INTRODUCTION:

I will not get into legalese, as this is but a conceptual take on the topic.  I came across the following New York Times article,[1] which posed the question “Is It Time to Break Up Google?”  That article had been cited by a more recent one that spoke of the dominant market positions of the so-called FAAAN stocks (described as Facebook, Amazon, Alphabet, Apple and Netflix) or sometimes FAANG stocks (Facebook, Amazon, Apple, Netflix and Google), and the potential need to limit or dismantle them for such reasons as to protect the consumer, or to better protect against the loss or misuse of personal data, or to maintain market integrity, investment and productivity, and dynamism through vigorous multiparty competition.[2]  I will use FAAAN and FAANG interchangeably.

 

This is the language of competition regulators – avoiding monopolies, carefully watching oligopolies, and protecting the consumer from any entity that would abuse its dominant position in the market to take advantage of them.  There are competing schools in different regulator domains, however, as one side says that competition spurs innovation (European Union stance), whilst the other side appears more comfortable with FAAAN entity market shares than it was with those in telecommunications, oil and gas, and railways (United States stance).[3]  The Standard Oil Company, which maintained a 90% market share for twenty years, is often cited as the posterboy for monopoly power in the United States – but was it really so villainous?[4]  In any case, before we apply a solution, we must first answer 3 essential questions:

 

  1. What, exactly, are these FAAAN entities allegedly dominant in?
  • Facebook has a leading position in social media, through its control of Facebook Messenger, WhatsApp, and Instagram (and now sharing control, with Alphabet/Google, of approximately 56% of the U.S. market for mobile advertising).[5]
  • Amazon has a leading position in e-commerce, with its ubiquitous shopping portal (now handling approximately 30% of all U.S. e-commerce sales),[6] and in the provision of cloud hosting and data centre services.
  • Alphabet/Google has a leading position in online search, online video through its control of Youtube, and in the revenue yield from online advertising (now earning approximately 78% of all U.S. search advertising revenues).[7]
  • Apple has a leading position in smartphones wearables, and tablets, through its iPhone (now accounting for approximately 60% of global smartphone sales),[8] iPad, Watch, Mac, and MacBook lines.
  • Netflix also has a leading position in “over the top” (OTT) movie, performance, and documentary streaming (now reaching approximately 75% of all U.S. streaming service viewers).[9]

 

Are these indications of dominance, we ask, or just a solid and perhaps (for now) unassailable lead in markets resoundingly disrupted?

 

“Movies and television could become like opera and novels, because there are so many other forms of entertainment. Someday, movies and TV shows will be historic relics. But that might not be for another 100 years.”[10]

 

For example, all of these FAAAN stocks, other than Apple, may be especially dominant in the United States, but with the U.S. share of global e-commerce expected to fall from 20.7% in 2016 to 16.9% in 2020, while China’s share of it rises from 47% to 59.5% in the same period,[11] then given the restrictions on market entry into China,[12] how can any current such “dominance”, persist?

 

Microsoft is also sometimes mentioned as a market dominator, with its leading positions in operating system software, desktops and mobile, cloud hosting, big data, analytics, and online storage through its data centres; as is Uber, with its stated goal to dominate the ride-hailing space on a global scale.

 

  1. What, precisely, is the market or who, precisely, is the consumer that these FAANG entities are allegedly dominating?

Let us now start to break things down a little further, step by step.

 

VERTICALS –

I think we can all agree that there are three consumer verticals: government, business, and generic consumers – meaning neither of the preceding two verticals.  From there, however, things can get quite tricky, with this hierarchy of 3 verticals, then 5 sectors, then 30 groups, and finally, their many included elements.  Of course, each regulator or group of regulators assessing these entities, has its own domain, such as the United States (with its long tradition of Antitrust regulation), Canada (with its long experience in near oligopolies for financial services and telecommunications), Russia and China (with growing experience in competition regulation, and where Uber recently partnered with Yandex in Russia,[13] and earlier with Didi Chuxing in China,[14] for ride-hailing, or “on-demand transportation”), and the European Union (where Facebook,[15] Alphabet/Google,[16] Apple,[17] and Microsoft,[18] have all had run-ins with the local Competition regulator).

 

In the investing community, there are a number of ways to segment the market.  The diversified Standard & Poor’s 500 Index uses 11 market sectors,[19] and the NASDAQ (technology-heavy) index follows the Industry Classifications Benchmark (ICB) system, to create ten market sectors.[20]  There is some overlap between these two, but the Toronto Stock Exchange (energy and financial services- heavy) index has just seven market sectors.[21]  Personally, I have long used a modified schema of about 16 sectors, but I think it is time to change the whole approach because these FAAAN / FAANG entities have disrupted much, will continue to do so, and have spawned a whole series of ecosystems of disruptors that cross sectoral boundaries, serve multiple verticals, and make a mockery of most if not all commonly used methods of market and competition analysis, including clear regulatory categorization, for purposes of finding and assessing the impact of a dominant position.  This is collectively the “gig” -economy of on-demand piecework, tempwork, and peer-to-peer transacting that circumvents big businesses, with “gig” now having a U.S. labor market share now estimated at 34% and projected to rise to 43% by 2020.[22]

 

Hence, my analytical proposal is this:

 

 

SECTORS –

We start with 5 very broad sectors, and then break things down further.  Those five sectors, are: General Goods and Services; Specialized Goods and Services; Digital Tools, Applications and Services; Social Infotainment; and the Gig e-conomy.

 

GENERAL GOODS AND SERVICES SECTOR:

Here, I have placed the 8 key groups of Government, Manufacturing and Industry, Materials, Oil and Gas, Retail and Wholesale, Security, Transportation, and Utilities.

Government, is further divided across the 5 elements of: regulation; education and tutoring; standard setting; libraries and archives; and dispute resolution and keeping the peace.

Manufacturing and Industry, are further divided across the 5 elements of: aerospace and defence; construction and engineering; transportation and utilities infrastructure; technology, hardware, communications equipment and components and peripherals; and services.

Materials, are further divided across the 5 elements of: paper and forest products; metals and mining; construction materials and components; advanced materials; and CAD-CAM, and GIS and other services.

Oil and Gas, are further divided across the 5 elements of: oil and gas services; drilling and equipment; transportation and storage; refining, trade, plastics and chemicals; and other.

Retail and Wholesale, are further divided across the 5 elements of: leisure; household durable and furniture; household discretionary and personal products; retail (multiline and specialty); and luxury goods, apparel, and textiles.

Security, is further divided across the 5 elements of: national security and defence; societal security and emergency management; physical and industrial safety and security, and emergency management; personal safety and security, and incident response; and virtual security, and incident and event management.

Transportation, is further divided across the 5 elements of: public transportation networks; commercial transportation networks; carriage for hire and ride-hailing; personal and shared mobility properties; and drones and autonomous vehicles.

Utilities, are further divided across the 5 elements of: electric and gas; wind, solar, and water; nuclear; biomass and multi-utility; and other.

 

 

SPECIALIZED GOODS AND SERVICES SECTOR:

Here, I have placed the 8 key groups of Conglomerates, Financial Services, Food, Health and Wellness, Information Communications Technologies, Information and Data Techniques, Personal Services,  and Shelter.

Conglomerates, are further divided across the 5 elements/variants of: food, beverage, and consumer products; information communications technologies and information and data techniques; leisure, property, and transportation; technology, industry, and manufacturing; and services.

Financial Services, are further divided across the 5 elements of: consumer, trade, and business banking and finance, and cash and payment provision and processing; mortgages, home equity lines of credit, and real estate investment trusts; financial planning and advising, and portfolio and asset management; trusts and estates; and insurance and reinsurance.

Food, is further divided across the 5 elements of: crops; kept animals and kept animal products; beverages and other consumables; wholesale, retail, and restaurant; and processing, packaging, and distribution.

Health and Wellness, is further divided across the 5 elements of: medical and surgical services; medical and surgical equipment; pharmacology; mental and spiritual health; and fitness and alternatives.

Information Communications Technologies, are further divided across the 5 elements of: publishing, and printed media; cable, over-air, over the top, and satellite television; radio and satellite radio; fiber optics, telephone, and voice over internet protocol; and audio-visual and peripherals.

Information and Data Techniques, are further divided across the 5 elements of: collection and collation; privacy, security, and anonymization; storage and retrieval; transactions and analysis; and disposal.

Personal Services, are further divided across the 5 elements of: professional services; personal assistants, managers, and agents; virtual assistants; crisis, wardrobe, image and media consultants; and household staff.

Shelter, is further divided across the 5 elements of: single family; multi-family; mobile accommodations; hotel, motel, cruise and resort; and plant, office, maintenance and janitorial.

 

 

DIGITAL TOOLS, APPLICATIONS, AND SERVICES SECTOR:

Here, I have placed 8 key groups, and without any further division across elements because the developed and developing options are still far too broad to be coherently and comprehensively captured, if ever.  These 8, are:

  • Consumer Software, and Productivity applications.
  • eBooks, eNews, and other eMedia.
  • eCommerce.
  • eLearning.
  • Employment and Contracting.[23]
  • Entity Clouds and data centres for Big Data, storage, hosting, managed solutions, and analytics.
  • Online advertising, including by profile, location, nearfield communication, and radiofrequency identification;
  • Online search, mapping and geo-tagging or tracking, and navigation.

 

 

SOCIAL INFOTAINMENT SECTOR:

Here, I have placed the 2 key groups of Hardware; and Services.

Hardware, is further divided across the 5 elements of: phones; tablets; desktop devices; virtual and augmented reality; and content creation through interactive and autonomous devices with and without artificial intelligence.

Services, are further divided across the 5 elements of: standard and streaming live theatre, motion pictures, and video; standard and streaming live concerts, performance arts, and audio; social and chat, and introductions and networking; gaming, group casts, and similar interactions; and content creation, experiential learning, and immersive transactions.

 

 

GIG E-CONOMY SECTOR:

So now, let us use a “gig” e-conomy approach to assess the dominance issue across the preceding market sectors.  I think that you may well find yourself agreeing that there is no dominance at play, and that the competition is still quite healthy across the board.  Here, I have placed those “on demand” goods and services available through rapidly advancing technology that are or may be applicable.  Please note that no single person can possibly name all members of any subgroup and the Apps and Bots of competitors, as they multiply, morph, and merge on both daily and intraday bases; but I will, however, try to give sufficient coverage to convey the depth, breadth, and scope of offerings available.[24]

 

On-demand General Goods and Services, and their related providers or aggregators would be found here, such as Baidu Baike, The Canadian Encyclopedia, Encyclopedia Britannica, Encyclopedia.com, The Free Dictionary.com, Wikipedia and World Book Online (Government: libraries and archives); 3D printers (Materials: CAD-CAM, and GIS and other services); Alibaba, Amazon, Costco, WalMart, and Yandex (Retail and Wholesalewhole group); AppRiver, Bitdefender, Symantec/Norton, Kaspersky, McAfee, and Webroot SecureAnywhere Antivirus (Security: virtual security); and Uber, Lyft, Ourbus, Didi Chuxing, BlaBlaCar, and Yandex (Transportation: carriage for hire and ride-hailing).

 

On-demand Specialized Goods and Services, and their related providers or aggregators would be found here, such as Apple, Alphabet and Microsoft (Conglomerates: Information communications technologies – smartphones of iPhone, Pixel and Lumia, along with Watch, Mac, iPad, Surface, OneNote, and the operating systems of iOS, macOS, Linux, Android, Windows, and other solutions based on non-proprietary or open-source code); Amazon and Microsoft (Conglomerates: information and data techniques – cloud services); Consumer, trade, and business banking and finance (Financial Services: portals and standalone Apps of the major banks, worldwide, along with Fintech disruptors like rate.com and Kreditech); Android Pay, Apple Wallet, Bitcoin, Etherium, LG Pay, Microsoft Wallet, Samsung Pay or Samsung Pay Mini, Yandex Money, Alipay, PayPal and Stripe[25] (Financial Services: smartphone-based and web-based cash and payment provision and processing); Fund Razr, Indiegogo, Kickstarter, GoFundMe, AngelList, and CrowdCube (Financial Services: Consumer, trade, and business banking and finance); AlphaStreet, MyLo, Robinhood, and WealthBar (Financial Services: financial planning and advising, and portfolio and asset management); Deliveroo, Grubhub, Just-eat, Postmates, Door-Dash, UberEATS, Amazon, and Instacart (Food: processing, packaging, and distribution); SiriusXM and free AM/FM radio around the world[26] (Information Communications Technologies: radio and satellite radio); Netflix, Spotify, NotJustOk, YouTube, Hulu, Sling, HBO, and Amazon (Information Communications Technologies: cable, over-air, over the top, and satellite television); Google, Alibaba, Yandex, Amazon Web Services, Facebook, Tencent, Microsoft Cloud/Azure (Information and Data Techniqueswhole group, as also listed in Conglomerates, above); Monster, LinkedIn, Upwork, TaskRabbit (Personal Services: – whole group); Airbnb, Love Home Swap, Onefinestay (Shelter: hotel, motel, cruise and resort); and Handy, Homejoy, Merry Maids, Molly Maid, Life Maid Easy, and Bee Clean (Shelter: plant, office, maintenance and janitorial).

 

On-demand Digital Tools, Applications, and Services, and their related providers or aggregators would be found here, such as Apple’s App Store, Google’s Play Store, Adobe, Corel, Microsoft/Windows, Etherium, Intuit and QuickBooks (Consumer software and productivity applications); Amazon Kindle, Voyage, and Oasis, Barnes & Noble Glowlight, Nook, and Touch, and the Kobo and Aura (eBooks); Amazon, Alibaba, Costco, Craigslist, DaWanda, eBay, Etsy, Shopify, WalMart and Yandex (eCommerce); ADrive, Apple iCloud, Box, Dropbox, Google Drive, iDrive, Media Fire, Mozy, Microsoft OneDrive, and PhotoBucket (Entity Clouds – storage); Accenture Cloud Hosting Services, Amazon Web Services, CSC Cloud Computing Services, Canadian Cloud Hosting, Canadian Web Hosting, CenturyLink, Cloud Sigma, Dimension Data Cloud Surround, Distil Networks, Fujitsu Cloud Solutions, Google App Engine/Cloud Platform, Helion Public Cloud, Lunacloud, Microsoft Azure/Cloud, OpenShift, OpenStack Cloud, Rackspace, Softlayer, Verizon Terremark, ViaWest KINECTed Cloud, and VMware (Entity Clouds and Data Centres for Big Data, hosting, managed solutions, and analytics); Google, Facebook, Snap, Twitter and Youtube (online advertising, including by profile, location, nearfield communication, and radiofrequency identification); and Google, Baidu, and Yandex (online search, mapping and geo-tagging or tracking, and navigation).

 

On-demand Social Infotainment, and their related providers or aggregators would be found here, such as Apple iOS/macOS ecosystems, Blackberry smartphones and data centres, Facebook Oculus Rift, Google Android ecosystem along with Cardboard, Daydream Viewer, and robotics and autonomy, HTC Vive, Huawei smartphones, LG smartphones, Microsoft Windows ecosystem along with HoloLens and Windows Mixed reality, Samsung Gear and robotics and autonomy, Sony Playstation VR and robotics and autonomy, Linux, and other environments and platforms created using open source or non-proprietary code (Hardwarewhole group); Netflix, NotJustOk, Spotify, YouTube, Hulu, Sling, HBO, Pokemon, and Amazon (Serviceswhole group); and Facebook, WhatsApp, Tencent, WeChat, Vodi, Instagram, LinkedIn, Monster, Match.com, Lavalife, eHarmony, and Zoosk (Services – social, chat, and introductions and networking; gaming, group casts, and similar interactions; and content creation, experiential learning and immersive transactions.  You may have noticed that “on-demand Social Infotainment” anticipates content creation by both the hardware makers and the service providers with ever more collaboration, hence the lines become consumers and producers of content have become irrevocably blurred and blended.  Similarly, the gig e-conomy’s “on-demand social infotainment” and “on-demand digital tools, applications, and services” sectors rely upon one another for continuity – the social infotainment needs all that the digital has to offer, and the digital feeds the rising ubiquity of the social infotainment.

 

  1. Considering the above and now fuller picture of the competitive landscape, is any one of these FAAN/FAANG entities really dominant in any meaningful way?

The answer to this, must therefore be a resounding No. There are a number of groups in which a few players have literally occupied the entire field.  However, in no place is there only one entity.  Clearly, then, competition is alive and fierce in all sectors and groups, as laid out in this analytical scheme.

Any Facebook domination alleged for social media fades away with the diversity of competitors and offerings found within the converged gig e-conomy’s “on-demand social infotainment”;

Any Amazon domination alleged for e-commerce and for search, fades away with the diversity of competitors and offerings under the converged gig e-conomy Sector’s “on-demand general goods and services”, and “on-demand specialized goods and services”.

Any Alphabet/Google domination alleged for online search, online video, and online advertising revenue yield, fades away with the diversity of competitors and offerings under the converged gig e-conomy’s “on demand digital tools, applications, and services”.

Similarly, any Apple domination alleged in smartphones, wearables and tablets, fades away with the diversity of manufacturers and operators found in the converged gig e-conomy sector’s “on-demand specialized goods and services”, as conglomerates offering information and communications technologies, and undertaking information and data techniques.

Finally, any Netflix domination alleged for “over-the-top” (OTT) movie, performance, and documentary streaming, fades away with the diversity of entities competing to deliver services within the converged gig e-conomy’s “on-demand social infotainment”.

 

 

SUMMARY:

It is only if, and when, well-funded market operators start to occupy whole sectors (in the new schema laid out here), taking out whole swathes of their competitors and content providers[27] in Pacman “gig”-abites to become the sole players in many of the specific groups within those sectors, that we should start to worry about abuse of dominant positions, monopolies, and over-concentration in the control of personal data[28] – incessant data breaches[29] and global ransomware events,[30] notwithstanding.

 

Perhaps, you agree now?!

 

********************************************************************

 

Author:

Ekundayo George is a lawyer and sociologist.  He has also taken courses in organizational and micro-organizational behavior, and gained significant experience in regulatory compliance, litigation, and business law and counseling.  He has been licensed to practise law in Ontario and Alberta, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America.  See, for example: http://www.ogalaws.com.  A writer, blogger, and avid reader, Mr. George has sector experience in Technology (Telecommunications, e-commerce, Outsourcing, Cloud), Financial Services, Healthcare, Entertainment, Real Estate and Zoning, International/cross-border trade, other services, and Environmental Law and Policy; working with equal ease and effectiveness in his transitions to and from the public and private sectors.  He is a published author on the National Security aspects of Environmental Law, has represented clients in courts and before regulatory bodies in both Canada and the United States, and he enjoys complex systems analysis in legal, technological, and societal milieux.

 

Trained in Legal Project Management (and having organized and managed several complex projects before practising law), Mr. George is also an experienced negotiator, facilitator, team leader, and strategic consultant – sourcing, managing, and delivering on complex engagements with multiple stakeholders and multidisciplinary teams.  Team consulting competencies include program investigation, sub-contracted procurement of personnel and materials, and such diverse project deliverables as business process re-engineering, devising and delivering tailored training, and other targeted engagements through tapping a highly-credentialed resource pool of contract professionals with several hundred years of combined expertise, in: healthcare; education and training; law and regulation; policy and plans; statistics, economics, and evaluations including feasibility studies and business cases; infrastructure; and information technology/information systems (IT/IS) – also sometimes termed information communications technologies (ICT).  See, for example: http://www.simprime-ca.com.

 

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”) including employees, agents, directors, officers, successors & assigns, in whole or in part for their content, accuracy, or availability.

 

This article creates no lawyer-client relationship, and is not intended or deemed legal advice, business advice, the rendering of any professional service, or attorney advertising where restricted or barred.  The author and affiliated entities specifically disclaim and reject any and all loss claimed, no matter howsoever resulting as alleged, due to any action or inaction done in reliance on the contents herein.  Past results are no guarantee of future success, and specific legal advice should be sought for particular matters through counsel of your choosing, based on such factors as you deem appropriate.

 

[1] Jonathan Taplin.  Is It Time to Break Up Google?  Published on nytimes.com, April 22, 2017.  Web: >https://www.nytimes.com/2017/04/22/opinion/sunday/is-it-time-to-break-up-google.html?_r=2<

[2] David McLaughlin.  Are Facebook and Google the New Monopolies?: QuickTake Q&A.  Published on Bloomberg.com, July 12, 2017. Web: >https://www.bloomberg.com/news/articles/2017-07-13/antitrust-built-for-rockefeller-baffled-by-bezos-quicktake-q-a<  See also Ayanna Alexander.  Mobile App Location Sharing Brings Awesome Opportunities, Privacy Fears.  Published on bna.com, July 11, 2017.  Web: >https://www.bna.com/mobile-app-location-b73014461529/<

[3] Ramsi Woodcock.  EU’s Antitrust ‘War’ on Google and Facebook Uses Abandoned American Playbook.  Published on observer.com, July 14, 2017.  >http://observer.com/2017/07/eus-antitrust-war-google-facebook-uses-american-playbook-margrethe-vestager-european-union/<

[4] Alex Epstein.  Vindicating Standard Oil, 100 years later.  Published on dailycaller.com, May 13, 2011.  Web: >http://dailycaller.com/2011/05/13/vindicating-standard-oil-100-years-later/2/<

[5] David McLaughlin.  Are Facebook and Google the New Monopolies?: QuickTake Q&A.  Published on Bloomberg.com, July 12, 2017. Web: >https://www.bloomberg.com/news/articles/2017-07-13/antitrust-built-for-rockefeller-baffled-by-bezos-quicktake-q-a<

[6] Ibid.

[7] Ibid.

[8] Ibid.

[9] Sarah Perez.  Netflix reaches 75% of US streaming service viewers, but YouTube is catching up.  Published on techcrunch.com, April 10, 2017.  Web: >https://techcrunch.com/2017/04/10/netflix-reaches-75-of-u-s-streaming-service-viewers-but-youtube-is-catching-up/<

[10] Joe Nocera.  Can Netflix Survive in the New World It Created?  Published on nytimes.com, June 15, 2016.  Web: >https://www.nytimes.com/2016/06/19/magazine/can-netflix-survive-in-the-new-world-it-created.html<

Quoting Reed Hastings – Chairman of the Board, President, Chief Executive Officer, Netflix.

[11] Patrick Seitz.  Move Over FANGs, China’s BAT Stocks Go From Copycats To Fat Cats.  Published on investors.com, July 14, 2017.  Web: >http://www.investors.com/research/industry-snapshot/move-over-fangs-chinas-bat-stocks-go-from-copycats-to-fat-cats/?src=A00220&yptr=yahoo<

[12] IdSee also infra, note 14.

[13] Eric Auchard and Anastasia Teterevleva.  Uber and Yandex to combine ride-hailing in Russia and beyond.  Published on reuters.com, July 13, 2017.  Web: >http://www.reuters.com/article/us-uber-tech-m-a-yandex-idUSKBN19Y10V<  The new entity will operate regionally, in Russia, Armenia, Azerbaijan, Belarus, Georgia and Kazakhstan.

[14] Scott Cendrowski.  Uber Had No Way Out of China Except Through a Merger With Didi.  Published on fortune.com, July 31, 2016.  Web: >http://fortune.com/2016/08/01/uber-didi-merger/<

[15] Jason Aycock.  Facebook eases into crosshairs of EU antitrust watchdogs.  Published on seekingalpha.com, July 3, 2017.  Web: >https://seekingalpha.com/news/3276761-facebook-eases-crosshairs-eu-antitrust-watchdogs<

[16] Peter Sayer.  EU Competition Commissioner spells out priorities: Google as Alphabet is still under investigation.  Published on pcworld.com, October 26, 2015.  Web: >http://www.pcworld.com/article/2997529/android/eu-competition-commissioner-spells-out-priorities-google-as-alphabet-is-still-under-investigation.html<

[17] Sean Farrell and Henry McDonald.  Apple ordered to pay €13bn after EU rules Ireland broke state aid laws.  Published on theguardian.com, August 30, 2016.  Web: >https://www.theguardian.com/business/2016/aug/30/apple-pay-back-taxes-eu-ruling-ireland-state-aid<

[18] Charles Arthur.  Microsoft loses EU antitrust fine appeal.  Published on theguardian.com, June 27, 2012.  Web: >https://www.theguardian.com/technology/2012/jun/27/microsoft-loses-eu-antitrust-fine-appeal<

[19] These 11 S&P 500 market sectors are: Energy, Materials, Industrials, Consumer Discretionary, Consumer Staples, Health care, Financials, Real Estate, Information Technology, Telecommunications Services, and Utilities.

See S&P 500 Factsheet – Sector Breakdown.  Published on ca.spindices.com and visited on July 13, 2017.  Web: >http://ca.spindices.com/indices/equity/sp-500<

[20] These 10 NASDAQ market sectors are: Oil and Gas, Basic materials, Industrials, Consumer Services, Consumer Goods, Healthcare/Financials, Technology, Telecommunications, and Utilities.  See NASDAQ Composite Index – COMP Fact Sheet – Industry Breakdown.  Published on nasdaqomx.com and visited July 13, 2017.  Web: >https://indexes.nasdaqomx.com/Index/Overview/COMP<

[21] These 7 TSE market sectors are: Clean Technology, Diversified Industries, Energy and Energy Services, Life Sciences, Mining, Real Estate, and Technology.  See The Toronto Stock Exchange, Sector and Product Profiles.  Published on tsx.com and visited July 13, 2017.  Web: >http://tsx.com/listings/listing-with-us/sector-and-product-profiles<

[22] Patrick Gillespie.  Intuit: Gig economy is 34% of US workforce.  Published on money.cnn.com, May 24, 2017.  Web: >http://money.cnn.com/2017/05/24/news/economy/gig-economy-intuit/index.html<

[23] Including this as a standalone group has become a necessity, thanks to the enabling rise of the “gig” e-conomy.  See e.g. Nick Wells. The ‘gig economy’ is growing — and now we know by how much.  Published on cnbc.com, October 13, 2016.  Web: >http://www.cnbc.com/2016/10/13/gig-economy-is-growing-heres-how-much.html<

[24] All names and marks mentioned herein are and remain the property of their respective owners, and no good or service or provider of same that is mentioned or omitted or referenced whether in whole or in part within this article or within its attached notes is either endorsed or disdained.

[25] Memberful.  Stripe vs PayPal: Who should you choose?  Published on memberful.com and visited on July 15, 2017.  Web: >https://memberful.com/blog/stripe-vs-paypal/<

[26] John-Erik Koslosky.  Sirius XM’s Strongest Competition May Surprise You.  Published on fool.com, September 12, 2015.  Web: >https://www.fool.com/investing/general/2015/09/12/sirius-xms-strongest-competition-may-surprise-you.aspx<

[27] Nick Wingfield and Michael J. de la Merced.  Amazon to Buy Whole Foods for $13.4 Billion.  Published on nytimes.com, June 16, 2017.  Web: >https://www.nytimes.com/2017/06/16/business/dealbook/amazon-whole-foods.html<

[28] Business Leader.  Google dominates search. But the real problem is its monopoly on data.  Published on theguardian.com, April 19, 2015.  Web: >https://www.theguardian.com/technology/2015/apr/19/google-dominates-search-real-problem-monopoly-dataSee also Ben Thompson.  Facebook and the Cost of Monopoly.  Published on stratechery.com, April 19, 2017.  Web: >https://stratechery.com/2017/facebook-and-the-cost-of-monopoly/<

[29] Dave Burton.  Minimize “Dwell Time” to Cut the Cost of Data Center Breaches.  Published on infosecisland.com, October 20, 2016.  Web: >http://www.infosecisland.com/blogview/24835-Minimize-Dwell-Time-to-Cut-the-Cost-of-Data-Center-Breaches.htmlSee also Jessica Davis.  Former Bupa employee posts 1 million records for sale on dark web.  Published on healthcareitnews.com, July 14, 2017.  Web: >http://www.healthcareitnews.com/news/former-bupa-employee-posts-1-million-records-sale-dark-web<   See Generally Ekundayo George.  Cybersecurity: Its not just about “B” for Bob, but also eCommerce, Structure, and Trust.  Published on ogalaws.wordpress.com, November 3, 2014  Web: >https://ogalaws.wordpress.com/2014/11/03/cybersecurity-its-not-just-about-b-for-bob-but-also-ecommerce-structure-and-trust/<

[30] Jesse McKenna.  WannaCry: How We Created an Ideal Environment for Malware to Thrive, and How to Fix It.  Published on infosecisland.com, July 12, 2017.  Web: >http://www.infosecisland.com/blogview/24941-WannaCry-How-We-Created-an-Ideal-Environment-for-Malware-to-Thrive-and-How-to-Fix-It.html<

ECJ

INTRODUCTION:

On October 6, 2015,[1] the Court of Justice of the European Union (ECJ) declared invalid a decision of the European Commission on July 26, 2000[2] that had, pursuant to the relevant EU data protection law,[3] granted and acknowledged safe harbour for certain United States entities when transferring the personal data of European Union citizens to, and processing and storing that data within the United States. The case had been referred to the ECJ for a preliminary ruling from the High Court of Ireland, with a subsequent non-binding Opinion from the ECJ Advocate General, Yves Bot,[4] that the ECJ eventually followed.

CASE HISTORY:

The case began when Maximilian Schrems, an Austrian Citizen (and law student at that time), spearheaded a group to file a complaint with the Irish Data Protection Commissioner (DPC)[5] against Facebook Ireland Ltd, which is the company’s European headquarters. When Billy Hawkes, the Irish DPC rejected the case,[6] Schrems and his group sought and were granted judicial review at the High Court of Ireland.[7] Citing pre-emption on the key issues by European law, Mr. Justice Hogan adjourned the case pending referral to the European Court of Justice (ECJ).[8] Those key issues were: (a) whether the Edward Snowden revelations of 2013[9] revealed such a wholesale (both actual and potential) lack of compliance with European law that the U.S. Safe Harbour provisions with regard to transferring the personal information of European Citizens were essentially invalid; and (b) whether EU member states were bound by controlling EU privacy laws regarding those safe harbours, or free to pursue their own investigations into allegations of privacy breach or other non-compliance as and when needed, and were then subsequently able to suspend data transfers if they violated EU laws and/or EU citizen rights. Advocate General Bot had opined in the affirmative on both of these points,[10] and the ECJ agreed.

IMPLICATIONS:

Being effective immediately and with no grace period (or period of suspended invalidity as would likely have been applicable in Canada,[11] were the matter heard under Canadian jurisdiction),[12] the ruling immediately put the businesses and business practices of thousands of entities in legal jeopardy for their reliance on an invalid law. Fortunately for all, the European Union’s 28 national data protection authorities, acting through their Article 29 Working Party, issued an October 16, 2015 statement[13] encouraging those entities impacted by the ruling to negotiate, establish, and implement their own interim measures to ensure compliance with the ruling, including, in a later Q&A compliance release of November 6, 2015, that they “consider putting in place any legal and technical solutions to mitigate any possible risks they face when transferring data”;[14] assuring European businesses and citizens that privacy and data protection remained key elements of European law, and that they would issue further guidance at a national level, but at a later date; and implying quite strongly, that coordinated enforcement actions might issue if an appropriate successor framework could not be negotiated with the United States by the end of January, 2016.[15] That specific “deadline” language, read:

“If by the end of January 2016, no appropriate solution is found with the US authorities and depending on the assessment of the transfer tools by the Working Party, EU data protection authorities are committed to take all necessary and appropriate actions, which may include coordinated enforcement actions.”[16]

Essentially, then, the Commissioners agreed to implement a suspended enforcement as they could not retroactively seek or secure any period of suspended invalidity from the ECJ, and nobody had asked for one to be considered on the possibility of such a decision resulting. It would have been interesting to read the ECJ views on Canadian and other such precedent …. Perhaps we’ll read that some other time!

For now, we watch as companies scramble to “not” comply with this newly invalid law;[17] we wait for both that national European guidance (whether or not uniform or coordinated);[18] and we follow – to the extent made public – negotiations between the United States and Europe up to January 31, 2016. There may already be light at the end of that negotiation tunnel, as two identical bills – H.R.1428[19] in the House of Representatives (now passed by the full House), and S.1600 in the United States Senate[20] may eventually grant the United States District Court for the District of Columbia (USDC, DC) exclusive jurisdiction to hear foreign citizens’ privacy breach complaints against federal (not state) government actors of the United States. But, only the President can sign any final version of either Bill, into law.

In addition, the matter – now transferred back to the Irish High Court for further deliberations, may still result in a finding that Facebook cannot provide adequate data privacy protections for European citizens. If again referred or appealed to the ECJ, and upheld, Facebook’s European operations might cease under subsequent enforcement actions in one or many European jurisdictions on such a ruling.

And so, one way or the other, we wait![21]

*****************************************************************

Author:

Ekundayo George is a lawyer and sociologist. He has also taken courses in organizational and micro-organizational behavior, and gained significant experiences in regulatory compliance, litigation, and business law and counseling. He is licensed to practice law in Ontario and Alberta, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America. See, for example: http://www.ogalaws.com. A writer, blogger, and avid reader, Mr. George has sector experience in Technology (Telecommunications, eCommerce, Outsourcing, Cloud), Financial Services, Healthcare, Entertainment, Real Estate and Zoning, International/cross-border trade, other services, and Environmental Law and Policy; working with equal ease and effectiveness in his transitions to and from the public and private sectors. He is a published author on the National Security aspects of Environmental Law, has represented clients in courts and before regulatory bodies in both Canada and the United States, and he enjoys complex systems analysis in legal, technological, and societal milieux.

Trained in Legal Project Management (and having organized and managed several complex projects before practicing law), Mr. George is also an experienced negotiator, facilitator, team leader, and strategic consultant – sourcing, managing, and delivering on complex engagements with multiple stakeholders and multidisciplinary teams. Team consulting competencies include program investigation, sub-contracted procurement of personnel and materials, and such diverse project deliverables as business process re-engineering, devising and delivering tailored training, and other targeted engagements through tapping a highly-credentialed resource pool of contract professionals with several hundred years of combined expertise, in: Healthcare; Education & Training; Law & Regulation; Policy & Plans; Statistics, Economics, & Evaluations including feasibility studies; Infrastructure; and Information Technology/Information Systems (IT/IS) – also sometimes termed Information Communications Technologies (ICT). See, for example: http://www.simprime-ca.com.

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”) including employees, agents, directors, officers, successors & assigns, in whole or in part for their content, accuracy, or availability.

This article creates no lawyer-client relationship, and is not intended or deemed legal advice, business advice, the rendering of any professional service, or attorney advertising where restricted or barred. The author and affiliated entities specifically disclaim and reject any and all loss claimed, no matter howsoever resulting as alleged, due to any action or inaction done in reliance on the contents herein. Past results are no guarantee of future success, and specific legal advice should be sought for particular matters through counsel of your choosing, based on such factors as you deem appropriate.

[1] Schrems (Judgment) [2015] EUECJ C-362/14 (06 October 2015), [2015] EUECJ C-362/14, [2015] WLR(D) 403, EU:C:2015:650, ECLI:EU:C:2015:650. Online: http://www.bailii.org/eu/cases/EUECJ/2015/C36214.html

[2] Commission Decision 2000/520/EC of 26 July 2000 pursuant to Directive 95/46/EC of the European Parliament and of the Council on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce (OJ 2000 L 215, p. 7)

[3] Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (OJ 1995 L 281, p. 31).

[4] Case C-362/14 Maximillian Schrems v. Data Protection Commissioner [2015] EUECJ C-362/14, Opinion of AG Bot (23 September 2015). Online: http://www.uni-muenster.de/Jura.itm/hoeren/itm/wp-content/uploads/C0362_2014-EN-Opinion.pdf

[5] RTE News. Data Protection Commissioner says no action will be taken against Apple and Facebook. Published on rte.ie, July 26, 2013. Online: http://www.rte.ie/news/2013/0726/464770-data-protection/

[6] Id.

[7] Schrems v. Data Protection Commissioner [2014] IEHC 310 (18 June 2014). Online:http://www.bailii.org/ie/cases/IEHC/2014/H310.html

[8] Ruadhán Mac Cormaic. High Court refers Facebook privacy case to Europe. Published on irishtimes.com, June 19, 2014. Online: http://www.irishtimes.com/business/technology/high-court-refers-facebook-privacy-case-to-europe-1.1836657

[9] Barton Gellman. Edward Snowden, after months of NSA revelations, says his mission’s accomplished. Published on washingtonpost.com, December 23, 2013. Online: >http://www.washingtonpost.com/world/national-security/edward-snowden-after-months-of-nsa-revelations-says-his-missions-accomplished/2013/12/23/49fc36de-6c1c-11e3-a523-fe73f0ff6b8d_story.html

[10] Supra note 4.

[11] Schachter v. Canada, [1992] 2 S.C.R. 679 at 715-16, 1992 CanLII 74 (SCC) per Lamer, CJ. Online: http://scc-csc.lexum.com/scc-csc/scc-csc/en/item/903/index.do

A court may strike down legislation or a legislative provision but suspend the effect of that declaration until Parliament or the provincial legislature has had an opportunity to fill the void. This approach is clearly appropriate where the striking down of a provision poses a potential danger to the public (…) or otherwise threatens the rule of law (…). It may also be appropriate in cases of underinclusiveness as opposed to overbreadth. For example, in this case some of the interveners argued that in cases where a denial of equal benefit of the law is alleged, the legislation in question is not usually problematic in and of itself. It is its underinclusiveness that is problematic so striking down the law immediately would deprive deserving persons of benefits without providing them to the applicant. At the same time, if there is no obligation on the government to provide the benefits in the first place, it may be inappropriate to go ahead and extend them. The logical remedy is to strike down but suspend the declaration of invalidity to allow the government to determine whether to cancel or extend the benefits. (Citations omitted).

[12] As I wrote in an earlier blog post, Canadians are very much aware of the challenges of international data governance and transnational privacy protection. See e.g. Ekundayo George. In who’se pocket is your data packet? – International Data Governance. Published on ogalaws.wordpress.com, February 6, 2013. Online:

https://ogalaws.wordpress.com/2013/02/06/in-whose-pocket-is-your-data-packet-international-data-governance/

[13] Article 29 Working Party (Art. 29 WP). Statement on the implementation of the judgement of the Court of Justice of the European Union of 6 October 2015 in the Maximilian Schrems v Data Protection Commissioner case (C-362-14). Brussels, October 16, 2015. Online: http://ec.europa.eu/justice/data-protection/article-29/press-material/press-release/art29_press_material/2015/20151016_wp29_statement_on_schrems_judgement.pdf

[14] European Commission – Fact Sheet. Q&A: Guidance on transatlantic data transfers following the Schrems ruling.

MEMO/15/6014. Brussels, November 6, 2015. Online: http://europa.eu/rapid/press-release_MEMO-15-6014_en.htm

[15] Supra, note 13.

[16] Id.

[17] See e.g. supra, note 14.

[18] Technology executives and politicians alike have even warned that if these concerns over, and an increasingly vocal resistance to, targeted and/or bulk collection of personal data through government surveillance continue to “trend”, we may very soon see a real splintering of the internet into several disparate and walled-off variants. See e.g. Stephen Lawson, IDG News Service. Jitters over US surveillance could break the Internet, tech leaders warn. Published on itworld.com, October 8, 2014. Online: http://www.itworld.com/article/2825590/security/jitters-over-us-surveillance-could-break-the-internet–tech-leaders-warn.html

[19] First introduced in the United States House of Representatives (the “House”) on March 18, 2015 by Representative F. James Sensenbrenner, a Wisconsin Republican, the HR.1428 Bill is officially known as The Judicial Redress Act of 2015, and has a stated purpose “[t]o extend Privacy Act remedies to citizens of certified states, and for other purposes”. Online: https://www.congress.gov/bill/114th-congress/house-bill/1428/all-info

[20] First introduced in the United States Senate (the “Senate”) on June 17, 2015 by Senator Christopher S. Murphy, a Connecticut Democrat, the S.1600 Bill has now been referred (as H.R.1428) to the Senate Judiciary Committee, but it is yet to be considered and voted upon by the full Senate. Online: https://www.congress.gov/bill/114th-congress/senate-bill/1600/all-info

[21] *Reserved (pending further news).

The Internet of Things (IOT – also referred to as Machine to Machine communication, or M2M) is well on its way to reality, with a wide range of market penetration predictions and potential verticals for the savvy and aggressive providers who aim to tame it.  Intel projects 2015 uptake to be 3.8 billion devices globally; whilst 2020 projections are 30 billion devices from ABI Research, and 50 billion devices with “$14.4 “trillion in bottom-line potential”, from Cisco Systems.[1]  There were some very early movers, such as the European Union, for example, which established an Internet of Things (IOT) Working Group on August 10, 2010.[2]  Three years later, the United States Federal Trade Commission (FTC) has already initiated an enforcement action against an IOT service provider due to flawed security and false claims and misrepresentations in advertising.[3]  Now, following last year’s 4th EU, IOT Conference,[4] regulators and industry everywhere, are swiftly strategizing and paving the way forwards:

(1) In South America, IoT World meets in Brazil, was held in São Paulo, from May 21-24, 2013;[5]

(2) In the Middle East, The M2M Middle East Forum, was held in Dubai, UAE, on September 22-23, 2013;[6]

(3) In North America, The 2013 M2M and Internet of Things (IOT) Global Summit, was held in Washington, D.C. from October 1-2, 2013;[7]

(4) In Africa, The 1st Workshop On The Internet Of Things (IOT 2013), is now scheduled for October 7, in East London, South Africa;[8]

(5) In Europe, The Internet of Things World Forum, is now scheduled for November 12-13, 2013, in London, UK;[9]

(6) In Asia, The Internet of Things Asia 2014 Exhibition and Conference, is now scheduled for April 21-22, 2014, in Singapore;[10]

The fact remains, however, that myriad options exist for vertical and horizontal exploitation of this space, and the same number of options – apparently subject to multiplication by itself – exists in the form of coordination, regulation, optimization, protocols, and security.  As a result, and due to the need to develop common understandings and definitions across these 6 (“six”) centers of gravity, we have devised and provided the within Table of 7 elements (on the X-axis), times 30 elements (on the Y-axis), as a conceptual framework for industry and regulators within and between these 6 centers of gravity, to utilize on internal deliberations and joint consultations.  Just select a coordinate where X and Y meet, conceptualize the kind(s) of IOT/M2M offering that would fit there, and strategize on the most appropriate or most preferable “iPages” for it or them (see note 2, below).  We hope it helps!

X-Axis (BUSCOPF):

BIODIVERSITY;

UTILITIES;

SECURITY;

CULTURE;

OFFICE;

PROJECTS/POLICIES;

FINANCE.

Y-Axis (SCOPE):

SERVICES (6):

-General/Government

-Regulated

-Integrated

-Personal/Apparel

-eBusiness

-Shared/Social

 

CONTROLS (5):

-Structure

-Product

-Infrastructure

-Emergency

-System

 

OPERATIONS (7):

-Supply/Logistics

-Communications

-Humanitarian

-Entry/Egress

-Municipal/Medical

-Economic/Exchange

-Scientific

 

PRODUCTS (7):

-Personal/Apparel

-Regulated

-Infotainment

-Networked

-Consumer

-eBusiness

-Shared/Social

 

EVALUATIONS (5):

-Efficiencies

-Insurance Risk

-Gathered Data

-Health & Safety

-Threats & Alerts

 

©2013. S’imprime-ça (Ottawa, Canada). http://www.simprime-ca.com.  Free “BST” use, duplication, and distribution is permitted if including this attribution block verbatim.

 *********************************************************************

Author:

Ekundayo George is a sociologist and a lawyer.  He has also taken courses in organizational and micro-organizational behavior, and has significant experienced in business law and counseling (incorporations, business plans, contracts and non-disclosure agreements, teaming and joint venture agreements), diverse litigation, and regulatory practice.  He is licensed to practice law in Ontario, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America (U.S. business advising, outsourcing and cross-border trade, technology contracts, and U.S. financing).  See, for example: http://www.ogalaws.com.  A writer, blogger, and avid reader, Mr. George has sector experience in Technology (Telecommunications, eCommerce, Outsourcing, Cloud), Financial Services, Healthcare, Entertainment, Real Estate and Zoning, International/cross-border trade, other Services, and Environmental Law and Policy.  He is a published author on the National Security aspects of Environmental Law.

Mr. George is also an experienced strategic consultant; sourcing, managing, and delivering on large, strategic projects (investigations, procurements, and consulting engagements) with multiple stakeholders and multidisciplinary project teams.  See, for example: http://www.simprime-ca.com.

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”) including employees, agents, directors, officers, successors & assigns, in whole or in part for their content, accuracy, or availability.

This article creates no lawyer-client relationship, and is not intended or deemed legal advice, business advice, the rendering any professional service, or attorney advertising where restricted or barred.  The author and affiliated entities specifically disclaim and reject any and all loss claimed, no matter howsoever resulting as alleged, due to any action or inaction done in reliance on the contents herein.


[1] Alyssa Oursler, InvestorPlace Assistant Editor.  Morgan Stanley Gushes on the Internet of Things.  Analysts take a deep dive into the trend with 29-page note.  Published on investorplace.com, September 30, 2013.  Web: http://investorplace.com/2013/09/csco-morgan-stanley-internet-of-things/

[2] Euroalert.  Expert Group on the Internet of Things set up.  Published on euroalert.net, August 11, 2010.  Web: http://euroalert.net/en/news.aspx?idn=10271 This Expert Group now has 6 (“six”) sub groups, being one for each of identification, privacy, architectures, governance, ethics, and standards (I would call this “iPages“).  A Summary of their 10th Meeting in Brussels, Belgium, in November 2012, is available here: http://ec.europa.eu/information_society/newsroom/cf/dae/document.cfm?doc_id=1747

[3] See e.g. Paul.  With Settlement, FTC Issues Warning On IP-Enabled Cameras.  Published on securityledger.com, September 4, 2013.  Web: https://securityledger.com/2013/09/with-settlement-ftc-issues-warning-on-ip-enabled-cameras/

[4] Forum Europe.  Post-Conference Report from The 4th Annual Internet of Things Europe.  Shaping Europe’s Future Internet Policy – The road to Horizon 2020.  The Conference was held in Brussels, Belgium, on November 12-13, 2012.  Published on eu.ems.com.  Web: http://www.eu-ems.com/event_images/Downloads/IoT%20post%20conference%20report%20-%202012.pdf

[5] IoT World meets in Brazil, was held in São Paulo, Brazil, from May 21-24, 2013. Published on theinternetofthings.eu.  Web: http://www.theinternetofthings.eu/iot-world-meets-brazil-s%C3%A3o-paulo-21st-24th-may-2013

[6] The M2M Middle East Forum, was recently held in Dubai, UAE, on September 22-23, 2013.  Published on dmgeventsme.com.  Web: http://dmgeventsme.com/m2mforumme/

[7] The 2013 M2M and Internet of Things (IOT) Global Summit, was recently held in Washington, D.C. on October 1-2, 2013.  Published on eu-ems.com.  Web: http://www.eu-ems.com/summary.asp?event_id=173&page_id=1432

[8] The 1st Workshop On The Internet Of Things (IOT 2013), is scheduled for October 7, in East London, South Africa.  Published on isat.cs.uct.ac.za.  Web: http://isat.cs.uct.ac.za/IoT2013_Workshop/isat_web_iot/index.html

[9] The Internet of Things World Forum, is scheduled for November 12-13, 2013, in London, UK.  Published on internetofthingsconference.com.  Web: http://iotinternetofthingsconference.com/

[10] The Internet of Things Asia 2014 Exhibition and Conference, is scheduled for April 21-22, 2014, in Singapore. Published on internetofthingsasia.com.  Web: http://www.internetofthingsasia.com/

The recent announcement of pending closure for Nirvanix,[1] a CSP, highlights a number of points that I have often stressed as critical in data assessment prior to cloud usage, cloud vendor assessment, cloud contracting specifically, and data protection and retention in general.  These are:

1. “In addition – always (have) a detailed exit protocol with a combination of specific steps, cost structures, and room to negotiate if and where possible.  Cloud Vendors offering no exit strategy, or an overly-rigid or convoluted one, should be approached with high caution.”[2]

2. “If you have critical functionalities that have moved completely or almost completely to a cloud-based solution… then it is highly-advisable to have a backup cloud.[3]

3. Protect and backup your data as per your assessment of the V5 Interplay…the mix of data volume, velocity, variety, value, and vulnerability that determines the how, where, and how often you back it up; amongst other distinct operations and/or management tasks.[4]

4. Mature cloud users should be in a state where “Legal counsel sufficiently aware of the Cloud’s advantages and disadvantages to advise you, can draft or review your Cloud Services Agreements, or negotiate them from the outset, if the latter option is actually made available to you by the Vendor.[5]

To now learn that many large and systemically significant entities in a host of industries have massive amounts of data with this one provider that they are now rushing to remove before the pending shutdown,[6] is quite worrying in terms of Cybersecurity, Cloud best practices, and attendant potential legal liability.

OPTIONS:

Of course, any speculation is pure speculation, as I have no personal knowledge of their arrangements, whether or not these exits are orderly, or if they will be concluded in good time.  However, one would expect that:

(i) for the most critical data in that V5 interplay;

(ii) multiple CSPs should have been used;

(iii) offsite backup should not have been automatically discontinued;

(iv) a detailed exit protocol (“cloud emigration”) would have been contractually agreed-upon in advance, with access to the key or contracted staff – including migration/emigration as a service providers or other such specialists;

(v) guaranteed continued availability of staff and data as was already specified in the original SLA; and

(vi) either CSP insurance (as with employment practices insurance, business interruption or business continuity insurance, or some such), a portion of the client fees segregated in advance by lockbox arrangement to pre-fund an orderly exit, or any host of other arrangements to cover those exit costs, would have been specified as preconditions for entering into a cloud services agreement in the first instance, laid-out in detail, mutually agreed, practiced and reviewed for updates from time to time, and enacted as and when needed.

CONCLUSIONS:

This case is quite instructive, and many cloud users will, doubtless, take note and a few pointers for their own contracts (whether as promptly amended or when next renewed), so as to avoid future problems when this kind of situation replicates, or any other foreseeable or unforeseen eventuality causes a similar rumble of thunder to ripple across the Cloud-sphere.  They must be able to promptly, securely, and in an organized fashionrein-in” and “reel-back” their uploaded data from the cloud, without having their own clients and data subjects rain thunder and lightning down on them, for any failure to so do.[7]  If their data gets stuck in CSP insolvency wranglings, then a whole host of new twists and turns will develop.

*********************************************************************

Author:

Ekundayo George is a sociologist and a lawyer.  He has also taken courses in organizational and micro-organizational behavior, and has significant experienced in business law and counseling (incorporations, business plans, contracts and non-disclosure agreements, teaming and joint venture agreements), diverse litigation, and regulatory practice.  He is licensed to practice law in Ontario, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America (U.S. business advising, outsourcing and cross-border trade, technology contracts, and U.S. financing).  See, for example: http://www.ogalaws.com.  A writer, blogger, and avid reader, Mr. George is a published author in Environmental Law and Policy (National Security aspects), and has sector experience in healthcare, communications, financial services, real estate, international trade, eCommerce, Cloud, and Outsourcing.

 

Mr. George is also an experienced strategic consultant; sourcing, managing, and delivering on large, high stakes, strategic projects (investigations, procurements, and consulting engagements) with multiple stakeholders and multidisciplinary project teams.  See, for example: http://www.simprime-ca.com.

 

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”) including employees, agents, directors, officers, successors & assigns, in whole or in part for their content, accuracy, or availability.

 

This article creates no lawyer-client relationship, and is not intended or deemed legal advice, business advice, the rendering any professional service, or attorney advertising where restricted or barred.  The author and affiliated entities specifically disclaim and reject any and all loss claimed, no matter howsoever resulting as alleged, due to any action or inaction done in reliance on the contents herein.

 


[1] Isha Suri.  Nirvanix Closing Down, Gives Two Weeks’ Notice of Service Shutdown.  Published on siliconangle.com, September 24, 2013.  Web: http://siliconangle.com/blog/2013/09/24/nirvanix-closing-down-gives-two-weeks-notice-of-service-shutdown/

[2] Ekundayo George.  To Cloud or Not to Cloud: What are Some of the Current, Most Pertinent Pros and Cons?  (at “Disadvantages potential – Vendor Inelasticity”).  Published on ogalaws.wordpress.com, December 28, 2011.  Web: https://ogalaws.wordpress.com/2011/12/28/to-cloud-or-not-to-cloud-what-are-some-of-the-current-most-pertinent-pros-and-cons/

[3] Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right (at “1. Backup Cloud).  Published on ogalaws.wordpress.com, March 11, 2013.  Web: https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/

[4] Id. at “4. Traditional off-Cloud Backup”, and at footnote 13).

[5] Ekundayo George.  In who’se pocket is your data packet? – International Data Governance (at “d”).  Published February 6, 2013.  Web: https://ogalaws.wordpress.com/2013/02/06/in-whose-pocket-is-your-data-packet-international-data-governance/

[6] Jeffrey Schwartz.  Cloud Storage Provider Nirvanix Goes Belly-Up, Customers Panic To Move Data.  Published on virtualizationreview.com, September 19, 2013.  Web: http://virtualizationreview.com/blogs/the-schwartz-cloud-report/2013/09/nirvanix-goes-belly-up.aspx?goback=.gde_1864210_member_275308263#!

[7]Risk Management” (such as in preventing to the extent possible, planning for, and effectively prevailing with regard to this type of snafu) and “Stakeholder Management” (calming and reassuring those division heads and business unit leaders who’se core and critical functions are residing, and hopefully resiliently so, in the Cloud, during any time of crisis), have been identified as the new and added “need to have” softer business skills for IT professionals who plan to survive and thrive in the rapidly evolving (and reputedly short-skilled) Cloud space.  See Steve Ranger.  Big data, cloud computing experts hard to hire, bosses admit.  Published on techrepublik.com, September 23, 2013.  Web: http://www.techrepublic.com/blog/european-technology/big-data-cloud-computing-experts-hard-to-hire-bosses-admit/?tag=nl.e077&s_cid=e077&ttag=e077&ftag=TRE9ae7a1a.  For a broader overview of the changing nature of IT skills with regard to changing technologies, such as Cloud Computing, see Ekundayo George.  Why “will” IT jobs persist through changing technology, and why “must” IT initial education and ongoing training be both constant, and consistent?  Published on ogalaws.wordpress.com. June 5, 2013.  Web: https://ogalaws.wordpress.com/2013/06/05/why-will-it-jobs-persist-through-changing-technology-and-why-must-it-initial-education-and-ongoing-training-be-both-constant-and-consistent/

Some people have said that IT careers and IT jobs will disappear due to the advent and mainstreaming of Cloud applications, as well as IT commoditization and outsourcing that will close data centers en masse.  Indeed, one author in 2012 directly predicted a coming re-imagination or demise, of 4 (“four”) specific IT roles and career paths, namely: (i) Programming; (ii) Datacenter; (iii) Data Technology; and (iv) Security.[1]  My detailed thinking on these predictions is more specifically laid-out below, in the “Analysis” section.

Will IT Jobs Disappear?

Such projections are in error, at best!  Consider this statement regarding current IT role disruptions:

The more interesting lesson is the tectonic shift in computing away from the device and software residing on the device, to data and applications access on a variety of form factors and connected operating systems”.[2]

In-house, traditional data centers are there to ensure that data and applications can be accessed from devices near and far; cloud computing data centers are there to ensure that data and applications can be accessed from devices near and far; IT staff are needed in both cases to troubleshoot, ensure that those devices and/or the servers are configured to “play nicely” with each other, and otherwise act when the system cannot itself, or its subsystems will not themselves, fail-over, add or reduce capacity, self-diagnose, grant access to technicians and tours to top brass, run out with backup tapes or portable  hard drives when all else “really” fails, things fall apart, and the (data) center cannot hold,[3] and so on.  Even when printing money and coins (stamps are less used in the West nowadays, due to the rapidity of mobility, and courier efficiencies), human eyes are still needed for that final quality control function Indeed, the case is also and stringently made that there is in fact an accelerating skills shortage in IT.[4]

What then, has changed to make the human factor suddenly obsolete?

I would say nothing, because the more things change, outwardly, the more they stay the same, behind the scenes, as IT jobs and IT professionals will always be needed; albeit with skills–sets that are both more diverse and more specialized at one and the same time, due to an increasing complexity of things.

“We estimate that by 2016 approximately 106,000 ICT jobs will need to be filled in Canada with demand for critical jobs far exceeding the supply. This figure will be further compounded if we account for the new emerging ICT sectors.  Canada is also competing in an increasingly tight labour market, emerging global economies such as Brazil, Russia, India, China and South-Africa (BRICS) are achieving unprecedented economic growth using new energy, telecommunications and information technologies”.[5]

Let us look, then, at 7 (“seven”) specific area examples to help demonstrate how and why this must be.

7 Examples as Proof of IT’s Adaptability, Persistence, and Traction (APT).

1. Cloud applications.

Late last year, there came the headline story – “Almost 1.7 Million Cloud-Related Jobs Went Unfilled in 2012: Estimate“.[6]  That’s a lot of jobs!  However, what is the Cloud and what might those jobs be, some doubtless asked?  In the 6 (“six”) months since the article was published, many of those who asked may now know a little more about the Cloud.  For others, however, an overview may help give perspective.

                                What is Cloud Computing (“Cloud”)?

According to data from the United States’ National Institute of Standards and Technology (NIST):

“Cloud computing is a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.  This cloud model promotes availability and is composed of five essential characteristics (On-demand self-service, Broad network access, Resource pooling, Rapid elasticity, Measured Service); three service models (Cloud Software as a Service (SaaS), Cloud Platform as a Service (PaaS), Cloud Infrastructure as a Service (IaaS)); and, four deployment models (Private cloud, Community cloud, Public cloud, Hybrid cloud). Key enabling technologies include: (1) fast wide-area networks, (2) powerful, inexpensive server computers, and (3) high-performance virtualization for commodity hardware”. [7]

Unfortunately, this NIST data is already behind the market as the Cloud is advancing so fast.  There are now no less than 7 (“seven”) well-identified Cloud service models, being: Software as a Service (SaaS),[8] Security as a Service (SecaaS),[9] Platform as a Service (PaaS),[10] Infrastructure as a Service (IaaS),[11] Networking as a Service (NaaS),[12] Data as a Service (DaaS),[13] and Migration as a Service (MaaS).[14]

                                Which are the Cloud Jobs?

An October, 2012 article identified the following 10 (“ten”) IT jobs as in-demand Cloud careers;[15] being:

(I) Cloud Architect; (II) Cloud Software Engineer; (III) Cloud Sales; (IV) Cloud Engineer; (V) Cloud Services Developer; (VI) Cloud Systems Administrator; (VII) Cloud Consultant; (IIX) Cloud Systems Engineer; (IX) Cloud Network Engineer; and (X) Cloud Product Manager.

The takeaway, is that “professionals who are experts in cloud computing, software as a service and virtualization are in high demand, but those with combined skills in server, software and networking are the most sought after in the current IT job market”.[16] Add to this, another recent survey that concludes: “[c]loud related skills represent virtually all the growth opportunities in IT employment worldwide as demand for cloud-related positions grows.”[17]  Together, these findings put to rest any assertion that datacenter jobs will disappear, because servers are housed in data centers and data farms, and the need for them as well as the IT staff to tend to and manage them, is increasing with time and Cloud uptake.

Where is Cloud Heading – Long term?

In response to the PWC/Digital IQ Report that presented this year’s top 10 technology trends for business, I pondered this year’s top 5 technology trends for consumers;[18] one of which was EULA3.  This term co-represents: (i) End-User Legal Authority (free rein to develop and customize screen savers, fonts, skins, and avatars to their liking, after download from developers with the IP rights therein); (ii) End-User License Autonomy (lawful unlocking of devices and to remove geographic restrictions, freedom from multi-year service contracts, number portability, rights to opt-out of geo-tracking, receiving ongoing service or functionality updates, and in the EU, a right to be free from pre-sale, bundled OEM-ware; and (iii) End-User Leveraged Ability (massively enhanced remote and mobile collaboration and empowerment tools and technologies, in “online groups, archives, fora, encyclopedias, and societies”).[19]

My focus here, is on the leveraged ability, that allows for more creativity, collaboration, commentary, commerce, connections, and cloud applications.[20]  Within and as a result of this leveraged ability, I see the coming offering of Economies as a Service/Elasticity as a Service (EaaS).  This will go beyond the mere discrete, standalone offerings of storage, ERP, and data analytics, to offer specific enterprise-level function and service suites that are customizable to users of various sizes, and that help customers to cut-down on their overhead in a still very tight global economic climate.

I can think of 10 (“ten”) such scalable suites right now, being: (1) Administration; (2) Compliance; (3) Efficiencies (requirements analyses, efficiency audits, business process reengineering, and big data analytics with recommendations and action on same, all from one vendor– essentially, management consultant services on demand, with M2M delivery in eFormat); (4) Facilities management (electronic and sensory, in M2M/SCADA); (5) General Counsel (as outsourced to on-call, geographically distributed providers through a Cloud contact point); (6) Human Resources; (7) Operations and Development; (8) Research and Development; (9) Sales (as tasked to geographically distributed operatives, on-call in the requisite locations- little travel needed; and (10) Treasury (audit, bookkeeping, and capital markets).[21]

Which Cloud sub-sectors will likely lead?

In a 2012 report for the EU, IDC predicted that the market for public cloud services in Europe would grow at a compound, annualized, 35% (“thirty-five percent”) from 2011 to 2014, despite structural challenges (security, infrastructure, standardization), and the continued tight economic climate.[22]  IDC further posits that “[…] the diffusion of cloud computing is expected to generate substantial direct and indirect impacts on economic and employment growth in the EU, thanks to the migration to a new IT paradigm enabling greater innovation and productivity”.[23]  Admitting that jobs will both be lost and created, “the cloud market is expected to be a driver of net creation of employment in the medium term”, regarding the European economy through 2020; with their estimate of the number of European cloud industry jobs then existing, ranging from 1.3 million to 3.8 million.[24]

Globally, IDC’s results from an Infosys-sponsored July, 2012 survey of 326 large companies across the US, Germany, France, and the U.K. found that, 2 out of 3 were adopting the cloud, with private cloud more popular than public or hybrid cloud.[25]  While cloud strategy in Europe is more developed, it is standalone and needs to be integrated into a larger “whole of IT” approach; U.S. cloud adoption lags behind, but this is due to its being part of a “whole of IT” planning process with many stakeholders.[26]  According to IDC, many survey respondents across the board were reportedly dabbling in “public cloud for some specific areas, but when it comes to the core IT environments, they are starting out with private cloud. Connecting the two into a hybrid model is gaining momentum”.[27]

                                Why use the Cloud?

In essence, “cloud computing simply capitalizes on the need of a business to manage costs, stick to its core competencies and outsource the rest”.[28]  Services and servers formerly managed in house with capital expenditures, can now be managed by vendors as operational cost items, and expensed.  “Companies want to escape IT equipment and support costs, but there are also certain applications and data that large enterprises especially are unlikely to ever let out of their sight and perimeters, King said. That is why the hybrid model works pretty well for many companies right now”.[29]


2. Mobility.

“Digitization—the mass adoption of connected digital services by consumers, enterprises, and governments— is far more than a disruptive wave washing over isolated industries.  We have long since recognized that reality.  Digitization is a fundamental driver of economic growth and job creation the world over- in both developed and emerging markets”.[30]

Within the home and other fixed locations, this digitization has permitted the visual TV broadcast format to shift in many locales to High Definition, allowing for clearer pictures, denser colours and images, and added content and utilities.  In addition, ubiquitous computing is now the default mode, with digitization and packetization, and smartphones and tablets fast-nearing the raw computing power of earlier laptops; if not surpassing them in both that, and storage capacity, through the availability of add-on storage and memory card capacity. Customer-facing cloud applications (online photo storage, social media profile pages, and available-anywhere office productivity and document processing or management service offerings), all benefit from the spread of digitization and the ongoing drop in memory and hardware costs.  Taken together, these developments have enabled location independence, geo-tagging, behavioural marketing, and social business on a hitherto unprecedented scale.

“IT” with regard to mobility ranges from applications, through form factors, to networking, diagnostics, and data analytics.  Similarly, “convergence” in general, means that the field of mobile computing is already broad and deep,[31] and continues to grow with the expanding market for existing form factors (laptop, tablet, smartphone), and ever more innovative offerings to come. Even though some employers eschew creating and implementing BYOD policies for their increasingly mobile workforces (a dangerous oversight, in my opinion), while others re-think or seek to restrict aspects of the whole “mobility” dimension of work,[32] I really cannot envisage ITs mobility-enabling skills-sets facing any realistic danger of impending obsolescence.

3. Operational and ongoing improvements.

In the words of the American Society for Quality (ASQ): “[c]ontinuous improvement is an ongoing effort to improve products, services or processes.  These efforts can seek “incremental” improvement over time or “breakthrough” improvement all at once”.[33] Of course, improving the individual (skills and abilities), can also lead to improving the product, service, or process – including of business processes and in separate business cost centres.  Aside from the plethora of quality measures and quality improvement models, perhaps the simplest offering suggested by ASQ, is the P-D-C-A cycle, which stands for:

(i) Plan (identify opportunities and strategize for their exploitation);

(ii) Do (roll-out a pilot or beta of the change as planned);

(iii) Check (analyze the results and determine whether the desired result was achieved);

(iv) Act (Proceed on a larger scale if successful, or revise if not, with ongoing assessment in both cases).[34]

In the current and evolving IT environment, the need for operational and ongoing improvements is driven by a desire for post-merger, acquisition, or restructuring economies of scale; improved efficiencies in a very tight global economy and hyper-competitive climate; and to increase security in the face of heightened governance, risk, and regulatory compliance (GRC) requirements, and Cybersecurity exposures and events. Automated systems (after human programming), can gather and crunch a vast quantity of data in terms of Enterprise Resource Planning (ERP), Privacy Impact Analysis (PIA), Security and Risk Analysis (SRA), and Threat Risk Assessment (TRA).  However, in the three common, broad stages of all these activities (identification, assessment, mitigation), human input is indispensable to catch the nuances, round-out the corners, and otherwise right-size and customize both process and result.  IT professionals will always be needed to plan, to do, to check and double-check, and to act.

4. Networking.

Networking has come very far since it was merely a question of connecting desktops to servers, and making sure that different servers or server versions and their operating systems (usually all in the same place or distributed corporate space or ecosystem), all meshed well together.  Now, we network across availability zones in region, time zones, and definitely different ecosystems.  With the speed at which technology is currently advancing and generations of IT are maturing,[35] there will always be “legacy” systems in the mix, and this will require the presence of professionals who know and are familiar enough with the idiosyncracies of these legacy systems to service and maintain them.  As with the Basic, Fortran, and Pascal programming languages (which are still used, in some places), someone somewhere, will always be needed into the foreseeable future.  This peculiarity will come into the clearest focus when data must be migrated from these legacy systems, and it can only be done the hard way.  Networking also gains importance with the mainstreaming of Supervisory Control and Data Acquisition (SCADA), the Internet of Things (IoT) or Machine to Machine (M2M) communication[36] – as enabled and enhanced by MEMs[37], Software-Defined Networking (SDN), and of course, Cloud Computing.  These, in their turn, further fuel the “apolitical” socialization of business, living, and leisure.

5. Virtualization.

“The term virtualization is commonly used to refer to the creation of multiple virtual servers that operate on one physical computer. Virtualization uses fewer physical resources to do an increased amount of work in a virtual environment, cuts the costs of purchasing expensive hardware for computers, uses less physical storage space and reduces costs to power and cool physical computers”.[38]

As stated, virtualization has many benefits; including heightened productivity and cost savings.  However, the need for real human beings will persist.  Additional solutions enabled by virtualization include advanced gamification (both single user and multi-user), eLearning, and social business with real time product and service demonstrations, serious streaming and graphics, and simultaneous screen-in-screen separate software instances for multitaneous collaboration, creativity, and other connections.  Content is key, so there will always be a need for IT professionals across the 15 (“fifteen”) phases of the following, proposed new “horseshoe waterfall” software development process (up from the classic 6):

1. Requirements Analysis phase (PIA, ERP, SRA, TRA, and Objective-oriented Risk Identification);

2. Programming & Development phase (design, documentation, IP, cross-disciplinary “play-in/pet-in”[39]);

3. Vendor Development Testing phase (Quality, Usability, Interfaces, Performance, Stability – “QUIPS1”);

4. Application Security Testing (by subsystem, including to regulatory standard/industry metrics);

5. Contract Modeler/Tweaker phase (add-ons, P3 standalone software, and software for hardware);

6. P3 Development Testing phase (Quality, Usability, Interfaces, Performance, Stability – “QUIPS2”);

7. Vendor Integration phase (collective work of all subsystems & add-ons; documentation & IP updates);

8. Application Security testing (complete system by Vendor, and by user panel on late-stage beta);

9. White Hat phase (QUIPS3; with penetration testing, and to regulatory standard/industry metrics);

10. Feedback Integration phase (rectifications, new requirements, ruggedizing for special orders);

11. Deployment phase (with customer training, static testing, and onsite and remote debugging);

12. Implementation Validation phase (QUIPS4 ; with training, operational testing, and debugging);

13. Maintenance and Support phase (updates, patches, customer service, technical support);

14. Customer and Industry Feedback Analysis phase (knowledgebase, data analytics, planning);

15. Re-start at phase 1, 2, or 5: (next generation solution, fully new iteration, or market re-focus).

The falls are shaped like a horseshoe because the water can fall from several places or points at once, because the phases can easily overlap, and because the constant cycle of water never stops; so nobody can peer into the resulting product whirlpool and determine from where, or when, something fell-in.

6. Innovations.

The predictable thing about change, is that it will be constant.  Whether or not you define it as progress, technology innovations will generally have knock-on effects that include additional innovations.  This is a given, as items and areas rendered obsolete will be replaced, and those that wish to resist obsolescence, will make speedy and aggressive moves to adapt to that “new normal”.  From mainframes, through PCs, laptops, smartphones, tablets, and wearable IT[40] and other solutions, innovation feeds upon itself, and knowledgeable IT personnel will always be needed to make things work, adapt, and counter-adapt with concatenating advances in miniaturization[41] and processing power spurring “chipification[42] of ever more discrete utilities and ecosystems to enable higher functions, remote diagnostics, and interoperation.  Current and developing form factors including wearables (heartrate monitors), scannables (QR codes and RFID), flyables (drones), drivables (smart cars and next generation autopilot), and as enabled by current (Gesticuloperation – i.e. operation by voice, clap, and hand signals in the likes of Microsoft Kinect, Sony Wii, interior lighting, and otherwise by voice or eyesight recognition), or Google Glass, and future tech., will likewise still demand contributions from multifaceted IT personnel.

7. Predictive Analytics.

Big Data is here to stay, due to the proliferation of ways in which it is collected, and the depth and detail with which it is being concatenated.  Businesses will need ever-more powerful and intuitive ways to crunch and package its content, whether for ERP, CRM, or other predictive data analytics.[43]  We already see automated resume sorting, but the human eye and brain will still be needed to develop and tweak the software, perform quality checks, and deal with data input delays (illegible writing that won’t scan, jammed paper in scanner input feeds, and machine maintenance and downtime for whatever reason).

ANALYSIS:

                Rightly Forecast to Stay.

While the 2012 ICTC briefing identified 3 (“three”) specific areas of greatest need and growth potential in the prevailing IT skills shortage: Mobile Computing, Cloud Computing, and creative online content (Social Business),[44] IBM’s study of the global IT picture found a fourth: Business Analytics.[45]   Looking at the above 7 areas, Cloud computing touches (at least), 1, 5, 6, and 7; Business Analytics, touches (at least), 3, 4, 6, and 7; Mobile Computing, touches (at least), 2, 4, 6, and 5; and Social Business, touches (at most), 1 through 7.  I see no way that IT jobs or career paths can disappear any time soon.  The health of that sector may well ebb and flow, with economic growth and job prospects fluctuating back and forth; but ITs adaptability, persistence, and traction (APT), give it true staying-power as a criss-crossing, sub-factor of production supporting that new factor of production, “information” – both of which now span mere land, labor, and capital,[46] and thusly remain indispensable bedrocks of modern and future society.

                Wrongly Forecast to Go.

Similarly, regarding the 4 (“four”) specific IT roles identified for re-imagination or extinction,[47] vis-à-vis the above 7 areas: Programming; Datacenter; Data Technology; and Security.  With regard to programming, the author states that the popular or most common computer languages will change.  I agree, but the older languages will not die-out, due to the reasons I gave above.  Similarly, with regard to data technology, the author states that the new and evolving paradigms will require IT professionals who are both more multifunctional and more capable of multitasking across different cost centres in the organization (IT, data analytics, PR, R&D).  With this, I also agree, because up-skilling should be a constant when the going is good, and retraining should remain an option should the paradigm shift.

My disagreements arise with regard to the author’s predictions for IT’s datacenter functions[48] and IT’s security functions,[49] which will supposedly be forever and irretrievably changed by Unified Communications (UC) protocols, outsourced to third-parties, and otherwise surpassed or subsumed by and within the ambit of, a variety of Cloud Services Providers (CSPs).

                Datacenter, specifically.

With regard to datacenter functions, machines can still not fully administer themselves, whether it is an airliner on autopilot, a nuclear power station, the switching center of a railway system, or a conveyor belt – which is supposed to stop by itself when something clogs the mechanism, but still has an emergency stop mechanism for the occasional “human” intervention.  I think that any prediction of the demise of these jobs and functions is premature or wishful thinking at best, and ill-advised at worst.

                Security, specifically.

With regard to security functions, it is worthwhile to note that evolving data protection and privacy standards set-out by legislation, as well as industry best practices across several fields, are severely limiting the extent to which an entity can outsource the “responsibility” that it does and must hold in-house, for the ultimate security of customer or client data; especially with regard to Personally Identifiable Information (PII), including within the financial services industry, and Personal Health Information (PHI), including within the healthcare sector.  This fact, alone, will mandate the persistence of the need for in-house skill sets in “security standardization, procedures, and auditing[50], due to the necessity of verifying: (i) that third-party providers can and do perform as promised and required by law; (ii) that breach notification is timely and properly conducted, and that third-parties are aware of their contractual and legal responsibilities, as applicable; and (iii) that loss prevention, IT, managerial, and legal personal are all on the same page with regard to ERP, outsourcing, risk mitigation, and regulatory compliance across the entire IT ecosystem – whether in-house physical, in-house virtual, outsourced (including Cloud and offshoring), BYOD, or otherwise.  This security matrix must be complete, as omitted input will lead to omitted considerations, and avoidable losses that could rise to be in the extreme.

Even the much maligned practice of offshoring can have a net benefit to the outsourcing economy by pushing those it leaves behind into higher, more skilled, and managerial roles that are needed locally.

Outsourcing can help create opportunities that didn’t exist before,” […].  Recruiting more bodies in another country can “upskill” Canadian IT workers, boosting them into higher level managerial positions,[…].   “The jobs are slightly different than what they may have been before, but it actually is an economic addition, not necessarily a detractor from the economy and from the employment landscape.[51]

CONCLUSION:

For the final word on this issue, I think Stephen C. Ehrman, summarized it best, when he wrote that:

Each predictable doubling of chip power enables the development of surprising new tools for thinking, analyzing, studying, creating, and communicating in the world. Products and professions erupt, altering the content of some discipline, creating new fields, and compelling new forms of interdisciplinary collaboration in the wider world. The level of education required for many jobs is increasing as well. So technological change in the wider world both increases the number of people who need an education and changes what it is they need to learn as well.[52]

I think that should do it!

************************************************************************

Author:

Ekundayo George is a sociologist and a lawyer, with over a decade of legal experience including business law and counseling (business formation, outsourcing, commercial leasing, healthcare privacy, Cloud applications, social media, and Cybersecurity); diverse litigation, as well as ADR; and regulatory practice (planning and zoning, environmental controls, landlord and tenant, and GRC – governance, risk, and compliance investigations, audits, and counseling) in both Canada and the United States.  He is licensed to practice law in New York, New Jersey, and Washington, D.C.  Please See: http://www.ogalaws.com

He is an experienced strategic and management consultant; sourcing, managing, and delivering on high stakes, strategic projects with multiple stakeholders and multidisciplinary teams.  Please See: http://www.simprime-ca.com

Backed by courses in management, organizational behaviour and micro-organizational behaviour, and a Certificate in Field Security from the United Nations Department of Safety and Security (UNDSS), in New York, Mr. George is also a writer, tweeter and blogger (as time permits), and a published author in Environmental Law & Policy (National Security aspects).

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”), in whole or in part for their content, or their accuracy, or their availability.

This article does not constitute legal advice or create any lawyer-client relationship.


[1] Kerry Doyle, MBA.  IT Roles Facing Extinction.  Published on globalknowledge.com by Global Knowledge Training LLC, 2012.  Online: >http://images.globalknowledge.com/wwwimages/pdfs/SR_IT_Roles_Facing_Extinction.pdf<

[2] Patrick Gray.  HP and BlackBerry abandon in-house tablet ecosystems.  Published in “Tablets in the Enterprise”, on techrepublic.com, May 24, 2013.  Online: >http://www.techrepublic.com/blog/tablets/hp-and-blackberry-abandon-in-house-tablet-ecosystems/3428?tag=nl.e101&s_cid=e101&ttag=e101<

[3] Tribute to the late Professor Albert Chinualumogu (Chinua) Achebe, (1930-2013), author of the timeless classic “Things Fall Apart” (first published in A.D. 1958).

[4] A sometimes heated debate persists on whether or not the United States is currently experiencing a skills shortage in graduates of Science, Technology, Engineering and Mathematics (STEM).  See e.g. (severe shortage exists): Society for Human Resource Management (SHRM).  The Ongoing Impact of the Recession – Recruiting and Skills Gap.  Published on shrm.org, March 12, 2013.  Online: >http://www.shrm.org/Research/SurveyFindings/Articles/Pages/SHRM-Recession-Recruiting-Skill-Gaps-Technology.aspx<; see contra (no shortage found): Economic Policy Institute (EPI).Hal Salzman, Daniel Kuehn, and B. Lindsay Lowell.  Guestworkers in the high-skill U.S. labor market: An analysis of supply, employment, and wage trends.  Published in “Immigration”, on epi.org, April 24, 2013.  Online:

>http://www.epi.org/publication/bp359-guestworkers-high-skill-labor-market-analysis/<

[5] In Canada, however, the skills shortage issue appears better settled – it exists!  See e.g. Namir Anani, President and CEO of the Information and Communications Technology Council (ICTC).  Briefing – HUMA – Fixing The Skills Gap and Understanding the Labour Shortages, at page 2.  Mr. Anani delivered this briefing in Ottawa, Canada, on April 4, 2012, before the Parliamentary Standing Committee on Human Resources, Skills and Social Development and the Status of Persons with Disabilities.  Published on ictc-ctic.ca.  Online: >http://www.ictc-ctic.ca/wp-content/uploads/2012/06/ICTC_HUMAPresentation_EN_04-12.pdf<

[6] Joe McKendrick.  Almost 1.7 Million Cloud-Related Jobs Went Unfilled in 2012: Estimate.  Published in “Tech”, on forbes.com, December 21, 2012.  Online: >http://www.forbes.com/sites/joemckendrick/2012/12/21/almost-1-7-million-cloud-related-jobs-went-unfilled-in-2012-estimate/<

[7] National Institute of Standards and Technology (NIST).  NIST Cloud Computing Program.  Online: >http://www.nist.gov/itl/cloud/index.cfm<

[8] PCI Security Standards Council: Cloud Special interest Group.  PCI Data Security Standard (PCI DSS), Version 2.0 – Information Supplement: PCI DSS Cloud Computing Guidelines, at 4.  Released March, 2013.  Online: >https://www.pcisecuritystandards.org/documents/information_supplement_11.3.pdf< Software as a Service (SaaS), is there defined by PCI SSC as: “[c]apability for clients to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser, or a program interface”.  See also Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right, at Note 1.  Published on ogalaws.wordpress.com, March 11, 2013.  Online: >https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/< SaaS offerings generally include tools for processing, analysis, accounting, CRM, and back-office functions, as delivered on a “pay by use or increment” basis.

[9] Michael Hafner, Mukhtiar Memon, and Ruth Breu.  SeAAS – A Reference Architecture for Security Services in SOA.  Published 1.9.09 in the Journal of Universal Computer Science (JUCS), vol. 15, no. 15 (2009), 2916-2936, at 2924. Online: >http://www.jucs.org/jucs_15_15/seaas_a_reference_architecture/jucs_15_15_2916_2936_hafner.pdf<

Security as a Service (SecaaS), is there defined by the authors, as:

“[…] the delivery of security functionality over infrastructure components in a service-oriented manner. For SOA, this means that security services are accessed through common Web services technologies and standards”.

As stated in that publication, SecaaS offerings generally encompasses services for: authentication, authorization, security compliance, security interoperability, cryptography and message processing, protocol-based security, and security monitoring and auditing.

[10] PCI Security Standards Council: Cloud Special interest Group.  PCI Data Security Standard (PCI DSS), Version 2.0 – Information Supplement: PCI DSS Cloud Computing Guidelines, at 4.  Released March, 2013.  Online: >https://www.pcisecuritystandards.org/documents/information_supplement_11.3.pdf< Platform as a Service (PaaS), is there defined by PCI SSC as: “[c]apability for clients to deploy their applications (created or acquired) onto the cloud infrastructure, using programming languages, libraries, services, and tools supported by the provider”.  See also Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right, at Note 2.  Published on ogalaws.wordpress.com, March 11, 2013.  Online: >https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/< PaaS offerings generally include tools for email, online backup, or desktops on demand, as well as middleware and raw development platforms.

[11] PCI Security Standards Council: Cloud Special interest Group.  PCI Data Security Standard (PCI DSS), Version 2.0 – Information Supplement: PCI DSS Cloud Computing Guidelines, at 4.  Released March, 2013.  Online: >https://www.pcisecuritystandards.org/documents/information_supplement_11.3.pdf<  Infrastructure as a Service (IaaS), is there defined by PCI SSC as: “[c]apability for clients to utilize the provider’s processing, storage, networks, and other fundamental computing resources to deploy and run operating systems, applications and other software on a cloud infrastructure”.  See also Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right, at Note 3.  Published on ogalaws.wordpress.com, March 11, 2013.  Online: >https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/< IaaS offerings generally include tools for collaboration, integration, and visualization, in scalable storage and server capacity on demand.

[12] Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right, at Note 4.  Published on ogalaws.wordpress.com, March 11, 2013.  Online: >https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/<  Network as a Service (NaaS), generally includes advanced virtualization tools such as bandwidth-on-demand for multiple VPNs-on-demand, and for cloud-to-cloud networking on-demand.

[13] Data as a Service (DaaS), generally includes the hosting and delivery-on-call of data that is both form factor independent and software independent, as its storage (static) and delivery (formatted) states will differ, and the data will only be transformed from one to the other as and when needed, and as optimized to form factor or use.  Increasing data analytics and in-house ownership of the crunched result, will spur growth in this DaaS (author).

[14] Migration as a Service (MaaS), refers to the transmission or translocation of clientele (users of blogs, wikis, chats, or other collaborative portals), data and databases (documents, files, spreadsheets and folders), capital operations and office suites (applications, business processes, or operating systems from version to version, or from server to server on premise), or services (emails and VOIP/voicemails); whether from one platform or service provider, to another (on-premise to cloud transforming capital expenditures to operating expenses, or cloud to cloud).  This can be done on a self-serve basis, or through a vendor.  The volume of data that many companies now command otherwise makes migrations quite expensive, and implies that MaaS will remain a growth area (author).

[15] Christine Burns, Network World.  Cloud careers: It’s a seller’s market.  Published on networkworld.com, October 8, 2012.  Online: >http://www.networkworld.com/supp/2012/enterprise5/100812-ecs-cloud-careers-262741.html<

[16] Id.

[17] Joe McKendrick.  Almost 1.7 Million Cloud-Related Jobs Went Unfilled in 2012: Estimate.  Published in “Tech”, on forbes.com, December 21, 2012.  Online: >http://www.forbes.com/sites/joemckendrick/2012/12/21/almost-1-7-million-cloud-related-jobs-went-unfilled-in-2012-estimate/<

[18] See Ekundayo George.  Ctrl-Shift-Del: 2013’s Top 5 Technology Trends for Consumers.  Published on ogalaws.wordpress.com, March 16, 2013.  Online: >https://ogalaws.wordpress.com/2013/03/16/ctrl-shift-del-2013s-top-5-technology-trends-for-consumers/<

[19] Id.

[20] See e.g. Ekundayo George.  Social Media Policies: Why have them, and what should they cover?  Published on ogalaws.wordpress.com, May 29, 2013.  Online: >https://ogalaws.wordpress.com/2013/05/29/social-media-policies-why-have-them-and-what-should-they-cover/<

[21] I see these enabling, at the very least: (i) ”eNUB“ (email, number, and URL banking); and (ii) “Work-Shifting”.

(i) eNUB will be the response of entities and employers to salesforce BYOD, now better able to take existing contacts, prospects, vendors, and sales peers with them, due to all knowing that contact number by heart.  Hence, even if that person’s entire eRolodex gets remote-wiped, they can still be reached by their now “good old friends”. So, with growing number portability and VOIP, employers will own and manage banks of mobile contact numbers (in addition to the URLs and emails they already tag-onto/under domain names), to prevent salesforce lead-bleed.

(ii) The growing ability, through advancing mobile device management (MDM) technologies to stop and start the delivery of emails, and to route and unroute calls to BYOD-enabled workers so that they are not troubled (into working costly overtime), outside the standard workday, will enable employers to more easily juggle the workflow between permanent and contract employees in different time-zones through disclosed/undisclosed jobsharing arrangements. Hence, less downtime in a new, cloud-enabled world of work-shifting, as opposed to shift-work.

See Tom Kaneshige, CIO.  Which Workers Are the Best Fit for BYOD?  Published on cio.com, May 14, 2013.  Online: >http://www.cio.com/article/733399/Which_Workers_Are_the_Best_Fit_for_BYOD_?taxonomyId=600007<

[22] IDC.  Quantitative Estimates of the Demand for Cloud Computing in Europe and the Likely Barriers to Up-take. SMART 2011/0045.  D4 – Final Report, at 30.  Published on ec.europa.eu, July 13, 2012.  Online: >http://ec.europa.eu/information_society/activities/cloudcomputing/docs/quantitative_estimates.pdf<

[23] Id. at 9.

[24] Id. at 9.

[25] Marianne Kolding.  IDC White Paper.  Adoption of Cloud: Private Cloud is Current Flavour but Hybrid Cloud is Fast Becoming a Reality, at 1-2.  Published on Infosys.com, September, 2012.  Online: >http://www.infosys.com/cloud/features-opinions/Documents/hybrid-cloud-becoming-reality.pdf<

[26] Id. at 2.

[27] Id. at 3.

[28] Peter Brown and Leonard T. Nuara, Co-chairs.  Cloud Computing 2011: Cut Through the Fluff & Tackle the Critical Stuff.  Intellectual Property Course Handbook Series.  Number G-1055, at 49.  Published in 2011 by the Practicing Law Institute, New York (PLI).

[29] TechRepublic.  Executive’s Guide to Best practices in SAAS and the Cloud, at 14.  Published in “Whitepapers”, on ZDNet.com, March 2013.  Online: >http://www.zdnet.com/executive-guide-to-best-practices-in-saas-and-the-cloud-free-ebook-7000012032/< The author quotes Charles King, principal analyst at Pund-IT.

[30] World Economic Forum and INSEAD.  The Global Information Technology Report 2013: Growth and Jobs in a Hyperconnected WorldForeword by Cesare Mainardi, Chief Executive Officer, Booz and Company, at vii.  Published on weforum.org, 2013.  Online: >http://www3.weforum.org/docs/WEF_GITR_Report_2013.pdf<

The author takes care to point-out that while digitization brings benefits in both productivity and employment growth, there “may well come” a point of disequilibrium.  Similarly, there is a delicate balance to be found for the 3 (“three”) roles on the input matrix, being the roles of financier, facilitator, and direct developer.  Where and when the ratio is off, the national cake will not rise to meet the demand, or otherwise respond on command.

[31] See e.g. Guarav Kumar, Ph.D., Assistant Professor, Department of Computer Applications, Chitkara University, Rajpura, Punjab.  Career Guide: Career in Mobile Computing and Wireless Technology.  Published in Employment News Weekly, 25 May – 31 May, 2013, issue (No. 08), on employmentnews.gov.in.  Online: >http://www.employmentnews.gov.in/career_in_mobile.asp< This article and the sheer diversity of the career streams here listed provide a very clear idea of just how vast the mobile field now is, and promises to become.

[32] See e.g. Kara Swisher.  “Physically Together”: Here’s the Internal Yahoo No-Work-From-Home Memo for Remote Workers and Maybe More.  Published on allthingsd.com, February 22, 2013.  Online: >http://allthingsd.com/20130222/physically-together-heres-the-internal-yahoo-no-work-from-home-memo-which-extends-beyond-remote-workers/<

[33] American Society for Quality (ASQ).  Continuous Improvement.  Published on asq.org, at Continuous Improvement Model – Learning Resources.  Online: >http://asq.org/learn-about-quality/continuous-improvement/overview/overview.html<

[34] Id.

[35] Jonathan Huebner, Ph.D.  A possible declining trend for worldwide innovation.  Published 2005, in Technological Forecasting & Social Change 72 (2005) 980-986, at 981, on sciencedirect.com.  Online: > http://accelerating.org/articles/InnovationHuebnerTFSC2005.pdf<

 

There is a general consensus that technology is advancing exponentially, and that this advance will continue into the distant future. The basic assumption behind this view is that either there is no limit to technological advance, or if there is a limit, then we are far from reaching it.

[36] See Infra, note 41.

[37] Visa.  The Future of Technology and Payments report: More of the Same (2nd edition, printable version), at pp. 10-11.  Published by Visa, on visaeurope.com, April 24, 2013.  Online: >http://www.visaeurope.com/en/about_us/industry_insights/tech_trends.aspx<

“We therefore expect to see the progressive deployment of so-called Microelectromechanical systems (MEMs).  These minute devices, generally smaller than a square-millimetre, typically comprise of a microprocessor plus a sensor or actuator. Already, they are common components within consumer devices acting, for example, as accelerometers or gyroscopes. (…)”.

 

“For the future, the use of MEMs seems destined to become more widespread. More exotic sensors will become available (capable, for example, or checking blood pressure or glucose levels). Their proliferation could therefore enable the so-called “internet of things” (…). And, in the coming years, IBM holds out the prospect of a trillion connected d devices (…) – that equates to one hundred smart objects for every person on our planet”.

[38] Megan M. Kearney, Esq.  Faster Than the Speed of Law: Technological Advancements Generate a Host of Novel Legal Concerns.  Originally published in The Philadelphia Lawyer, Winter 2011, “Intellectual property law”, pepperlaw.com.  Online: >http://www.pepperlaw.com/pdfs/PhilaLawyer_Kearney.pdf<

[39] See e.g. Lucas Mearian, Computerworld.  The Time is Right for an ‘IT Petting Zoo’.  Published on cio.com, June 5, 2013.  Online: >http://www.cio.com/article/734452/The_Time_is_Right_for_an_IT_Petting_Zoo_?taxonomyId=600007<

[40] Canadian Manufacturing Daily Staff.  Ontario firm gets federal funding for wearable lithium-ion pack.  Published on canadianmanufacturing.com, April 23, 2013.  Online: >http://www.canadianmanufacturing.com/general/ontario-firm-gets-federal-funding-for-wearable-lithium-ion-pack-101574<

[41] Fundación de la Innovación, Bankinter, and Accenture.  Future Trends Forum (FTF) Series, Number 15: The Internet of Things – In a Connected World of Smart Objects.  Chapter 3, at page 37.  Published on fundacionbankinter.org, in 2011.  Online: >http://www.fundacionbankinter.org/system/documents/8189/original/XV_FTF_Interneto_of_things.pdf

 

“More than half a century on from the days of mainframe computers that took up whole rooms, components are becoming smaller and smaller, enabling faster and more powerful computers to be developed. This physical layer occupies less space, making it easier to connect practically anything, anywhere, anytime. What we are seeing is the phenomenon of miniaturization”.

 

[42] Supra note 37.

[43] Toni Bowers.  IT needs to understand the move from BI to data analytics.  Published in “Tech Decision Maker”, on techrepublic.com, May 28, 2013.  Online: >http://www.techrepublic.com/blog/tech-manager/it-needs-to-understand-the-move-from-bi-to-data-analytics/8277?tag=nl.e099&s_cid=e099&ttag=e099<

[44] Namir Anani, President and CEO of the Information and Communications Technology Council (ICTC).  Briefing – HUMA – Fixing The Skills Gap and Understanding the Labour Shortages.  Mr. Anani delivered this briefing in Ottawa, Canada, on April 4, 2012, before the Parliamentary Standing Committee on Human Resources, Skills and Social Development and the Status of Persons with Disabilities.  Published on ictc-ctic.ca.  Online: >http://www.ictc-ctic.ca/wp-content/uploads/2012/06/ICTC_HUMAPresentation_EN_04-12.pdf<

[45] See IBM.  Fast Track to the Future: The 2012 IBM Tech Trends Report.  Published by the IBM Center for Applied Insights, on ibm.com, December, 2012.  Online: >https://www.ibm.com/developerworks/community/blogs/techtrends/?lang=en<

[46] Supra note 41, at 18.  Just as in an agricultural economy, the factors of production were land and labor, and in an industrial economy they were capital and labor, information has become the production factor of the twenty-first century”.

[47] Kerry Doyle, MBA.  IT Roles Facing Extinction.  Published globalknowledge.com, by Global Knowledge Training LLC, 2012.  Online: >http://images.globalknowledge.com/wwwimages/pdfs/SR_IT_Roles_Facing_Extinction.pdf<

[48] Id. at 3.  “Gone are the service technicians responsible for rewiring and maintenance.  UC makes those skills unnecessary.  In the future, one or two systems analysts will centrally handle communication implementation and flow from within the datacenter”.

[49] Id. at 4.  “Within organizations, gone are the traditional back-up and recovery skill sets which will be relegated to third-party providers”. (…)  “Gone are the technicians who relied on security standardization, procedures, and auditing”.

[50] Id. at 4.

[51] Brian Bloom.  IDC: Offshoring IT keeps Canadian firms competitive.  Published for Computing Canada in itworldcanada.com, June 14, 2012. The quotation is from Jason Trussell, senior vice-president and Canadian regional manager at iGate Inc.  Online: >http://www.itworldcanada.com/news/idc-offshoring-it-keeps-canadian-firms-competitive/145611<

[52] Stephen C. Ehrman, Ph.D.  Technology and Revolution in Education: Ending the Cycle of Failure.  Published in Liberal Education, Fall (2000) 40-49, at “Double Double Toil and Trouble: Moore’s Law”.  This penultimate draft of the final article is available through The TLT Group (Teaching, Learning, and Technology), on tltgroup.org.  Online: >http://www.tltgroup.org/resources/V_Cycle_of_Failure.html

Comment in the discussion chain: Data Centers and Disaster Recovery in Nigeria.

Started by moderator Christopher Odutola of the Linked in group: Cloud Computing, Virtualization and Disaster Recovery in Nigeria.

Online: http://www.linkedin.com/groups/Data-Centers-Disaster-Recovery-in-3785575.S.43550562?view=&srchtype=discussedNews&gid=3785575&item=43550562&type=member&trk=eml-anet_dig-b_pd-pmt-cn&ut=1tsF8girXdkBI1

**********

Thank you, all for your highly knowledgeable and astute comments in this discussion so far.  We all know that as Nijas, we have the talent and we have the skills to get things done – as you all show.  However … na conditions!!  I think 6 factors need to be addressed to some extent before the cloud can gain more credibility and traction in Nigeria, and even in Africa, and become “e-Solid”.

“E”nergy is number one.  Data centers need cooling (especially below the equator), and drives need energy to spin, access memory, and provide those virtual instances.  The idea of generators in series has merit, but I would say turbines are better – with all the natural gas we have flaring.  I always wonder why none of our unemployed Engineers have built scalable and modular mini-re refineries that can be used in the Niger Delta instead of all these open air burns; as used to feed or as combined with, modular and scalable mini-power stations.  We do have the labour, craftsmen, engineers, and natural resources.  Perhaps some of your banking and industrial contacts can be interested in seed funding.  Such machines will get plenty of interest in similarly challenged parts of the world.  It will take quite an effort to string functioning power lines everywhere, or bury them where there are already more people than spare ground.  I think localized modularity is the way to go, as opposed to regional and national power grids.

“S”ecurity has many facets.  One the one hand, it is the day to day matter of traveling to work while avoiding roadblocks, armed robbers, militants or les beaucoup-harmers, and drivers of trucks with no brakes, or of buses full of people and tankers full of petroleum or chemicals, who are not in their right minds due to some substance or other.  The 24/7 nature of IT will require people to travel back and forth at odd times,  unless you are there on 7-12 day on, and 7-12 day off shifts, or something like that.  Even then, you will have to switch-out at some point, and face the travel hazards.  The other facet of security is data security.  Are the sys-admins selling off data sniffed in transit; is the data entirely managed within Nigeria or are portions of the cloud external and therefore subjecting the data to the laws and sniffing of other jurisdictions; are Nigerians adequately protected from identity theft and loss of funds in the case of financial data transfers through the cloud?  These are all areas where Nigerian laws are pretty far behind, due to other priorities of our dear leaders – state and federal, and legislators.

“O”versight is also highly important.   There are a plethora of regulatory bodies, associations, commissions, and parastatals in Nigeria that have overlapping and complementary functions.  When people in position wake and realize that there is money to be made from taxing, regulating, and licensing the cloud, there will be a rush to assert jurisdiction.  Will it be from NCC (due to communications), CBN (due to financial transactions in the cloud), FRSC (due to data transportation on the information highway), NIMASA for the undersea telecommunications cables, each and every state government (due to data center location), EFCC (due to the potential problems within their competence), or any combination of the security agencies, due to the potential national security implications.  How easily can the Corporate Affairs Commission define which of the above types of business the CSP/CSV is engaging in, and how many lawsuits, pleas to the President, and examples public rudeness and misbehavior at the highest levels will Nigerian have to endure from those many competing regulatory interests?  I think a massive rationalization and realignment of Nigeria’s regulatory landscape is long overdue, but it may not happen while there are so many who benefit from the current alphabet soup of a conjoint twin octopus at a grand buffet, still eating to their heart’s content.  Other countries have established central fora, fusion centers, and similar councils where many bodies work together for the same goal.  In our case, that may take some time to achieve.

“L”egal is the logical follow-on, here.  There can be a self-regulatory body established for cloud service providers that enforces standards amongst peers, coordinates training and best practices, and works to lobby the government where and when needed.  Or, providers in the space can continue to work independently and accept whatever laws and regulations – no matter how contradictory, policy-somersault-laden, or otherwise non-conducive to sane and sustained business – are handed down from above.  Tips can be taken from what transpires with regard to the cloud outside Nigeria, but we should not be so fast to adopt things full force, that might not quite fit with our unique context.  We have seen many examples of this, as well as cases where countries accepted Constitutions and laws drafted by outsiders that were just plain wrong.

For example, the Warsaw Convention limits liability to air carriers in the case of a lost luggage, persons, or goods.  The Hamburg Rules perform a similar function with regard to carriage of goods by sea.  Those work well and are generally accepted for important service industries, when coupled with insurance.  Obviously, some lawyers can always be found to sue, despite the caps!  Attitudes change, however, when the protection is given to specialized industries and interests.  You have for example the Nuclear Liability Act in Canada, and the Price-Anderson Nuclear Industries Indemnity Act, in the United States – both limiting the liability of civilian nuclear installations for any incidents.  Most recently, on top of the refusal or inability of the United States Food and Drug Administration to force the labeling of genetically modified foods and food ingredients, President Obama still signed a Monsanto Protection Act on March 28, 2013 – http://rt.com/usa/monsanto-bill-blunt-agriculture-006/.

A time may well come when the cloud industry becomes so large and all-pervasive that it will merit similar protections for all the data breach and failings we see with it in the western world – the first adopters.  However, if this happens in Nigeria before deposit insurance is taken and managed seriously (towards fewer vanishing premiums), a national identity system is firmly in place (towards fewer unusually expensive ghost workers), and business insurance and industry best practices are firmly adhered to, someone may pull a Cyprus without the government involvement.  The supposedly un-hackable Bitcoin was recently pilfered, and government should not help itself to personal bank accounts just because someone tells it to.  If the industry itself is protected, but the protection is not there or woefully inadequate for customers/consumers, some major problems could very well result.

“I”nfrastructure also needs a lot of work – whether roads and rails, buildings within which mobiles may or may not function, encryption and security of data in transit against SQL insertion and other malware exploits, and a lot more attention to such basic security as keeping programs and systems patched and up to date.  BYOD can mean both bring your own device and bring your own destruction, depending on what the device owner is knowingly or unknowingly carrying within it, or something to which the device attaches.  It is no secret that many government websites in Africa (not just Nigeria) are Trojan-laden.  This needs to be fixed, before Nations are cut-off from the outside and just go dark, due to the increasingly powerful antivirus and anti-malware programs that just block access to swathes of e-Estate, due to the real or alleged vulnerabilities that they represent.  Come on, guys and gals, we need to be able to reach you …. and there is no guarantee that VOIP will remain unaffected.  I cannot count the number of times that my system has refused to go somewhere – somewhere legitimate thank you – and then, I had to decide whether or not to disable the meguard and go there anyway.  This trend is already well-underway.  Even with all or most of the cell towers up, there should be backups in hard lines and satellites, because towers can still be taken down.  We need to get our act together and put in the kind of backup and redundancy of critical infrastructure that gives people a greater sense of confidence that things will work and continue to work when they are needed most.   With the near total absence of landlines, what happens to emergency calls when the cloud-based cellular service goes down?  Our infrastructure needs some serious work if we are to have the necessary bandwidth for greater cloud uptake (by SMBEs and conglomerates), deployment (in SaaS, PaaS, and IaaS configurations), and uptake (by the public and the powers that be); along with the other deficiencies here identified.

“D”isaster prevention, planning, response, and recovery is an obviously-ignored competence at the higher levels in Nigeria, due to the abundance of buildings and homes in flood plains – recurrently lost; the lack of an organized, national ambulance and air and water ambulance service – let alone fully-equipped, staffed, and functioning medical and dental facilities and pharmacies; poor attention to building standards, and road and rail traffic, maritime, and aviation vessel quality and facility maintenance; and the preponderant fire brigade approach with promises and prayers when things go horribly wrong.  Even where the cloud is proprietary, such as the example of your own VM instance on campus or at work, commonsense and best practices still advise the use in any combination, of off-cloud backup (such as having your digital photos both in the cloud and on a physical USB stick that can create a mirror collection with rapid and relative ease – so long as not corrupted or lost), a substitute or backup cloud (such as also storing them in another location and with another vendor,  perhaps as sent email attachments due to the current almost unlimited email storage capacity), offsite backup (on a portable hard drive at a second physical location), and perhaps physical hardcopy prints that can be laboriously scanned and uploaded, again, if and when all else fails.  Multiple redundancies are keys to data availability, reliability, and replicability, and all of the above need to be addressed before that can be more fully guaranteed with the appropriate high-uptime SLAs.

 

SUMMARY:

In summary, unless the Nigerian cloud industry members, vendors, and workers want to be misled by the kind of absentee and not quite technically competent as it is supposed to be or claims to be leadership that has characterized so much of our experience in recent memory, they (and other like-minded professional bodies tired of waiting to be disappointed, yet again), will step-up to take the lead in their own best professional and practical interests, and the interests of all Nigerians at home, abroad, and as yet unborn, to organize, strategize, and familiarize themselves with global best practices, apply only what makes most sense with regard to local idiosyncrasies, and work to build local workarounds and custom solutions to the Nigerian situation that can waylay & workaround the kind of Bigman and Bigwoman jealousy, grandstanding, and other examples of feferity and insincerity that I alluded to above; better insulating their businesses from marauders to make them e-Solid.

That’s my N 100;

I hope it helps.

************************************************************************

Author:

Ekundayo George is a sociologist and a lawyer, with over a decade of legal experience including business law and counseling (business formation, outsourcing, commercial leasing, healthcare privacy, Cloud applications, social media, and Cybersecurity); diverse litigation, as well as ADR; and regulatory practice (planning and zoning, environmental controls, landlord and tenant, and GRC – governance, risk, and compliance investigations, audits, and counseling) in both Canada and the United States.  He is licensed to practice law in Ontario, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America (U.S.A.). Please See: http://www.ogalaws.com

He is an experienced strategic and management consultant; sourcing, managing, and delivering on high stakes, strategic projects with multiple stakeholders and multidisciplinary teams.  Please See: http://www.simprime-ca.com

Backed by courses in management, organizational behaviour, and micro-organizational behaviour, Mr. George is also a writer, tweeter and blogger (as time permits), and a published author in Environmental Law and Policy (National Security aspects).

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”), in whole or in part for their content, or their accuracy, or their availability.

This article does not constitute legal advice or create any lawyer-client relationship.

I would say there are essentially 7 (“seven”) stages in this trajectory, being:

(i) SaaP;

(ii) SaaS;

(iii) SaaR;

(iv) S3aUR;

(v) PcSS;

(vi) SaEE/SaEA;

(vii) PC3S.

Kindly allow me to explain.

SaaP – Software as a Product:

(i) Software was originally a product, although many in the younger generations may have little to no recollection of those days.  It was separately shrink-wrapped and sold first in hard copy format, on disks (you might recall the almost never-ending deluge in your snail mail of all those free and unsolicited AOL, Earthlink, and MSN discs of yore), amongst others; and then, it moved online, with click-wrap licensing.

SaaS – Software as a Service:

(ii) Software as a Service developed with the outsourcing trend, and it has actually been with us for at least a good decade.  Value-added through offshoring, near-shoring, and contracting-out for the design of software to run CAD and CAM applications (as well as the machines on which to run them), all after first hiring the outside management consultants to advise on how to better streamline and align critical line and staff functions to increase ROI, boost productivity, and maximize shareholder value.

SaaR – Software as a Right:

(iii) Although many don’t quite see it – due to the fact that Stage 4 is already taking the limelight ahead of its time – Stage 3 is when we start to see Software as a Right (SaaR).  Software is becoming a right because cost-cutting has led to several European and North American governments cutting funds for hardcopy libraries, both public and at educational institutions.  As this happens, older collections are being shredded to save space and funds (sometimes with and sometimes without ensuring that they are first put to the expensive process of scanning and digitization, and very often without any public disclosure, comment, or opportunity for interested parties and departments to offer to raise the funds or find the space to preserve them).  As more and more knowledge goes online and becomes accessible only for a fee (see the recent moves of certain provides of news and commentary to dispense with the printed versions of their publications); and as more and more public government services (information, forms, e-filing, e-refunds) and even private sector services (banking, customer service, event and school registration and RSVP), then software becomes a right, to the extent that people need it for access to these essentials of daily living.

S3aUR – Software and Systemic Security at Undue Risk:

(iv) We are now seeing multiple, concatenating, and overlapping tangible and virtual instances of Software and Systemic Security at Undue Risk in multiple Availability Zones (AZ), due to hacking and malware, Advanced Persistent Threats (APT), insider fraud and disgruntled employees,[1] apparent personal grudges,[2] blatant BYOD misuse, and just bad design, mismatched configuration, or absent/inactive management.  There are climatic and other intervening “exigent events”.  However, the argument will always be made that these (including climate change), were predictable, and could therefore have been better planned for and their effects, controlled.

PCSS – Persistent Cloud Security Systems:

(v) As a result of Stage 4, discussions have already commenced and are well underway,[3] on how to best structure,[4] roll-out, and govern a Persistent Cloud Security (PCSS) that (a) works in real-time, (b) is networked to involve end-users, private sector providers, and public sector actors of various profiles, and (c) is truly multinational and achieves massive regulator and government buy-in to work consistently and predictably with common rule or principles to drill down on, rein-in, and prosecute actors in the under-most belly, of the Deep Web.[5]  Monitoring as a Service, Alerts as a Service, and like offerings will not, alone, suffice to stem Stage 4s insecurity tsunami.

SaEE/SaEA – Software as Embedded Enabler or Enhancement/Appendage or Augmentation:

(vi) Of course, being a non-Wizard, I cannot say what term precisely, will be used.  It is possible, just as is the current case with the Phase 2 SaaS variants, that different terms will be used by different providers and commentators, unless and until some sort of standardization is agreed-upon.  The need for constant updates, patches, and other communications with the thin, thick, and virtual clients running all of this massively-dispersed computing power, whether by pull-down or push-out from the update source, will eventually start to fall too far behind the developing threats and vulnerabilities presented.  At that point, one or more governments may “force” this Stage 6.

There are already “some” people experimenting with themselves by embedding RFID chips, and the agriculture industry has lots of experience on their use with farm animals.  Anecdotal stories on the internet about additional experimentation by early-adopters with pets, children, and the elderly, are yet to be proven for the most part …. I think?!  A number of nations are reportedly also spending copious amounts of declared and undeclared moneys on brain-mapping, brainwave scanning, and methods to understand, predict, and control human brainwaves and human behavior without being detected.

Whatever the case, once the critical point of the implantation quotient is achieved or nearly-achieved, there may come a time when governments “mandate” that people embed or append the software through a chip implantation of some sort.  This will be resisted on a number of fronts and may cause unrest in several jurisdictions.  However, judging by the way some governments can tend to proceed with their plans despite the protests of millions, the effects on their citizens, and the horror of other nations, things may still get pretty ugly.

As we have already seen in the case of consumer products (from smokeables, through manufactured goods and automobiles, to even fresh food), not all dangers in end-use and the potential side-effects that could and should have been disclosed, were disclosed.  Let us therefore hope that these “implants” do not create a globe of rabid zombies under the remote control of whoever can hack the system best, or hostages to brain-frying hacktivists.

PC3S – Pure Collectivized Communications Culture System:

(vii) Then, once everyone who counts or wants to count, is wired-up (or at least, all who want to be able to eat & drink, fully & freely exercise inalienable rights, or buy & sell in a fully-tracked, value-stacked, government-backed, and supposedly hard-to-crack, pay as you go system with monthly user fees and transaction levies (ePayment only in a cashless society, with interest-bearing pay-day-loans preferred so as to keep everyone happily hard at work for their own self-serving purposes) that by definition includes all but the “obvious terrorists”, we will have that Stage 7, in a Pure Collectivized Communications Culture System.  If software becomes embedded to get around hacking, then who is to say that a person’s brain will actually be able to remain free and clear of the hackers; or that interested parties with the access (such as corrupt insiders), will resist the temptation to hack someone’s brain for profit, or to create a robot on demand”, with credible and provable amnesia?  A number of 20th and 21st Century books and movies may quickly come to mind.[6]

SUMMARY:

Of course, all of this is a work of fiction and can never happen in this modern world …. except of course, for those stages in these above 7, that have already taken place, or that are …. “something of a work in progress, by someone, somewhere, for some specific purpose, and at the behest and request of some sort of sponsor”!  It is said that being fore-warned is to be fore-armed, but nobody really remembers things they read on the internet, unless there is some sensual stimulant or celebrity endorsement, right?

************************************************************************

Author:

Ekundayo George is a sociologist and a lawyer, with over a decade of legal experience including business law and counseling (business formation, outsourcing, commercial leasing, healthcare privacy, Cloud applications, social media, and Cybersecurity); diverse litigation, as well as ADR; and regulatory practice (planning and zoning, environmental controls, landlord and tenant, and GRC – governance, risk, and compliance investigations, audits, and counseling) in both Canada and the United States.  He is licensed to practice law in Ontario, Canada, as well as in New York, New Jersey, and Washington, D.C., in the United States of America (U.S.A.). Please See: http://www.ogalaws.com

He is an experienced strategic and management consultant; sourcing, managing, and delivering on high stakes, strategic projects with multiple stakeholders and multidisciplinary teams.  Please See: http://www.simprime-ca.com

Backed by courses in management, organizational behaviour, and micro-organizational behaviour, Mr. George is also a writer, tweeter and blogger (as time permits), and a published author in Environmental Law and Policy (National Security aspects).

Hyperlinks to external sites are provided to readers of this blog as a courtesy and convenience, only, and no warranty is made or responsibility assumed by either or both of George Law Offices and Strategic IMPRIME Consulting & Advisory, Inc. (“S’imprime-ça”), in whole or in part for their content, or their accuracy, or their availability.

This article does not constitute legal advice or create any lawyer-client relationship.


[1] See e.g. Ekundayo George.  Cybersecurity: the Enemy is also (perhaps even more so), Within – the case of “Bob”. Published on ogalaws.wordpress.com, January 17, 2013.  Online: >https://ogalaws.wordpress.com/2013/01/17/cybersecurity-the-enemy-is-also-perhaps-even-more-so-within-the-case-of-bob/<

[2] See Adam Edelman/New York Daily News.  Cyberbunker hosting site said to be dropping virtual ‘nuclear bomb’ on Internet with massive, global denial of service attack.  Published Wednesday, March 27, 2013 on nydailynews.com.  Online: >http://www.nydailynews.com/news/national/internet-nuked-massive-ongoing-cyber-attack-experts-article-1.1300372 <  It is “alleged” that a private dispute of some sort between Cyberbunker (a Dutch internet hosting business that will take all-comers, “except child porn and anything related to terrorism”), and The Spamhaus Project (a non-profit centred in London and Geneva, but with operating nodes in ten nations, that “works to help email providers filter out spam”), has led to the largest DDOS in history with a data stream attack magnitude of 300 billion bits per second, when 50 billion bits would suffice to bring-down the online service of many significant online businesses, including major banks.  The fact that most people have seen no significantly noticeable disruptions due to this “attack”, just goes to show the added resilience built into the system since this kind of attack was first noticed, understood, and responded to by industry and regulators. Personally, I saw some emails come through on device group “A”, but they were delayed on others – thankfully, nothing time-sensitive, and I was aware of them due to my own system of redundancies in having those multiple email access points and service providers.  Microsoft also just switched a “massive” few more users over to Outlook, so that may have also played a part in my own delayed email receipt.  In any case, investigations are ongoing into the source of the current and sustained attacks, but as with others, the true perpetrators may remain hidden.  See Infra, note 5.  See also The Spamhaus Project homepage.  Online: > http://www.spamhaus.org/organization/<; The Cyberbunker Data Centers homepage.  Online:  >http://www.cyberbunker.com< (the Cyberbunker website was verified by this author as unreachable online, at the time this SaaS Visioning-out article posted).

[3] See e.g.  Ekundayo George.  Data Protection and Retention in the Cloud: Getting it Right, at Note 17.  Posted March 11, 2013, on ogalaws.com.  Online:> https://ogalaws.wordpress.com/2013/03/11/data-protection-and-retention-in-the-cloud-getting-it-right/<

[4] See e.g. Mikael Ricknäs, IDG News Service.  AWS takes aim at security conscious enterprises with new appliance.  Published on itworld.com, March 27, 2013.  Online: >http://www.itworld.com/cloud-computing/349894/aws-takes-aim-security-conscious-enterprises-new-appliance?goback=.gde_1864210_member_226976359<  Amazon Web Services has introduced a standalone, secondary cloud-based system to manage cryptographic keys that will be used in the cloud, with limited AWS access through “strict” separation of administrative and operational duties between the vendor and the client, and segregation and limitation of access according to business need.  SOD best practices are thus clearly translated into the cloudsphere.

[5] See Gil David.  The Dark Side of the Internet.  Published on israeldefence.com, December 1, 2012.  Online:

>http://www.israeldefense.com/?CategoryID=483&ArticleID=1756<  This article provides a fairly good overview of what we are all dealing with on a daily basis, with regard to the Deep Web.  I will post at a later date, regarding some of my thoughts on how this might spur and/or impact upon, that promised “Internet of Things” to come.

[6] I think I will also have to post at a later date on what might constitute “work”, when machines do so much of one type of work, and many of the other types are outsourced to someone, somewhere else.  As automation really took hold on a massive scale in the industrial west (Japan, Europe, North America, South Korea) in the 1960s and 1970s, much was said about the coming leisure society as machines did so much, that people would have more time on their hands to relax and actually enjoy life.  Now, the “massively unemployed, migrating mass populations” in almost all geographic zones and nations, mean something clearly went very wrong.  We are a few steps away from chaos; one that may well start in the European Union –or with one or more of its “pending former” members.  Should this happen and spread as political leaders continue making very bad calls, Anonymous, Environmentalists, Occupy, and the Anti-Globalization folks will look like child’s play, even when first combined and then multiplied.

%d bloggers like this: