Ok, maybe thinking of attaching floppy disks to helium balloons in order to ascend data into ‘the cloud’ seems like something your grandmother would do. Obviously all you have to do is tell your MacBook to save your documents on iCloud, or drag your pictures inside the Dropbox folder… and POP! Your data is now on the cloud!
But then? Does it float out and linger somewhere in the space around your laptop or phone until you come back and drag it into your desktop again? The semantics of the term certainly imply so.
Of course, we all know that ‘the cloud’ is not actually a cloud; yet the illusion that it’s somehow essentially immaterial and ephemeral is widespread. Contrary to the distinct connotation of tangibility evoked by most IT terms – such as ‘network’, ‘node’ or ‘web’ – the metaphor of ‘the cloud’ alludes to something unknowable, borderline supernatural.
However, none of this is true. This cloud is not in the sky like all the others, but very much on the ground, as what cloud computing actually amounts to is vast quantities of remote computers that store and process data, so that individuals’ machines don’t have to. It looks like this:
Once we take into account the physical constitution of the cloud, questions of jurisdiction over data and of the sovereignty of nation-states become increasingly nuanced and, inevitably, problematic. But before I delve into how governments ought to administer these complex topics, it’s important we understand just how material cloud computing really is.
As polluting as a cloud can get
Large companies like Google, Amazon and Facebook all own numerous massive data centers. Many of these are located in the U.S., with several others scattered around the world in places where the price of energy is low, climate is ideal and the political situation is stable. Each of these data centers consumes tremendous amounts of energy: in 2014, this totaled 26GW globally. That’s 1.4% of worldwide electrical energy consumption. Moreover, many data centers in Silicon Valley are listed in the state government’s Toxic Air Contaminant Inventory, as, for example, Amazon accumulated twenty-four clean air violations in Northern Virginia over a three-year period. Simply put, the cloud is far from immaterial.
Materiality implies geographical location
From the recognition that the cloud is indeed tangible stems a logical follow-up: where is it tangible, and what does this imply? As I’ve mentioned, although most companies carrying out cloud computing are American, not all data centres are in the U.S.
Take Microsoft. Although much of its data is generated by American users, it is largely stored in data centres in Ireland. Because of this, the company was submitted to an almost three-year-long legal dispute with the U.S. government over the jurisdiction of the data. The government claimed that, given Microsoft could access the data while physically in the U.S., it didn’t matter where it was stored. Microsoft challenged the warrant on the grounds that a search doesn’t happen at the point of accessing the data, but where the data is stored.
In addition to the fact that even the U.S. government fell into the trap of regarding Microsoft’s data as disembodied, this example proves just how politically consequential the materiality of the cloud really is.
In fact, this is further demonstrated by German Chancellor, Angela Merkel, proposing the creation of a ‘European cloud’ to prevent U.S. scrutiny. This would entail a closed cloud system, with data centers located within the European boundaries, thus enabling higher degrees of control over the jurisdiction of data. This marks the onset of what analyst Daniel Castro calls ‘data nationalism’: an emerging phenomenon of wanting information to be stored within a state’s physical borders.
Clouds as de facto states
“Unseen but not placeless,” the cloud has become a new geopolitical layer; one whereby the line between national borders and national ownership becomes increasingly obscured. This is because, as illustrated by the examples above, the cloud simultaneously manifests itself in two orders: as abstract information that effortlessly crosses political borders, and as the geographically anchored data centres that store it.
In addition, the cloud as a geopolitical layer presents itself even more explicitly when it takes on assignments traditionally expected of the government, such as public cartography, legal identity, currency, protocol allegiance, etc.
A clear example was when, in 2010, Google Maps slightly shifted the line marking the border between Nicaragua and Costa Rica, with the result that “troops were summoned and war over the ambiguous territory seemed possible.” As described by Benjamin Bratton in The Stack: On Software and Sovereignty, this episode is one of several indicating that the relative positions between the cloud and the states could be (or is) switching. If kept unleashed, this could lead to geography becoming designated to states by the cloud, rather than vice versa. In an extreme scenario, as Bratton goes on to explain, “clouds become de facto states.”
Precaution in science policy
If all of the above is true, saying that governments around the world should feel threatened would be a colossal understatement, as the very survival of nation-states would be jeopardised.
But what should they do?
The question of whether science policy should turn to regulating cloud computing feeds into an abundant body of literature on the precautionary and proactionary principles. These are ways of structuring policymaking where there is a possibility of or scientific uncertainty about the harms and benefits resulting from a new technology. In the case of precaution, the technology is conceived as guilty until proven innocent, whereas with proaction the technology is innocent until proven guilty.
The cloud is unlike a new drug or climate change, in that it is much more difficult to give an empirical evaluation on what its repercussions might be. Hence, policy-making related to the cloud only truly relies on qualitative analyses and on the ‘possibilities’ of harms and benefits to society. Undeniably, this is subjective and largely political. If regulation were to be implemented on the basis of such precaution, there would be extensive popular upheaval, as the government would be accused of stifling innovation and fostering an anti-technology climate.
Besides, it is also worth considering how disruptive the implementation of such a regulation would be. In addition to fomenting the retrocession of trade liberalisation, regulation would disrupt a market that currently amounts to $246.8 billion. Arguably, our societies and industries are too far locked-into a cloud computing-based infrastructure to turn back without serious chaos.
It therefore becomes increasingly clear that this problem does not present straightforward solutions. Like with most issues in the sphere of science policy, whether we ought to regulate cloud computing boils down to ethical perspectives on innovation. However, I’m not here to propose how exactly governments should act, but rather to unveil the nuances – in particular the geopolitical implications – that should be critically assessed and accounted for in the decision-making process.