CloudRegulationWorkspace

European Commission Unveils Strategy To Unlock Cloud Computing Potential

Europe cloud - Shutterstock: © BMJ
0 0 1 Comment

Strategy focuses on standards, SLAs and government cooperation

The European Commission today outlined plans on how to boost the cloud computing industry across the continent, as it looks to unlock some untapped economic potential.

The EC believes its plans could help bring about an extra €45 billion (£35.7 billion) of cloud computing spend by 2020, as well as 3.8 million jobs and a €957 billion boost to European GDP.

“Cloud computing is a game-changer for our economy. Without EU action, we will stay stuck in national fortresses and miss out on billions in economic gains,” said vice president  of the European Commission responsible for the Digital Agenda, Neelie Kroes.

“We must achieve critical mass and a single set of rules across Europe. We must tackle the perceived risks of cloud computing head-on.”

vaso - Fotolia.comThree-pronged approach

Its strategy document includes three key areas where the body will take action, along with industry: standards, service level agreements and public sector adoption through a European Cloud Partnership.

The Commission is to task ETSI – the standards enforcer for Europe – with drawing up a list of “necessary standards” for security, interoperability, data portability and reversibility by 2013. These will be designed to counter vendor lock-in, potentially opening up avenues for VMs, data and applications to shift between clouds with greater ease.

By 2014, the EC also wants to have a detailed list of EU-wide voluntary certification schemes, which will help guide certain standards rather than make them mandatory. It wants to establish a set of “trustworthy cloud providers”.

The EC wants environmental issues associated with the cloud to be addressed too, with “harmonised metrics for the energy consumption, water consumption and carbon emissions of cloud services by 2014”.

On SLAs, model terms for cloud contracts will be established by 2013, whilst an “expert group” will be established to identify “safe and fair contract terms and conditions for consumers and small firms”. For security, the EC said it will be calling upon national data protection authorities to approve binding rules for cloud providers to follow.

The EC is also to set up a European Cloud Partnership (ECP) this year, which will look at how to make procurement consistent across member states. It will “bring together industry expertise and public sector users to work on common procurement requirements for cloud computing in an open and fully transparent way”.

Industry was generally receptive of the announcements, although some have expressed a desire to see the EC not over-legislate or enforce standards in the wrong areas.

Avoid being restrictive

“The introduction of minimum standards, codes of best practice and certification would ensure a common framework, aid interoperability and help phase out vendor lock-in, which goes against the core pillars of cloud computing: flexibility, cost efficiency and scalability,” Tiffany Lathe (pictured), vice president for legal at Rackspace, told TechWeekEurope.

“At the same time, however, we must ensure that any new initiatives, such as changes to commercial terms of practice, are not too restrictive and end up curtailing the great flexibility and affordability of cloud. Cloud is for everyone, but not for everything, and there must be in-built flexibility to ensure both diversity in the types of solutions and services available and technological advancement are not hampered.”

Ian Finlay, chief information officer at managed service provider Claranet, told TechWeekEurope there was little need to legislate on SLAs, forcing vendors into offering certain conditions or where they have data centres. Instead, the EC would be wise to educate users on what best practices were, so they can make informed choices, he said.

“The need to mandate is probably not there in my view,” Finlay said. “There is a need to inform and allow customers to choose, whether they want to go for low-cost commodity gear that they don’t know where it is, or to services where they know exactly where they are and what they are running on. Customers need to have choice there.”

It’s unclear whether the EC will enforce rules on cloud APIs or open standards. If the EC did look to get the industry working around one standard for building cloud management front ends, Finlay said he would be surprised if the body went for a commercially-owned API like Amazon’s, regardless of how popular it is. “That would be strange,” he added.

Yet some believe the cloud industry will form around Amazon’s methods, technologies and APIs. Others are betting on OpenStack, the operating system for clouds, which is being pushed by Rackspace, IBM and numerous others. The Commission’s efforts over the next couple of years could influence who wins out.

Meanwhile, some want the EC to provide greater clarification on the US Patriot Act, which some believe allows US law enforcement to go into cloud vendors’ data centres any time they wish. “Regarding the Patriot Act, we would welcome the EU clearing up current misinformation and misunderstandings regarding how it applies to EU organisations. For example, a common misconception is that a US company (or EU company with US parent) hosting a customer’s personal data in the EU would automatically mean that it is subject to the Patriot Act, which is not necessarily the case,” Lathe added.

How well do you know the cloudTake our quiz!

  1. There are a number of standards wrappers for the management and deployment of Virtual Machines and cloud infrastructure.

    The gap in the market is standards to automate the ordering and invoicing of cloud services between different vendors and the finance systems.

    BASDA XML is the most popular business messaging format for the exchanging or orders and invoices between finance systems, and BASDA are creating a BASDA Cloud XML extension to automate the ordering of cloud services.

    Ronald Duncan
    BASDA Cloud SIG