting Wikileaks? You bet! You can find examples of both in the comments section of the TechCrunch article that talked about Amazon pulling Wikileaks. But overall, this is not going to mean anything in the long run.
How do I know? Well, this has happened before. This is not the first time. Google does not accept ads about guns. Guns are legal. But they are controversial too. Same with newspapers… they may refuse to carry certain ads depending on their content. And hey… Wikileaks credit card processor also kicked them out. Are people loosing faith in plastic?
It’s going to be alright.
(The article is a guest post by Rodrigo Vaca, currently Senior Director of Marketing at Zoho, previously with Google, Microsoft and SAP. This post reflect his personal opinion, not necessarily that of is employer. )
Related articles
- Wikileaks Booted From Amazon Servers (fastcompany.com)
- Is Amazon Afraid of WikiLeaks Legal Liability? (legallyeasy.rocketlawyer.com)
- Amazon.com: A Profile in Cowardice (criminaljustice.change.org)
- Amazon Bows To US Censorship Pressure: Refuses To Host Wikileaks (techdirt.com)
- Why we removed the WikiLeaks visualizations (tableausoftware.com)
Rodrigo,
There are many fallacies in your reasoning for the three scenarios which I would like to point out here.
1) First, I would like to clarify that I never said that Amazon shouldn’t act if Govt. asks Amazon to take Wikileaks out. It is purely your assumption or your own point. I have clearly told that Amazon can take action after a due legal process which also involves govt. asking Amazon using a court order. Having made my point clear, here is why your first argument is wrong.
Few Senators demanding action on Wikileaks in some committees is not the same as government asking Amazon to take action. If Justice department sends an official request, then it may fall under government asking Amazon category. Clearly, politicians asking about something is different from government asking about the same thing. If Justice department asks Amazon following the established norms and Amazon has taken actions, I wouldn’t be criticizing Amazon. Well, there may be few who will argue against Amazon taking action against Justice dept. requests too. It is an altogether different debate and it is not the focus of our debate here.
2) The example quoted in the second reasoning is wrong. In fact, I may not even agree to the situation you have mentioned but that is my personal opinion. I am not going to talk about it here. Let us just take your example as correct and see how it applies in public clouds. The impact of a strip mall next to a bookstore may be felt by a few customers who see strip malls in a different way but it doesn’t translate into the hosting world. No one asks their service provider to show them the Apache config file to make sure that there are no sites which they don’t like in the same server. In fact, nobody checks if a particular website they are visiting is hosted with a porn site or a bible (ok, Quran/Gita/name any religious book here) site. Unless there is something like a DOS attack affecting their site and the hosting company blames it on the porn site, the site owner himself/herself may not know. Your example is a bad example.
A somewhat better example will be you riding the bus with fellow passengers. You don’t know if the person sitting next to you is convicted criminal. If police stop the bus and asks the driver to let them take the criminal off the bus, the driver is bound to do it. The driver cannot act on his own impulse or based on the suspicions of remaining travelers and kick out a passenger. If the driver and other passengers think that the person is a convicted criminal, they can contact the police and ask them to check if the person has the clean record or not. Even this is fraught with human rights abuses and profiling which we witnessed in the post 9/11 paranoia. A bus driver cannot kick off a passenger whom the driver or other passengers don’t like, in the middle of an interstate travel.
3) Your third reasoning even though valid in the traditional hosting world will boomerang against a public cloud provider. The very selling point about public cloud is the seemingly infinite scalability. If the public cloud provider cannot host other tenants because of DDOS attack on the customer they are hosting, it is as good as hitting the final nail in the coffin of public clouds. This argument is directly falling into the FUD mongering unleashed by pundits and companies knee deep in the traditional IT world. If you are going to make this claim in public, Larry Ellison might want to have coffee with you. Well, today’s Larry Ellison might not do it because he himself want to be associated with (public) cloud providers.
Even if this fact is true, Amazon will never ever admit it because it will be the end of Amazon cloud services.
Regarding the few other examples you have quoted (including Google banning gun ads), I may or may not agree with them politically. Assuming I agree with all the examples you have quoted, I would like to say that those services are different from public cloud services. An individual may not want to buy a book from a bookseller who sells porn. He/she may be able to get the book from another bookseller and if all booksellers sell porn, he/she can live without reading books. You cannot apply this to enterprises vis a vis cloud computing because enterprises are going to put every critical data including data related to their IP and other stuff which can make or break the very existence of their business. This is different from booksellers and search engine examples. Public cloud providers wanting to have enterprise customers are expected to be more responsible and be sensitive to the needs of enterprises. Thatz why we (buy side analysts) advise people to demand strong SLAs. Thatz why many enterprises are reluctant even with strong SLAs. If an individual doesn’t like a bookseller for what they sell, he/she can buy elsewhere or stop reading the books altogether. If enterprises doesn’t like what they are seeing with public cloud providers, they will go back on-premise and the best evolution of computing will, then, be private clouds. As an advocate of public cloud computing, I don’t want this to happen and hence my critical post about Amazon’s action.
I also know that Wikileaks issue can take a polarizing turn. Thatz why I have shown another incident from another provider to argue my point. Please take a moment and see if you can apply the same arguments on that issue. Do you think, for example, if Nancy Pelosi demands that Rackspace should throw out the pastor’s website, it is equivalent to government asking Rackspace to do it? In the wikileaks case too, it is only the politicians who are asking and not the government (at least when Amazon acted on it). That is why I want the cloud providers to act after a legal process (including stuff like Justice dept. approaching with a court order).
I will quote another scenario and you tell me if it is ok. Let us say a webhost in Arizona is hosting a Pro-Immigration website and if the political mood (aka business pressure) is overwhelmingly favoring the removal of the website by the Arizona based webhost. If the webhost takes business pressure into account and throws out that customer, is it a valid thing? It should be valid if we consider your arguments above. Thatz why I see a fallacy in your argument when you generalize that every customer who is looked down by the govt. (let us say in this case Arizona State Govt.) are doing something wrong. British Govt. looked down on Gandhi as a terrorist but he is a hero for many in India. Same is the case with Nelson Mandela in South Africa. When there are DNA evidences which dispute the very conviction by the courts, characterizing someone who is looked down by government as criminal or wrongdoer is plain wrong. This is an overgeneralization.
This incident brings into focus not just strong SLAs but also the cloud customer bill of rights promoted both by Ray Wang (on the SaaS side) and James Urquhart (on the infrastructure side). I think this incident is a good wakeup call for customers wanting to move to public cloud services. It will at least tell them that they need to demand more from the public cloud providers.
Krishnan –
Well.. this is the hard part. Every business decision requires some amount of human judgement, the way you cannot replicate with a hard-and-fast formula. The bottom line is you want to apply a cold, hard mathematical formula to whether a provider is right to kick/take down a site or not.
But it’s not as simple as that. It requires judgement.
In the case of the examples you mention (pastor or immigration site) I don’t know what’s the RIGHT thing to do. But I defend the right those hosters have to kick out anyone they deem against their business interests. I think we both agree on that.
Now let me make a different example for you. Osama Bin Laden takes his credit card, and signs-up with Rackspace, puts a website that says whatever he says on his videos or stuff.
Should Rackspace wait until they get a judicial order to take down the site? C’mon.
Now, back to the original point. The bottom line is – you argue this incident will have a negative impact on the adoption of cloud computing services. I say it will have no impact, or a positive impact.
There’s only way we’ll know for sure – let’s wait and see 🙂
Rodrigo
Again as I told you in the tweet, the point is not about what are the scenarios where one can safely kick out. It is about where we draw a line. My contention is that if the lines can be drawn arbitrarily, it will have a negative effect with the enterprises.
Enterprises are different creatures compared to individual customers. They don’t act based on their political ideology when it comes to making buying decisions but on whether they can trust the cloud provider and rely on them for their very existence. From this perspective, Amazon’s move falls directly into the arguments put forward by FUD mongers in the traditional IT.
Plus, you cannot make a comparison between OBL and Wikileaks (at least when Amazon kicked them out). One can preemptively kick out OBL because he is in the US Government’s most wanted list. Whereas US government has not put the Wikileaks guy or the organization itself in one of their law enforcement databases. Thatz why I am arguing that due legal process is needed to kick someone out. If not, the lines are so blurred that enterprises will not trust the public clouds.
“But I defend the right those hosters have to kick out anyone they deem against their business interests.”
I think this puts a spotlight on the importance of the TPB-trial. Democracy cannot survive if any privat supplier or opinion or governement can take it out in one blow. We need to find torrent-like solutions. Just like resistance does during war time.
Another issue is that of the role of the press (media) in society. Imagine Amazon pulling the plug on Watergate. Deapthroat was not really legal, was he?
Amen. Very well said.
Krishnan –
There is no physical “line” that you can see. There’s no magic formula.
It’s ALL on a case-by-case basis.
And again, my argument is… if Amazon cross this fuzzy, invisible line, the MARKET will take care of it.
Related to this topic – court orders and our legal system are not designed, nor apt for the “instant” world. So there is going to be so pain while we reconcile those differences.
Rodrigo
Thatz exactly my point. When markets take care of it, it will be detrimental to public cloud computing because of the existing enterprise concerns. I don’t care if Amazon goes down due to its action but, as someone who evangelizes public clouds, I care if public cloud computing becomes a non entity because of the actions of currently #1 and #2 providers. Thatz the very point of my post.
No, no. You’re getting the market wrong.
The market will take care of it. Because if that’s something that enterprises value, then THERE WILL be a provider that will take care of those concerns, and not do what Amazon did. IF, on the other hand, Enterprises really don’t care about what Amazon did, for the reasons I outlined above, then such players will not be viable.
Again – I’m not saying there isn’t ANYONE who would like such assurance that if they do anything slippery/controversial they’d be kicked off. I’m just saying… it’s a tiny fraction of customers.
BTW, not to start another debate. But isn’t a “private cloud” sort of an oxymoron? I mean, not all grid computing is cloud, right? If you have your own damn and electric generator in your backyard, well, that’s not the same as having a utility…
Rodrigo
Rodrigo, my opinions are based on what enterprises think about cloud computing, in general, and Amazon Web Services, in particular. Whether we like it or not, Amazon has come to symbolize public clouds. Let Amazon or other leading public cloud providers take such arbitrary actions few more times, we will see what happens.
Re: Private Cloud, it is more about semantics. I am not worried about it. They just want to optimize/automate the internal IT and call it private cloud. Some people take offense to the use of the term. For me, it is more semantics and makes it easy than saying “Highly Optimized and Automated IT Systems With Management” 🙂
I’ll tell you what happens – you don’t need to wait.
If customers are uncomfortable with that, Amazon/others will stop doing do.
If customers don’t mind (as I believe) AND the definition of “arbitrary” is within REASON (and again, I believe this was within reason), then those will continue.